Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/RY1laGItUoxVJIk_-LMWBVWyksg.roa
File: RY1laGItUoxVJIk_-LMWBVWyksg.roa (raw, json)
Hash identifier: 2XSMStFm1b3LtGyzSq5VTDuf3Th2F/WRjN0yU8O9QSM=
Subject key identifier: 45:8D:65:68:62:2D:52:8C:55:24:89:3F:F8:B3:16:05:55:B2:92:C8
Certificate issuer: /CN=940a10a256728f11a4bbaadc3204b7f0a35a5000
Certificate serial: 0197205ADBE85C3E7D7E433547F0AA579B82
Authority key identifier: 94:0A:10:A2:56:72:8F:11:A4:BB:AA:DC:32:04:B7:F0:A3:5A:50:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lAoQolZyjxGku6rcMgS38KNaUAA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/RY1laGItUoxVJIk_-LMWBVWyksg.roa
Signing time: Fri 30 May 2025 08:41:54 +0000
ROA not before: Fri 30 May 2025 08:41:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8860
IP address blocks: 77.78.150.0/24 maxlen: 24
79.98.104.0/21 maxlen: 24
185.52.204.0/22 maxlen: 24
185.55.228.0/22 maxlen: 24
185.199.37.0/24 maxlen: 24
185.199.38.0/24 maxlen: 24
185.228.24.0/22 maxlen: 24
185.239.124.0/24 maxlen: 24
185.239.126.0/24 maxlen: 24
185.239.127.0/24 maxlen: 24
194.145.63.0/24 maxlen: 24
195.189.80.0/22 maxlen: 24
2a01:b6a0::/32 maxlen: 32
2a02:80e0::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/lAoQolZyjxGku6rcMgS38KNaUAA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/lAoQolZyjxGku6rcMgS38KNaUAA.mft
rsync://rpki.ripe.net/repository/DEFAULT/lAoQolZyjxGku6rcMgS38KNaUAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:20:5a:db:e8:5c:3e:7d:7e:43:35:47:f0:aa:57:9b:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=940a10a256728f11a4bbaadc3204b7f0a35a5000
Validity
Not Before: May 30 08:41:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=458d6568622d528c5524893ff8b3160555b292c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:6a:d6:dc:16:fc:d0:c3:40:91:60:33:cf:0b:
dc:c0:bb:99:a1:be:af:6a:cf:df:88:56:09:f6:05:
ff:eb:7f:08:83:81:ae:42:91:d6:b1:87:29:4a:eb:
75:07:ff:d6:96:1f:04:f8:bf:d9:e7:a3:9a:fd:8a:
15:bc:49:be:e5:02:03:e9:89:51:2f:30:be:b4:a9:
30:f3:54:ca:2a:d5:e3:fc:06:dc:43:a7:75:17:0f:
5d:31:8b:da:e5:a1:b8:1e:ab:9f:51:3b:4c:cf:b5:
ea:0a:10:43:ee:95:ce:c6:e0:53:68:18:fb:72:74:
07:41:36:b1:c9:33:75:b7:a6:16:52:00:b9:65:63:
88:30:09:23:ad:67:39:2f:71:b0:51:68:25:49:e8:
8d:42:d1:86:c4:33:30:6a:97:0f:0a:e0:5e:e9:55:
86:c6:04:7b:c5:5d:f1:66:44:a5:9a:c4:a7:c4:00:
0d:85:aa:7c:36:76:ed:c0:86:01:90:0d:a5:9e:46:
e2:83:1c:aa:4c:bf:6d:fd:8f:60:26:66:af:ae:9a:
b3:34:65:fc:1a:43:3c:bd:49:d2:8d:7a:8b:44:88:
06:b9:48:ff:6f:eb:c5:c7:85:75:56:5f:6d:7c:87:
7c:65:5d:d3:b3:c2:0c:94:2c:a7:bd:b2:c8:af:3b:
b8:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:8D:65:68:62:2D:52:8C:55:24:89:3F:F8:B3:16:05:55:B2:92:C8
X509v3 Authority Key Identifier:
keyid:94:0A:10:A2:56:72:8F:11:A4:BB:AA:DC:32:04:B7:F0:A3:5A:50:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lAoQolZyjxGku6rcMgS38KNaUAA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/RY1laGItUoxVJIk_-LMWBVWyksg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a1ae75-2d6b-4cc6-acef-dce6d6909247/1/lAoQolZyjxGku6rcMgS38KNaUAA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.78.150.0/24
