Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/ZstTP9C0t-o_qJjv24zSpEZnRnI.roa
File: ZstTP9C0t-o_qJjv24zSpEZnRnI.roa (raw, json)
Hash identifier: tEv/X1/bYlzt1891gDpw/r0C802A3K81+c3mqCbqLYo=
Subject key identifier: 66:CB:53:3F:D0:B4:B7:EA:3F:A8:98:EF:DB:8C:D2:A4:46:67:46:72
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 019537ECD742B520146B5656ACA380F6EA1F
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/ZstTP9C0t-o_qJjv24zSpEZnRnI.roa
Signing time: Mon 24 Feb 2025 12:27:03 +0000
ROA not before: Mon 24 Feb 2025 12:27:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
5.182.48.0/24 maxlen: 24
45.81.20.0/22 maxlen: 24
45.140.220.0/22 maxlen: 24
77.83.240.0/22 maxlen: 24
77.83.243.0/24 maxlen: 24
78.108.217.0/24 maxlen: 24
83.143.116.0/22 maxlen: 24
83.143.116.0/24 maxlen: 24
85.202.160.0/22 maxlen: 24
89.190.156.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
185.185.40.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
185.227.68.0/22 maxlen: 24
185.227.71.0/24 maxlen: 24
185.234.72.0/22 maxlen: 24
185.242.224.0/22 maxlen: 24
185.242.225.0/24 maxlen: 24
193.31.30.0/24 maxlen: 24
193.34.76.0/22 maxlen: 24
193.34.77.0/24 maxlen: 24
193.221.192.0/22 maxlen: 24
194.50.16.0/22 maxlen: 24
194.56.224.0/22 maxlen: 24
212.107.12.0/22 maxlen: 24
212.107.14.0/24 maxlen: 24
2a0b:b82::/44 maxlen: 44
2a0b:b84::/32 maxlen: 32
2a0b:b85::/32 maxlen: 32
2a0b:b86::/40 maxlen: 48
2a0b:b86:100::/40 maxlen: 48
2a0b:b86:fff0::/44 maxlen: 44
2a0b:b87:ff12::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b87:ffc0::/44 maxlen: 44
2a0b:b87:ffd2::/48 maxlen: 48
2a0b:b87:ffda::/48 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0b:b87:fff0::/44 maxlen: 44
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:7080:10::/48 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:7080:20::/48 maxlen: 48
2a0b:7080:30::/44 maxlen: 48
2a0b:7086:fff0::/44 maxlen: 44
2a0b:7087:fff0::/44 maxlen: 44
2a0d:77c0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:37:ec:d7:42:b5:20:14:6b:56:56:ac:a3:80:f6:ea:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Feb 24 12:27:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=66cb533fd0b4b7ea3fa898efdb8cd2a446674672
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:87:18:fe:2a:13:54:c0:2d:40:7c:78:d9:b0:
e4:4c:59:b2:3f:a1:15:2a:23:9f:d8:51:9a:4b:77:
ce:2a:38:f1:5a:02:67:bb:90:f3:00:fd:79:cd:1d:
c1:3d:9e:e9:91:ac:a1:6c:21:38:ec:01:74:ea:81:
6d:de:12:09:86:ca:65:c4:27:0e:db:24:43:82:e1:
57:66:74:b8:a6:48:91:a3:bf:3c:34:2e:19:eb:a5:
43:13:2c:46:d3:b7:a4:40:fd:88:ac:d6:b3:af:47:
66:7d:fc:2d:ff:75:f0:19:cb:e2:45:b5:ab:19:2b:
da:58:4b:3d:05:1f:10:c8:6d:26:85:6d:11:5f:47:
20:73:93:cd:d1:3e:b2:ae:d5:0b:ce:09:36:42:1d:
d9:8d:7a:a4:02:03:0f:de:3f:25:5e:61:a8:49:a3:
83:5d:63:6f:f1:bb:de:5c:f0:4d:44:56:01:e7:68:
00:33:c3:06:fb:4b:9f:be:b0:50:45:2b:05:c8:00:
fb:f7:86:36:5b:aa:8b:a6:93:76:8a:1f:f3:a0:b1:
fb:a5:c9:fd:85:be:21:6b:17:46:21:d5:a7:bf:76:
21:25:20:85:49:d0:b1:7b:1c:97:5e:c4:05:7e:d4:
4e:2e:e2:74:bf:1e:db:d6:cc:3b:d1:0d:9d:b3:42:
f8:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:CB:53:3F:D0:B4:B7:EA:3F:A8:98:EF:DB:8C:D2:A4:46:67:46:72
