Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/r03vG2cNWXeKTe7fSMdpsPufUiY.roa
File: r03vG2cNWXeKTe7fSMdpsPufUiY.roa (raw, json)
Hash identifier: z3EMfTKDdDfCeLdO9szELtFDCNTZnL9eZXt3DQZIcJY=
Subject key identifier: AF:4D:EF:1B:67:0D:59:77:8A:4D:EE:DF:48:C7:69:B0:FB:9F:52:26
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0195FAB2178428C5F2FD0645961264684308
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/r03vG2cNWXeKTe7fSMdpsPufUiY.roa
Signing time: Thu 03 Apr 2025 08:08:50 +0000
ROA not before: Thu 03 Apr 2025 08:08:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214238
IP address blocks: 5.253.56.0/24 maxlen: 24
5.253.57.0/24 maxlen: 24
5.253.58.0/24 maxlen: 24
31.169.124.0/24 maxlen: 24
31.169.125.0/24 maxlen: 24
31.169.126.0/24 maxlen: 24
31.169.127.0/24 maxlen: 24
37.139.128.0/24 maxlen: 24
45.88.66.0/24 maxlen: 24
45.95.0.0/24 maxlen: 24
45.95.2.0/24 maxlen: 24
45.128.234.0/24 maxlen: 24
45.128.235.0/24 maxlen: 24
79.110.63.0/24 maxlen: 24
85.31.44.0/24 maxlen: 24
85.31.46.0/24 maxlen: 24
85.208.136.0/24 maxlen: 24
87.120.92.0/24 maxlen: 24
87.120.108.0/24 maxlen: 24
87.120.196.0/24 maxlen: 24
87.120.205.0/24 maxlen: 24
87.120.216.0/24 maxlen: 24
87.120.219.0/24 maxlen: 24
87.120.222.0/24 maxlen: 24
87.121.47.0/24 maxlen: 24
87.121.216.0/24 maxlen: 24
91.92.21.0/24 maxlen: 24
93.123.31.0/24 maxlen: 24
94.125.102.0/24 maxlen: 24
94.125.103.0/24 maxlen: 24
94.156.236.0/24 maxlen: 24
109.206.240.0/24 maxlen: 24
109.206.243.0/24 maxlen: 24
171.22.19.0/24 maxlen: 24
171.22.30.0/24 maxlen: 24
185.207.14.0/24 maxlen: 24
185.207.15.0/24 maxlen: 24
185.218.138.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
185.252.179.0/24 maxlen: 24
193.8.184.0/24 maxlen: 24
193.8.186.0/24 maxlen: 24
193.8.187.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
193.47.61.0/24 maxlen: 24
193.148.56.0/24 maxlen: 24
193.148.57.0/24 maxlen: 24
193.148.58.0/24 maxlen: 24
193.148.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fa:b2:17:84:28:c5:f2:fd:06:45:96:12:64:68:43:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 3 08:08:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af4def1b670d59778a4deedf48c769b0fb9f5226
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ef:1b:f0:16:53:cd:c1:c1:a1:6c:21:98:9d:
3d:73:26:fe:b5:08:ab:b6:cf:17:e7:7c:6d:7e:3f:
ca:01:23:00:fa:c0:e5:c4:cf:24:d7:9b:91:84:b2:
10:89:26:84:77:c3:81:78:be:ed:5a:2a:1b:10:89:
ea:f6:2c:d4:d0:d0:38:40:9e:42:ad:ca:4c:c6:32:
e6:4b:14:54:89:a7:88:89:89:a1:0d:ed:84:a8:ad:
d6:e9:d0:8d:2e:30:4c:0b:92:8c:79:4e:57:cd:fc:
97:dc:dc:6d:92:fc:2a:6f:09:46:a0:16:fa:83:88:
58:83:b6:1b:7d:46:ed:6d:23:33:b8:62:8f:50:e1:
a2:6d:26:00:e1:05:cd:c8:ea:81:e4:2c:27:29:6a:
ef:5c:7d:4a:e2:46:19:d7:cd:a9:6f:1e:f5:49:57:
6c:5d:b8:76:e7:e7:6d:30:ba:5b:9e:5c:2c:74:5c:
46:c8:83:57:0a:e0:b5:30:ed:f6:cc:5a:55:e4:d4:
e7:20:c1:75:32:44:7c:9f:de:64:7d:1f:8e:78:4c:
4d:3e:5c:d3:1e:e9:12:7c:a5:b8:a7:89:41:61:cd:
16:20:e2:f5:3f:c8:22:41:50:6d:44:85:ee:18:59:
0b:be:97:f6:f3:05:c0:70:0d:da:77:63:8c:28:6e:
e1:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:4D:EF:1B:67:0D:59:77:8A:4D:EE:DF:48:C7:69:B0:FB:9F:52:26
