Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/n6_io3-KaLYhuJtZiy1MeoUuNbk.roa
File: n6_io3-KaLYhuJtZiy1MeoUuNbk.roa (raw, json)
Hash identifier: nSbtIazJ2SXxi9u2NxxSLPcqXno/gu6gZmKKyNsxgLg=
Subject key identifier: 9F:AF:E2:A3:7F:8A:68:B6:21:B8:9B:59:8B:2D:4C:7A:85:2E:35:B9
Certificate issuer: /CN=598fa4201344d4107f792eee2566c62d65714e2d
Certificate serial: 019425203D35046016FD2566F4BE27D45C76
Authority key identifier: 59:8F:A4:20:13:44:D4:10:7F:79:2E:EE:25:66:C6:2D:65:71:4E:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WY-kIBNE1BB_eS7uJWbGLWVxTi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/n6_io3-KaLYhuJtZiy1MeoUuNbk.roa
Signing time: Thu 02 Jan 2025 03:47:37 +0000
ROA not before: Thu 02 Jan 2025 03:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39020
IP address blocks: 5.145.168.0/24 maxlen: 24
5.145.169.0/24 maxlen: 24
5.145.170.0/24 maxlen: 24
5.145.171.0/24 maxlen: 24
5.145.172.0/24 maxlen: 24
5.145.173.0/24 maxlen: 24
5.145.174.0/24 maxlen: 24
5.145.175.0/24 maxlen: 24
45.80.12.0/24 maxlen: 24
45.80.14.0/24 maxlen: 24
77.81.112.0/24 maxlen: 24
77.81.113.0/24 maxlen: 24
77.81.114.0/24 maxlen: 24
77.81.115.0/24 maxlen: 24
77.81.116.0/24 maxlen: 24
77.81.117.0/24 maxlen: 24
77.81.118.0/24 maxlen: 24
77.81.119.0/24 maxlen: 24
91.192.108.0/24 maxlen: 24
91.192.109.0/24 maxlen: 24
91.192.110.0/24 maxlen: 24
91.192.111.0/24 maxlen: 24
93.93.64.0/24 maxlen: 24
93.93.65.0/24 maxlen: 24
93.93.66.0/24 maxlen: 24
93.93.67.0/24 maxlen: 24
93.93.68.0/24 maxlen: 24
93.93.69.0/24 maxlen: 24
93.93.70.0/24 maxlen: 24
93.93.71.0/24 maxlen: 24
93.113.160.0/24 maxlen: 24
93.113.161.0/24 maxlen: 24
93.113.162.0/24 maxlen: 24
93.113.163.0/24 maxlen: 24
185.50.196.0/22 maxlen: 22
185.50.196.0/24 maxlen: 24
185.50.197.0/24 maxlen: 24
185.50.198.0/24 maxlen: 24
185.50.199.0/24 maxlen: 24
195.78.228.0/24 maxlen: 24
195.78.229.0/24 maxlen: 24
195.78.230.0/24 maxlen: 24
195.78.231.0/24 maxlen: 24
217.61.128.0/24 maxlen: 24
217.61.129.0/24 maxlen: 24
217.61.130.0/24 maxlen: 24
217.61.131.0/24 maxlen: 24
217.61.133.0/24 maxlen: 24
217.61.134.0/24 maxlen: 24
217.61.135.0/24 maxlen: 24
217.61.136.0/24 maxlen: 24
217.61.137.0/24 maxlen: 24
217.61.138.0/24 maxlen: 24
217.61.139.0/24 maxlen: 24
217.61.140.0/24 maxlen: 24
217.61.141.0/24 maxlen: 24
217.61.142.0/24 maxlen: 24
217.61.143.0/24 maxlen: 24
2a00:1d70::/33 maxlen: 33
