Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/051035-200d-41e8-adf1-d33f08f3a48d/1/6fR_eS1-S-5XOCu6-_w9WFRAsnM.roa
File: 6fR_eS1-S-5XOCu6-_w9WFRAsnM.roa (raw, json)
Hash identifier: QrWF8qdwleA9HW7Gs5bTLxZ2kKrxxkYNg+tfhj45HxE=
Subject key identifier: E9:F4:7F:79:2D:7E:4B:EE:57:38:2B:BA:FB:FC:3D:58:54:40:B2:73
Certificate issuer: /CN=e2110acce33ac85011ca8c22d2001666e45b9377
Certificate serial: 0196E9159EAF0CA59F65E35D88A0E79CBB54
Authority key identifier: E2:11:0A:CC:E3:3A:C8:50:11:CA:8C:22:D2:00:16:66:E4:5B:93:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4hEKzOM6yFARyowi0gAWZuRbk3c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/051035-200d-41e8-adf1-d33f08f3a48d/1/6fR_eS1-S-5XOCu6-_w9WFRAsnM.roa
Signing time: Mon 19 May 2025 15:07:10 +0000
ROA not before: Mon 19 May 2025 15:07:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34762
IP address blocks: 5.134.0.0/21 maxlen: 24
31.14.50.0/23 maxlen: 24
31.193.176.0/21 maxlen: 24
37.72.160.0/21 maxlen: 24
37.148.176.0/21 maxlen: 24
46.21.224.0/20 maxlen: 24
62.182.56.0/21 maxlen: 21
77.73.96.0/21 maxlen: 24
77.241.80.0/20 maxlen: 24
77.241.95.0/24 maxlen: 24
79.174.128.0/21 maxlen: 24
83.217.64.0/19 maxlen: 24
87.238.160.0/21 maxlen: 24
88.151.240.0/21 maxlen: 24
89.36.74.0/23 maxlen: 24
89.42.54.0/23 maxlen: 24
89.44.166.0/23 maxlen: 24
93.115.168.0/23 maxlen: 23
94.176.98.0/23 maxlen: 24
176.62.160.0/20 maxlen: 24
178.208.32.0/19 maxlen: 24
185.2.52.0/22 maxlen: 24
185.18.8.0/22 maxlen: 24
185.76.236.0/22 maxlen: 24
185.86.16.0/22 maxlen: 24
185.111.196.0/22 maxlen: 24
185.162.28.0/22 maxlen: 24
185.175.196.0/22 maxlen: 24
185.190.84.0/22 maxlen: 24
188.93.96.0/21 maxlen: 24
188.93.152.0/21 maxlen: 24
188.208.36.0/23 maxlen: 24
188.211.170.0/23 maxlen: 24
193.111.95.0/24 maxlen: 24
193.239.210.0/23 maxlen: 24
194.26.24.0/24 maxlen: 24
194.150.224.0/23 maxlen: 23
194.165.51.0/24 maxlen: 24
195.13.56.0/23 maxlen: 24
195.47.215.0/24 maxlen: 24
195.234.184.0/24 maxlen: 24
217.19.224.0/20 maxlen: 24
217.21.176.0/20 maxlen: 24
2a00:1c98::/32 maxlen: 64
2a00:1c98:fff0::/44 maxlen: 64
2a00:7000::/32 maxlen: 64
2a02:d08::/32 maxlen: 64
2a03:a800::/32 maxlen: 32
2a07:ca80::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/051035-200d-41e8-adf1-d33f08f3a48d/1/4hEKzOM6yFARyowi0gAWZuRbk3c.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/051035-200d-41e8-adf1-d33f08f3a48d/1/4hEKzOM6yFARyowi0gAWZuRbk3c.mft
rsync://rpki.ripe.net/repository/DEFAULT/4hEKzOM6yFARyowi0gAWZuRbk3c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 20:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e9:15:9e:af:0c:a5:9f:65:e3:5d:88:a0:e7:9c:bb:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2110acce33ac85011ca8c22d2001666e45b9377
