Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/jmLpZgt6w1DxmzIlZks34p3OVgM.roa
File: jmLpZgt6w1DxmzIlZks34p3OVgM.roa (raw, json)
Hash identifier: 5uzJu8ACIA+dNIDBDmEGx58hJXucDiLZbLTQZOu6GlU=
Subject key identifier: 8E:62:E9:66:0B:7A:C3:50:F1:9B:32:25:66:4B:37:E2:9D:CE:56:03
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0195ED31F90BE285FB146C0F5998602766E3
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/jmLpZgt6w1DxmzIlZks34p3OVgM.roa
Signing time: Mon 31 Mar 2025 17:13:50 +0000
ROA not before: Mon 31 Mar 2025 17:13:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199959
IP address blocks: 45.43.147.0/24 maxlen: 24
45.43.152.0/24 maxlen: 24
64.137.54.0/24 maxlen: 24
64.137.111.0/24 maxlen: 24
104.222.191.0/24 maxlen: 24
104.233.56.0/24 maxlen: 24
104.233.58.0/24 maxlen: 24
104.238.24.0/24 maxlen: 24
104.238.28.0/24 maxlen: 24
104.239.66.0/24 maxlen: 24
104.239.74.0/24 maxlen: 24
104.239.79.0/24 maxlen: 24
104.239.83.0/24 maxlen: 24
104.239.89.0/24 maxlen: 24
104.239.100.0/24 maxlen: 24
104.239.102.0/24 maxlen: 24
104.239.109.0/24 maxlen: 24
104.239.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ed:31:f9:0b:e2:85:fb:14:6c:0f:59:98:60:27:66:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Mar 31 17:13:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e62e9660b7ac350f19b3225664b37e29dce5603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:6e:5f:fa:0d:c3:46:3b:c0:19:5c:32:68:f0:
64:32:73:08:cc:31:69:cb:d6:d0:81:35:21:18:b5:
14:f0:40:07:85:92:e3:c4:11:6b:3f:5a:ea:42:4e:
82:fa:bb:74:20:a7:1f:9b:6b:77:77:14:f1:9a:e6:
5a:94:73:55:b1:39:06:cd:1c:f1:b2:e4:83:68:dc:
8a:8f:c4:64:75:e2:6b:bc:92:5a:32:92:a9:67:ab:
ce:63:ca:6c:21:45:dc:da:a0:f6:7c:44:c1:1e:3f:
f9:3c:0e:af:77:4b:35:b0:b8:86:aa:7d:9a:49:3f:
a0:d6:b1:c4:85:06:6e:2e:4e:90:b4:c2:fe:b6:54:
d7:08:83:3b:9f:a6:0b:7b:66:ec:05:5a:b9:07:ec:
da:8f:58:6f:d4:59:25:60:e7:20:42:bf:c8:35:43:
75:74:37:0c:c4:ec:6c:e7:f5:1e:bb:74:86:4b:d9:
58:91:b6:4e:fa:63:c3:60:a5:dd:2a:5a:fc:1a:ab:
a5:31:c4:78:30:f3:9e:22:25:6e:57:78:34:0b:f7:
60:e0:da:df:89:23:be:2e:09:c2:6f:0b:dd:34:fc:
9c:a3:8f:11:f3:c9:dd:e5:1c:be:2c:33:aa:48:c4:
8e:66:a4:65:82:85:48:77:b9:2d:df:51:e0:fb:19:
46:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:62:E9:66:0B:7A:C3:50:F1:9B:32:25:66:4B:37:E2:9D:CE:56:03
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/jmLpZgt6w1DxmzIlZks34p3OVgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.147.0/24
45.43.152.0/24
64.137.54.0/24
64.137.111.0/24
104.222.191.0/24
