Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6669bb-1f62-42a3-9e8d-49a6545786e6/1/ggaujxDkTjz3ur815c8t-PcBT3o.roa
File: ggaujxDkTjz3ur815c8t-PcBT3o.roa (raw, json)
Hash identifier: kBi/tXIf057RjeVgxSaejXzvw/f4YkfQil/vCr+FLSM=
Subject key identifier: 82:06:AE:8F:10:E4:4E:3C:F7:BA:BF:35:E5:CF:2D:F8:F7:01:4F:7A
Certificate issuer: /CN=c6c0fdbb65ca491cb83cc085a43e0340596ae873
Certificate serial: 01956B2C99F69ED0CD5D8C5EAD3934A3E709
Authority key identifier: C6:C0:FD:BB:65:CA:49:1C:B8:3C:C0:85:A4:3E:03:40:59:6A:E8:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xsD9u2XKSRy4PMCFpD4DQFlq6HM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/6669bb-1f62-42a3-9e8d-49a6545786e6/1/ggaujxDkTjz3ur815c8t-PcBT3o.roa
Signing time: Thu 06 Mar 2025 11:17:19 +0000
ROA not before: Thu 06 Mar 2025 11:17:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31631
IP address blocks: 45.150.140.0/22 maxlen: 22
79.99.88.0/22 maxlen: 22
80.252.120.0/22 maxlen: 22
103.110.208.0/22 maxlen: 22
109.224.248.0/21 maxlen: 21
185.108.168.0/22 maxlen: 22
185.205.172.0/22 maxlen: 22
193.178.54.0/23 maxlen: 23
193.178.112.0/23 maxlen: 23
195.167.138.0/24 maxlen: 24
195.167.181.0/24 maxlen: 24
195.167.182.0/24 maxlen: 24
195.167.184.0/24 maxlen: 24
195.167.187.0/24 maxlen: 24
209.42.4.0/22 maxlen: 22
209.42.8.0/21 maxlen: 21
2a06:e40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/6669bb-1f62-42a3-9e8d-49a6545786e6/1/xsD9u2XKSRy4PMCFpD4DQFlq6HM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/6669bb-1f62-42a3-9e8d-49a6545786e6/1/xsD9u2XKSRy4PMCFpD4DQFlq6HM.mft
rsync://rpki.ripe.net/repository/DEFAULT/xsD9u2XKSRy4PMCFpD4DQFlq6HM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 20:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6b:2c:99:f6:9e:d0:cd:5d:8c:5e:ad:39:34:a3:e7:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6c0fdbb65ca491cb83cc085a43e0340596ae873
Validity
Not Before: Mar 6 11:17:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8206ae8f10e44e3cf7babf35e5cf2df8f7014f7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2a:07:e7:36:12:70:f8:49:76:6f:86:f7:4d:
a3:b3:da:52:29:83:03:df:55:bf:cf:f0:15:44:10:
e1:6d:df:25:85:d5:cf:c0:6c:d0:6f:27:3e:94:da:
10:34:d2:9d:f9:e2:4d:33:68:0f:0f:29:24:75:f5:
f7:42:5c:0d:e3:32:67:18:1f:17:f1:21:7d:ea:59:
dc:16:25:67:c0:3f:8d:16:03:17:ed:75:7d:5d:d1:
db:52:1c:06:01:e8:33:a6:d3:25:b5:5f:53:ee:86:
ab:90:fb:d0:4d:1a:ed:3b:31:24:d0:fe:09:08:17:
7e:16:b3:6d:b8:bb:b9:fb:31:df:25:12:a7:e4:cf:
9a:39:9a:77:00:03:9f:ba:e6:a1:71:1d:57:66:76:
51:20:3b:0b:7e:80:78:80:bc:af:a4:b6:e9:70:11:
e6:cf:49:00:7c:26:eb:56:50:0e:08:6b:b7:e2:46:
53:9a:9e:b1:16:99:e6:44:25:a1:b2:0f:d3:3e:a8:
f9:3f:52:2d:87:3b:9e:ff:01:66:7c:37:b9:b8:2f:
d0:3b:28:7c:12:a4:49:20:cf:60:1e:64:f3:76:0a:
9b:38:55:1b:4a:84:a6:83:fa:7c:dd:c7:ef:7b:17:
6c:14:1b:75:51:3b:01:53:db:fc:8c:5b:bc:3f:7e:
16:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:06:AE:8F:10:E4:4E:3C:F7:BA:BF:35:E5:CF:2D:F8:F7:01:4F:7A
X509v3 Authority Key Identifier:
