Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/gn1AcSVypYJg_PTc9nt6DNTWlgM.roa
File: gn1AcSVypYJg_PTc9nt6DNTWlgM.roa (raw, json)
Hash identifier: 1t/ex0RYVdVuMRbJooAqLW6Drf6tf835snf1K3KcStU=
Subject key identifier: 82:7D:40:71:25:72:A5:82:60:FC:F4:DC:F6:7B:7A:0C:D4:D6:96:03
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 0194F00C88E352C16D51AF9CBF4894B3C3C9
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/gn1AcSVypYJg_PTc9nt6DNTWlgM.roa
Signing time: Mon 10 Feb 2025 13:29:00 +0000
ROA not before: Mon 10 Feb 2025 13:29:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209737
IP address blocks: 5.180.105.0/24 maxlen: 24
5.180.106.0/24 maxlen: 24
5.180.107.0/24 maxlen: 24
45.131.0.0/24 maxlen: 24
45.131.1.0/24 maxlen: 24
45.136.4.0/24 maxlen: 24
45.141.148.0/24 maxlen: 24
45.147.44.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
77.83.203.0/24 maxlen: 24
194.116.228.0/24 maxlen: 24
194.116.236.0/24 maxlen: 24
194.116.237.0/24 maxlen: 24
194.146.26.0/24 maxlen: 24
194.146.36.0/24 maxlen: 24
194.146.47.0/24 maxlen: 24
2a09:8780::/29 maxlen: 29
2a0f:b700::/29 maxlen: 29
2a0f:e900::/29 maxlen: 29
2a0f:eb00::/29 maxlen: 29
2a0f:eb00::/32 maxlen: 32
2a0f:eb07::/32 maxlen: 32
2a0f:ed00::/29 maxlen: 29
2a0f:ed03::/32 maxlen: 32
2a0f:f900::/29 maxlen: 29
2a13:a441::/32 maxlen: 32
2a13:a445::/32 maxlen: 32
2a13:a447::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.mft
rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 13:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f0:0c:88:e3:52:c1:6d:51:af:9c:bf:48:94:b3:c3:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Feb 10 13:29:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=827d40712572a58260fcf4dcf67b7a0cd4d69603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:e1:30:d9:78:70:35:ed:c1:d7:78:08:17:e2:
22:b0:64:46:1d:5f:56:b5:80:c6:ad:ad:19:9e:a9:
53:e9:db:b9:9e:d7:9d:cf:21:5e:15:03:70:f7:dd:
93:07:6f:b4:4b:31:71:da:2d:41:71:1d:c2:02:15:
3c:88:8d:ba:1e:82:1a:a0:14:d5:a0:5d:de:8d:92:
5a:2f:66:64:eb:1a:03:df:1f:9e:1a:26:59:8b:f1:
fe:98:06:54:8e:69:ed:a3:c2:ae:14:95:6f:9b:f7:
45:fa:5c:79:0a:11:99:a0:33:66:23:d6:30:d4:b1:
ce:16:47:91:7e:b1:5b:17:a9:4f:8f:10:e0:cb:9a:
ca:5f:c9:7c:3c:27:ae:1d:15:b6:84:ba:9c:2c:a9:
7a:c9:35:03:98:85:a9:ff:40:99:3a:40:0b:bd:1e:
2a:27:e0:84:80:c8:91:c4:fa:21:cc:62:de:6e:8f:
d4:ac:14:ed:bd:26:15:d7:9d:a8:13:03:a2:82:5c:
bc:8e:e2:06:0f:e4:3c:f7:46:cf:f2:04:bd:6b:2f:
09:a8:24:af:c9:71:f6:54:77:99:43:41:24:06:7d:
c4:99:e4:2f:91:d4:7d:8c:59:14:27:4b:a5:93:1e:
55:d0:4c:ce:26:7f:4f:aa:85:a5:93:a8:ac:c8:a1:
00:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:7D:40:71:25:72:A5:82:60:FC:F4:DC:F6:7B:7A:0C:D4:D6:96:03
