Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/aVWmDVlRLoFBgaU7YuLCQozxJ6s.roa
File: aVWmDVlRLoFBgaU7YuLCQozxJ6s.roa (raw, json)
Hash identifier: CdAfNseKmjSiNX2fZqH/0ZkWQ7sIydPNf1C1S0LJhZ4=
Subject key identifier: 69:55:A6:0D:59:51:2E:81:41:81:A5:3B:62:E2:C2:42:8C:F1:27:AB
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 0196B8D813ED064E1FF404329951F1B09C5E
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/aVWmDVlRLoFBgaU7YuLCQozxJ6s.roa
Signing time: Sat 10 May 2025 06:18:10 +0000
ROA not before: Sat 10 May 2025 06:18:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8708
IP address blocks: 80.96.12.0/24 maxlen: 24
80.96.43.0/24 maxlen: 24
80.96.47.0/24 maxlen: 24
80.96.51.0/24 maxlen: 24
80.96.57.0/24 maxlen: 24
80.96.67.0/24 maxlen: 24
80.96.69.0/24 maxlen: 24
80.96.72.0/24 maxlen: 24
80.96.79.0/24 maxlen: 24
80.96.219.0/24 maxlen: 24
80.97.147.0/24 maxlen: 24
80.97.148.0/24 maxlen: 24
80.97.149.0/24 maxlen: 24
81.180.27.0/24 maxlen: 24
81.181.30.0/24 maxlen: 24
81.181.112.0/24 maxlen: 24
81.181.128.0/24 maxlen: 24
81.181.147.0/24 maxlen: 24
81.181.167.0/24 maxlen: 24
81.181.246.0/24 maxlen: 24
85.120.20.0/24 maxlen: 24
85.120.23.0/24 maxlen: 24
193.226.16.0/24 maxlen: 24
193.226.116.0/24 maxlen: 24
193.226.125.0/24 maxlen: 24
193.226.127.0/24 maxlen: 24
193.230.158.0/24 maxlen: 24
193.230.171.0/24 maxlen: 24
193.230.217.0/24 maxlen: 24
193.230.229.0/24 maxlen: 24
193.231.75.0/24 maxlen: 24
193.231.108.0/24 maxlen: 24
193.231.184.0/24 maxlen: 24
193.231.194.0/24 maxlen: 24
193.231.233.0/24 maxlen: 24
193.231.236.0/24 maxlen: 24
193.231.238.0/24 maxlen: 24
193.231.252.0/24 maxlen: 24
194.102.98.0/24 maxlen: 24
194.102.134.0/24 maxlen: 24
194.102.229.0/24 maxlen: 24
194.153.224.0/24 maxlen: 24
217.156.14.0/24 maxlen: 24
217.156.20.0/23 maxlen: 23
217.156.41.0/24 maxlen: 24
217.156.92.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b8:d8:13:ed:06:4e:1f:f4:04:32:99:51:f1:b0:9c:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: May 10 06:18:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6955a60d59512e814181a53b62e2c2428cf127ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:dc:d3:13:e5:3b:88:38:f3:dd:df:7d:e8:da:
2f:83:46:08:a3:77:ab:d5:96:03:49:40:b1:56:b1:
08:83:d0:e2:09:11:12:29:a0:08:52:30:31:ba:d9:
47:dc:ba:54:14:bf:36:b7:c0:05:bf:ed:c8:03:24:
cb:8e:73:8c:64:93:88:13:d3:02:2d:78:fc:eb:05:
31:2f:7b:e7:74:b4:86:39:68:fa:a0:b9:48:9b:43:
90:c7:ed:ff:f5:4d:06:cb:53:6d:b6:d2:a4:0e:1d:
1c:4f:b6:73:83:b3:f7:33:7b:51:fa:99:9d:a3:6f:
64:5e:54:d8:75:81:ad:f7:cb:73:32:d8:bb:41:30:
32:d7:11:b2:49:ab:d8:2a:3c:93:db:cd:03:dd:e6:
f3:be:6e:d9:2b:35:9b:5e:49:9e:7a:07:a6:e4:3a:
6c:b5:35:80:59:10:0c:3f:6d:50:ee:2b:97:7d:5a:
61:64:50:e6:47:98:0e:46:2d:e6:86:db:cf:49:0a:
1b:f1:0a:ff:94:da:bc:6c:1f:76:2b:b4:f5:95:b9:
01:51:f9:b3:e1:bb:91:b4:c3:0a:df:ee:62:17:6c:
25:16:47:15:d3:51:92:99:6d:17:5e:ce:6a:a6:90:
a1:d7:27:6d:a3:2e:10:07:ff:d2:24:88:b9:94:66:
e4:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:55:A6:0D:59:51:2E:81:41:81:A5:3B:62:E2:C2:42:8C:F1:27:AB
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/aVWmDVlRLoFBgaU7YuLCQozxJ6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.12.0/24
80.96.43.0/24
80.96.47.0/24