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/ZstTP9C0t-o_qJjv24zSpEZnRnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
5.182.48.0/24
45.81.20.0/22
45.140.220.0/22
77.83.240.0/22
78.108.217.0/24
83.143.116.0/22
85.202.160.0/22
89.190.156.0/22
178.218.144.0/22
185.185.40.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.30.0/24
193.34.76.0/22
193.221.192.0/22
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::-2a0b:b86:1ff:ffff:ffff:ffff:ffff:ffff
2a0b:b86:fff0::/44
2a0b:b87:ff12::/48
2a0b:b87:ffb4::/48
2a0b:b87:ffc0::/44
2a0b:b87:ffd2::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0b:7086:fff0::/44
2a0b:7087:fff0::/44
2a0d:77c0::/29
Signature Algorithm: sha256WithRSAEncryption
b8:7e:75:7f:3a:de:82:bd:09:f3:45:9f:88:e8:51:e1:44:23:
ab:5a:80:6e:5b:f2:5a:bc:73:b4:f2:77:20:5a:0e:1f:9c:bd:
b0:01:59:29:8f:c9:c6:ac:78:54:ee:a5:99:ba:54:e4:20:b2:
de:49:84:77:37:48:cf:5b:35:89:3b:dc:3e:e1:d3:00:3d:99:
e0:4e:85:f7:5d:04:18:ca:9d:2e:fd:47:9d:46:e9:49:41:61:
b5:53:ba:e1:82:45:44:57:a6:91:50:14:dd:ff:a4:74:86:d4:
01:98:34:8f:19:32:88:a2:0b:a3:12:d6:74:c3:53:3e:3a:37:
f3:b6:31:c8:6d:d0:33:ab:e4:34:c8:de:ae:a3:a3:73:72:35:
fc:b2:b8:fa:5e:cd:54:bd:ce:69:b1:ef:77:9b:fc:bb:07:6c:
60:ac:32:56:ba:1c:be:61:92:53:95:c1:5c:43:4b:c8:a5:2b:
50:48:c9:f9:54:3e:9d:d5:8d:75:e2:b8:e6:44:75:e9:ae:8d:
33:91:46:d3:05:2b:cc:d4:45:5e:00:3e:12:d4:f7:45:a1:64:
94:69:a6:14:60:59:88:47:37:bf:2e:66:b8:de:4a:2d:6e:f1:
4a:3a:f5:a6:25:dd:d3:ce:de:c1:5f:76:7b:9b:35:70:26:e3:
80:e8:c9:97
-----BEGIN CERTIFICATE-----
MIIGFTCCBP2gAwIBAgISAZU37NdCtSAUa1ZWrKOA9uofMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUwMjI0MTIyNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmNiNTMzZmQwYjRiN2VhM2ZhODk4ZWZkYjhjZDJhNDQ2Njc0NjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIcY/ioTVMAtQHx42bDkTFmyP6EV
KiOf2FGaS3fOKjjxWgJnu5DzAP15zR3BPZ7pkayhbCE47AF06oFt3hIJhsplxCcO
2yRDguFXZnS4pkiRo788NC4Z66VDEyxG07ekQP2IrNazr0dmffwt/3XwGcviRbWr
GSvaWEs9BR8QyG0mhW0RX0cgc5PN0T6yrtULzgk2Qh3ZjXqkAgMP3j8lXmGoSaOD
XWNv8bveXPBNRFYB52gAM8MG+0ufvrBQRSsFyAD794Y2W6qLppN2ih/zoLH7pcn9
hb4haxdGIdWnv3YhJSCFSdCxexyXXsQFftROLuJ0vx7b1sw70Q2ds0L4VwIDAQAB
o4IDITCCAx0wHQYDVR0OBBYEFGbLUz/QtLfqP6iY79uM0qRGZ0ZyMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvWnN0VFA5QzB0LW9fcUpqdjI0elNwRVpuUm5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNQYIKwYBBQUHAQcBAf8EggEkMIIBIDCBhAQCAAEwfgME
AgI4pAMEAAW2MAMEAi1RFAMEAi2M3AMEAk1T8AMEAE5s2QMEAlOPdAMEAlXKoAME
Alm+nAMEArLakAMEArm5KAMEArm6QAMEArnjRAMEArnqSAMEArny4AMEAMEfHgME
AsEiTAMEAsHdwAMEAsIyEAMEAsI44AMEAtRrDDCBlgQCAAIwgY8DBwQqCwuCAAAw
DwMFAioLC4QDBgEqCwuGAAMHBCoLC4b/8AMHACoLC4f/EgMHACoLC4f/tAMHBCoL
C4f/wAMHACoLC4f/0gMHACoLC4f/2gMHACoLC4f/7AMHBCoLC4f/8DASAwcEKgtw
gAAQAwcGKgtwgAAAAwcEKgtwhv/wAwcEKgtwh//wAwUDKg13wDANBgkqhkiG9w0B
AQsFAAOCAQEAuH51fzregr0J80WfiOhR4UQjq1qAblvyWrxztPJ3IFoOH5y9sAFZ
KY/Jxqx4VO6lmbpU5CCy3kmEdzdIz1s1iTvcPuHTAD2Z4E6F910EGMqdLv1HnUbp
SUFhtVO64YJFRFemkVAU3f+kdIbUAZg0jxkyiKILoxLWdMNTPjo387YxyG3QM6vk
NMjerqOjc3I1/LK4+l7NVL3OabHvd5v8uwdsYKwyVrocvmGSU5XBXENLyKUrUEjJ
+VQ+ndWNdeK45kR16a6NM5FG0wUrzNRFXgA+EtT3RaFklGmmFGBZiEc3vy5muN5K
LW7xSjr1piXd087ewV92e5s1cCbjgOjJlw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:44:11 2025 by rpki-client