Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dkJ2VFMXncfHGCbSVvF29aYo8QY.roa
File: dkJ2VFMXncfHGCbSVvF29aYo8QY.roa (raw, json)
Hash identifier: pqmTfvxdUijWmk17LFQwcAbizePu9dDgiFCl4T49SpQ=
Subject key identifier: 76:42:76:54:53:17:9D:C7:C7:18:26:D2:56:F1:76:F5:A6:28:F1:06
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01958A3D55BF7066D08CA0F09A980EE4D26B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dkJ2VFMXncfHGCbSVvF29aYo8QY.roa
Signing time: Wed 12 Mar 2025 12:03:50 +0000
ROA not before: Wed 12 Mar 2025 12:03:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58057
IP address blocks: 45.136.136.0/24 maxlen: 24
45.136.137.0/24 maxlen: 24
45.136.139.0/24 maxlen: 24
185.102.84.0/24 maxlen: 24
185.232.117.0/24 maxlen: 24
193.33.94.0/23 maxlen: 24
193.163.86.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
2a04:ccc0:ffff::/48 maxlen: 48
2a04:ccc1::/32 maxlen: 48
2a04:ccc3::/32 maxlen: 48
2a04:ccc4::/32 maxlen: 48
2a04:ccc5::/32 maxlen: 48
2a04:ccc6::/32 maxlen: 48
2a04:ccc7::/32 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0c:3b80::/32 maxlen: 48
2a0c:3b81::/32 maxlen: 48
2a0c:3b82::/32 maxlen: 48
2a0c:3b83::/32 maxlen: 48
2a0c:3b84::/32 maxlen: 48
2a0c:3b85::/32 maxlen: 48
2a0c:3b86::/32 maxlen: 48
2a0e:97c0:1d0::/44 maxlen: 44
2a0e:97c0:260::/44 maxlen: 44
2a0e:97c1:200::/40 maxlen: 48
2a0e:97c3:110::/44 maxlen: 48
2a0e:97c4:120::/44 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a0e:b107:1165::/48 maxlen: 48
2a0e:b107:1786::/48 maxlen: 48
2a0e:b107:21c0::/45 maxlen: 48
2a0e:b107:2220::/45 maxlen: 48
2a0e:b107:2228::/45 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a10:2f00:18d::/48 maxlen: 48
2a10:2f00:18f::/48 maxlen: 48
2a10:2f00:193::/48 maxlen: 48
2a10:cc40:250::/44 maxlen: 48
2a10:cc45:130::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 09:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8a:3d:55:bf:70:66:d0:8c:a0:f0:9a:98:0e:e4:d2:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 12 12:03:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7642765453179dc7c71826d256f176f5a628f106
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:97:db:60:5b:e2:77:69:86:cb:6e:39:f1:ac:
af:93:92:77:6e:f5:78:07:40:03:99:50:f8:b4:7e:
04:93:18:4b:67:87:52:be:4c:ef:28:79:ad:df:0b:
f7:57:76:2b:a0:10:47:70:7f:f1:9d:f9:c0:89:fe:
cc:c9:5b:fd:db:21:d3:54:af:e7:01:b4:43:df:b6:
72:01:96:7a:20:03:a5:2c:1e:da:6f:e2:bd:ba:ec:
5a:4b:8c:40:90:25:29:b4:97:6c:a8:e4:f9:73:3e:
42:6b:29:c6:42:3c:6b:78:4d:6f:36:a9:95:ed:84:
28:58:77:31:be:52:cd:95:4b:4b:cf:97:32:1a:30:
d4:ab:f6:d6:f9:2a:f4:49:b6:e7:5e:1f:f7:88:bc:
fd:67:32:d9:93:95:62:2a:cc:84:a6:9c:08:65:92:
53:32:a9:f9:e3:b9:37:86:dc:3e:a5:b8:43:4c:24:
2f:ed:94:d3:dc:25:94:6e:0f:1a:43:6b:76:87:dc:
18:90:54:4e:9d:73:0e:ef:b3:02:19:9d:ec:41:00:
11:aa:cc:07:97:dd:82:90:8d:56:cd:a7:ca:33:e4:
34:a0:a5:bd:81:a5:e4:5d:a7:8f:ef:bc:bc:55:aa:
35:24:d1:97:78:36:b8:3a:16:44:59:bb:fc:19:4d:
e8:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:42:76:54:53:17:9D:C7:C7:18:26:D2:56:F1:76:F5:A6:28:F1:06
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dkJ2VFMXncfHGCbSVvF29aYo8QY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.136.0/23