79.98.104.0/21
185.52.204.0/22
185.55.228.0/22
185.199.37.0-185.199.38.255
185.228.24.0/22
185.239.124.0/24
185.239.126.0/23
194.145.63.0/24
195.189.80.0/22
IPv6:
2a01:b6a0::/32
2a02:80e0::/30
Signature Algorithm: sha256WithRSAEncryption
6b:29:77:25:86:c1:ea:a4:22:0e:f1:e5:8e:58:fa:c5:ae:6e:
10:40:07:e5:6b:10:ad:a3:aa:c6:ef:53:c8:cd:d7:a5:7f:9b:
b8:33:1c:66:96:8b:1d:02:8d:20:eb:0b:e8:ea:11:75:08:1d:
c2:03:6a:a7:fe:da:11:78:db:e8:1a:53:07:b1:36:b6:08:d4:
45:fb:f0:1e:13:07:6d:ae:59:d9:a5:52:05:54:b3:fe:9d:85:
70:cf:b0:f7:2f:2e:6e:eb:cd:a7:62:49:01:f9:f0:c6:90:f8:
87:9b:ea:54:fc:20:b0:5f:42:20:fe:a1:d5:e8:3f:03:dd:f2:
89:35:20:67:8a:79:65:06:19:1f:d5:03:49:23:de:08:cb:86:
9c:51:1b:51:f2:b3:a8:38:b8:0d:b0:bc:fa:5d:3e:c4:4a:5f:
b8:f7:f8:41:35:61:c2:e2:78:b2:08:d9:ef:4f:43:f4:fc:30:
47:4b:73:3d:4d:21:4d:66:d6:19:04:3b:98:c5:d5:36:50:04:
64:ea:8d:26:9d:03:3a:2c:85:1c:63:90:db:76:e8:46:4f:26:
3a:e1:be:85:df:a5:f0:2a:58:ae:21:ad:10:b7:97:07:0c:78:
97:0f:52:34:74:dc:16:a2:e6:ac:96:d9:b9:cf:b0:e4:59:82:
5a:02:b4:b4
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZcgWtvoXD59fkM1R/CqV5uCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MGExMGEyNTY3MjhmMTFhNGJiYWFkYzMyMDRiN2YwYTM1
YTUwMDAwHhcNMjUwNTMwMDg0MTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NThkNjU2ODYyMmQ1MjhjNTUyNDg5M2ZmOGIzMTYwNTU1YjI5MmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymrW3Bb80MNAkWAzzwvcwLuZob6v
as/fiFYJ9gX/638Ig4GuQpHWsYcpSut1B//Wlh8E+L/Z56Oa/YoVvEm+5QID6YlR
LzC+tKkw81TKKtXj/AbcQ6d1Fw9dMYva5aG4HqufUTtMz7XqChBD7pXOxuBTaBj7
cnQHQTaxyTN1t6YWUgC5ZWOIMAkjrWc5L3GwUWglSeiNQtGGxDMwapcPCuBe6VWG
xgR7xV3xZkSlmsSnxAANhap8NnbtwIYBkA2lnkbigxyqTL9t/Y9gJmavrpqzNGX8
GkM8vUnSjXqLRIgGuUj/b+vFx4V1Vl9tfId8ZV3Ts8IMlCynvbLIrzu4wQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFEWNZWhiLVKMVSSJP/izFgVVspLIMB8GA1UdIwQY
MBaAFJQKEKJWco8RpLuq3DIEt/CjWlAAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEFvUW9sWnlqeEdrdTZyY01nUzM4S05hVUFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hMWFlNzUtMmQ2Yi00Y2M2LWFjZWYt
ZGNlNmQ2OTA5MjQ3LzEvUlkxbGFHSXRVb3hWSklrXy1MTVdCVld5a3NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9hMWFlNzUtMmQ2Yi00Y2M2LWFjZWYtZGNlNmQ2OTA5MjQ3
LzEvbEFvUW9sWnlqeEdrdTZyY01nUzM4S05hVUFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBKBAIAATBEAwQATU6WAwQD
T2JoAwQCuTTMAwQCuTfkMAwDBAC5xyUDBAC5xyYDBAK55BgDBAC573wDBAG5734D
BADCkT8DBALDvVAwFAQCAAIwDgMFACoBtqADBQIqAoDgMA0GCSqGSIb3DQEBCwUA
A4IBAQBrKXclhsHqpCIO8eWOWPrFrm4QQAflaxCto6rG71PIzdelf5u4Mxxmlosd
Ao0g6wvo6hF1CB3CA2qn/toReNvoGlMHsTa2CNRF+/AeEwdtrlnZpVIFVLP+nYVw
z7D3Ly5u682nYkkB+fDGkPiHm+pU/CCwX0Ig/qHV6D8D3fKJNSBninllBhkf1QNJ
I94Iy4acURtR8rOoOLgNsLz6XT7ESl+49/hBNWHC4niyCNnvT0P0/DBHS3M9TSFN
ZtYZBDuYxdU2UARk6o0mnQM6LIUcY5DbduhGTyY64b6F36XwKliuIa0Qt5cHDHiX
D1I0dNwWouasltm5z7DkWYJaArS0
-----END CERTIFICATE-----
Generated at Sun Jun 8 13:37:26 2025 by rpki-client