Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/rmHfmmvjl7jABeAprbT8TsL5z-w.roa
File: rmHfmmvjl7jABeAprbT8TsL5z-w.roa (raw, json)
Hash identifier: FS8E/IqXNYoKdTt8oy59jcciRhklZrO8cwevfEE9wgE=
Subject key identifier: AE:61:DF:9A:6B:E3:97:B8:C0:05:E0:29:AD:B4:FC:4E:C2:F9:CF:EC
Certificate issuer: /CN=297c508d23b38315bbf45b726d22050a46127b8c
Certificate serial: 0196CE164E0D292F6532CDB1AE9AB7240A7E
Authority key identifier: 29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/rmHfmmvjl7jABeAprbT8TsL5z-w.roa
Signing time: Wed 14 May 2025 09:18:10 +0000
ROA not before: Wed 14 May 2025 09:18:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34177
IP address blocks: 5.133.68.0/22 maxlen: 22
62.193.32.0/19 maxlen: 19
62.244.84.0/22 maxlen: 22
62.244.86.0/23 maxlen: 23
62.244.88.0/23 maxlen: 23
62.244.89.0/24 maxlen: 24
62.244.96.0/22 maxlen: 22
62.244.112.0/22 maxlen: 22
62.244.117.0/24 maxlen: 24
62.244.119.0/24 maxlen: 24
78.31.40.0/21 maxlen: 21
78.109.240.0/20 maxlen: 20
80.245.16.0/20 maxlen: 20
82.210.0.0/19 maxlen: 19
82.210.32.0/19 maxlen: 19
83.118.192.0/19 maxlen: 19
83.142.144.0/21 maxlen: 21
84.239.64.0/18 maxlen: 24
91.90.96.0/21 maxlen: 21
94.228.176.0/20 maxlen: 20
95.141.96.0/20 maxlen: 20
141.101.56.0/21 maxlen: 24
159.180.224.0/19 maxlen: 19
176.57.32.0/21 maxlen: 21
178.16.160.0/20 maxlen: 20
185.4.44.0/22 maxlen: 24
185.5.108.0/22 maxlen: 22
185.10.176.0/22 maxlen: 24
185.18.208.0/22 maxlen: 22
185.19.48.0/22 maxlen: 22
185.41.4.0/22 maxlen: 22
185.47.240.0/22 maxlen: 24
185.81.52.0/22 maxlen: 22
185.132.116.0/22 maxlen: 22
185.137.254.0/23 maxlen: 24
185.156.80.0/22 maxlen: 22
185.163.28.0/22 maxlen: 22
185.171.156.0/22 maxlen: 22
185.180.244.0/22 maxlen: 22
185.191.92.0/22 maxlen: 22
185.211.24.0/22 maxlen: 22
185.213.160.0/22 maxlen: 22
185.218.248.0/22 maxlen: 22
185.249.28.0/22 maxlen: 22
194.213.124.0/23 maxlen: 23
195.15.128.0/18 maxlen: 18
195.49.132.0/22 maxlen: 22
195.200.160.0/19 maxlen: 19
212.106.96.0/19 maxlen: 19
2001:ab8::/29 maxlen: 32
2a00:6900::/29 maxlen: 48
2a01:4e00::/32 maxlen: 32
2a03:5d40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ce:16:4e:0d:29:2f:65:32:cd:b1:ae:9a:b7:24:0a:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297c508d23b38315bbf45b726d22050a46127b8c
Validity
