Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/U7piPZ7C4IDT1jNCKjsB7PIZjlo.roa
File: U7piPZ7C4IDT1jNCKjsB7PIZjlo.roa (raw, json)
Hash identifier: G+dDZh4rdavP8P4pzyt3QGP5LQimO35Dm2vr+LEXgOE=
Subject key identifier: 53:BA:62:3D:9E:C2:E0:80:D3:D6:33:42:2A:3B:01:EC:F2:19:8E:5A
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 0195F33C4B8AFB3B571BF67662739A196C96
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/U7piPZ7C4IDT1jNCKjsB7PIZjlo.roa
Signing time: Tue 01 Apr 2025 21:22:49 +0000
ROA not before: Tue 01 Apr 2025 21:22:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 5.157.136.0/24 maxlen: 24
5.157.139.0/24 maxlen: 24
5.157.160.0/22 maxlen: 22
37.35.36.0/24 maxlen: 24
37.35.37.0/24 maxlen: 24
37.35.39.0/24 maxlen: 24
62.216.92.0/24 maxlen: 24
62.216.93.0/24 maxlen: 24
91.225.14.0/24 maxlen: 24
91.225.15.0/24 maxlen: 24
91.235.123.0/24 maxlen: 24
146.66.208.0/24 maxlen: 24
146.66.209.0/24 maxlen: 24
146.66.212.0/22 maxlen: 22
146.66.212.0/23 maxlen: 23
146.66.212.0/24 maxlen: 24
146.66.213.0/24 maxlen: 24
146.66.214.0/24 maxlen: 24
146.66.215.0/24 maxlen: 24
146.66.220.0/24 maxlen: 24
146.66.221.0/24 maxlen: 24
146.66.222.0/24 maxlen: 24
146.66.223.0/24 maxlen: 24
178.157.76.0/24 maxlen: 24
178.157.94.0/24 maxlen: 24
178.157.108.0/24 maxlen: 24
178.157.110.0/24 maxlen: 24
178.157.124.0/24 maxlen: 24
178.157.126.0/24 maxlen: 24
185.76.60.0/24 maxlen: 24
185.76.62.0/24 maxlen: 24
188.74.128.0/24 maxlen: 24
188.74.130.0/24 maxlen: 24
188.74.152.0/24 maxlen: 24
188.74.155.0/24 maxlen: 24
188.74.171.0/24 maxlen: 24
188.74.181.0/24 maxlen: 24
188.74.190.0/24 maxlen: 24
188.74.208.0/24 maxlen: 24
188.74.209.0/24 maxlen: 24
188.74.212.0/22 maxlen: 22
188.74.245.0/24 maxlen: 24
188.119.165.0/24 maxlen: 24
188.119.166.0/24 maxlen: 24
188.119.181.0/24 maxlen: 24
188.119.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 20:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f3:3c:4b:8a:fb:3b:57:1b:f6:76:62:73:9a:19:6c:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Apr 1 21:22:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53ba623d9ec2e080d3d633422a3b01ecf2198e5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:f3:eb:36:9e:71:f7:1c:c8:55:33:b8:ca:e8:
15:4a:c6:0a:ae:c4:38:6c:df:6c:9f:57:c3:3d:32:
00:b5:82:eb:70:0d:ee:2c:34:36:86:fd:cd:7d:94:
4f:e0:ed:21:b5:ba:3f:f4:80:7f:ce:a2:c6:2d:5f:
b5:16:39:59:07:58:a8:12:0c:d0:5f:f1:7a:b2:2a:
e1:21:89:21:2c:31:d9:b5:40:40:7e:67:a2:1d:d6:
37:b9:e9:f8:62:dc:95:31:6d:2d:68:3c:e8:63:9a:
b1:a1:02:47:91:31:65:c3:ff:7d:5a:a6:a4:ce:4a:
f5:23:47:e3:3f:8e:11:61:fa:ec:20:dc:6b:fe:cd:
3e:47:f4:2d:7f:75:ef:02:9b:b3:78:f5:6c:3e:d3:
97:36:0a:f6:1a:a6:e6:cd:d2:a0:87:ab:8b:ef:53:
a2:87:e4:03:49:a6:0f:d1:af:b0:bd:69:c8:99:37:
27:81:6f:bc:f7:bc:42:56:75:7d:38:60:c4:78:21:
83:35:3d:58:48:52:74:48:59:e4:92:cd:aa:65:05:
95:ec:8e:89:a6:90:b4:90:1a:23:a6:d0:aa:dc:02:
a6:a6:cd:71:ae:c2:89:a7:47:a4:7d:bc:b7:00:39:
23:7b:4d:c6:0f:6b:a5:85:3e:9f:41:38:77:06:63:
fd:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:BA:62:3D:9E:C2:E0:80:D3:D6:33:42:2A:3B:01:EC:F2:19:8E:5A
