Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/pGyrVjaYEWdF4Mn9rW2Oerqiyws.roa
File: pGyrVjaYEWdF4Mn9rW2Oerqiyws.roa (raw, json)
Hash identifier: vBioStPy90zbLj92TwCNOfx857eYLji/BHsbMcUDgWQ=
Subject key identifier: A4:6C:AB:56:36:98:11:67:45:E0:C9:FD:AD:6D:8E:7A:BA:A2:CB:0B
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019754EBA3DDA70A30FED3879F838AAFF4FE
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/pGyrVjaYEWdF4Mn9rW2Oerqiyws.roa
Signing time: Mon 09 Jun 2025 13:40:18 +0000
ROA not before: Mon 09 Jun 2025 13:40:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5511
IP address blocks: 107.150.169.0/24 maxlen: 24
107.150.173.0/24 maxlen: 24
124.198.140.0/22 maxlen: 24
162.218.177.0/24 maxlen: 24
162.218.178.0/24 maxlen: 24
163.47.104.0/22 maxlen: 24
167.160.1.0/24 maxlen: 24
167.160.2.0/24 maxlen: 24
185.192.213.0/24 maxlen: 24
185.192.214.0/24 maxlen: 24
185.203.149.0/24 maxlen: 24
185.203.150.0/24 maxlen: 24
185.212.173.0/24 maxlen: 24
185.212.174.0/24 maxlen: 24
202.49.244.0/22 maxlen: 24
202.50.124.0/22 maxlen: 24
203.188.176.0/22 maxlen: 24
203.188.184.0/22 maxlen: 24
203.188.188.0/24 maxlen: 24
212.32.51.0/24 maxlen: 24
212.32.70.0/24 maxlen: 24
212.32.77.0/24 maxlen: 24
212.32.78.0/23 maxlen: 24
212.56.51.0/24 maxlen: 24
212.56.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Jun 2025 10:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:54:eb:a3:dd:a7:0a:30:fe:d3:87:9f:83:8a:af:f4:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jun 9 13:40:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a46cab563698116745e0c9fdad6d8e7abaa2cb0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:80:11:84:0a:ac:37:88:bc:95:95:4e:06:b9:
36:68:9c:61:ca:d4:de:46:f9:a7:20:9e:6e:e6:7e:
41:a8:d1:2c:e5:48:03:3f:1b:3f:d0:79:17:14:32:
26:07:45:92:ef:f9:44:f4:29:85:32:6a:a9:c9:46:
7e:c0:ec:49:86:bd:8c:49:5e:dd:41:d1:c4:03:1a:
a1:12:13:c1:2d:ea:1f:50:31:c1:d9:19:04:2a:18:
5b:2d:2f:8a:39:8a:0b:10:07:98:ab:76:b2:59:80:
ea:ab:4e:44:86:2a:5b:31:80:e9:59:b1:49:a2:ef:
27:5e:ea:c7:bf:24:b0:af:04:e8:b4:d1:eb:c7:77:
8a:fa:bf:e1:b7:99:24:17:61:56:06:5f:4b:7c:a0:
d2:5f:2a:59:7e:35:c3:d8:52:4f:9f:84:66:13:74:
d7:c1:b7:df:d4:ae:13:fe:6d:14:c3:c0:f4:3c:50:
3d:26:90:79:97:64:87:61:63:92:a8:48:d1:b1:68:
ac:38:12:27:28:31:54:83:04:91:66:a5:65:19:7f:
d8:8d:0a:93:c0:b7:d0:ff:27:a6:5d:f5:33:78:03:
ff:a7:b1:37:1a:f9:d5:cb:60:d8:1d:9f:e0:c9:bc:
89:f5:14:f1:d2:3c:91:8f:2b:7a:e8:a3:54:06:5e:
16:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:6C:AB:56:36:98:11:67:45:E0:C9:FD:AD:6D:8E:7A:BA:A2:CB:0B
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/pGyrVjaYEWdF4Mn9rW2Oerqiyws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
107.150.169.0/24
107.150.173.0/24