2a00:1d70:1ac1::/48 maxlen: 48
2a00:1d70:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/WY-kIBNE1BB_eS7uJWbGLWVxTi0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/WY-kIBNE1BB_eS7uJWbGLWVxTi0.mft
rsync://rpki.ripe.net/repository/DEFAULT/WY-kIBNE1BB_eS7uJWbGLWVxTi0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:20:3d:35:04:60:16:fd:25:66:f4:be:27:d4:5c:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=598fa4201344d4107f792eee2566c62d65714e2d
Validity
Not Before: Jan 2 03:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9fafe2a37f8a68b621b89b598b2d4c7a852e35b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9c:1d:49:20:24:1f:89:a8:1b:79:92:fa:8b:
9a:62:81:14:0a:1e:a1:2e:f0:d5:55:f5:8f:a1:a0:
54:29:6e:8f:13:9e:2a:60:db:c2:98:bb:5f:57:02:
f3:66:f7:ad:6c:5f:f9:02:31:5d:7b:33:e1:6d:f7:
eb:1d:0f:cc:1c:48:25:8d:69:53:c4:0c:f0:9d:5e:
3c:d8:11:5c:bc:8d:c9:11:dc:1d:5d:d4:bf:8f:bc:
25:27:28:0d:b2:f6:b8:d5:b8:d1:90:32:c3:7c:85:
01:cb:9d:4b:ac:26:4f:8b:15:7e:e9:54:46:c1:f1:
bd:3c:ef:82:bb:98:4d:1e:01:ba:c5:e7:b0:3e:1f:
3f:86:e7:a1:94:f8:43:04:ef:a2:40:5d:d8:0a:7c:
59:47:7d:3c:b9:de:6e:2b:32:2b:a3:e1:cf:37:ec:
a6:c8:3f:ee:8d:85:57:01:cf:55:97:cb:c4:6e:03:
ad:7d:0d:1e:1c:db:80:de:bb:33:97:ce:09:e1:94:
be:04:a4:64:b9:3a:ba:a1:13:7b:ac:98:da:0c:d8:
26:69:ce:44:66:cb:de:ae:78:9b:25:5e:61:b5:d2:
c8:52:9b:0f:87:aa:79:ba:1e:d0:62:66:d4:a2:0d:
5b:d9:aa:3c:c2:1a:60:f7:23:19:d3:41:19:d7:18:
1d:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:AF:E2:A3:7F:8A:68:B6:21:B8:9B:59:8B:2D:4C:7A:85:2E:35:B9
X509v3 Authority Key Identifier:
keyid:59:8F:A4:20:13:44:D4:10:7F:79:2E:EE:25:66:C6:2D:65:71:4E:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WY-kIBNE1BB_eS7uJWbGLWVxTi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/n6_io3-KaLYhuJtZiy1MeoUuNbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/WY-kIBNE1BB_eS7uJWbGLWVxTi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.168.0/21
45.80.12.0/24
45.80.14.0/24
77.81.112.0/21
91.192.108.0/22
93.93.64.0/21
93.113.160.0/22
185.50.196.0/22
195.78.228.0/22
217.61.128.0/22
217.61.133.0-217.61.143.255
IPv6:
2a00:1d70::/32
Signature Algorithm: sha256WithRSAEncryption
aa:0d:e1:b2:f7:ce:9b:b0:b2:01:1e:45:7e:0e:50:6e:9b:8b:
b3:52:53:0b:b1:5b:87:3f:c5:33:3b:1f:bc:dd:26:14:75:43:
e1:db:2f:06:2f:89:5a:1d:af:a6:25:b0:db:e9:a5:cb:cd:29:
bc:97:87:78:21:bf:d4:4e:15:f3:07:49:b2:b2:32:a1:c8:a1:
