Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/dDluN-ZW3m4A2qeeV1wHH5bu8tM.roa
File: dDluN-ZW3m4A2qeeV1wHH5bu8tM.roa (raw, json)
Hash identifier: HIE3+ZZu9CT1HGuYfh7TMNitUjpb7aMhEYQpjqcPSJo=
Subject key identifier: 74:39:6E:37:E6:56:DE:6E:00:DA:A7:9E:57:5C:07:1F:96:EE:F2:D3
Certificate issuer: /CN=8d84404e5f8a4b117ae44e73d53c44ecdd578342
Certificate serial: 01942521D63459AA82109B0BB656960EB4DD
Authority key identifier: 8D:84:40:4E:5F:8A:4B:11:7A:E4:4E:73:D5:3C:44:EC:DD:57:83:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/dDluN-ZW3m4A2qeeV1wHH5bu8tM.roa
Signing time: Thu 02 Jan 2025 03:49:21 +0000
ROA not before: Thu 02 Jan 2025 03:49:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13238
IP address blocks: 5.45.192.0/18 maxlen: 24
5.255.192.0/18 maxlen: 24
37.9.64.0/18 maxlen: 24
37.140.128.0/18 maxlen: 24
77.88.0.0/18 maxlen: 24
84.252.160.0/19 maxlen: 24
87.250.224.0/19 maxlen: 24
90.156.176.0/20 maxlen: 24
92.255.112.0/20 maxlen: 24
92.255.127.0/24 maxlen: 24
93.158.128.0/18 maxlen: 24
95.108.128.0/17 maxlen: 24
141.8.128.0/18 maxlen: 24
178.154.128.0/19 maxlen: 24
178.154.160.0/19 maxlen: 24
185.32.187.0/24 maxlen: 24
213.180.192.0/19 maxlen: 24
2a02:6b8::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/jYRATl-KSxF65E5z1TxE7N1Xg0I.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/jYRATl-KSxF65E5z1TxE7N1Xg0I.mft
rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 12:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:d6:34:59:aa:82:10:9b:0b:b6:56:96:0e:b4:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d84404e5f8a4b117ae44e73d53c44ecdd578342
Validity
Not Before: Jan 2 03:49:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=74396e37e656de6e00daa79e575c071f96eef2d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a1:2e:ef:f6:e8:0a:28:02:b5:27:2d:54:11:
29:44:1a:76:04:cf:45:7c:f2:e4:39:18:c3:76:ac:
d9:1b:5c:0a:60:57:34:08:67:df:a9:8e:64:74:e8:
c6:11:d5:55:03:22:0a:1c:1b:8a:08:2a:72:95:38:
d6:f4:b0:83:5b:3e:2a:26:55:b6:25:40:e2:21:34:
4c:48:84:9d:ff:74:c2:9b:fc:d7:48:5d:23:b4:a2:
19:ad:ee:89:a6:c9:23:01:6c:26:27:57:0f:bd:0d:
63:7b:90:a2:3f:7e:84:2f:63:15:c4:aa:af:be:79:
e7:a6:66:d5:a0:ab:e6:bc:4e:31:2a:dc:a9:cf:1c:
a7:5c:19:7e:42:75:16:5a:0a:94:ad:e5:8d:0d:7f:
96:27:4f:d9:95:92:e9:e1:9d:91:a6:18:11:7b:95:
81:16:dd:a9:a5:81:40:46:9e:72:86:d9:cb:f8:d8:
c3:e3:5d:f5:aa:8c:91:90:1d:50:93:35:6d:33:60:
f7:2c:78:b2:b4:d2:dd:96:9e:2e:fa:bc:cc:7f:34:
dd:bb:68:8e:fd:8e:25:7e:5d:cf:67:ec:8b:3b:ca:
ef:bd:eb:6e:47:67:2e:94:99:94:7f:92:da:c3:25:
5e:d4:d9:4e:05:82:ad:20:04:a1:d2:61:bf:e5:03:
21:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:39:6E:37:E6:56:DE:6E:00:DA:A7:9E:57:5C:07:1F:96:EE:F2:D3
X509v3 Authority Key Identifier:
keyid:8D:84:40:4E:5F:8A:4B:11:7A:E4:4E:73:D5:3C:44:EC:DD:57:83:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/dDluN-ZW3m4A2qeeV1wHH5bu8tM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/jYRATl-KSxF65E5z1TxE7N1Xg0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.192.0/18