124.198.140.0/22
162.218.177.0-162.218.178.255
163.47.104.0/22
167.160.1.0-167.160.2.255
185.192.213.0-185.192.214.255
185.203.149.0-185.203.150.255
185.212.173.0-185.212.174.255
202.49.244.0/22
202.50.124.0/22
203.188.176.0/22
203.188.184.0-203.188.188.255
212.32.51.0/24
212.32.70.0/24
212.32.77.0-212.32.79.255
212.56.51.0/24
212.56.55.0/24
Signature Algorithm: sha256WithRSAEncryption
31:84:ec:b8:c4:7b:c1:aa:6d:25:56:00:79:26:60:e6:80:c0:
39:6f:5c:2e:5f:ed:31:d8:cf:37:b2:b9:2f:a6:b1:e4:42:9e:
68:53:85:45:da:4c:cd:ff:83:ca:cb:94:26:1d:a0:1a:8d:22:
7a:ab:8c:55:ba:a7:13:58:d1:53:cd:85:0e:ec:0e:b6:d9:94:
6b:65:fd:3a:b4:58:06:be:d8:a2:b4:b6:a1:2e:f9:b2:df:17:
81:95:6d:6a:98:96:72:64:c6:ba:db:94:d4:f1:f0:1a:60:f4:
c5:c9:f8:0b:29:3f:ce:26:1d:cc:e3:3b:42:73:c1:f3:b0:5b:
fc:73:85:34:4c:03:c6:ce:7d:1c:63:dd:4f:a0:9b:99:8e:6f:
fa:03:6b:a1:73:a3:c7:87:8f:eb:69:c9:ee:c7:d9:f1:13:c8:
60:26:e0:02:58:c7:e1:57:74:5d:a7:cb:ad:3a:4d:23:a9:1c:
07:40:31:c9:70:b9:27:93:6f:71:ad:d6:fb:81:1d:88:82:45:
8d:f8:0f:48:b4:ae:46:6c:ac:c7:ca:2e:31:99:f0:af:c8:2d:
54:f6:a0:c7:d3:ab:47:dd:d8:61:67:10:f0:8a:f8:7f:7c:b5:
0c:1c:dc:15:b7:b9:3b:bd:74:6b:85:9e:d7:c0:ab:c3:e0:35:
cd:bf:ed:ae
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAZdU66Pdpwow/tOHn4OKr/T+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwNjA5MTM0MDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDZjYWI1NjM2OTgxMTY3NDVlMGM5ZmRhZDZkOGU3YWJhYTJjYjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5oARhAqsN4i8lZVOBrk2aJxhytTe
RvmnIJ5u5n5BqNEs5UgDPxs/0HkXFDImB0WS7/lE9CmFMmqpyUZ+wOxJhr2MSV7d
QdHEAxqhEhPBLeofUDHB2RkEKhhbLS+KOYoLEAeYq3ayWYDqq05EhipbMYDpWbFJ
ou8nXurHvySwrwTotNHrx3eK+r/ht5kkF2FWBl9LfKDSXypZfjXD2FJPn4RmE3TX
wbff1K4T/m0Uw8D0PFA9JpB5l2SHYWOSqEjRsWisOBInKDFUgwSRZqVlGX/YjQqT
wLfQ/yemXfUzeAP/p7E3GvnVy2DYHZ/gybyJ9RTx0jyRjyt66KNUBl4WAwIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFKRsq1Y2mBFnReDJ/a1tjnq6ossLMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvcEd5clZqYVlFV2RGNE1uOXJXMk9lcnFpeXdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQDBABr
lqkDBABrlq0DBAJ8xowwDAMEAKLasQMEAKLasgMEAqMvaDAMAwQAp6ABAwQAp6AC
MAwDBAC5wNUDBAC5wNYwDAMEALnLlQMEALnLljAMAwQAudStAwQAudSuAwQCyjH0
AwQCyjJ8AwQCy7ywMAwDBAPLvLgDBADLvLwDBADUIDMDBADUIEYwDAMEANQgTQME
BNQgQAMEANQ4MwMEANQ4NzANBgkqhkiG9w0BAQsFAAOCAQEAMYTsuMR7waptJVYA
eSZg5oDAOW9cLl/tMdjPN7K5L6ax5EKeaFOFRdpMzf+DysuUJh2gGo0iequMVbqn
E1jRU82FDuwOttmUa2X9OrRYBr7YorS2oS75st8XgZVtapiWcmTGutuU1PHwGmD0
xcn4Cyk/ziYdzOM7QnPB87Bb/HOFNEwDxs59HGPdT6CbmY5v+gNroXOjx4eP62nJ
7sfZ8RPIYCbgAljH4Vd0XafLrTpNI6kcB0AxyXC5J5Nvca3W+4EdiIJFjfgPSLSu
Rmysx8ouMZnwr8gtVPagx9OrR93YYWcQ8Ir4f3y1DBzcFbe5O710a4We18Crw+A1
zb/trg==
-----END CERTIFICATE-----
Generated at Thu Jun 19 17:55:13 2025 by rpki-client