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/r03vG2cNWXeKTe7fSMdpsPufUiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.56.0-5.253.58.255
31.169.124.0/22
37.139.128.0/24
45.88.66.0/24
45.95.0.0/24
45.95.2.0/24
45.128.234.0/23
79.110.63.0/24
85.31.44.0/24
85.31.46.0/24
85.208.136.0/24
87.120.92.0/24
87.120.108.0/24
87.120.196.0/24
87.120.205.0/24
87.120.216.0/24
87.120.219.0/24
87.120.222.0/24
87.121.47.0/24
87.121.216.0/24
91.92.21.0/24
93.123.31.0/24
94.125.102.0/23
94.156.236.0/24
109.206.240.0/24
109.206.243.0/24
171.22.19.0/24
171.22.30.0/24
185.207.14.0/23
185.218.138.0/24
185.246.221.0/24
185.252.179.0/24
193.8.184.0/24
193.8.186.0/23
193.47.60.0/23
193.148.56.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:6b:53:5f:86:9d:1d:94:cd:ea:ac:b5:ab:82:84:ea:c9:84:
96:04:c5:4c:ef:1e:f9:bb:8b:f6:0e:21:30:6a:03:5f:fd:9b:
17:c9:c3:2e:a3:68:4c:7b:b1:ca:4e:8a:f5:ff:8b:3e:92:2c:
0b:f3:84:db:4d:d7:e9:cc:c9:c1:a9:33:56:2a:38:7a:40:33:
17:c6:da:a5:21:27:39:39:21:c3:22:df:2c:67:b0:04:e9:5d:
72:af:12:52:79:fb:bd:2f:58:bc:6f:05:8c:55:b8:0d:85:fe:
92:18:ac:e9:21:94:e9:51:93:90:27:c5:c0:91:4a:51:c4:b0:
39:a2:74:8a:a3:cb:24:2a:6d:6a:9b:40:56:9a:66:d4:65:b6:
be:99:e2:d7:43:83:ef:95:10:17:4c:fc:5d:bd:1b:65:fc:55:
de:1f:b6:b3:c4:ec:d8:ae:d0:d1:fc:b9:b7:91:1f:45:21:d2:
c6:35:9c:ce:f5:11:f4:94:f3:75:4b:f4:46:10:bd:a6:9e:54:
8a:3d:41:3a:6f:f8:52:63:57:4b:6c:fa:42:33:78:1f:58:68:
15:06:58:ed:9a:d2:ba:56:5f:44:6d:5e:fa:07:c6:5f:aa:7d:
d6:51:41:d6:be:9a:ff:e4:33:37:f3:40:65:01:07:b6:d8:a4:
f8:d3:bb:1c
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgISAZX6sheEKMXy/QZFlhJkaEMIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNDAzMDgwODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjRkZWYxYjY3MGQ1OTc3OGE0ZGVlZGY0OGM3NjliMGZiOWY1MjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2e8b8BZTzcHBoWwhmJ09cyb+tQir
ts8X53xtfj/KASMA+sDlxM8k15uRhLIQiSaEd8OBeL7tWiobEInq9izU0NA4QJ5C
rcpMxjLmSxRUiaeIiYmhDe2EqK3W6dCNLjBMC5KMeU5XzfyX3NxtkvwqbwlGoBb6
g4hYg7YbfUbtbSMzuGKPUOGibSYA4QXNyOqB5CwnKWrvXH1K4kYZ182pbx71SVds
Xbh25+dtMLpbnlwsdFxGyINXCuC1MO32zFpV5NTnIMF1MkR8n95kfR+OeExNPlzT
HukSfKW4p4lBYc0WIOL1P8giQVBtRIXuGFkLvpf28wXAcA3ad2OMKG7hhwIDAQAB
o4IC6DCCAuQwHQYDVR0OBBYEFK9N7xtnDVl3ik3u30jHabD7n1ImMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcjAzdkcyY05XWGVLVGU3ZlNNZHBzUHVmVWlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH9BggrBgEFBQcBBwEB/wSB7TCB6jCB5wQCAAEwgeAwDAME
AwX9OAMEAAX9OgMEAh+pfAMEACWLgAMEAC1YQgMEAC1fAAMEAC1fAgMEAS2A6gME
AE9uPwMEAFUfLAMEAFUfLgMEAFXQiAMEAFd4XAMEAFd4bAMEAFd4xAMEAFd4zQME
AFd42AMEAFd42wMEAFd43gMEAFd5LwMEAFd52AMEAFtcFQMEAF17HwMEAV59ZgME
AF6c7AMEAG3O8AMEAG3O8wMEAKsWEwMEAKsWHgMEAbnPDgMEALnaigMEALn23QME
ALn8swMEAMEIuAMEAcEIugMEAcEvPAMEAsGUODANBgkqhkiG9w0BAQsFAAOCAQEA
W2tTX4adHZTN6qy1q4KE6smElgTFTO8e+buL9g4hMGoDX/2bF8nDLqNoTHuxyk6K
9f+LPpIsC/OE203X6czJwakzVio4ekAzF8bapSEnOTkhwyLfLGewBOldcq8SUnn7
vS9YvG8FjFW4DYX+khis6SGU6VGTkCfFwJFKUcSwOaJ0iqPLJCptaptAVppm1GW2
vpni10OD75UQF0z8Xb0bZfxV3h+2s8Ts2K7Q0fy5t5EfRSHSxjWczvUR9JTzdUv0
RhC9pp5Uij1BOm/4UmNXS2z6QjN4H1hoFQZY7ZrSulZfRG1e+gfGX6p91lFB1r6a
/+QzN/NAZQEHttik+NO7HA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:20:12 2025 by rpki-client