8f:b1:e5:2e:d4:99:67:56:c1:08:11:88:03:8a:5e:26:c4:35:
74:23:0c:10:87:73:1e:c8:f4:03:d8:77:25:a8:e3:a9:60:db:
06:9d:6d:f3:0c:51:8d:dd:04:4b:0c:dd:ee:c1:10:cb:e0:cf:
84:9d:cb:f1:7e:d2:f2:27:0e:58:e3:36:5e:83:06:fa:a3:c0:
60:35:98:8d:f3:ba:93:31:a8:af:d9:34:5d:19:1f:07:bd:de:
e3:93:38:d1:d0:9c:fa:06:d4:6c:f3:f0:0e:ee:18:0b:2a:65:
fa:35:00:34:d6:c3:bf:78:4d:da:4a:30:3f:aa:33:87:a8:2b:
a2:c3:8a:67:46:a6:b1:7e:6a:37:87:8a:28:59:7d:21:04:a2:
03:a6:34:cb:e2:6c:28:f4:25:0d:63:d4:44:1b:fe:ac:4e:8a:
79:e4:83:18:2d:7a:c2:8a:b9:42:f8:c6:13:ca:6d:bc:87:3d:
5e:f2:4f:dd
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAZQlID01BGAW/SVm9L4n1Fx2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5OGZhNDIwMTM0NGQ0MTA3Zjc5MmVlZTI1NjZjNjJkNjU3
MTRlMmQwHhcNMjUwMTAyMDM0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmFmZTJhMzdmOGE2OGI2MjFiODliNTk4YjJkNGM3YTg1MmUzNWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJwdSSAkH4moG3mS+ouaYoEUCh6h
LvDVVfWPoaBUKW6PE54qYNvCmLtfVwLzZvetbF/5AjFdezPhbffrHQ/MHEgljWlT
xAzwnV482BFcvI3JEdwdXdS/j7wlJygNsva41bjRkDLDfIUBy51LrCZPixV+6VRG
wfG9PO+Cu5hNHgG6xeewPh8/huehlPhDBO+iQF3YCnxZR308ud5uKzIro+HPN+ym
yD/ujYVXAc9Vl8vEbgOtfQ0eHNuA3rszl84J4ZS+BKRkuTq6oRN7rJjaDNgmac5E
ZsvernibJV5htdLIUpsPh6p5uh7QYmbUog1b2ao8whpg9yMZ00EZ1xgd4wIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFJ+v4qN/imi2IbibWYstTHqFLjW5MB8GA1UdIwQY
MBaAFFmPpCATRNQQf3ku7iVmxi1lcU4tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1kta0lCTkUxQkJfZVM3dUpXYkdMV1Z4VGkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS84MzhlZjEtNzM5My00ZmJkLWI2N2It
NjY0YjhmMDNkMTgwLzEvbjZfaW8zLUthTFlodUp0Wml5MU1lb1V1TmJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS84MzhlZjEtNzM5My00ZmJkLWI2N2ItNjY0YjhmMDNkMTgw
LzEvV1kta0lCTkUxQkJfZVM3dUpXYkdMV1Z4VGkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwQDBZGoAwQA
LVAMAwQALVAOAwQDTVFwAwQCW8BsAwQDXV1AAwQCXXGgAwQCuTLEAwQCw07kAwQC
2T2AMAwDBADZPYUDBATZPYAwDQQCAAIwBwMFACoAHXAwDQYJKoZIhvcNAQELBQAD
ggEBAKoN4bL3zpuwsgEeRX4OUG6bi7NSUwuxW4c/xTM7H7zdJhR1Q+HbLwYviVod
r6YlsNvppcvNKbyXh3ghv9ROFfMHSbKyMqHIoY+x5S7UmWdWwQgRiAOKXibENXQj
DBCHcx7I9APYdyWo46lg2wadbfMMUY3dBEsM3e7BEMvgz4Sdy/F+0vInDljjNl6D
BvqjwGA1mI3zupMxqK/ZNF0ZHwe93uOTONHQnPoG1Gzz8A7uGAsqZfo1ADTWw794
TdpKMD+qM4eoK6LDimdGprF+ajeHiihZfSEEogOmNMvibCj0JQ1j1EQb/qxOinnk
gxgtesKKuUL4xhPKbbyHPV7yT90=
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:44:45 2025 by rpki-client