Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/jglHMQosHm5EePmNaCszZnbBZOs.roa
File: jglHMQosHm5EePmNaCszZnbBZOs.roa (raw, json)
Hash identifier: R0FPP1nLh3wCW9tN4EPA/+UY2zsuEsyvpDHM+ViEarg=
Subject key identifier: 8E:09:47:31:0A:2C:1E:6E:44:78:F9:8D:68:2B:33:66:76:C1:64:EB
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0196837F274D39B87DB2EC5A35A5B92A851F
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/jglHMQosHm5EePmNaCszZnbBZOs.roa
Signing time: Tue 29 Apr 2025 21:41:10 +0000
ROA not before: Tue 29 Apr 2025 21:41:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136787
IP address blocks: 64.43.65.0/24 maxlen: 24
64.43.73.0/24 maxlen: 24
64.43.74.0/24 maxlen: 24
64.43.75.0/24 maxlen: 24
64.43.94.0/24 maxlen: 24
64.43.95.0/24 maxlen: 24
64.43.120.0/24 maxlen: 24
64.43.121.0/24 maxlen: 24
64.43.122.0/24 maxlen: 24
64.43.123.0/24 maxlen: 24
77.36.72.0/24 maxlen: 24
77.36.73.0/24 maxlen: 24
77.36.74.0/24 maxlen: 24
77.36.75.0/24 maxlen: 24
77.36.76.0/24 maxlen: 24
77.36.77.0/24 maxlen: 24
77.36.78.0/24 maxlen: 24
77.36.79.0/24 maxlen: 24
109.197.236.0/24 maxlen: 24
109.197.237.0/24 maxlen: 24
109.197.238.0/24 maxlen: 24
109.197.239.0/24 maxlen: 24
176.96.88.0/24 maxlen: 24
176.96.90.0/24 maxlen: 24
176.96.91.0/24 maxlen: 24
193.36.208.0/24 maxlen: 24
193.36.209.0/24 maxlen: 24
193.36.210.0/24 maxlen: 24
193.36.211.0/24 maxlen: 24
193.36.212.0/24 maxlen: 24
193.36.213.0/24 maxlen: 24
193.36.214.0/24 maxlen: 24
193.36.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:83:7f:27:4d:39:b8:7d:b2:ec:5a:35:a5:b9:2a:85:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Apr 29 21:41:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e0947310a2c1e6e4478f98d682b336676c164eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7e:4b:bf:bf:bf:56:c3:8e:23:8d:84:b1:43:
03:d8:71:89:a4:31:b1:0b:77:5c:42:f1:7e:e9:72:
aa:c1:d1:c4:66:34:e4:91:d8:89:ce:99:78:42:ae:
66:b4:ce:47:04:94:be:98:1e:8c:f4:37:7c:1b:06:
6e:e4:8d:74:0a:e4:ae:7b:40:82:5a:2d:e4:eb:b6:
71:2f:50:3c:ca:47:4c:ec:4f:54:42:b4:44:1d:d3:
0f:85:80:5d:17:34:ac:68:1a:bd:c4:a1:22:14:a7:
9b:b2:cb:1d:64:21:a3:76:7d:21:37:c0:82:33:78:
db:f5:85:73:b2:5c:d2:46:4c:25:af:b5:93:61:53:
0b:49:fc:6d:7d:ef:4d:5f:fe:52:ac:64:35:37:70:
62:9a:e0:80:18:55:79:b7:af:4c:c1:1c:71:f2:3b:
49:3c:8d:b6:75:09:2d:73:4c:59:a8:81:f1:10:d7:
a5:fd:55:1d:65:a7:8f:3e:a8:7f:b7:b3:2c:e9:2b:
d8:26:31:bb:2c:e8:f6:7f:1d:52:b5:b7:26:25:de:
21:c2:86:b9:f3:9e:74:92:41:17:a1:0e:20:b0:15:
82:03:de:54:cf:ef:27:37:65:6d:8c:8a:b5:a3:6f:
cd:e3:f4:e5:fc:26:48:28:3a:f3:a8:eb:4e:92:c1:
52:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:09:47:31:0A:2C:1E:6E:44:78:F9:8D:68:2B:33:66:76:C1:64:EB
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/jglHMQosHm5EePmNaCszZnbBZOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.65.0/24
64.43.73.0-64.43.75.255
64.43.94.0/23
64.43.120.0/22
77.36.72.0/21
109.197.236.0/22
176.96.88.0/24
176.96.90.0/23
193.36.208.0/21
Signature Algorithm: sha256WithRSAEncryption
6a:27:be:54:09:03:9e:bf:e2:3f:c8:f0:be:b9:5b:82:ac:b8:
04:8b:38:e9:51:bb:3a:da:b8:8b:b4:d5:fc:45:78:7a:2d:cf:
1f:c1:d0:71:33:d9:93:31:bc:88:61:18:3f:85:ce:8a:35:b6:
9a:f0:6c:ea:fe:11:a8:4d:99:90:de:f0:ec:76:2b:f9:70:cd:
d2:96:66:39:f5:ca:cc:13:c7:77:ff:75:39:69:7b:90:8b:f6:
0d:50:7d:49:05:24:8e:5d:e6:34:bd:13:ab:63:d6:8b:28:e2:
98:0e:e6:c8:cb:5a:ec:b8:c8:2d:41:05:d8:1e:d7:6b:68:87:
36:19:d4:19:ba:49:b0:30:02:0b:c2:a4:ab:d6:98:33:a8:72:
43:33:60:24:c7:22:f1:57:82:9c:20:7f:4f:8e:50:12:ef:cb:
e3:c0:eb:1a:f1:fd:8a:18:b5:fa:14:a8:16:4d:c1:6b:a8:8d:
73:8f:22:d4:4f:e9:cb:65:42:61:a9:95:0d:48:77:d8:8f:26:
43:d6:a0:a5:3d:ef:17:98:be:80:75:28:b1:9d:ca:f2:29:ff:
c3:07:c3:b3:4c:95:bb:1e:51:bb:48:f2:a5:b5:49:63:e8:70:
90:be:65:70:17:90:d0:4d:0c:af:7c:21:65:ba:68:4b:a6:52:
46:47:f6:35
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZaDfydNObh9suxaNaW5KoUfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwNDI5MjE0MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTA5NDczMTBhMmMxZTZlNDQ3OGY5OGQ2ODJiMzM2Njc2YzE2NGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmn5Lv7+/VsOOI42EsUMD2HGJpDGx
C3dcQvF+6XKqwdHEZjTkkdiJzpl4Qq5mtM5HBJS+mB6M9Dd8GwZu5I10CuSue0CC
Wi3k67ZxL1A8ykdM7E9UQrREHdMPhYBdFzSsaBq9xKEiFKebsssdZCGjdn0hN8CC
M3jb9YVzslzSRkwlr7WTYVMLSfxtfe9NX/5SrGQ1N3BimuCAGFV5t69MwRxx8jtJ
PI22dQktc0xZqIHxENel/VUdZaePPqh/t7Ms6SvYJjG7LOj2fx1StbcmJd4hwoa5
8550kkEXoQ4gsBWCA95Uz+8nN2VtjIq1o2/N4/Tl/CZIKDrzqOtOksFS1wIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFI4JRzEKLB5uRHj5jWgrM2Z2wWTrMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvamdsSE1Rb3NIbTVFZVBtTmFDc3pabmJCWk9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAQCtBMAwD
BABAK0kDBAJAK0gDBAFAK14DBAJAK3gDBANNJEgDBAJtxewDBACwYFgDBAGwYFoD
BAPBJNAwDQYJKoZIhvcNAQELBQADggEBAGonvlQJA56/4j/I8L65W4KsuASLOOlR
uzrauIu01fxFeHotzx/B0HEz2ZMxvIhhGD+Fzoo1tprwbOr+EahNmZDe8Ox2K/lw
zdKWZjn1yswTx3f/dTlpe5CL9g1QfUkFJI5d5jS9E6tj1oso4pgO5sjLWuy4yC1B
Bdge12tohzYZ1Bm6SbAwAgvCpKvWmDOockMzYCTHIvFXgpwgf0+OUBLvy+PA6xrx
/YoYtfoUqBZNwWuojXOPItRP6ctlQmGplQ1Id9iPJkPWoKU97xeYvoB1KLGdyvIp
/8MHw7NMlbseUbtI8qW1SWPocJC+ZXAXkNBNDK98IWW6aEumUkZH9jU=
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:00:12 2025 by rpki-client