5.255.192.0/18
37.9.64.0/18
37.140.128.0/18
77.88.0.0/18
84.252.160.0/19
87.250.224.0/19
90.156.176.0/20
92.255.112.0/20
93.158.128.0/18
95.108.128.0/17
141.8.128.0/18
178.154.128.0/18
185.32.187.0/24
213.180.192.0/19
IPv6:
2a02:6b8::/29
Signature Algorithm: sha256WithRSAEncryption
52:7b:39:74:17:8f:4d:92:76:a6:45:a4:05:c2:c2:d2:4e:c8:
9c:46:81:32:4d:f0:f1:22:b1:59:48:83:e4:a7:52:6f:f9:12:
b2:99:59:41:3c:a0:09:1d:31:7a:67:ce:26:73:e5:97:3d:09:
5a:d9:cc:9b:8a:10:13:04:68:10:ee:10:1d:78:a4:ec:11:73:
4a:a3:0c:95:0e:42:83:c2:68:15:dd:92:42:ea:52:10:dd:f9:
c2:c8:6d:63:49:6b:c5:a5:c2:5e:72:fa:f1:f6:bc:00:73:87:
e4:3b:b5:bf:14:35:ae:cd:ef:fe:90:8e:5a:a9:d4:37:ca:8d:
e2:0b:74:00:95:62:5e:1f:e7:a6:65:1f:5a:69:73:7f:16:0d:
bd:31:59:10:ba:0a:ef:46:f0:e3:7e:12:07:78:cc:58:cd:43:
b5:05:59:c0:10:5b:e1:b2:8e:ae:cd:7f:a6:94:2f:78:71:d4:
28:aa:5a:f0:4e:28:2c:d1:17:5a:6d:d3:3b:b0:6d:3a:69:08:
7e:aa:2a:d9:09:8c:75:41:7b:9e:32:72:e1:6c:08:79:aa:2a:
c9:0d:4c:dc:07:97:77:5d:8c:8a:7c:7d:e0:57:64:4e:b7:8d:
3f:c7:a4:92:fb:e2:64:ed:c4:9e:8d:4c:7e:4c:f7:0b:73:da:
99:b1:23:05
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZQlIdY0WaqCEJsLtlaWDrTdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODQ0MDRlNWY4YTRiMTE3YWU0NGU3M2Q1M2M0NGVjZGQ1
NzgzNDIwHhcNMjUwMTAyMDM0OTIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDM5NmUzN2U2NTZkZTZlMDBkYWE3OWU1NzVjMDcxZjk2ZWVmMmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaEu7/boCigCtSctVBEpRBp2BM9F
fPLkORjDdqzZG1wKYFc0CGffqY5kdOjGEdVVAyIKHBuKCCpylTjW9LCDWz4qJlW2
JUDiITRMSISd/3TCm/zXSF0jtKIZre6JpskjAWwmJ1cPvQ1je5CiP36EL2MVxKqv
vnnnpmbVoKvmvE4xKtypzxynXBl+QnUWWgqUreWNDX+WJ0/ZlZLp4Z2RphgRe5WB
Ft2ppYFARp5yhtnL+NjD4131qoyRkB1QkzVtM2D3LHiytNLdlp4u+rzMfzTdu2iO
/Y4lfl3PZ+yLO8rvvetuR2culJmUf5LawyVe1NlOBYKtIASh0mG/5QMhawIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFHQ5bjfmVt5uANqnnldcBx+W7vLTMB8GA1UdIwQY
MBaAFI2EQE5fiksReuROc9U8ROzdV4NCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallSQVRsLUtTeEY2NUU1ejFUeEU3TjFYZzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kNTFmNjQtNWQwNi00ZmMwLWFiNjkt
MmNkOThlZTUzNTY5LzEvZERsdU4tWlczbTRBMnFlZVYxd0hINWJ1OHRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kNTFmNjQtNWQwNi00ZmMwLWFiNjktMmNkOThlZTUzNTY5
LzEvallSQVRsLUtTeEY2NUU1ejFUeEU3TjFYZzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEBgUtwAME
BgX/wAMEBiUJQAMEBiWMgAMEBk1YAAMEBVT8oAMEBVf64AMEBFqcsAMEBFz/cAME
Bl2egAMEB19sgAMEBo0IgAMEBrKagAMEALkguwMEBdW0wDANBAIAAjAHAwUDKgIG
uDANBgkqhkiG9w0BAQsFAAOCAQEAUns5dBePTZJ2pkWkBcLC0k7InEaBMk3w8SKx
WUiD5KdSb/kSsplZQTygCR0xemfOJnPllz0JWtnMm4oQEwRoEO4QHXik7BFzSqMM
lQ5Cg8JoFd2SQupSEN35wshtY0lrxaXCXnL68fa8AHOH5Du1vxQ1rs3v/pCOWqnU
N8qN4gt0AJViXh/npmUfWmlzfxYNvTFZELoK70bw434SB3jMWM1DtQVZwBBb4bKO
rs1/ppQveHHUKKpa8E4oLNEXWm3TO7BtOmkIfqoq2QmMdUF7njJy4WwIeaoqyQ1M
3AeXd12Minx94FdkTreNP8ekkvviZO3Eno1Mfkz3C3PambEjBQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 21:16:06 2025 by rpki-client