Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/P9YK5JDwbqaXUZVKIfmW5Q_bCPw.roa
File: P9YK5JDwbqaXUZVKIfmW5Q_bCPw.roa (raw, json)
Hash identifier: JREKBm8+pYxI661O3FYU1hfYPkOkzLtPWuB2TN8L1Nk=
Subject key identifier: 3F:D6:0A:E4:90:F0:6E:A6:97:51:95:4A:21:F9:96:E5:0F:DB:08:FC
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01971AF46A95F9ACDDA2A8CE24AB4C1F13DB
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/P9YK5JDwbqaXUZVKIfmW5Q_bCPw.roa
Signing time: Thu 29 May 2025 07:31:55 +0000
ROA not before: Thu 29 May 2025 07:31:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136787
IP address blocks: 79.135.152.0/24 maxlen: 24
79.135.153.0/24 maxlen: 24
79.135.155.0/24 maxlen: 24
80.81.40.0/24 maxlen: 24
80.81.49.0/24 maxlen: 24
80.81.50.0/24 maxlen: 24
80.81.52.0/24 maxlen: 24
80.81.56.0/24 maxlen: 24
85.254.10.0/24 maxlen: 24
85.254.45.0/24 maxlen: 24
85.254.47.0/24 maxlen: 24
85.254.62.0/24 maxlen: 24
85.254.70.0/24 maxlen: 24
85.254.72.0/24 maxlen: 24
85.254.104.0/24 maxlen: 24
85.254.105.0/24 maxlen: 24
85.254.106.0/24 maxlen: 24
85.254.107.0/24 maxlen: 24
85.254.108.0/24 maxlen: 24
85.254.109.0/24 maxlen: 24
85.254.110.0/24 maxlen: 24
85.254.111.0/24 maxlen: 24
85.254.116.0/24 maxlen: 24
85.254.122.0/24 maxlen: 24
85.254.188.0/24 maxlen: 24
85.254.189.0/24 maxlen: 24
85.254.191.0/24 maxlen: 24
91.190.40.0/24 maxlen: 24
91.190.41.0/24 maxlen: 24
91.190.43.0/24 maxlen: 24
91.190.44.0/24 maxlen: 24
91.190.46.0/24 maxlen: 24
91.190.62.0/24 maxlen: 24
91.190.63.0/24 maxlen: 24
159.148.125.0/24 maxlen: 24
159.148.138.0/24 maxlen: 24
159.148.150.0/24 maxlen: 24
159.148.222.0/24 maxlen: 24
159.148.242.0/24 maxlen: 24
159.148.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:1a:f4:6a:95:f9:ac:dd:a2:a8:ce:24:ab:4c:1f:13:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: May 29 07:31:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3fd60ae490f06ea69751954a21f996e50fdb08fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:10:27:f1:21:39:46:7f:a7:4d:15:ca:be:8c:
92:da:48:5e:8b:2b:91:84:8c:e1:cf:40:4d:50:18:
ba:fe:cf:44:6b:03:e7:fd:a5:ae:b9:b3:49:49:75:
cf:2d:54:92:89:ca:7b:ac:f9:8c:b3:a2:ad:e7:f9:
f9:f1:de:28:42:fd:d5:54:fe:e2:1b:92:27:62:13:
2c:da:d8:7c:c4:b3:94:b8:86:3c:ce:93:68:a0:21:
e6:02:ab:5c:a9:e2:76:73:5b:df:ab:b2:b4:42:e6:
2c:ed:49:1d:60:94:24:d5:b5:1c:c3:fd:7f:f4:c0:
2d:0b:c3:77:28:ac:24:93:7d:30:46:1b:fd:2e:86:
b2:0a:87:60:18:ee:d3:2b:c1:9e:7c:47:83:17:0c:
c1:fe:35:71:d6:f8:e3:72:70:76:8f:59:41:25:69:
86:02:cc:df:8f:a6:af:f8:42:45:01:3d:70:0a:a9:
bf:49:1d:83:b7:75:b6:3c:3a:2b:82:c8:3b:88:bf:
cd:1e:6c:e4:0a:9a:c2:0d:81:10:7a:ea:1d:f5:01:
1b:3c:87:5d:3a:d6:bb:c6:75:b7:4c:3f:6a:54:2b:
19:e1:96:75:95:c3:3f:d1:c2:77:fc:6e:a2:f2:8d:
27:07:4e:07:c4:f7:c6:26:7b:36:18:ec:ea:7b:03:
33:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:D6:0A:E4:90:F0:6E:A6:97:51:95:4A:21:F9:96:E5:0F:DB:08:FC