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/gn1AcSVypYJg_PTc9nt6DNTWlgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.105.0-5.180.107.255
45.131.0.0/23
45.136.4.0/24
45.141.148.0/24
45.147.44.0/24
77.83.200.0/22
194.116.228.0/24
194.116.236.0/23
194.146.26.0/24
194.146.36.0/24
194.146.47.0/24
IPv6:
2a09:8780::/29
2a0f:b700::/29
2a0f:e900::/29
2a0f:eb00::/29
2a0f:ed00::/29
2a0f:f900::/29
2a13:a441::/32
2a13:a445::/32
2a13:a447::/32
Signature Algorithm: sha256WithRSAEncryption
3c:d2:1b:d2:49:17:29:f5:43:c3:1a:b4:a5:7a:8a:84:72:a5:
37:a4:70:c4:40:b4:d2:15:bc:8f:b1:53:ca:da:5e:b8:b3:b6:
7b:e9:43:c0:f1:aa:ea:7e:22:99:ee:76:ad:d6:b1:99:34:54:
f4:f7:c6:f2:25:01:44:d4:7f:5f:f1:44:5f:3f:14:dc:2b:22:
d3:32:14:48:de:8c:8a:44:7e:53:45:de:36:b7:46:0b:31:03:
75:74:25:61:2b:64:d5:4a:b9:b0:f0:e0:67:34:d4:b6:3a:75:
70:c5:0d:fc:ec:24:89:34:33:24:24:e9:41:c8:ea:49:fe:c6:
bf:df:0f:4a:d2:54:8d:b1:5d:1b:09:45:d3:94:09:9d:1c:f5:
3d:71:bd:e1:a3:d6:cb:fb:4f:bc:fc:0d:07:da:f6:55:d2:81:
0d:1e:c5:c4:a1:ef:2c:f8:89:6f:52:fc:1f:86:00:7c:1c:f5:
77:e1:f1:1e:9d:18:2e:e4:a6:55:2a:84:3d:0b:ec:3b:70:b8:
2d:e1:a3:05:c8:7c:54:23:c8:17:f4:90:03:0c:a3:45:04:26:
59:bd:09:82:13:f6:5b:9b:a6:fe:0e:bb:4a:4b:93:10:d5:1f:
73:43:25:6b:30:ac:2c:d7:b9:a8:55:54:0c:20:8c:a5:e6:67:
b3:d0:b3:ac
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAZTwDIjjUsFtUa+cv0iUs8PJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjUwMjEwMTMyOTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjdkNDA3MTI1NzJhNTgyNjBmY2Y0ZGNmNjdiN2EwY2Q0ZDY5NjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOEw2XhwNe3B13gIF+IisGRGHV9W
tYDGra0ZnqlT6du5ntedzyFeFQNw992TB2+0SzFx2i1BcR3CAhU8iI26HoIaoBTV
oF3ejZJaL2Zk6xoD3x+eGiZZi/H+mAZUjmnto8KuFJVvm/dF+lx5ChGZoDNmI9Yw
1LHOFkeRfrFbF6lPjxDgy5rKX8l8PCeuHRW2hLqcLKl6yTUDmIWp/0CZOkALvR4q
J+CEgMiRxPohzGLebo/UrBTtvSYV152oEwOigly8juIGD+Q890bP8gS9ay8JqCSv
yXH2VHeZQ0EkBn3EmeQvkdR9jFkUJ0ulkx5V0EzOJn9PqoWlk6isyKEAUQIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFIJ9QHElcqWCYPz03PZ7egzU1pYDMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvZ24xQWNTVnlwWUpnX1BUYzludDZETlRXbGdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTBQBAIAATBKMAwDBAAF
tGkDBAIFtGgDBAEtgwADBAAtiAQDBAAtjZQDBAAtkywDBAJNU8gDBADCdOQDBAHC
dOwDBADCkhoDBADCkiQDBADCki8wRQQCAAIwPwMFAyoJh4ADBQMqD7cAAwUDKg/p
AAMFAyoP6wADBQMqD+0AAwUDKg/5AAMFACoTpEEDBQAqE6RFAwUAKhOkRzANBgkq
hkiG9w0BAQsFAAOCAQEAPNIb0kkXKfVDwxq0pXqKhHKlN6RwxEC00hW8j7FTytpe
uLO2e+lDwPGq6n4ime52rdaxmTRU9PfG8iUBRNR/X/FEXz8U3Csi0zIUSN6MikR+
U0XeNrdGCzEDdXQlYStk1Uq5sPDgZzTUtjp1cMUN/OwkiTQzJCTpQcjqSf7Gv98P
StJUjbFdGwlF05QJnRz1PXG94aPWy/tPvPwNB9r2VdKBDR7FxKHvLPiJb1L8H4YA
fBz1d+HxHp0YLuSmVSqEPQvsO3C4LeGjBch8VCPIF/SQAwyjRQQmWb0JghP2W5um
/g67SkuTENUfc0MlazCsLNe5qFVUDCCMpeZns9CzrA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:27 2025 by rpki-client