Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/gA-eg7J3btylhPCsKFYTBsfjagc.roa
File: gA-eg7J3btylhPCsKFYTBsfjagc.roa (raw, json)
Hash identifier: XYivuioibF+wT4A494DJkhByH4TsXzIp+9fnkre0cJM=
Subject key identifier: 80:0F:9E:83:B2:77:6E:DC:A5:84:F0:AC:28:56:13:06:C7:E3:6A:07
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 0196ED9BC3BFEACBDF9060957E69A6AED5C8
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/gA-eg7J3btylhPCsKFYTBsfjagc.roa
Signing time: Tue 20 May 2025 12:12:10 +0000
ROA not before: Tue 20 May 2025 12:12:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202553
IP address blocks: 147.181.4.0/22 maxlen: 24
147.181.8.0/22 maxlen: 24
147.181.12.0/22 maxlen: 24
147.181.16.0/23 maxlen: 24
147.181.32.0/22 maxlen: 24
147.181.36.0/22 maxlen: 24
147.181.44.0/22 maxlen: 24
147.181.48.0/22 maxlen: 22
147.181.52.0/22 maxlen: 22
2a04:9a00:1001::/48 maxlen: 48
2a04:9a00:1002::/48 maxlen: 48
2a04:9a00:1003::/48 maxlen: 48
2a04:9a00:1005::/48 maxlen: 48
2a04:9a00:1006::/48 maxlen: 48
2a04:9a00:1007::/48 maxlen: 48
2a04:9a00:100e::/48 maxlen: 48
2a04:9a05:1000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ed:9b:c3:bf:ea:cb:df:90:60:95:7e:69:a6:ae:d5:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: May 20 12:12:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=800f9e83b2776edca584f0ac28561306c7e36a07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e3:55:81:62:22:a9:6e:06:ce:55:92:f9:53:
f6:79:20:52:88:dd:ab:81:03:88:0a:40:39:b5:22:
26:c3:a1:d4:1b:3a:9d:53:b6:e4:8e:2c:17:54:f0:
81:45:84:03:b2:c8:b2:bb:54:d6:ac:5d:37:aa:f1:
27:a8:42:81:7d:8b:7e:34:81:18:47:c8:d1:30:85:
3a:73:85:7c:d0:04:f0:75:2c:10:96:ce:d0:fa:43:
ca:e5:16:56:14:4a:a0:e5:77:fc:8a:7c:f1:67:d5:
c1:71:ee:33:7f:68:6e:d3:86:dc:a3:b1:e3:e4:12:
bc:e3:c4:c9:68:5a:21:17:36:67:65:a6:58:49:9f:
69:90:0f:ca:56:26:29:33:96:85:38:92:74:5c:91:
19:ba:b5:7c:93:5d:b3:6e:14:67:35:d0:fc:24:85:
81:f4:20:61:25:5b:f8:fa:ac:89:7b:1f:53:15:ec:
ee:0d:bc:f3:9a:89:f9:4c:9e:db:23:6e:db:8c:0a:
fb:13:f0:e1:80:ed:af:c0:4b:96:ff:b7:b0:29:b0:
46:c7:45:72:db:68:b5:84:40:9e:43:3a:b7:61:7e:
84:bb:35:c4:77:57:6e:53:cf:e5:c9:bf:37:3c:d0:
b1:d4:0b:57:e4:cc:bb:a6:0c:34:16:14:58:ae:bb:
c8:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:0F:9E:83:B2:77:6E:DC:A5:84:F0:AC:28:56:13:06:C7:E3:6A:07
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/gA-eg7J3btylhPCsKFYTBsfjagc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.181.4.0-147.181.17.255
147.181.32.0/21