45.136.139.0/24
185.102.84.0/24
185.232.117.0/24
193.33.94.0/23
193.163.86.0/24
194.50.92.0/24
IPv6:
2a04:ccc0:ffff::-2a04:ccc1:ffff:ffff:ffff:ffff:ffff:ffff
2a04:ccc3::-2a04:ccc7:ffff:ffff:ffff:ffff:ffff:ffff
2a09:4c0::/29
2a0c:3b80::-2a0c:3b86:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:1d0::/44
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c3:110::/44
2a0e:97c4:120::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0e:b107:21c0::/45
2a0e:b107:2220::/44
2a0f:e404:102::/48
2a10:2f00:18d::/48
2a10:2f00:18f::/48
2a10:2f00:193::/48
2a10:cc40:250::/44
2a10:cc45:130::/44
Signature Algorithm: sha256WithRSAEncryption
95:7f:b3:aa:5e:f3:b5:d6:b7:09:7e:5f:df:8c:6a:e2:3c:9d:
3c:92:50:1d:bd:6e:84:86:5b:6b:77:2a:d4:cc:75:75:8b:16:
d3:00:a0:b9:ed:7d:dd:0f:2d:ba:c3:3d:5e:92:5c:de:83:23:
4d:cc:96:e1:71:cf:a7:46:83:51:2a:db:0d:c2:86:95:0e:ba:
ca:6b:6d:a6:2e:1e:79:86:72:c0:01:72:b6:61:1e:98:50:ba:
2a:69:29:8d:7d:bd:78:08:f5:bf:9b:f3:a0:ad:31:01:e1:3a:
bc:be:f8:67:1f:13:4c:73:cd:9d:b5:65:72:c8:0b:36:07:0e:
ca:41:98:b2:a5:43:09:20:1e:ef:03:48:06:e7:01:9b:90:9a:
46:96:c3:81:0d:c2:e3:3b:f1:ce:7f:21:10:be:e5:9b:48:1a:
ce:75:40:6f:b7:80:4e:7a:14:de:dd:11:48:43:84:24:1e:60:
5a:ba:91:59:ba:2a:8f:e9:a2:68:71:78:2e:ef:c6:09:f5:6e:
02:37:df:f4:3e:1b:cf:50:46:03:38:cc:a3:4d:95:8a:b0:ba:
5b:db:7d:9c:34:71:a5:6b:d1:63:3c:ca:b0:cb:fc:00:fd:b6:
84:5b:84:6f:b5:c0:3c:21:a7:70:fa:c6:c2:4d:46:fe:08:76:
1d:ab:c2:5c
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgISAZWKPVW/cGbQjKDwmpgO5NJrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMzEyMTIwMzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjQyNzY1NDUzMTc5ZGM3YzcxODI2ZDI1NmYxNzZmNWE2MjhmMTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ZfbYFvid2mGy2458ayvk5J3bvV4
B0ADmVD4tH4EkxhLZ4dSvkzvKHmt3wv3V3YroBBHcH/xnfnAif7MyVv92yHTVK/n
AbRD37ZyAZZ6IAOlLB7ab+K9uuxaS4xAkCUptJdsqOT5cz5CaynGQjxreE1vNqmV
7YQoWHcxvlLNlUtLz5cyGjDUq/bW+Sr0SbbnXh/3iLz9ZzLZk5ViKsyEppwIZZJT
Mqn547k3htw+pbhDTCQv7ZTT3CWUbg8aQ2t2h9wYkFROnXMO77MCGZ3sQQARqswH
l92CkI1WzafKM+Q0oKW9gaXkXaeP77y8Vao1JNGXeDa4OhZEWbv8GU3oxQIDAQAB
o4IDBTCCAwEwHQYDVR0OBBYEFHZCdlRTF53Hxxgm0lbxdvWmKPEGMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZGtKMlZGTVhuY2ZIR0NiU1Z2RjI5YVlvOFFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGQYIKwYBBQUHAQcBAf8EggEIMIIBBDAwBAIAATAqAwQB
LYiIAwQALYiLAwQAuWZUAwQAueh1AwQBwSFeAwQAwaNWAwQAwjJcMIHPBAIAAjCB
yDAQAwcAKgTMwP//AwUBKgTMwDAOAwUAKgTMwwMFAyoEzMADBQMqCQTAMA4DBQcq
DDuAAwUAKgw7hgMHBCoOl8AB0AMHBCoOl8ACYAMGACoOl8ECAwcEKg6XwwEQAwcE
Kg6XxAEgAwcAKg6xBwnyAwcAKg6xBxFlAwcAKg6xBxeGAwcDKg6xByHAAwcEKg6x
ByIgAwcAKg/kBAECAwcAKhAvAAGNAwcAKhAvAAGPAwcAKhAvAAGTAwcEKhDMQAJQ
AwcEKhDMRQEwMA0GCSqGSIb3DQEBCwUAA4IBAQCVf7OqXvO11rcJfl/fjGriPJ08
klAdvW6EhltrdyrUzHV1ixbTAKC57X3dDy26wz1eklzegyNNzJbhcc+nRoNRKtsN
woaVDrrKa22mLh55hnLAAXK2YR6YULoqaSmNfb14CPW/m/OgrTEB4Tq8vvhnHxNM
c82dtWVyyAs2Bw7KQZiypUMJIB7vA0gG5wGbkJpGlsOBDcLjO/HOfyEQvuWbSBrO
dUBvt4BOehTe3RFIQ4QkHmBaupFZuiqP6aJocXgu78YJ9W4CN9/0PhvPUEYDOMyj
TZWKsLpb232cNHGla9FjPMqwy/wA/baEW4RvtcA8Iadw+sbCTUb+CHYdq8Jc
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:34:53 2025 by rpki-client