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/U7piPZ7C4IDT1jNCKjsB7PIZjlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.136.0/24
5.157.139.0/24
5.157.160.0/22
37.35.36.0/23
37.35.39.0/24
62.216.92.0/23
91.225.14.0/23
91.235.123.0/24
146.66.208.0/23
146.66.212.0/22
146.66.220.0/22
178.157.76.0/24
178.157.94.0/24
178.157.108.0/24
178.157.110.0/24
178.157.124.0/24
178.157.126.0/24
185.76.60.0/24
185.76.62.0/24
188.74.128.0/24
188.74.130.0/24
188.74.152.0/24
188.74.155.0/24
188.74.171.0/24
188.74.181.0/24
188.74.190.0/24
188.74.208.0/23
188.74.212.0/22
188.74.245.0/24
188.119.165.0-188.119.166.255
188.119.181.0/24
188.119.190.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:00:75:40:9f:99:68:4a:d5:cd:cd:e7:1d:6f:c1:8f:31:2c:
03:0d:0b:8a:00:9f:fe:be:be:a5:95:50:e6:02:b0:2d:68:ff:
2d:70:25:ea:4b:93:d3:0f:7b:30:8b:db:fd:0c:2d:f5:74:a0:
60:05:3f:80:f3:3e:06:bb:f0:2e:bc:ff:b1:62:39:c7:e8:20:
89:0f:94:5d:fe:15:f2:06:9b:5d:eb:fe:5d:5e:32:5c:24:49:
3d:fa:50:e4:7e:f9:2d:ed:42:88:18:09:f9:ff:80:8d:1d:1b:
68:8b:bd:ee:5d:d3:2b:4c:d1:1c:33:e3:bd:86:3f:db:34:25:
fc:21:bf:c1:ab:ce:c1:8a:8e:c4:fc:b6:fb:e0:2d:55:d7:f8:
65:d7:c7:95:3e:6d:42:81:b3:1e:91:7b:47:4e:45:f1:e7:49:
46:47:2e:e4:f8:3c:db:bd:1c:15:50:2d:f7:bd:1a:49:6d:32:
f0:2a:97:70:29:ea:81:da:84:af:50:ff:e3:3a:85:0d:41:c6:
ec:57:3b:05:e2:69:92:52:0c:df:3b:05:9b:bf:6c:cd:fe:5c:
16:3e:31:d6:be:50:df:42:43:85:3e:fb:d2:3b:c4:c2:3c:29:
da:9c:5c:4f:3a:8c:3d:aa:d2:fb:aa:15:23:fc:32:2d:a4:b6:
bf:54:4b:f7
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAZXzPEuK+ztXG/Z2YnOaGWyWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjUwNDAxMjEyMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2JhNjIzZDllYzJlMDgwZDNkNjMzNDIyYTNiMDFlY2YyMTk4ZTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7vPrNp5x9xzIVTO4yugVSsYKrsQ4
bN9sn1fDPTIAtYLrcA3uLDQ2hv3NfZRP4O0htbo/9IB/zqLGLV+1FjlZB1ioEgzQ
X/F6sirhIYkhLDHZtUBAfmeiHdY3uen4YtyVMW0taDzoY5qxoQJHkTFlw/99Wqak
zkr1I0fjP44RYfrsINxr/s0+R/Qtf3XvApuzePVsPtOXNgr2GqbmzdKgh6uL71Oi
h+QDSaYP0a+wvWnImTcngW+897xCVnV9OGDEeCGDNT1YSFJ0SFnkks2qZQWV7I6J
ppC0kBojptCq3AKmps1xrsKJp0ekfby3ADkje03GD2ulhT6fQTh3BmP9EQIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFFO6Yj2ewuCA09YzQio7AezyGY5aMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvVTdwaVBaN0M0SURUMWpOQ0tqc0I3UElaamxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBzwQCAAEwgcgDBAAF
nYgDBAAFnYsDBAIFnaADBAElIyQDBAAlIycDBAE+2FwDBAFb4Q4DBABb63sDBAGS
QtADBAKSQtQDBAKSQtwDBACynUwDBACynV4DBACynWwDBACynW4DBACynXwDBACy
nX4DBAC5TDwDBAC5TD4DBAC8SoADBAC8SoIDBAC8SpgDBAC8SpsDBAC8SqsDBAC8
SrUDBAC8Sr4DBAG8StADBAK8StQDBAC8SvUwDAMEALx3pQMEALx3pgMEALx3tQME
ALx3vjANBgkqhkiG9w0BAQsFAAOCAQEAewB1QJ+ZaErVzc3nHW/BjzEsAw0LigCf
/r6+pZVQ5gKwLWj/LXAl6kuT0w97MIvb/Qwt9XSgYAU/gPM+BrvwLrz/sWI5x+gg
iQ+UXf4V8gabXev+XV4yXCRJPfpQ5H75Le1CiBgJ+f+AjR0baIu97l3TK0zRHDPj
vYY/2zQl/CG/wavOwYqOxPy2++AtVdf4ZdfHlT5tQoGzHpF7R05F8edJRkcu5Pg8
270cFVAt970aSW0y8CqXcCnqgdqEr1D/4zqFDUHG7Fc7BeJpklIM3zsFm79szf5c
Fj4x1r5Q30JDhT770jvEwjwp2pxcTzqMParS+6oVI/wyLaS2v1RL9w==
-----END CERTIFICATE-----
Generated at Thu Apr 17 06:23:20 2025 by rpki-client