147.181.44.0-147.181.55.255
IPv6:
2a04:9a00:1001::-2a04:9a00:1003:ffff:ffff:ffff:ffff:ffff
2a04:9a00:1005::-2a04:9a00:1007:ffff:ffff:ffff:ffff:ffff
2a04:9a00:100e::/48
2a04:9a05:1000::/36
Signature Algorithm: sha256WithRSAEncryption
73:87:7f:84:af:dd:8b:9c:35:10:25:b1:ab:1b:ce:12:83:dd:
4c:ae:e2:e7:d9:d3:f5:b5:17:ed:74:19:27:2a:82:24:19:96:
e5:aa:75:8c:4a:9d:d1:eb:e0:c8:dc:aa:f8:b9:e1:75:01:94:
5b:28:39:df:04:d7:06:cb:d8:b9:2f:c3:88:74:8f:81:3e:ba:
74:80:6d:fb:af:94:41:54:2d:35:7b:9f:d1:2d:57:2c:05:31:
9b:a5:d2:21:b2:7b:5b:0d:23:59:a4:f0:99:0b:6a:13:fe:c5:
0d:f3:05:11:d8:69:75:7b:55:cc:61:9d:64:2a:9f:98:82:3a:
c0:5e:88:d8:47:a1:16:0a:c4:08:69:51:bf:ef:f3:8c:aa:56:
42:79:25:e4:e7:f1:b6:c5:b1:98:36:f7:00:a9:46:a4:27:cd:
94:61:6f:0d:4f:e4:31:53:1d:88:3e:82:38:9e:e7:bd:9b:e2:
33:9f:d3:77:99:ce:2b:13:3f:3c:22:c8:c9:c0:27:19:94:5b:
6e:8b:dd:58:53:92:2b:52:ca:3a:3c:f1:e0:b6:c7:74:51:0d:
11:20:6b:92:5f:a4:cf:b8:a4:cb:63:0a:12:9c:77:1e:86:96:
51:f7:0b:d5:4e:85:af:c3:19:a0:3b:a2:66:57:e2:b8:c8:9d:
8e:25:4a:6e
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAZbtm8O/6svfkGCVfmmmrtXIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjUwNTIwMTIxMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDBmOWU4M2IyNzc2ZWRjYTU4NGYwYWMyODU2MTMwNmM3ZTM2YTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuNVgWIiqW4GzlWS+VP2eSBSiN2r
gQOICkA5tSImw6HUGzqdU7bkjiwXVPCBRYQDssiyu1TWrF03qvEnqEKBfYt+NIEY
R8jRMIU6c4V80ATwdSwQls7Q+kPK5RZWFEqg5Xf8inzxZ9XBce4zf2hu04bco7Hj
5BK848TJaFohFzZnZaZYSZ9pkA/KViYpM5aFOJJ0XJEZurV8k12zbhRnNdD8JIWB
9CBhJVv4+qyJex9TFezuDbzzmon5TJ7bI27bjAr7E/DhgO2vwEuW/7ewKbBGx0Vy
22i1hECeQzq3YX6EuzXEd1duU8/lyb83PNCx1AtX5My7pgw0FhRYrrvI3wIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFIAPnoOyd27cpYTwrChWEwbH42oHMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvZ0EtZWc3SjNidHlsaFBDc0tGWVRCc2ZqYWdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazAoBAIAATAiMAwDBAKTtQQD
BAGTtRADBAOTtSAwDAMEApO1LAMEA5O1MDA/BAIAAjA5MBIDBwAqBJoAEAEDBwIq
BJoAEAAwEgMHACoEmgAQBQMHAyoEmgAQAAMHACoEmgAQDgMGBCoEmgUQMA0GCSqG
SIb3DQEBCwUAA4IBAQBzh3+Er92LnDUQJbGrG84Sg91MruLn2dP1tRftdBknKoIk
GZblqnWMSp3R6+DI3Kr4ueF1AZRbKDnfBNcGy9i5L8OIdI+BPrp0gG37r5RBVC01
e5/RLVcsBTGbpdIhsntbDSNZpPCZC2oT/sUN8wUR2Gl1e1XMYZ1kKp+YgjrAXojY
R6EWCsQIaVG/7/OMqlZCeSXk5/G2xbGYNvcAqUakJ82UYW8NT+QxUx2IPoI4nue9
m+Izn9N3mc4rEz88IsjJwCcZlFtui91YU5IrUso6PPHgtsd0UQ0RIGuSX6TPuKTL
YwoSnHcehpZR9wvVToWvwxmgO6JmV+K4yJ2OJUpu
-----END CERTIFICATE-----
Generated at Sun Jun 15 03:55:37 2025 by rpki-client