80.96.51.0/24
80.96.57.0/24
80.96.67.0/24
80.96.69.0/24
80.96.72.0/24
80.96.79.0/24
80.96.219.0/24
80.97.147.0-80.97.149.255
81.180.27.0/24
81.181.30.0/24
81.181.112.0/24
81.181.128.0/24
81.181.147.0/24
81.181.167.0/24
81.181.246.0/24
85.120.20.0/24
85.120.23.0/24
193.226.16.0/24
193.226.116.0/24
193.226.125.0/24
193.226.127.0/24
193.230.158.0/24
193.230.171.0/24
193.230.217.0/24
193.230.229.0/24
193.231.75.0/24
193.231.108.0/24
193.231.184.0/24
193.231.194.0/24
193.231.233.0/24
193.231.236.0/24
193.231.238.0/24
193.231.252.0/24
194.102.98.0/24
194.102.134.0/24
194.102.229.0/24
194.153.224.0/24
217.156.14.0/24
217.156.20.0/23
217.156.41.0/24
217.156.92.0/24
Signature Algorithm: sha256WithRSAEncryption
02:4d:1a:dc:bd:ad:cd:85:96:09:08:6f:30:f6:da:93:f5:22:
a9:a4:34:b4:0b:5b:36:ec:e0:e7:c3:dd:e5:fe:f7:e3:0c:e1:
8a:22:ab:78:26:9d:03:7a:d9:35:00:fa:9a:a2:31:1f:6c:1b:
d1:f5:2a:bc:48:c7:68:fb:96:1e:aa:10:e4:68:2f:f8:16:9d:
56:9c:1c:2a:a6:84:b0:ab:4a:10:2f:03:e3:47:33:b2:7f:d7:
d9:74:2f:5a:09:bb:d6:84:08:94:29:82:5f:2d:b1:e1:06:e6:
5d:23:6f:17:91:aa:14:28:60:40:06:cd:00:00:63:73:c3:79:
40:9a:c5:99:f9:ba:1a:e2:8e:7e:e2:1e:98:9a:13:64:cd:bb:
b4:e6:20:6f:99:36:19:27:d3:21:54:3a:41:70:ca:c8:72:2f:
a6:42:cd:7a:fb:88:fd:6a:8a:17:a6:89:8c:35:0d:57:5a:03:
1a:d0:ed:13:1e:0b:6c:5a:00:0d:5c:c6:22:3a:d2:41:59:43:
40:2d:4d:66:7e:14:33:83:cf:48:18:e5:ff:c9:4b:a4:1d:f3:
80:13:01:05:d0:20:14:1a:bc:4e:5c:ef:40:ba:38:83:55:07:
32:6f:87:c2:7a:e8:21:d4:8b:38:41:0e:4f:44:c7:21:95:43:
32:9b:f2:5e
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgISAZa42BPtBk4f9AQymVHxsJxeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjUwNTEwMDYxODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTU1YTYwZDU5NTEyZTgxNDE4MWE1M2I2MmUyYzI0MjhjZjEyN2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodzTE+U7iDjz3d996Novg0YIo3er
1ZYDSUCxVrEIg9DiCRESKaAIUjAxutlH3LpUFL82t8AFv+3IAyTLjnOMZJOIE9MC
LXj86wUxL3vndLSGOWj6oLlIm0OQx+3/9U0Gy1NtttKkDh0cT7Zzg7P3M3tR+pmd
o29kXlTYdYGt98tzMti7QTAy1xGySavYKjyT280D3ebzvm7ZKzWbXkmeegem5Dps
tTWAWRAMP21Q7iuXfVphZFDmR5gORi3mhtvPSQob8Qr/lNq8bB92K7T1lbkBUfmz
4buRtMMK3+5iF2wlFkcV01GSmW0XXs5qppCh1ydtoy4QB//SJIi5lGbkUQIDAQAB
o4IDHTCCAxkwHQYDVR0OBBYEFGlVpg1ZUS6BQYGlO2LiwkKM8SerMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvYVZXbURWbFJMb0ZCZ2FVN1l1TENRb3p4SjZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMQYIKwYBBQUHAQcBAf8EggEgMIIBHDCCARgEAgABMIIB
EAMEAFBgDAMEAFBgKwMEAFBgLwMEAFBgMwMEAFBgOQMEAFBgQwMEAFBgRQMEAFBg
SAMEAFBgTwMEAFBg2zAMAwQAUGGTAwQBUGGUAwQAUbQbAwQAUbUeAwQAUbVwAwQA
UbWAAwQAUbWTAwQAUbWnAwQAUbX2AwQAVXgUAwQAVXgXAwQAweIQAwQAweJ0AwQA
weJ9AwQAweJ/AwQAweaeAwQAwearAwQAwebZAwQAweblAwQAwedLAwQAwedsAwQA
wee4AwQAwefCAwQAwefpAwQAwefsAwQAwefuAwQAwef8AwQAwmZiAwQAwmaGAwQA
wmblAwQAwpngAwQA2ZwOAwQB2ZwUAwQA2ZwpAwQA2ZxcMA0GCSqGSIb3DQEBCwUA
A4IBAQACTRrcva3NhZYJCG8w9tqT9SKppDS0C1s27ODnw93l/vfjDOGKIqt4Jp0D
etk1APqaojEfbBvR9Sq8SMdo+5YeqhDkaC/4Fp1WnBwqpoSwq0oQLwPjRzOyf9fZ
dC9aCbvWhAiUKYJfLbHhBuZdI28XkaoUKGBABs0AAGNzw3lAmsWZ+boa4o5+4h6Y
mhNkzbu05iBvmTYZJ9MhVDpBcMrIci+mQs16+4j9aooXpomMNQ1XWgMa0O0THgts
WgANXMYiOtJBWUNALU1mfhQzg89IGOX/yUukHfOAEwEF0CAUGrxOXO9AujiDVQcy
b4fCeugh1Is4QQ5PRMchlUMym/Je
-----END CERTIFICATE-----
Generated at Fri Jun 6 13:40:26 2025 by rpki-client