Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/ywlxgDTA8OHPXbXeaXgynD2G0Nk.roa
File: ywlxgDTA8OHPXbXeaXgynD2G0Nk.roa (raw, json)
Hash identifier: n5L8Qa0EFPbQwuef3FXsMOtp39qjWOThNWCaDxiHKkg=
Subject key identifier: CB:09:71:80:34:C0:F0:E1:CF:5D:B5:DE:69:78:32:9C:3D:86:D0:D9
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 0196CD41E77680B614BFACF9CC9E5B246937
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/ywlxgDTA8OHPXbXeaXgynD2G0Nk.roa
Signing time: Wed 14 May 2025 05:26:10 +0000
ROA not before: Wed 14 May 2025 05:26:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 80.96.44.0/23 maxlen: 24
80.96.54.0/23 maxlen: 24
80.96.102.0/23 maxlen: 24
80.96.156.0/22 maxlen: 24
80.96.236.0/23 maxlen: 23
80.97.40.0/21 maxlen: 24
80.97.96.0/23 maxlen: 24
81.180.94.0/23 maxlen: 23
81.180.98.0/23 maxlen: 24
81.180.174.0/23 maxlen: 24
81.180.228.0/23 maxlen: 24
81.180.254.0/23 maxlen: 24
81.181.14.0/23 maxlen: 24
81.181.26.0/23 maxlen: 24
81.181.68.0/23 maxlen: 24
81.181.72.0/23 maxlen: 24
81.181.104.0/21 maxlen: 24
85.120.84.0/23 maxlen: 24
85.121.36.0/23 maxlen: 23
85.121.168.0/22 maxlen: 24
85.121.232.0/21 maxlen: 24
85.122.124.0/22 maxlen: 24
85.122.231.0/24 maxlen: 24
193.226.76.0/22 maxlen: 24
194.102.36.0/22 maxlen: 24
194.102.148.0/23 maxlen: 24
194.102.160.0/23 maxlen: 24
194.102.174.0/23 maxlen: 24
194.102.180.0/22 maxlen: 24
194.102.224.0/22 maxlen: 24
194.105.12.0/22 maxlen: 24
194.153.225.0/24 maxlen: 24
194.153.230.0/23 maxlen: 24
194.153.244.0/23 maxlen: 24
217.156.16.0/23 maxlen: 24
217.156.26.0/24 maxlen: 24
217.156.48.0/22 maxlen: 24
217.156.94.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Jun 2025 08:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:cd:41:e7:76:80:b6:14:bf:ac:f9:cc:9e:5b:24:69:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: May 14 05:26:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb09718034c0f0e1cf5db5de6978329c3d86d0d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a6:91:0a:cb:c3:db:da:73:72:29:f5:b6:cd:
97:8b:5e:7b:09:6a:ba:47:44:e4:5d:48:a9:7a:81:
f6:dc:96:4a:84:35:48:cc:3b:e8:01:1b:a1:ce:63:
ea:2c:d8:dc:bc:bd:4f:eb:af:95:2d:08:eb:09:f5:
ad:5d:b6:bb:0e:06:8a:7e:f9:58:4e:85:dd:a9:48:
bc:8e:82:e3:32:36:a3:84:84:a5:e8:48:a6:ba:7b:
28:c0:ea:c4:48:e2:8f:0c:3d:51:e0:35:0b:ce:99:
4a:aa:86:42:4f:25:4e:94:52:ea:64:32:e0:5c:da:
5b:34:6a:2e:ec:31:0c:78:83:f3:f3:56:b6:67:d9:
46:20:1d:c3:d4:e1:da:13:da:52:88:ae:ac:b6:93:
10:af:c0:69:51:16:8f:dc:8c:bd:fb:93:71:40:89:
d6:96:ba:5a:d9:1e:82:51:b7:32:c1:87:ef:62:31:
cb:f1:fe:4b:b1:69:c0:86:60:94:e2:0e:1c:13:f5:
37:41:d8:27:64:f1:ea:5a:fe:55:b0:9c:e9:13:25:
94:8b:6c:c7:1e:bd:7a:88:6e:b7:ca:14:09:10:1f:
25:a9:30:e3:f0:db:f8:0c:57:1a:95:4f:bf:d9:e6:
aa:f2:90:ca:17:a2:49:e1:8d:72:b2:8e:4d:54:aa:
7d:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:09:71:80:34:C0:F0:E1:CF:5D:B5:DE:69:78:32:9C:3D:86:D0:D9
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/ywlxgDTA8OHPXbXeaXgynD2G0Nk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.44.0/23
80.96.54.0/23
80.96.102.0/23
80.96.156.0/22
