Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DJOnEAiWxnFkLxNQGu9J_-pfEN4.roa
File: DJOnEAiWxnFkLxNQGu9J_-pfEN4.roa (raw, json)
Hash identifier: kZOpkWCcPIUdoke1GqMqOOkYUMU41Dx02dj4fAxLP6Y=
Subject key identifier: 0C:93:A7:10:08:96:C6:71:64:2F:13:50:1A:EF:49:FF:EA:5F:10:DE
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01972068995C9FC79E53F72348C272F7AB08
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DJOnEAiWxnFkLxNQGu9J_-pfEN4.roa
Signing time: Fri 30 May 2025 08:56:55 +0000
ROA not before: Fri 30 May 2025 08:56:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2.59.253.0/24 maxlen: 24
5.252.132.0/22 maxlen: 24
31.13.211.0/24 maxlen: 24
45.8.93.0/24 maxlen: 24
45.9.157.0/24 maxlen: 24
45.12.253.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.81.39.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.90.89.0/24 maxlen: 24
45.139.106.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
45.141.159.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
81.31.192.0/22 maxlen: 24
81.161.238.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.89.0/24 maxlen: 24
87.120.126.0/23 maxlen: 24
87.120.166.0/24 maxlen: 24
87.121.22.0/24 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.87.0/24 maxlen: 24
87.121.165.0/24 maxlen: 24
91.92.70.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.45.0/24 maxlen: 24
93.123.47.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
93.123.109.0/24 maxlen: 24
93.123.117.0/24 maxlen: 24
93.123.119.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.64.0/21 maxlen: 32
94.156.105.0/24 maxlen: 24
94.156.167.0/24 maxlen: 24
94.156.232.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
141.98.6.0/24 maxlen: 24
171.22.73.0/24 maxlen: 24
171.22.74.0/23 maxlen: 24
178.215.227.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.222.162.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
193.222.96.0/24 maxlen: 24
193.222.98.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
195.178.111.0/24 maxlen: 24
212.115.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Jun 2025 15:25:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:20:68:99:5c:9f:c7:9e:53:f7:23:48:c2:72:f7:ab:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 30 08:56:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c93a7100896c671642f13501aef49ffea5f10de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:10:1e:7c:66:f3:14:c7:47:65:0a:4f:c2:9c:
93:a8:bd:f0:95:25:f5:cc:05:d9:4b:5c:90:dd:b5:
e1:66:7c:8d:94:9f:83:0b:2b:2f:7c:10:93:8e:bf:
69:95:7e:83:51:26:f1:fb:c6:3a:d7:e1:5c:b3:ac:
b0:57:92:3c:6f:9f:df:27:4f:7f:29:77:7c:ff:aa:
d0:6c:2c:dc:4b:74:c7:86:72:ed:d1:5a:aa:78:6a:
a5:89:6c:4a:14:95:b4:a1:f9:65:05:69:2a:e0:f3:
20:3a:6e:de:c6:ea:ed:e8:97:c1:8d:85:fc:c4:65:
67:b0:5e:b5:57:2f:f6:32:b4:fe:53:57:09:b4:ab:
cf:69:e8:e0:05:5d:28:ec:3e:d4:dd:bf:3e:1b:e7:
a8:96:18:da:e3:8f:86:52:cf:aa:60:f9:ba:53:f5:
44:24:2a:16:38:f0:8c:cf:c3:2b:2a:d4:72:70:95:
11:f9:1f:6b:7e:d3:74:36:16:85:80:7e:47:40:86:
b8:93:cf:bb:97:71:ae:2e:6c:a4:e9:ed:e6:7d:f2:
7c:03:4e:5d:68:70:ae:2a:e0:62:61:a3:42:73:b4:
62:b7:0d:b1:35:fa:1c:d4:ba:93:6f:74:94:28:53:
71:5e:d3:db:1a:17:16:f0:3a:7b:2f:03:ca:f1:84:
59:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:93:A7:10:08:96:C6:71:64:2F:13:50:1A:EF:49:FF:EA:5F:10:DE
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DJOnEAiWxnFkLxNQGu9J_-pfEN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
5.252.132.0/22
31.13.211.0/24
45.8.93.0/24
45.9.157.0/24