keyid:C6:C0:FD:BB:65:CA:49:1C:B8:3C:C0:85:A4:3E:03:40:59:6A:E8:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xsD9u2XKSRy4PMCFpD4DQFlq6HM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6669bb-1f62-42a3-9e8d-49a6545786e6/1/ggaujxDkTjz3ur815c8t-PcBT3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6669bb-1f62-42a3-9e8d-49a6545786e6/1/xsD9u2XKSRy4PMCFpD4DQFlq6HM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.140.0/22
79.99.88.0/22
80.252.120.0/22
103.110.208.0/22
109.224.248.0/21
185.108.168.0/22
185.205.172.0/22
193.178.54.0/23
193.178.112.0/23
195.167.138.0/24
195.167.181.0-195.167.182.255
195.167.184.0/24
195.167.187.0/24
209.42.4.0-209.42.15.255
IPv6:
2a06:e40::/29
Signature Algorithm: sha256WithRSAEncryption
17:eb:3a:25:36:1d:e2:77:53:b2:9d:a9:c0:76:6c:f5:ba:aa:
9c:ae:aa:64:00:91:ea:e9:56:85:7c:06:52:5f:9a:de:43:01:
22:f8:f5:21:59:01:b1:7d:33:b7:e7:9c:20:c1:cf:9c:54:6d:
a9:2f:9c:9e:28:be:17:95:be:ce:95:e5:19:ce:d6:d9:9a:3a:
a7:78:af:4e:ad:4a:f9:17:75:29:67:b5:c6:44:81:7f:d6:3b:
90:15:80:a9:09:45:98:5c:b9:58:54:38:2f:5b:72:b5:62:b2:
7d:0d:4f:3c:e5:85:9f:2e:95:6d:60:0d:33:a8:22:4a:c1:cf:
2d:30:28:f2:68:3b:36:3b:76:ed:56:9f:5d:8e:b5:fd:07:0f:
58:61:45:15:ca:0c:fb:ef:5f:3d:d0:a4:cc:35:62:e9:46:a1:
e3:f9:8a:27:bd:d0:c7:41:f5:7d:b2:53:66:2c:b0:52:9d:6c:
a4:ed:3a:f7:31:8a:b4:03:da:31:e9:bd:46:93:54:6b:d5:cd:
de:18:38:c1:82:76:31:f6:1f:73:1f:c5:fd:be:83:29:cd:76:
06:e7:41:1f:1e:c1:17:31:c2:8b:7b:3b:c7:e5:a9:13:de:8a:
56:a3:9c:1a:c4:ed:80:f5:02:de:72:8c:5d:f2:3f:a4:ea:69:
34:03:f4:1b
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgISAZVrLJn2ntDNXYxerTk0o+cJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YzBmZGJiNjVjYTQ5MWNiODNjYzA4NWE0M2UwMzQwNTk2
YWU4NzMwHhcNMjUwMzA2MTExNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjA2YWU4ZjEwZTQ0ZTNjZjdiYWJmMzVlNWNmMmRmOGY3MDE0ZjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyoH5zYScPhJdm+G902js9pSKYMD
31W/z/AVRBDhbd8lhdXPwGzQbyc+lNoQNNKd+eJNM2gPDykkdfX3QlwN4zJnGB8X
8SF96lncFiVnwD+NFgMX7XV9XdHbUhwGAegzptMltV9T7oarkPvQTRrtOzEk0P4J
CBd+FrNtuLu5+zHfJRKn5M+aOZp3AAOfuuahcR1XZnZRIDsLfoB4gLyvpLbpcBHm
z0kAfCbrVlAOCGu34kZTmp6xFpnmRCWhsg/TPqj5P1Ithzue/wFmfDe5uC/QOyh8
EqRJIM9gHmTzdgqbOFUbSoSmg/p83cfvexdsFBt1UTsBU9v8jFu8P34WvwIDAQAB
o4ICdzCCAnMwHQYDVR0OBBYEFIIGro8Q5E4897q/NeXPLfj3AU96MB8GA1UdIwQY
MBaAFMbA/btlykkcuDzAhaQ+A0BZauhzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHNEOXUyWEtTUnk0UE1DRnBENERRRmxxNkhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82NjY5YmItMWY2Mi00MmEzLTllOGQt
NDlhNjU0NTc4NmU2LzEvZ2dhdWp4RGtUanozdXI4MTVjOHQtUGNCVDNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82NjY5YmItMWY2Mi00MmEzLTllOGQtNDlhNjU0NTc4NmU2
LzEveHNEOXUyWEtTUnk0UE1DRnBENERRRmxxNkhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGMBggrBgEFBQcBBwEB/wR9MHswagQCAAEwZAMEAi2WjAME
Ak9jWAMEAlD8eAMEAmdu0AMEA23g+AMEArlsqAMEArnNrAMEAcGyNgMEAcGycAME
AMOnijAMAwQAw6e1AwQAw6e2AwQAw6e4AwQAw6e7MAwDBALRKgQDBATRKgAwDQQC
AAIwBwMFAyoGDkAwDQYJKoZIhvcNAQELBQADggEBABfrOiU2HeJ3U7KdqcB2bPW6
qpyuqmQAkerpVoV8BlJfmt5DASL49SFZAbF9M7fnnCDBz5xUbakvnJ4ovheVvs6V
5RnO1tmaOqd4r06tSvkXdSlntcZEgX/WO5AVgKkJRZhcuVhUOC9bcrVisn0NTzzl
hZ8ulW1gDTOoIkrBzy0wKPJoOzY7du1Wn12Otf0HD1hhRRXKDPvvXz3QpMw1YulG
oeP5iie90MdB9X2yU2YssFKdbKTtOvcxirQD2jHpvUaTVGvVzd4YOMGCdjH2H3Mf
xf2+gynNdgbnQR8ewRcxwot7O8flqRPeilajnBrE7YD1At5yjF3yP6TqaTQD9Bs=
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:33:10 2025 by rpki-client