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/P9YK5JDwbqaXUZVKIfmW5Q_bCPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.135.152.0/23
79.135.155.0/24
80.81.40.0/24
80.81.49.0-80.81.50.255
80.81.52.0/24
80.81.56.0/24
85.254.10.0/24
85.254.45.0/24
85.254.47.0/24
85.254.62.0/24
85.254.70.0/24
85.254.72.0/24
85.254.104.0/21
85.254.116.0/24
85.254.122.0/24
85.254.188.0/23
85.254.191.0/24
91.190.40.0/23
91.190.43.0-91.190.44.255
91.190.46.0/24
91.190.62.0/23
159.148.125.0/24
159.148.138.0/24
159.148.150.0/24
159.148.222.0/24
159.148.242.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:63:bf:65:4c:d2:96:83:91:cb:46:d7:8d:06:2f:e9:0d:9c:
80:4e:7f:43:ab:e3:62:07:9f:4a:71:be:72:63:52:51:38:13:
05:9e:0d:cb:0e:e6:e1:14:ec:ef:b4:87:04:37:f4:ae:9c:55:
aa:68:cd:85:60:4b:16:6c:a6:c7:10:3a:f6:46:76:8c:80:74:
8e:d3:1b:0a:97:30:2a:54:3b:a4:c1:6b:66:ca:16:ec:8d:15:
11:67:06:d1:3c:2e:4b:70:72:b6:ad:80:c5:3d:cd:11:26:2e:
65:2f:93:fc:ec:b7:79:4f:3f:7d:e0:1c:fc:f2:6a:db:2d:84:
df:0b:ca:1b:7d:75:42:9b:4c:bc:73:d9:9f:05:22:e7:ff:6e:
32:52:e6:b1:3f:44:23:20:ba:bb:63:26:14:4c:99:77:30:1e:
e4:4c:08:b2:61:7a:04:03:40:9a:87:12:59:b1:24:85:7b:22:
0c:76:5c:9b:b5:a2:09:23:1f:10:4e:38:2f:ef:7b:86:42:06:
d6:dd:3c:09:b9:4d:f9:40:13:5d:c8:fc:ce:95:a4:55:e5:20:
bf:18:1e:d7:b9:2d:f3:96:78:3e:cc:c1:22:ef:9a:cf:90:a0:
a1:d3:ae:50:03:33:01:d7:5a:80:ef:cc:58:c9:17:0e:b8:b1:
05:c9:0a:76
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAZca9GqV+azdoqjOJKtMHxPbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwNTI5MDczMTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmQ2MGFlNDkwZjA2ZWE2OTc1MTk1NGEyMWY5OTZlNTBmZGIwOGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxAn8SE5Rn+nTRXKvoyS2kheiyuR
hIzhz0BNUBi6/s9EawPn/aWuubNJSXXPLVSSicp7rPmMs6Kt5/n58d4oQv3VVP7i
G5InYhMs2th8xLOUuIY8zpNooCHmAqtcqeJ2c1vfq7K0QuYs7UkdYJQk1bUcw/1/
9MAtC8N3KKwkk30wRhv9LoayCodgGO7TK8GefEeDFwzB/jVx1vjjcnB2j1lBJWmG
Aszfj6av+EJFAT1wCqm/SR2Dt3W2PDorgsg7iL/NHmzkCprCDYEQeuod9QEbPIdd
Ota7xnW3TD9qVCsZ4ZZ1lcM/0cJ3/G6i8o0nB04HxPfGJns2GOzqewMzFwIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFD/WCuSQ8G6ml1GVSiH5luUP2wj8MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvUDlZSzVKRHdicWFYVVpWS0lmbVc1UV9iQ1B3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBswQCAAEwgawDBAFP
h5gDBABPh5sDBABQUSgwDAMEAFBRMQMEAFBRMgMEAFBRNAMEAFBROAMEAFX+CgME
AFX+LQMEAFX+LwMEAFX+PgMEAFX+RgMEAFX+SAMEA1X+aAMEAFX+dAMEAFX+egME
AVX+vAMEAFX+vwMEAVu+KDAMAwQAW74rAwQAW74sAwQAW74uAwQBW74+AwQAn5R9
AwQAn5SKAwQAn5SWAwQAn5TeAwQBn5TyMA0GCSqGSIb3DQEBCwUAA4IBAQAOY79l
TNKWg5HLRteNBi/pDZyATn9Dq+NiB59Kcb5yY1JROBMFng3LDubhFOzvtIcEN/Su
nFWqaM2FYEsWbKbHEDr2RnaMgHSO0xsKlzAqVDukwWtmyhbsjRURZwbRPC5LcHK2
rYDFPc0RJi5lL5P87Ld5Tz994Bz88mrbLYTfC8obfXVCm0y8c9mfBSLn/24yUuax
P0QjILq7YyYUTJl3MB7kTAiyYXoEA0CahxJZsSSFeyIMdlybtaIJIx8QTjgv73uG
QgbW3TwJuU35QBNdyPzOlaRV5SC/GB7XuS3zlng+zMEi75rPkKCh065QAzMB11qA
78xYyRcOuLEFyQp2
-----END CERTIFICATE-----
Generated at Sat Jun 7 15:23:42 2025 by rpki-client