45.12.253.0/24
45.66.228.0/24
45.66.231.0/24
45.81.39.0/24
45.88.64.0/24
45.89.247.0/24
45.90.89.0/24
45.139.106.0/24
45.141.158.0/23
45.151.90.0/24
81.31.192.0/22
81.161.238.0/24
83.219.97.0/24
84.54.48.0/24
87.120.87.0/24
87.120.89.0/24
87.120.126.0/23
87.120.166.0/24
87.121.22.0/24
87.121.38.0/24
87.121.45.0/24
87.121.87.0/24
87.121.165.0/24
91.92.70.0/24
92.119.196.0/23
92.249.50.0/24
93.123.45.0/24
93.123.47.0/24
93.123.85.0/24
93.123.109.0/24
93.123.117.0/24
93.123.119.0/24
94.103.125.0/24
94.154.160.0/22
94.156.64.0/21
94.156.105.0/24
94.156.167.0/24
94.156.232.0/24
94.156.239.0/24
141.98.1.0/24
141.98.6.0/24
171.22.73.0-171.22.75.255
178.215.227.0/24
185.216.84.0/22
185.222.162.0/24
193.25.216.0/24
193.35.18.0/24
193.222.96.0/24
193.222.98.0/24
194.55.186.0/24
194.169.175.0/24
195.178.111.0/24
212.115.41.0/24
Signature Algorithm: sha256WithRSAEncryption
55:56:35:c7:e5:34:2c:d6:91:d8:e9:e0:0b:9f:b5:4c:a1:a7:
b4:62:4a:a6:16:61:84:61:eb:6e:ee:09:1e:98:93:4b:e9:7b:
dc:96:f4:25:c7:7c:d5:54:a5:db:53:32:c1:3a:e1:78:c5:85:
fb:34:20:37:d6:0f:ba:b6:d3:9b:ff:3c:56:c8:53:18:0a:99:
f8:4b:28:92:f2:fd:8a:7d:3a:47:6e:72:28:54:10:77:be:75:
d0:da:80:39:24:36:ba:75:a3:c9:7a:43:e6:d0:f0:64:40:d6:
e9:d1:79:79:4a:32:55:3c:27:86:c3:3f:bc:4c:01:ef:e9:66:
21:ab:5a:45:ce:86:75:bb:ab:4c:6e:f8:92:e2:41:be:9b:9f:
2b:c5:dd:02:cf:19:e0:ec:07:d8:9d:a8:01:55:fb:6c:7a:f4:
18:8a:05:8b:6c:c5:24:39:8f:3d:c7:5c:12:cc:13:6e:5e:96:
c1:d9:4d:ee:99:ea:23:96:f4:dc:ae:1a:69:8e:52:b1:74:8f:
fa:2f:70:51:49:b9:76:50:32:4f:7b:db:3b:99:dd:ad:c3:ca:
c0:a7:82:05:34:3d:24:02:5e:30:ba:6f:b1:33:5a:36:d5:ba:
81:0f:53:b9:30:43:c1:63:e5:ae:ca:d8:67:aa:36:c7:1a:5b:
d8:10:9f:1e
-----BEGIN CERTIFICATE-----
MIIGZTCCBU2gAwIBAgISAZcgaJlcn8eeU/cjSMJy96sIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNTMwMDg1NjU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzkzYTcxMDA4OTZjNjcxNjQyZjEzNTAxYWVmNDlmZmVhNWYxMGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7BAefGbzFMdHZQpPwpyTqL3wlSX1
zAXZS1yQ3bXhZnyNlJ+DCysvfBCTjr9plX6DUSbx+8Y61+Fcs6ywV5I8b5/fJ09/
KXd8/6rQbCzcS3THhnLt0VqqeGqliWxKFJW0ofllBWkq4PMgOm7exurt6JfBjYX8
xGVnsF61Vy/2MrT+U1cJtKvPaejgBV0o7D7U3b8+G+eolhja44+GUs+qYPm6U/VE
JCoWOPCMz8MrKtRycJUR+R9rftN0NhaFgH5HQIa4k8+7l3GuLmyk6e3mffJ8A05d
aHCuKuBiYaNCc7Ritw2xNfoc1LqTb3SUKFNxXtPbGhcW8Dp7LwPK8YRZQwIDAQAB
o4IDcTCCA20wHQYDVR0OBBYEFAyTpxAIlsZxZC8TUBrvSf/qXxDeMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvREpPbkVBaVd4bkZrTHhOUUd1OUpfLXBmRU40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBhQYIKwYBBQUHAQcBAf8EggF0MIIBcDCCAWwEAgABMIIB
ZAMEAAI7/QMEAgX8hAMEAB8N0wMEAC0IXQMEAC0JnQMEAC0M/QMEAC1C5AMEAC1C
5wMEAC1RJwMEAC1YQAMEAC1Z9wMEAC1aWQMEAC2LagMEAS2NngMEAC2XWgMEAlEf
wAMEAFGh7gMEAFPbYQMEAFQ2MAMEAFd4VwMEAFd4WQMEAVd4fgMEAFd4pgMEAFd5
FgMEAFd5JgMEAFd5LQMEAFd5VwMEAFd5pQMEAFtcRgMEAVx3xAMEAFz5MgMEAF17
LQMEAF17LwMEAF17VQMEAF17bQMEAF17dQMEAF17dwMEAF5nfQMEAl6aoAMEA16c
QAMEAF6caQMEAF6cpwMEAF6c6AMEAF6c7wMEAI1iAQMEAI1iBjAMAwQAqxZJAwQC
qxZIAwQAstfjAwQCudhUAwQAud6iAwQAwRnYAwQAwSMSAwQAwd5gAwQAwd5iAwQA
wje6AwQAwqmvAwQAw7JvAwQA1HMpMA0GCSqGSIb3DQEBCwUAA4IBAQBVVjXH5TQs
1pHY6eALn7VMoae0YkqmFmGEYetu7gkemJNL6XvclvQlx3zVVKXbUzLBOuF4xYX7
NCA31g+6ttOb/zxWyFMYCpn4SyiS8v2KfTpHbnIoVBB3vnXQ2oA5JDa6daPJekPm
0PBkQNbp0Xl5SjJVPCeGwz+8TAHv6WYhq1pFzoZ1u6tMbviS4kG+m58rxd0Czxng
7AfYnagBVftsevQYigWLbMUkOY89x1wSzBNuXpbB2U3umeojlvTcrhppjlKxdI/6
L3BRSbl2UDJPe9s7md2tw8rAp4IFND0kAl4wum+xM1o21bqBD1O5MEPBY+Wuythn
qjbHGlvYEJ8e
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:55:45 2025 by rpki-client