Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/fdd25d-c034-49f3-890d-4b89d377808e/1/NG7h3MLl7rsjKfJWWMgCk14YKA8.roa
File: NG7h3MLl7rsjKfJWWMgCk14YKA8.roa (raw, json)
Hash identifier: TfduHN4QjBYJ2zJVMdkqYrJchaPgW7zgFk7X9cdWumk=
Subject key identifier: 34:6E:E1:DC:C2:E5:EE:BB:23:29:F2:56:58:C8:02:93:5E:18:28:0F
Certificate issuer: /CN=574537d54f36f142231bc817038872cb607b21e7
Certificate serial: 0194258F5CE02CB29C4EEF0F867AEF25C010
Authority key identifier: 57:45:37:D5:4F:36:F1:42:23:1B:C8:17:03:88:72:CB:60:7B:21:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V0U31U828UIjG8gXA4hyy2B7Iec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/fdd25d-c034-49f3-890d-4b89d377808e/1/NG7h3MLl7rsjKfJWWMgCk14YKA8.roa
Signing time: Thu 02 Jan 2025 05:48:59 +0000
ROA not before: Thu 02 Jan 2025 05:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15600
IP address blocks: 5.44.112.0/20 maxlen: 20
31.193.208.0/21 maxlen: 24
37.35.120.0/21 maxlen: 21
62.204.96.0/19 maxlen: 24
65.18.128.0/18 maxlen: 18
77.111.228.0/22 maxlen: 22
80.208.128.0/18 maxlen: 24
89.236.128.0/18 maxlen: 24
95.174.224.0/19 maxlen: 24
109.106.44.0/22 maxlen: 22
109.106.48.0/20 maxlen: 20
138.248.48.0/20 maxlen: 20
139.178.0.0/18 maxlen: 24
145.40.224.0/19 maxlen: 19
185.74.108.0/22 maxlen: 22
212.60.32.0/19 maxlen: 24
213.221.192.0/18 maxlen: 24
2001:1a88::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/fdd25d-c034-49f3-890d-4b89d377808e/1/V0U31U828UIjG8gXA4hyy2B7Iec.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/fdd25d-c034-49f3-890d-4b89d377808e/1/V0U31U828UIjG8gXA4hyy2B7Iec.mft
rsync://rpki.ripe.net/repository/DEFAULT/V0U31U828UIjG8gXA4hyy2B7Iec.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 14:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:5c:e0:2c:b2:9c:4e:ef:0f:86:7a:ef:25:c0:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=574537d54f36f142231bc817038872cb607b21e7
Validity
Not Before: Jan 2 05:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=346ee1dcc2e5eebb2329f25658c802935e18280f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:66:e4:da:4e:56:4d:2d:c3:b6:21:66:55:fd:
75:8f:42:3e:4b:d1:4e:6d:db:07:80:d3:16:36:f5:
b1:5c:e9:9b:03:83:84:90:2d:fe:c7:85:f1:0f:71:
03:9d:91:07:2e:6c:f6:c6:ca:f2:0d:41:63:d9:d6:
3d:aa:09:ab:a8:1b:5c:6e:a5:ff:3c:31:25:06:58:
f9:52:63:94:64:4a:a9:e8:37:95:88:9c:bc:a6:9e:
48:a4:87:05:f8:84:54:52:0a:2e:fa:10:e1:05:37:
3e:a8:7d:8f:50:b8:17:37:3b:c0:85:81:58:eb:29:
63:07:50:4b:e5:9e:68:e9:a4:3c:8c:30:17:83:95:
04:b7:90:0e:6c:dd:af:39:d1:12:c3:29:35:7b:a8:
eb:0e:a2:ca:e4:ca:e4:31:78:12:59:3e:e8:65:3d:
05:6c:6e:5f:d4:27:a6:4b:6e:c2:1a:23:56:3b:2d:
05:d3:3c:d5:09:82:a4:3a:d6:f1:ab:f2:55:37:57:
09:4e:50:9a:6c:d9:4e:13:29:40:89:db:8a:c6:73:
15:54:32:da:c7:c6:d7:e6:e0:75:cc:e2:55:f0:dc:
d7:4b:30:0e:89:75:a2:29:f7:a0:a1:66:8c:8f:f4:
2d:9c:1a:6f:30:bd:29:67:cb:1f:80:75:ea:b3:72:
e9:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:6E:E1:DC:C2:E5:EE:BB:23:29:F2:56:58:C8:02:93:5E:18:28:0F
X509v3 Authority Key Identifier:
keyid:57:45:37:D5:4F:36:F1:42:23:1B:C8:17:03:88:72:CB:60:7B:21:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V0U31U828UIjG8gXA4hyy2B7Iec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/fdd25d-c034-49f3-890d-4b89d377808e/1/NG7h3MLl7rsjKfJWWMgCk14YKA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/fdd25d-c034-49f3-890d-4b89d377808e/1/V0U31U828UIjG8gXA4hyy2B7Iec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.112.0/20
31.193.208.0/21
37.35.120.0/21
62.204.96.0/19
65.18.128.0/18
77.111.228.0/22
80.208.128.0/18
89.236.128.0/18
95.174.224.0/19
109.106.44.0-109.106.63.255
138.248.48.0/20
139.178.0.0/18
145.40.224.0/19
185.74.108.0/22
212.60.32.0/19
213.221.192.0/18
IPv6:
2001:1a88::/29
Signature Algorithm: sha256WithRSAEncryption
33:4c:ec:2c:7f:83:5e:13:3e:c0:c7:40:d9:87:3d:5e:1d:65:
16:71:0e:3a:bb:88:05:5d:82:5c:1f:f5:df:59:01:0e:ad:56:
6f:37:3d:a5:98:b5:ff:75:c5:ec:d2:10:4f:a4:d7:94:25:cb:
01:aa:d7:5c:9d:08:f3:c6:bd:79:14:e2:9f:f9:24:7f:0c:07:
68:19:56:4b:4a:e5:d7:4f:bf:3b:7f:ef:97:c6:a6:c6:97:71:
1c:ec:03:75:30:e5:5d:23:a5:24:a6:dc:7c:e6:22:fc:e9:7f:
30:1a:53:01:65:7e:b6:5a:27:74:b2:f1:02:80:c5:2f:5e:86:
1c:d2:8d:1d:fa:e9:30:1e:77:dd:25:5d:47:78:0a:d6:97:48:
da:df:e8:28:ce:c0:90:74:21:2a:54:5f:f6:07:b5:ab:f9:a3:
ff:97:7a:38:53:3b:59:2e:58:a8:8f:5d:f1:ec:bf:ba:1a:26:
88:e2:b0:a8:7f:e2:6e:4b:6b:90:28:5f:a4:28:57:06:13:fa:
40:c4:7c:87:a6:ba:4e:b3:3e:a6:fc:47:92:21:46:74:09:4b:
a3:2f:d8:15:c0:19:57:8a:41:4a:fe:a7:05:58:4e:6e:61:f0:
31:69:59:0e:02:40:78:e8:6f:cf:3b:31:f4:e3:4a:de:0d:b9:
6b:25:c2:76
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgISAZQlj1zgLLKcTu8PhnrvJcAQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NDUzN2Q1NGYzNmYxNDIyMzFiYzgxNzAzODg3MmNiNjA3
YjIxZTcwHhcNMjUwMTAyMDU0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDZlZTFkY2MyZTVlZWJiMjMyOWYyNTY1OGM4MDI5MzVlMTgyODBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2bk2k5WTS3DtiFmVf11j0I+S9FO
bdsHgNMWNvWxXOmbA4OEkC3+x4XxD3EDnZEHLmz2xsryDUFj2dY9qgmrqBtcbqX/
PDElBlj5UmOUZEqp6DeViJy8pp5IpIcF+IRUUgou+hDhBTc+qH2PULgXNzvAhYFY
6yljB1BL5Z5o6aQ8jDAXg5UEt5AObN2vOdESwyk1e6jrDqLK5MrkMXgSWT7oZT0F
bG5f1CemS27CGiNWOy0F0zzVCYKkOtbxq/JVN1cJTlCabNlOEylAiduKxnMVVDLa
x8bX5uB1zOJV8NzXSzAOiXWiKfegoWaMj/QtnBpvML0pZ8sfgHXqs3LpgQIDAQAB
o4ICfDCCAngwHQYDVR0OBBYEFDRu4dzC5e67IynyVljIApNeGCgPMB8GA1UdIwQY
MBaAFFdFN9VPNvFCIxvIFwOIcstgeyHnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjBVMzFVODI4VUlqRzhnWEE0aHl5MkI3SWVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9mZGQyNWQtYzAzNC00OWYzLTg5MGQt
NGI4OWQzNzc4MDhlLzEvTkc3aDNNTGw3cnNqS2ZKV1dNZ0NrMTRZS0E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9mZGQyNWQtYzAzNC00OWYzLTg5MGQtNGI4OWQzNzc4MDhl
LzEvVjBVMzFVODI4VUlqRzhnWEE0aHl5MkI3SWVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGRBggrBgEFBQcBBwEB/wSBgTB/MG4EAgABMGgDBAQFLHAD
BAMfwdADBAMlI3gDBAU+zGADBAZBEoADBAJNb+QDBAZQ0IADBAZZ7IADBAVfruAw
DAMEAm1qLAMEBm1qAAMEBIr4MAMEBouyAAMEBZEo4AMEArlKbAMEBdQ8IAMEBtXd
wDANBAIAAjAHAwUDIAEaiDANBgkqhkiG9w0BAQsFAAOCAQEAM0zsLH+DXhM+wMdA
2Yc9Xh1lFnEOOruIBV2CXB/131kBDq1Wbzc9pZi1/3XF7NIQT6TXlCXLAarXXJ0I
88a9eRTin/kkfwwHaBlWS0rl10+/O3/vl8amxpdxHOwDdTDlXSOlJKbcfOYi/Ol/
MBpTAWV+tlondLLxAoDFL16GHNKNHfrpMB533SVdR3gK1pdI2t/oKM7AkHQhKlRf
9ge1q/mj/5d6OFM7WS5YqI9d8ey/uhomiOKwqH/ibktrkChfpChXBhP6QMR8h6a6
TrM+pvxHkiFGdAlLoy/YFcAZV4pBSv6nBVhObmHwMWlZDgJAeOhvzzsx9ONK3g25
ayXCdg==
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:30:24 2025 by rpki-client