Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/rVAMPxQEajIzgBDq_QlH1UB_rOs.roa
File: rVAMPxQEajIzgBDq_QlH1UB_rOs.roa (raw, json)
Hash identifier: i7dAzsdGsRXLSIsa/8df9dB0gK3gqAkFNHzOpoaptoU=
Subject key identifier: AD:50:0C:3F:14:04:6A:32:33:80:10:EA:FD:09:47:D5:40:7F:AC:EB
Certificate issuer: /CN=5833294a1cdc1358afc439c0a72733b065a86f8b
Certificate serial: 0194206841418C5BE527F6BB8706DB7B0C50
Authority key identifier: 58:33:29:4A:1C:DC:13:58:AF:C4:39:C0:A7:27:33:B0:65:A8:6F:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WDMpShzcE1ivxDnApyczsGWob4s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/rVAMPxQEajIzgBDq_QlH1UB_rOs.roa
Signing time: Wed 01 Jan 2025 05:48:10 +0000
ROA not before: Wed 01 Jan 2025 05:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49352
IP address blocks: 62.113.93.0/24 maxlen: 24
176.99.4.0/24 maxlen: 24
176.99.5.0/24 maxlen: 24
176.99.5.190/32 maxlen: 32
176.99.6.0/24 maxlen: 24
176.99.7.0/24 maxlen: 24
176.99.8.0/24 maxlen: 24
176.99.9.0/24 maxlen: 24
178.21.9.0/24 maxlen: 24
178.21.12.0/22 maxlen: 22
178.21.12.0/24 maxlen: 24
178.21.13.0/24 maxlen: 24
178.21.14.0/23 maxlen: 23
185.38.16.0/24 maxlen: 24
185.38.17.0/24 maxlen: 24
185.38.18.0/24 maxlen: 24
185.38.19.0/24 maxlen: 24
188.93.208.0/23 maxlen: 23
188.93.208.172/32 maxlen: 32
188.93.209.127/32 maxlen: 32
188.93.213.0/24 maxlen: 24
188.93.214.0/24 maxlen: 24
188.93.215.0/24 maxlen: 24
194.67.64.0/24 maxlen: 24
194.67.75.0/24 maxlen: 24
194.67.76.0/23 maxlen: 23
194.67.76.0/24 maxlen: 24
194.67.77.0/24 maxlen: 24
194.67.106.0/24 maxlen: 24
213.189.193.0/24 maxlen: 24
213.189.194.0/24 maxlen: 24
213.189.195.0/24 maxlen: 24
213.189.199.0/24 maxlen: 24
2a02:f20::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/WDMpShzcE1ivxDnApyczsGWob4s.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/WDMpShzcE1ivxDnApyczsGWob4s.mft
rsync://rpki.ripe.net/repository/DEFAULT/WDMpShzcE1ivxDnApyczsGWob4s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:41:41:8c:5b:e5:27:f6:bb:87:06:db:7b:0c:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5833294a1cdc1358afc439c0a72733b065a86f8b
Validity
Not Before: Jan 1 05:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad500c3f14046a32338010eafd0947d5407faceb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:8e:28:11:fe:05:a7:93:6d:39:12:3b:2b:ce:
b2:21:ba:71:f7:38:48:2a:f8:94:6f:a4:3f:e9:01:
a5:d6:56:52:e4:7c:8a:10:8a:9f:46:a9:9c:5a:d9:
47:8b:d2:1e:72:b0:68:b1:25:5d:cc:ee:38:5b:91:
76:4d:c5:53:80:91:42:c4:85:f2:42:4d:44:b9:bc:
2b:6c:63:a4:91:56:49:70:80:a5:d7:5a:3d:e4:83:
0e:60:b5:d0:2b:bd:f2:6d:44:63:3c:67:eb:31:18:
00:b0:cd:64:c1:ea:df:23:7b:ff:75:6b:ae:44:42:
0c:1c:6b:44:e8:ad:f5:f0:7c:fc:fb:66:31:69:25:
93:8f:11:be:0a:b3:9a:bb:2f:37:05:77:88:e3:e2:
b3:33:fe:62:7b:22:00:71:18:42:3d:15:97:e5:5d:
ab:99:be:ba:14:0a:40:3a:8d:21:a8:95:34:02:f8:
e0:9c:2e:b0:e0:fc:32:d0:04:e0:45:0f:1f:70:82:
01:03:52:d3:bd:9d:bb:5a:11:33:65:55:11:f6:62:
eb:f0:28:32:19:4e:d5:1a:68:1b:5c:70:63:0c:01:
30:7a:22:65:ee:f4:65:4a:ac:2e:f4:3f:e9:16:bb:
26:e0:43:eb:25:3e:48:8d:7f:79:a8:e3:aa:58:0c:
9f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:50:0C:3F:14:04:6A:32:33:80:10:EA:FD:09:47:D5:40:7F:AC:EB
X509v3 Authority Key Identifier:
keyid:58:33:29:4A:1C:DC:13:58:AF:C4:39:C0:A7:27:33:B0:65:A8:6F:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WDMpShzcE1ivxDnApyczsGWob4s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/rVAMPxQEajIzgBDq_QlH1UB_rOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/WDMpShzcE1ivxDnApyczsGWob4s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.113.93.0/24
176.99.4.0-176.99.9.255
178.21.9.0/24
178.21.12.0/22
185.38.16.0/22
188.93.208.0/23
188.93.213.0-188.93.215.255
194.67.64.0/24
194.67.75.0-194.67.77.255
194.67.106.0/24
213.189.193.0-213.189.195.255
213.189.199.0/24
IPv6:
2a02:f20::/32
Signature Algorithm: sha256WithRSAEncryption
98:6d:b1:8e:da:7d:7d:3c:50:b6:a5:bc:83:71:fb:1b:ac:a1:
6b:5c:0e:f2:19:bb:6f:e9:8a:aa:6f:c1:6d:3c:3d:ce:4f:a7:
31:ae:0c:55:4a:ff:10:4d:49:e3:03:63:ce:c9:29:8b:d2:09:
e6:b4:89:85:e0:19:d1:4f:12:d4:91:93:67:df:df:b4:88:34:
c2:84:66:55:42:a0:d2:0d:c0:cf:60:e6:54:9c:3a:b0:3a:89:
53:9d:92:95:59:a2:f1:91:45:ca:00:8e:df:ff:8e:b1:3a:b9:
ff:97:83:df:36:4e:39:10:5b:25:db:ca:2c:64:e0:ff:43:f0:
a5:4a:00:a9:88:02:ab:d3:86:cc:6b:c6:c8:d7:df:d3:bd:c7:
75:de:55:aa:12:f6:21:04:11:9b:ed:e8:10:f2:2e:cb:49:f5:
bc:17:0c:80:50:26:b4:c0:ba:9e:88:ed:5f:a7:af:29:3c:26:
24:92:14:38:cc:11:71:07:e5:6e:74:f4:b7:00:aa:1b:46:9f:
a3:b2:55:eb:5d:86:97:a4:12:5b:25:fc:51:d9:2f:94:8f:9e:
7d:a6:2e:c5:f7:3f:23:07:b5:10:28:81:eb:b5:51:f3:f3:2b:
04:08:ad:39:a4:52:74:53:8b:ef:c0:d7:85:ae:36:e9:5c:c7:
ca:72:1c:f2
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgISAZQgaEFBjFvlJ/a7hwbbewxQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MzMyOTRhMWNkYzEzNThhZmM0MzljMGE3MjczM2IwNjVh
ODZmOGIwHhcNMjUwMTAxMDU0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDUwMGMzZjE0MDQ2YTMyMzM4MDEwZWFmZDA5NDdkNTQwN2ZhY2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqY4oEf4Fp5NtORI7K86yIbpx9zhI
KviUb6Q/6QGl1lZS5HyKEIqfRqmcWtlHi9IecrBosSVdzO44W5F2TcVTgJFCxIXy
Qk1EubwrbGOkkVZJcICl11o95IMOYLXQK73ybURjPGfrMRgAsM1kwerfI3v/dWuu
REIMHGtE6K318Hz8+2YxaSWTjxG+CrOauy83BXeI4+KzM/5ieyIAcRhCPRWX5V2r
mb66FApAOo0hqJU0AvjgnC6w4Pwy0ATgRQ8fcIIBA1LTvZ27WhEzZVUR9mLr8Cgy
GU7VGmgbXHBjDAEweiJl7vRlSqwu9D/pFrsm4EPrJT5IjX95qOOqWAyfLQIDAQAB
o4ICfDCCAngwHQYDVR0OBBYEFK1QDD8UBGoyM4AQ6v0JR9VAf6zrMB8GA1UdIwQY
MBaAFFgzKUoc3BNYr8Q5wKcnM7BlqG+LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0RNcFNoemNFMWl2eERuQXB5Y3pzR1dvYjRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80YjQxOWMtY2Y4Zi00YzlhLTk0ZDct
YmI0YjY1YjZhMGQxLzEvclZBTVB4UUVhakl6Z0JEcV9RbEgxVUJfck9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80YjQxOWMtY2Y4Zi00YzlhLTk0ZDctYmI0YjY1YjZhMGQx
LzEvV0RNcFNoemNFMWl2eERuQXB5Y3pzR1dvYjRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGRBggrBgEFBQcBBwEB/wSBgTB/MG4EAgABMGgDBAA+cV0w
DAMEArBjBAMEAbBjCAMEALIVCQMEArIVDAMEArkmEAMEAbxd0DAMAwQAvF3VAwQD
vF3QAwQAwkNAMAwDBADCQ0sDBAHCQ0wDBADCQ2owDAMEANW9wQMEAtW9wAMEANW9
xzANBAIAAjAHAwUAKgIPIDANBgkqhkiG9w0BAQsFAAOCAQEAmG2xjtp9fTxQtqW8
g3H7G6yha1wO8hm7b+mKqm/BbTw9zk+nMa4MVUr/EE1J4wNjzskpi9IJ5rSJheAZ
0U8S1JGTZ9/ftIg0woRmVUKg0g3Az2DmVJw6sDqJU52SlVmi8ZFFygCO3/+OsTq5
/5eD3zZOORBbJdvKLGTg/0PwpUoAqYgCq9OGzGvGyNff073Hdd5VqhL2IQQRm+3o
EPIuy0n1vBcMgFAmtMC6nojtX6evKTwmJJIUOMwRcQflbnT0twCqG0afo7JV612G
l6QSWyX8UdkvlI+efaYuxfc/Iwe1ECiB67VR8/MrBAitOaRSdFOL78DXha426VzH
ynIc8g==
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:34:45 2025 by rpki-client