Validity
Not Before: May 19 15:07:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e9f47f792d7e4bee57382bbafbfc3d585440b273
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:8e:95:70:5a:67:c0:d1:2d:ea:e6:b3:a7:90:
c3:c1:04:57:61:e9:5d:ec:a9:6a:70:65:1c:9a:4b:
a7:81:30:f6:df:3a:61:7c:7b:1a:a5:76:94:95:26:
31:94:e5:9a:73:f8:3b:0e:ed:68:f1:e4:5f:ef:c9:
37:29:4b:50:7c:2c:a1:cc:7b:43:2d:90:87:5a:20:
df:a3:37:5d:b5:40:3b:9d:9a:bb:3f:bb:ad:15:56:
65:89:80:46:8d:2d:5a:7c:4b:6a:fa:7d:b8:b0:d7:
87:ab:95:05:4b:8d:a7:1e:51:d2:93:f6:c1:db:2f:
2f:c2:17:d4:76:59:26:4c:81:a5:8c:43:a7:9e:04:
4e:c4:2d:c1:be:45:f5:d0:ad:ad:25:7b:9e:17:ac:
48:12:f9:a9:e8:72:51:2b:4e:8f:8f:8f:5a:11:fc:
e8:5d:c5:48:11:b0:ae:f4:86:2c:72:a5:29:cf:69:
e0:79:45:2a:73:33:fb:3d:0f:0d:f7:7d:0c:7f:7f:
9b:aa:ae:88:6e:41:14:54:b7:9e:54:4b:61:ef:48:
d3:2d:e4:0e:9a:87:fb:ce:10:ea:c2:80:23:f9:0e:
a2:db:cc:83:a7:c5:a3:24:29:e3:2a:89:47:87:63:
ac:6d:43:40:72:ef:43:0f:ea:22:45:4e:60:a7:36:
b8:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:F4:7F:79:2D:7E:4B:EE:57:38:2B:BA:FB:FC:3D:58:54:40:B2:73
X509v3 Authority Key Identifier:
keyid:E2:11:0A:CC:E3:3A:C8:50:11:CA:8C:22:D2:00:16:66:E4:5B:93:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4hEKzOM6yFARyowi0gAWZuRbk3c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/051035-200d-41e8-adf1-d33f08f3a48d/1/6fR_eS1-S-5XOCu6-_w9WFRAsnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/051035-200d-41e8-adf1-d33f08f3a48d/1/4hEKzOM6yFARyowi0gAWZuRbk3c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.0.0/21
31.14.50.0/23
31.193.176.0/21
37.72.160.0/21
37.148.176.0/21
46.21.224.0/20
62.182.56.0/21
77.73.96.0/21
77.241.80.0/20
79.174.128.0/21
83.217.64.0/19
87.238.160.0/21
88.151.240.0/21
89.36.74.0/23
89.42.54.0/23
89.44.166.0/23
93.115.168.0/23
94.176.98.0/23
176.62.160.0/20
178.208.32.0/19
185.2.52.0/22
185.18.8.0/22
185.76.236.0/22
185.86.16.0/22
185.111.196.0/22
185.162.28.0/22
185.175.196.0/22
185.190.84.0/22
188.93.96.0/21
188.93.152.0/21
188.208.36.0/23
188.211.170.0/23
193.111.95.0/24
193.239.210.0/23
194.26.24.0/24
194.150.224.0/23
194.165.51.0/24
195.13.56.0/23
195.47.215.0/24
195.234.184.0/24
217.19.224.0/20
217.21.176.0/20
IPv6:
2a00:1c98::/32
2a00:7000::/32
2a02:d08::/32
2a03:a800::/32
2a07:ca80::/29
Signature Algorithm: sha256WithRSAEncryption
a3:f8:11:a7:6a:a0:96:25:20:e2:79:ca:48:2f:d9:ef:7d:1c:
37:4d:e7:e8:72:ef:c2:63:b4:eb:23:c8:18:40:39:f8:e1:12:
d5:54:8b:dc:d9:6e:51:44:5f:76:19:86:2e:3b:e9:c2:3d:1c:
a2:e9:79:d2:b2:95:90:ce:2b:3d:4c:c6:98:7d:aa:ba:11:c7:
16:84:20:ca:3d:d6:5e:78:ee:5a:94:73:99:db:41:97:70:aa:
fb:93:71:f5:c2:f8:85:e0:a0:4e:c6:e4:95:0c:a9:e1:42:a9:
12:f8:9d:63:ac:ff:fc:89:2e:bd:11:15:dd:89:ce:1e:35:35:
b6:87:03:ed:96:12:fa:26:3f:47:ba:b5:6e:9f:06:ec:0f:b2:
9e:d5:2a:cb:95:f3:e1:7d:67:2e:0a:ef:87:d8:1a:dc:e0:c8:
fb:99:1c:40:6b:18:7c:46:6e:d0:9d:b9:b3:6e:23:a0:bc:87:
8a:83:8d:7f:a8:39:be:ac:f0:f2:fc:c3:e9:33:69:87:8a:bb:
2a:cb:be:6c:0f:5c:28:b0:f8:ab:9c:11:28:b7:3b:f9:47:67:
24:6a:c3:b2:0b:f2:e7:7e:01:2f:fe:95:6a:76:50:e4:a4:00:
e5:59:a5:79:ac:cd:64:0c:42:77:b1:4f:e4:d8:28:02:86:10:
ef:5d:03:69
-----BEGIN CERTIFICATE-----
MIIGJzCCBQ+gAwIBAgISAZbpFZ6vDKWfZeNdiKDnnLtUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMTEwYWNjZTMzYWM4NTAxMWNhOGMyMmQyMDAxNjY2ZTQ1
YjkzNzcwHhcNMjUwNTE5MTUwNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWY0N2Y3OTJkN2U0YmVlNTczODJiYmFmYmZjM2Q1ODU0NDBiMjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzY6VcFpnwNEt6uazp5DDwQRXYeld
7KlqcGUcmkungTD23zphfHsapXaUlSYxlOWac/g7Du1o8eRf78k3KUtQfCyhzHtD
LZCHWiDfozddtUA7nZq7P7utFVZliYBGjS1afEtq+n24sNeHq5UFS42nHlHSk/bB
2y8vwhfUdlkmTIGljEOnngROxC3BvkX10K2tJXueF6xIEvmp6HJRK06Pj49aEfzo
XcVIEbCu9IYscqUpz2ngeUUqczP7PQ8N930Mf3+bqq6IbkEUVLeeVEth70jTLeQO
mof7zhDqwoAj+Q6i28yDp8WjJCnjKolHh2OsbUNAcu9DD+oiRU5gpza4nQIDAQAB
o4IDMzCCAy8wHQYDVR0OBBYEFOn0f3ktfkvuVzgruvv8PVhUQLJzMB8GA1UdIwQY
MBaAFOIRCszjOshQEcqMItIAFmbkW5N3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGhFS3pPTTZ5RkFSeW93aTBnQVdadVJiazNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8wNTEwMzUtMjAwZC00MWU4LWFkZjEt
ZDMzZjA4ZjNhNDhkLzEvNmZSX2VTMS1TLTVYT0N1Ni1fdzlXRlJBc25NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8wNTEwMzUtMjAwZC00MWU4LWFkZjEtZDMzZjA4ZjNhNDhk
LzEvNGhFS3pPTTZ5RkFSeW93aTBnQVdadVJiazNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBRwYIKwYBBQUHAQcBAf8EggE2MIIBMjCCAQMEAgABMIH8
AwQDBYYAAwQBHw4yAwQDH8GwAwQDJUigAwQDJZSwAwQELhXgAwQDPrY4AwQDTUlg
AwQETfFQAwQDT66AAwQFU9lAAwQDV+6gAwQDWJfwAwQBWSRKAwQBWSo2AwQBWSym
AwQBXXOoAwQBXrBiAwQEsD6gAwQFstAgAwQCuQI0AwQCuRIIAwQCuUzsAwQCuVYQ
AwQCuW/EAwQCuaIcAwQCua/EAwQCub5UAwQDvF1gAwQDvF2YAwQBvNAkAwQBvNOq
AwQAwW9fAwQBwe/SAwQAwhoYAwQBwpbgAwQAwqUzAwQBww04AwQAwy/XAwQAw+q4
AwQE2RPgAwQE2RWwMCkEAgACMCMDBQAqAByYAwUAKgBwAAMFACoCDQgDBQAqA6gA
AwUDKgfKgDANBgkqhkiG9w0BAQsFAAOCAQEAo/gRp2qgliUg4nnKSC/Z730cN03n
6HLvwmO06yPIGEA5+OES1VSL3NluUURfdhmGLjvpwj0coul50rKVkM4rPUzGmH2q
uhHHFoQgyj3WXnjuWpRzmdtBl3Cq+5Nx9cL4heCgTsbklQyp4UKpEvidY6z//Iku
vREV3YnOHjU1tocD7ZYS+iY/R7q1bp8G7A+yntUqy5Xz4X1nLgrvh9ga3ODI+5kc
QGsYfEZu0J25s24joLyHioONf6g5vqzw8vzD6TNph4q7Ksu+bA9cKLD4q5wRKLc7
+UdnJGrDsgvy534BL/6VanZQ5KQA5VmleazNZAxCd7FP5NgoAoYQ710DaQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:40:35 2025 by rpki-client