Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/7abf3c-29f3-43c8-978e-b050c1129126/1/yAlyRVhdV45Fhlz_SXSaEBYr95c.roa
File: yAlyRVhdV45Fhlz_SXSaEBYr95c.roa (raw, json)
Hash identifier: hbq+j/95NHgwMsXopbiJ/iZdMmpOcPkLx/w1fsKJD10=
Subject key identifier: C8:09:72:45:58:5D:57:8E:45:86:5C:FF:49:74:9A:10:16:2B:F7:97
Certificate issuer: /CN=ff40d8a2ea9676369e6e817679490e4e505c89f3
Certificate serial: 019487BF44DE5BC400B3DF4F06EBB03D746D
Authority key identifier: FF:40:D8:A2:EA:96:76:36:9E:6E:81:76:79:49:0E:4E:50:5C:89:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0DYouqWdjaeboF2eUkOTlBcifM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/7abf3c-29f3-43c8-978e-b050c1129126/1/yAlyRVhdV45Fhlz_SXSaEBYr95c.roa
Signing time: Tue 21 Jan 2025 07:24:06 +0000
ROA not before: Tue 21 Jan 2025 07:24:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35612
IP address blocks: 5.157.96.0/19 maxlen: 19
49.236.0.0/18 maxlen: 21
77.32.0.0/17 maxlen: 21
78.134.0.0/17 maxlen: 20
81.174.0.0/18 maxlen: 18
84.33.64.0/18 maxlen: 21
84.33.128.0/18 maxlen: 21
88.147.0.0/17 maxlen: 21
88.149.128.0/17 maxlen: 17
128.116.128.0/17 maxlen: 17
146.241.0.0/16 maxlen: 21
147.53.128.0/17 maxlen: 20
185.11.20.0/22 maxlen: 22
212.124.160.0/19 maxlen: 19
216.247.128.0/18 maxlen: 18
2001:4c90::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/7abf3c-29f3-43c8-978e-b050c1129126/1/_0DYouqWdjaeboF2eUkOTlBcifM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/7abf3c-29f3-43c8-978e-b050c1129126/1/_0DYouqWdjaeboF2eUkOTlBcifM.mft
rsync://rpki.ripe.net/repository/DEFAULT/_0DYouqWdjaeboF2eUkOTlBcifM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:87:bf:44:de:5b:c4:00:b3:df:4f:06:eb:b0:3d:74:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff40d8a2ea9676369e6e817679490e4e505c89f3
Validity
Not Before: Jan 21 07:24:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c8097245585d578e45865cff49749a10162bf797
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c3:ee:e4:1e:ba:ac:1c:ba:5b:de:ec:2a:3d:
92:9b:92:cc:02:68:3f:9b:63:cc:d0:6f:7d:b6:20:
1f:2f:7c:7f:cb:d1:ca:85:90:d8:2c:c2:2f:68:37:
81:53:41:0b:c9:55:88:d7:43:08:d7:58:63:02:56:
ab:60:7c:9c:30:03:24:26:22:72:c6:6a:c3:14:d8:
6d:b9:08:b4:81:78:f5:32:14:f7:32:e2:81:0a:34:
5b:7e:88:fa:0b:18:d1:c6:9d:46:48:10:31:72:73:
0a:93:1a:30:0f:58:fb:81:04:8a:a9:cc:54:25:55:
1b:21:40:81:7e:d5:03:d5:14:19:97:41:02:c6:9b:
23:a8:cf:4a:e2:1e:6a:d2:b4:8b:de:f3:d8:31:04:
9e:97:77:a1:e8:59:ba:3c:44:b5:60:3c:a5:19:b0:
57:71:61:fc:b0:33:2c:b3:d6:74:c7:d4:95:f8:5c:
b9:9b:80:d3:90:81:79:a3:79:da:a9:da:f0:9d:24:
45:5b:c6:39:15:fa:34:e6:83:9c:db:61:6f:06:6a:
5c:2a:83:89:c0:46:5d:85:4e:3f:0d:64:62:89:e6:
c3:4f:75:d8:b3:ac:2c:71:2e:d0:82:63:a4:49:ba:
48:33:80:13:e9:8f:73:35:19:a5:37:a4:39:77:c2:
45:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:09:72:45:58:5D:57:8E:45:86:5C:FF:49:74:9A:10:16:2B:F7:97
X509v3 Authority Key Identifier:
keyid:FF:40:D8:A2:EA:96:76:36:9E:6E:81:76:79:49:0E:4E:50:5C:89:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0DYouqWdjaeboF2eUkOTlBcifM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/7abf3c-29f3-43c8-978e-b050c1129126/1/yAlyRVhdV45Fhlz_SXSaEBYr95c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/7abf3c-29f3-43c8-978e-b050c1129126/1/_0DYouqWdjaeboF2eUkOTlBcifM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.96.0/19