104.233.56.0/24
104.233.58.0/24
104.238.24.0/24
104.238.28.0/24
104.239.66.0/24
104.239.74.0/24
104.239.79.0/24
104.239.83.0/24
104.239.89.0/24
104.239.100.0/24
104.239.102.0/24
104.239.109.0/24
104.239.127.0/24
Signature Algorithm: sha256WithRSAEncryption
59:13:3d:91:e3:85:1e:c7:a4:72:c9:de:09:a4:2a:79:e4:98:
73:0b:6d:06:1a:3b:50:b4:67:9e:26:e8:36:05:10:07:5f:55:
7c:d3:4b:50:a3:91:23:7e:b4:78:fd:a6:32:5e:8d:81:6a:3e:
f0:fb:77:97:59:67:3d:6e:7b:3d:9a:95:04:c1:71:07:8e:80:
6f:f2:44:7a:1a:90:cd:1b:e9:99:18:3a:cb:3c:ea:f8:e2:c0:
93:a7:50:c8:c8:f4:07:8b:58:ce:69:7a:7c:70:73:90:f3:3d:
49:87:8a:6b:fd:eb:85:de:9f:42:02:a0:34:9b:3d:f8:99:db:
de:25:f7:e0:65:af:61:3a:34:bd:21:69:30:33:eb:32:6c:99:
cf:b4:33:e3:c7:b2:9d:b1:d6:ea:05:8b:4e:33:cf:b3:49:50:
c9:dc:fb:43:53:0f:d0:e5:8c:46:ac:f6:84:78:77:6c:65:9b:
e7:fc:b5:b9:79:b5:db:05:69:a8:31:7c:22:63:2a:90:58:d5:
ef:64:cb:6c:73:94:ca:0e:1a:82:9c:a5:01:c7:f8:6f:01:7f:
63:50:ef:05:ca:09:21:b7:b9:f1:9a:96:8e:aa:18:d2:01:be:
ec:60:92:7f:e0:61:8f:23:d2:78:65:68:89:29:12:e4:19:ee:
53:9c:30:37
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZXtMfkL4oX7FGwPWZhgJ2bjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwMzMxMTcxMzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTYyZTk2NjBiN2FjMzUwZjE5YjMyMjU2NjRiMzdlMjlkY2U1NjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy25f+g3DRjvAGVwyaPBkMnMIzDFp
y9bQgTUhGLUU8EAHhZLjxBFrP1rqQk6C+rt0IKcfm2t3dxTxmuZalHNVsTkGzRzx
suSDaNyKj8RkdeJrvJJaMpKpZ6vOY8psIUXc2qD2fETBHj/5PA6vd0s1sLiGqn2a
ST+g1rHEhQZuLk6QtML+tlTXCIM7n6YLe2bsBVq5B+zaj1hv1FklYOcgQr/INUN1
dDcMxOxs5/Ueu3SGS9lYkbZO+mPDYKXdKlr8GqulMcR4MPOeIiVuV3g0C/dg4Nrf
iSO+LgnCbwvdNPyco48R88nd5Ry+LDOqSMSOZqRlgoVId7kt31Hg+xlGLQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFI5i6WYLesNQ8ZsyJWZLN+KdzlYDMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvam1McFpndDZ3MUR4bXpJbFprczM0cDNPVmdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAC0rkwME
AC0rmAMEAECJNgMEAECJbwMEAGjevwMEAGjpOAMEAGjpOgMEAGjuGAMEAGjuHAME
AGjvQgMEAGjvSgMEAGjvTwMEAGjvUwMEAGjvWQMEAGjvZAMEAGjvZgMEAGjvbQME
AGjvfzANBgkqhkiG9w0BAQsFAAOCAQEAWRM9keOFHsekcsneCaQqeeSYcwttBho7
ULRnniboNgUQB19VfNNLUKORI360eP2mMl6NgWo+8Pt3l1lnPW57PZqVBMFxB46A
b/JEehqQzRvpmRg6yzzq+OLAk6dQyMj0B4tYzml6fHBzkPM9SYeKa/3rhd6fQgKg
NJs9+Jnb3iX34GWvYTo0vSFpMDPrMmyZz7Qz48eynbHW6gWLTjPPs0lQydz7Q1MP
0OWMRqz2hHh3bGWb5/y1uXm12wVpqDF8ImMqkFjV72TLbHOUyg4agpylAcf4bwF/
Y1DvBcoJIbe58ZqWjqoY0gG+7GCSf+BhjyPSeGVoiSkS5BnuU5wwNw==
-----END CERTIFICATE-----
Generated at Mon Apr 28 03:29:39 2025 by rpki-client