80.96.236.0/23
80.97.40.0/21
80.97.96.0/23
81.180.94.0/23
81.180.98.0/23
81.180.174.0/23
81.180.228.0/23
81.180.254.0/23
81.181.14.0/23
81.181.26.0/23
81.181.68.0/23
81.181.72.0/23
81.181.104.0/21
85.120.84.0/23
85.121.36.0/23
85.121.168.0/22
85.121.232.0/21
85.122.124.0/22
85.122.231.0/24
193.226.76.0/22
194.102.36.0/22
194.102.148.0/23
194.102.160.0/23
194.102.174.0/23
194.102.180.0/22
194.102.224.0/22
194.105.12.0/22
194.153.225.0/24
194.153.230.0/23
194.153.244.0/23
217.156.16.0/23
217.156.26.0/24
217.156.48.0/22
217.156.94.0/23
Signature Algorithm: sha256WithRSAEncryption
a6:b5:9e:4a:03:f4:1f:82:ad:82:c8:db:30:3f:8f:64:bc:c4:
65:14:e1:8e:6b:d5:32:96:1c:ca:7d:4d:4c:9e:27:90:ac:52:
da:a8:3c:e3:99:9e:2b:80:9f:54:f0:d0:10:eb:6b:f1:c5:d8:
1f:91:66:b9:2f:5f:77:5d:bc:ab:fb:2e:ac:27:fe:dc:9d:f0:
46:b7:de:ce:dd:1a:a9:42:23:85:c4:43:64:21:68:e2:ed:a1:
63:ee:85:10:9b:22:d1:7b:87:da:5d:05:fb:9c:29:36:37:58:
63:58:17:23:08:04:33:ea:61:d3:c8:63:4d:11:4f:aa:1e:06:
fe:40:3f:68:5d:98:24:69:0c:eb:ec:12:1a:6d:20:07:de:aa:
9e:b6:d8:e7:3d:8f:5a:52:dd:6d:b0:13:e9:1b:de:70:fd:57:
7a:86:51:1a:29:7b:80:d1:b9:e0:52:10:ed:05:94:9c:8c:64:
7c:6c:de:02:85:b3:cf:a1:95:19:73:07:52:df:8e:5c:e1:bd:
f2:19:35:d4:4f:5e:a2:85:2c:38:f3:be:6a:61:37:a3:1b:72:
38:e2:de:8a:11:98:ef:7b:59:d1:52:bd:14:fa:c2:6a:77:9f:
9b:3b:46:3b:12:b7:2b:06:fc:1f:cf:fc:c7:97:95:e4:7c:9c:
b8:07:64:3e
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAZbNQed2gLYUv6z5zJ5bJGk3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjUwNTE0MDUyNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjA5NzE4MDM0YzBmMGUxY2Y1ZGI1ZGU2OTc4MzI5YzNkODZkMGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsaaRCsvD29pzcin1ts2Xi157CWq6
R0TkXUipeoH23JZKhDVIzDvoARuhzmPqLNjcvL1P66+VLQjrCfWtXba7DgaKfvlY
ToXdqUi8joLjMjajhISl6EimunsowOrESOKPDD1R4DULzplKqoZCTyVOlFLqZDLg
XNpbNGou7DEMeIPz81a2Z9lGIB3D1OHaE9pSiK6stpMQr8BpURaP3Iy9+5NxQInW
lrpa2R6CUbcywYfvYjHL8f5LsWnAhmCU4g4cE/U3QdgnZPHqWv5VsJzpEyWUi2zH
Hr16iG63yhQJEB8lqTDj8Nv4DFcalU+/2eaq8pDKF6JJ4Y1yso5NVKp9LwIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFMsJcYA0wPDhz1213ml4Mpw9htDZMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEveXdseGdEVEE4T0hQWGJYZWFYZ3luRDJHME5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAQYIKwYBBQUHAQcBAf8EgfEwge4wgesEAgABMIHkAwQB
UGAsAwQBUGA2AwQBUGBmAwQCUGCcAwQBUGDsAwQDUGEoAwQBUGFgAwQBUbReAwQB
UbRiAwQBUbSuAwQBUbTkAwQBUbT+AwQBUbUOAwQBUbUaAwQBUbVEAwQBUbVIAwQD
UbVoAwQBVXhUAwQBVXkkAwQCVXmoAwQDVXnoAwQCVXp8AwQAVXrnAwQCweJMAwQC
wmYkAwQBwmaUAwQBwmagAwQBwmauAwQCwma0AwQCwmbgAwQCwmkMAwQAwpnhAwQB
wpnmAwQBwpn0AwQB2ZwQAwQA2ZwaAwQC2ZwwAwQB2ZxeMA0GCSqGSIb3DQEBCwUA
A4IBAQCmtZ5KA/Qfgq2CyNswP49kvMRlFOGOa9UylhzKfU1MnieQrFLaqDzjmZ4r
gJ9U8NAQ62vxxdgfkWa5L193Xbyr+y6sJ/7cnfBGt97O3RqpQiOFxENkIWji7aFj
7oUQmyLRe4faXQX7nCk2N1hjWBcjCAQz6mHTyGNNEU+qHgb+QD9oXZgkaQzr7BIa
bSAH3qqettjnPY9aUt1tsBPpG95w/Vd6hlEaKXuA0bngUhDtBZScjGR8bN4ChbPP
oZUZcwdS345c4b3yGTXUT16ihSw4875qYTejG3I44t6KEZjve1nRUr0U+sJqd5+b
O0Y7ErcrBvwfz/zHl5XkfJy4B2Q+
-----END CERTIFICATE-----
Generated at Tue Jun 3 10:11:39 2025 by rpki-client