Not Before: May 14 09:18:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae61df9a6be397b8c005e029adb4fc4ec2f9cfec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:14:c8:75:6c:6f:ac:1b:8b:6f:ca:66:47:40:
c3:47:cd:06:82:9a:e1:25:e1:85:d5:a7:f4:95:a4:
6a:bc:53:60:ba:77:41:69:c5:91:db:e9:30:12:50:
e0:a5:f0:25:94:60:94:d3:d9:50:04:ca:63:8b:b7:
49:1d:bc:1d:e0:99:3b:73:17:14:8d:d7:d4:b7:52:
94:52:53:6a:73:e7:05:79:a5:71:59:d8:3d:b5:99:
79:2a:1e:1a:b1:95:bd:de:74:8e:16:30:cb:ec:38:
b8:ea:7f:ba:58:b7:ec:bd:14:a4:3a:a0:cb:96:22:
e9:f4:64:24:60:ae:87:ba:aa:bb:ec:f8:f1:0e:52:
bd:a8:3a:eb:ee:54:5b:b4:3e:75:b4:e2:c0:3a:8e:
52:52:64:ea:8e:8d:63:47:1c:e4:03:25:8a:74:35:
5d:18:a3:9a:a3:a9:6b:4c:61:29:e2:61:b7:17:ca:
91:ef:ee:bc:e8:ff:b4:f6:4b:ba:2f:37:5a:1b:2e:
db:44:e5:49:05:d8:05:81:76:05:3d:ee:21:e6:8c:
54:ae:91:43:2f:b7:0b:aa:1b:c2:d7:a5:fe:b9:89:
42:1e:ff:d6:ef:d0:86:17:07:75:21:9a:5e:52:a6:
72:7a:9b:04:f4:88:5c:3a:0d:10:4e:0c:43:68:eb:
f4:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:61:DF:9A:6B:E3:97:B8:C0:05:E0:29:AD:B4:FC:4E:C2:F9:CF:EC
X509v3 Authority Key Identifier:
keyid:29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/rmHfmmvjl7jABeAprbT8TsL5z-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.68.0/22
62.193.32.0/19
62.244.84.0-62.244.89.255
62.244.96.0/22
62.244.112.0/22
62.244.117.0/24
62.244.119.0/24
78.31.40.0/21
78.109.240.0/20
80.245.16.0/20
82.210.0.0/18
83.118.192.0/19
83.142.144.0/21
84.239.64.0/18
91.90.96.0/21
94.228.176.0/20
95.141.96.0/20
141.101.56.0/21
159.180.224.0/19
176.57.32.0/21
178.16.160.0/20
185.4.44.0/22
185.5.108.0/22
185.10.176.0/22
185.18.208.0/22
185.19.48.0/22
185.41.4.0/22
185.47.240.0/22
185.81.52.0/22
185.132.116.0/22
185.137.254.0/23
185.156.80.0/22
185.163.28.0/22
185.171.156.0/22
185.180.244.0/22
185.191.92.0/22
185.211.24.0/22
185.213.160.0/22
185.218.248.0/22
185.249.28.0/22
194.213.124.0/23
195.15.128.0/18
195.49.132.0/22
195.200.160.0/19
212.106.96.0/19
IPv6:
2001:ab8::/29
2a00:6900::/29
2a01:4e00::/32
2a03:5d40::/32
Signature Algorithm: sha256WithRSAEncryption
73:58:29:76:05:a0:98:33:0b:e6:7d:b7:1c:39:66:25:37:1d:
8d:10:9a:c5:18:cf:e1:b2:a6:05:b1:59:d5:e9:ab:84:1b:40:
dc:9b:09:c6:80:0b:6f:fb:83:09:55:32:24:d9:13:2b:8d:ef:
25:65:05:5c:8b:75:2a:40:3c:32:e3:96:a0:f2:bc:8f:8b:e8:
ec:0b:56:13:38:d5:0f:21:fe:c6:05:1e:4b:e8:63:27:35:c8:
f8:51:49:f9:11:ab:71:9a:c2:f9:52:8e:43:1c:36:15:e9:e1:
df:79:76:a6:6a:f2:31:bb:da:a3:9b:3f:6d:0a:7b:6f:06:43:
e8:cb:4b:ab:79:1f:e0:e5:05:e2:e1:53:79:b3:2c:6e:78:d9:
e2:1c:41:36:e1:a4:54:73:f4:3c:c7:d0:66:45:96:02:5d:c2:
9c:06:36:29:23:1d:0e:e7:2a:32:1c:14:f2:b6:9c:67:12:cf:
bd:25:0a:a3:11:23:57:23:78:d3:61:35:c9:17:a4:88:fa:47:
80:a7:2e:b0:95:58:2d:49:bf:5c:05:f9:5b:bd:dd:08:b2:4e:
0b:a7:09:60:83:5f:46:08:c9:14:0b:41:98:62:4e:94:95:98:
85:e0:c7:a3:44:c3:a0:a8:11:63:51:49:7c:82:1b:34:48:47:
d2:9e:94:7d
-----BEGIN CERTIFICATE-----
MIIGOzCCBSOgAwIBAgISAZbOFk4NKS9lMs2xrpq3JAp+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2M1MDhkMjNiMzgzMTViYmY0NWI3MjZkMjIwNTBhNDYx
MjdiOGMwHhcNMjUwNTE0MDkxODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTYxZGY5YTZiZTM5N2I4YzAwNWUwMjlhZGI0ZmM0ZWMyZjljZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6RTIdWxvrBuLb8pmR0DDR80Ggprh
JeGF1af0laRqvFNgundBacWR2+kwElDgpfAllGCU09lQBMpji7dJHbwd4Jk7cxcU
jdfUt1KUUlNqc+cFeaVxWdg9tZl5Kh4asZW93nSOFjDL7Di46n+6WLfsvRSkOqDL
liLp9GQkYK6Huqq77PjxDlK9qDrr7lRbtD51tOLAOo5SUmTqjo1jRxzkAyWKdDVd
GKOao6lrTGEp4mG3F8qR7+686P+09ku6LzdaGy7bROVJBdgFgXYFPe4h5oxUrpFD
L7cLqhvC16X+uYlCHv/W79CGFwd1IZpeUqZyepsE9IhcOg0QTgxDaOv0nQIDAQAB
o4IDRzCCA0MwHQYDVR0OBBYEFK5h35pr45e4wAXgKa20/E7C+c/sMB8GA1UdIwQY
MBaAFCl8UI0js4MVu/Rbcm0iBQpGEnuMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTIt
MzZlOWE3OWJkOTUwLzEvcm1IZm1tdmpsN2pBQmVBcHJiVDhUc0w1ei13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTItMzZlOWE3OWJkOTUw
LzEvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBWwYIKwYBBQUHAQcBAf8EggFKMIIBRjCCAR4EAgABMIIB
FgMEAgWFRAMEBT7BIDAMAwQCPvRUAwQBPvRYAwQCPvRgAwQCPvRwAwQAPvR1AwQA
PvR3AwQDTh8oAwQETm3wAwQEUPUQAwQGUtIAAwQFU3bAAwQDU46QAwQGVO9AAwQD
W1pgAwQEXuSwAwQEX41gAwQDjWU4AwQFn7TgAwQDsDkgAwQEshCgAwQCuQQsAwQC
uQVsAwQCuQqwAwQCuRLQAwQCuRMwAwQCuSkEAwQCuS/wAwQCuVE0AwQCuYR0AwQB
uYn+AwQCuZxQAwQCuaMcAwQCuaucAwQCubT0AwQCub9cAwQCudMYAwQCudWgAwQC
udr4AwQCufkcAwQBwtV8AwQGww+AAwQCwzGEAwQFw8igAwQF1GpgMCIEAgACMBwD
BQMgAQq4AwUDKgBpAAMFACoBTgADBQAqA11AMA0GCSqGSIb3DQEBCwUAA4IBAQBz
WCl2BaCYMwvmfbccOWYlNx2NEJrFGM/hsqYFsVnV6auEG0DcmwnGgAtv+4MJVTIk
2RMrje8lZQVci3UqQDwy45ag8ryPi+jsC1YTONUPIf7GBR5L6GMnNcj4UUn5Eatx
msL5Uo5DHDYV6eHfeXamavIxu9qjmz9tCntvBkPoy0ureR/g5QXi4VN5syxueNni
HEE24aRUc/Q8x9BmRZYCXcKcBjYpIx0O5yoyHBTytpxnEs+9JQqjESNXI3jTYTXJ
F6SI+keApy6wlVgtSb9cBflbvd0Isk4Lpwlgg19GCMkUC0GYYk6UlZiF4MejRMOg
qBFjUUl8ghs0SEfSnpR9
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:10:49 2025 by rpki-client