49.236.0.0/18
77.32.0.0/17
78.134.0.0/17
81.174.0.0/18
84.33.64.0-84.33.191.255
88.147.0.0/17
88.149.128.0/17
128.116.128.0/17
146.241.0.0/16
147.53.128.0/17
185.11.20.0/22
212.124.160.0/19
216.247.128.0/18
IPv6:
2001:4c90::/29
Signature Algorithm: sha256WithRSAEncryption
6f:4f:9f:bf:6b:dd:bd:ef:fa:1e:4d:81:29:08:11:e0:77:89:
71:b2:c2:2b:95:63:c4:56:4d:6e:3d:4b:f4:9a:ff:61:ca:6d:
7d:50:c7:11:0b:a3:d1:7f:17:2b:7e:60:df:ab:bd:ea:ca:c6:
9c:24:cf:fa:0d:07:99:be:a3:8c:ba:c7:7d:3f:60:72:35:5e:
1a:41:fe:df:48:c1:d5:c5:f9:65:da:3a:ca:f8:11:fb:63:55:
ce:84:41:a7:5e:8e:ba:48:d9:e4:35:51:cd:d8:ca:fd:ae:d3:
8d:24:5e:a8:07:5b:e1:16:47:c7:49:19:ee:02:09:89:27:80:
a4:1d:bc:10:76:a4:b2:0c:cb:45:b2:47:5d:28:14:27:68:39:
89:44:44:2d:98:3d:7a:b5:66:9e:65:2e:04:74:ac:2e:b5:d1:
76:c9:44:00:1c:cb:fc:ba:af:f6:d2:6d:74:6b:ba:14:3e:05:
1b:90:1c:ff:6b:5a:8b:ef:4c:3b:a2:8b:49:f7:ab:74:10:cb:
88:c5:a0:31:47:63:12:f9:b5:9d:73:d2:be:a5:9e:bf:7d:6f:
77:af:70:b0:e9:24:c8:53:42:0c:4b:6f:b4:d8:3a:9b:f3:d9:
76:78:1d:85:5a:dc:7d:b7:22:95:df:79:5d:94:8c:24:27:fd:
5b:d0:9c:2a
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZSHv0TeW8QAs99PBuuwPXRtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNDBkOGEyZWE5Njc2MzY5ZTZlODE3Njc5NDkwZTRlNTA1
Yzg5ZjMwHhcNMjUwMTIxMDcyNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODA5NzI0NTU4NWQ1NzhlNDU4NjVjZmY0OTc0OWExMDE2MmJmNzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcPu5B66rBy6W97sKj2Sm5LMAmg/
m2PM0G99tiAfL3x/y9HKhZDYLMIvaDeBU0ELyVWI10MI11hjAlarYHycMAMkJiJy
xmrDFNhtuQi0gXj1MhT3MuKBCjRbfoj6CxjRxp1GSBAxcnMKkxowD1j7gQSKqcxU
JVUbIUCBftUD1RQZl0ECxpsjqM9K4h5q0rSL3vPYMQSel3eh6Fm6PES1YDylGbBX
cWH8sDMss9Z0x9SV+Fy5m4DTkIF5o3naqdrwnSRFW8Y5Ffo05oOc22FvBmpcKoOJ
wEZdhU4/DWRiiebDT3XYs6wscS7QgmOkSbpIM4AT6Y9zNRmlN6Q5d8JFrwIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFMgJckVYXVeORYZc/0l0mhAWK/eXMB8GA1UdIwQY
MBaAFP9A2KLqlnY2nm6BdnlJDk5QXInzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzBEWW91cVdkamFlYm9GMmVVa09UbEJjaWZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS83YWJmM2MtMjlmMy00M2M4LTk3OGUt
YjA1MGMxMTI5MTI2LzEveUFseVJWaGRWNDVGaGx6X1NYU2FFQllyOTVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS83YWJmM2MtMjlmMy00M2M4LTk3OGUtYjA1MGMxMTI5MTI2
LzEvXzBEWW91cVdkamFlYm9GMmVVa09UbEJjaWZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwYQQCAAEwWwMEBQWdYAME
BjHsAAMEB00gAAMEB06GAAMEBlGuADAMAwQGVCFAAwQGVCGAAwQHWJMAAwQHWJWA
AwQHgHSAAwMAkvEDBAeTNYADBAK5CxQDBAXUfKADBAbY94AwDQQCAAIwBwMFAyAB
TJAwDQYJKoZIhvcNAQELBQADggEBAG9Pn79r3b3v+h5NgSkIEeB3iXGywiuVY8RW
TW49S/Sa/2HKbX1QxxELo9F/Fyt+YN+rverKxpwkz/oNB5m+o4y6x30/YHI1XhpB
/t9IwdXF+WXaOsr4EftjVc6EQadejrpI2eQ1Uc3Yyv2u040kXqgHW+EWR8dJGe4C
CYkngKQdvBB2pLIMy0WyR10oFCdoOYlERC2YPXq1Zp5lLgR0rC610XbJRAAcy/y6
r/bSbXRruhQ+BRuQHP9rWovvTDuii0n3q3QQy4jFoDFHYxL5tZ1z0r6lnr99b3ev
cLDpJMhTQgxLb7TYOpvz2XZ4HYVa3H23IpXfeV2UjCQn/VvQnCo=
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:33:56 2025 by rpki-client