Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/_yaRWKQore09CbEErpN_FgHQPhc.roa
File: _yaRWKQore09CbEErpN_FgHQPhc.roa (raw, json)
Hash identifier: RuPIlt5lsERx8xuXt7lkMjrjF3MzK1DhPyDwaqZbCeA=
Subject key identifier: FF:26:91:58:A4:28:AD:ED:3D:09:B1:04:AE:93:7F:16:01:D0:3E:17
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 019619DCA283CC675C8726E6FBBAD6F7E8F5
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/_yaRWKQore09CbEErpN_FgHQPhc.roa
Signing time: Wed 09 Apr 2025 09:23:31 +0000
ROA not before: Wed 09 Apr 2025 09:23:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
5.182.48.0/24 maxlen: 24
45.81.20.0/22 maxlen: 24
45.140.220.0/22 maxlen: 24
77.83.240.0/22 maxlen: 24
77.83.243.0/24 maxlen: 24
78.108.217.0/24 maxlen: 24
83.143.116.0/22 maxlen: 24
83.143.116.0/24 maxlen: 24
85.202.160.0/22 maxlen: 24
89.190.156.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
185.185.40.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
185.227.68.0/22 maxlen: 24
185.227.71.0/24 maxlen: 24
185.234.72.0/22 maxlen: 24
185.242.224.0/22 maxlen: 24
185.242.225.0/24 maxlen: 24
193.31.30.0/24 maxlen: 24
193.34.76.0/22 maxlen: 24
193.34.77.0/24 maxlen: 24
193.221.192.0/22 maxlen: 24
194.31.143.0/24 maxlen: 24
194.50.16.0/22 maxlen: 24
194.56.224.0/22 maxlen: 24
212.107.12.0/22 maxlen: 24
212.107.14.0/24 maxlen: 24
2a0b:b82::/44 maxlen: 44
2a0b:b84::/32 maxlen: 32
2a0b:b85::/32 maxlen: 32
2a0b:b86::/40 maxlen: 48
2a0b:b86:100::/40 maxlen: 48
2a0b:b86:fff0::/44 maxlen: 44
2a0b:b87:ff12::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b87:ffc0::/44 maxlen: 44
2a0b:b87:ffd2::/48 maxlen: 48
2a0b:b87:ffda::/48 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0b:b87:fff0::/44 maxlen: 44
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:7080:10::/48 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:7080:20::/48 maxlen: 48
2a0b:7080:30::/44 maxlen: 48
2a0b:7086:fff0::/44 maxlen: 44
2a0b:7087:fff0::/44 maxlen: 44
2a0d:77c0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 14:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:19:dc:a2:83:cc:67:5c:87:26:e6:fb:ba:d6:f7:e8:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Apr 9 09:23:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff269158a428aded3d09b104ae937f1601d03e17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:12:9c:8c:32:5f:53:55:c7:b0:48:ad:eb:a3:
e0:e5:2d:38:a0:17:b1:ad:12:6f:e2:74:9d:5d:af:
cd:69:d3:79:d2:96:4a:5f:50:1e:77:cb:53:58:52:
6e:8d:4a:b8:a7:ad:3e:19:56:a1:cd:f6:b4:be:48:
67:92:92:48:cf:e6:35:10:fb:6f:e9:3a:ae:fd:6f:
69:ac:ea:cf:c5:b0:3d:18:09:0d:60:5c:5e:57:73:
12:33:dd:97:3c:02:7a:67:a1:90:e4:09:19:85:2d:
02:b7:36:ca:b8:b6:95:3c:45:87:67:cc:4b:6e:c1:
9e:29:4d:29:32:c6:8a:c3:92:6b:ef:ee:32:ba:3f:
ab:ac:fd:c2:e1:09:14:de:18:39:c9:c3:81:a3:7e:
9f:d3:57:26:2f:70:8a:d6:2c:00:04:2a:b1:08:fb:
66:c5:e8:3f:64:70:c3:32:8e:68:a7:b3:e4:32:6b:
66:40:f9:7d:3f:5a:1e:43:bc:8f:28:7a:af:47:98:
6d:1b:7e:5d:a3:52:36:15:e0:ca:a2:e9:8f:5d:0b:
69:c2:72:3a:2d:14:99:5b:83:68:04:21:bb:e1:83:
ab:b2:d0:b5:83:c2:bd:bf:7d:93:42:94:0d:b6:8f:
80:57:02:cf:e4:d9:b9:b1:f7:df:74:d5:d3:77:dd:
48:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:26:91:58:A4:28:AD:ED:3D:09:B1:04:AE:93:7F:16:01:D0:3E:17
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/_yaRWKQore09CbEErpN_FgHQPhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
5.182.48.0/24
45.81.20.0/22
45.140.220.0/22
77.83.240.0/22
78.108.217.0/24
83.143.116.0/22
85.202.160.0/22
89.190.156.0/22
178.218.144.0/22
185.185.40.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.30.0/24
193.34.76.0/22
193.221.192.0/22
194.31.143.0/24
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::-2a0b:b86:1ff:ffff:ffff:ffff:ffff:ffff
2a0b:b86:fff0::/44
2a0b:b87:ff12::/48
2a0b:b87:ffb4::/48
2a0b:b87:ffc0::/44
2a0b:b87:ffd2::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0b:7086:fff0::/44
2a0b:7087:fff0::/44
2a0d:77c0::/29
Signature Algorithm: sha256WithRSAEncryption
4d:81:92:5c:be:c9:67:ab:f8:5e:58:5e:4f:4e:0e:91:57:f0:
b7:a3:1d:16:ed:cc:9d:8a:55:a5:46:97:02:0b:b5:0e:ed:8c:
a8:ce:c5:2c:cc:cc:ae:a8:93:dd:09:cf:1b:d1:51:8c:f1:4c:
21:81:d1:48:58:ae:20:5f:44:8b:f5:cb:a5:be:93:a4:9e:33:
2c:bf:e8:67:05:34:6c:b0:b6:a5:a8:70:05:be:77:95:b1:ac:
b0:8d:49:04:46:81:82:a9:6c:06:b2:e3:7d:7a:fa:b9:12:c7:
9a:5c:6c:39:60:0c:d0:c3:d0:de:fa:2b:da:85:bd:b7:b1:cf:
17:5c:e6:65:8b:e6:1c:b3:a7:c2:75:8f:dc:aa:06:0a:56:25:
10:64:af:e8:3b:22:9a:8a:43:71:4a:3c:f6:74:58:45:47:b6:
bc:d1:46:b1:b8:9c:cd:8d:36:94:0a:14:d2:2a:10:ae:c3:51:
b5:1c:bf:b3:00:15:7c:e4:b5:52:77:62:0a:ad:a0:08:2f:aa:
32:bd:67:28:47:1e:53:5c:e8:26:eb:b9:b8:39:55:62:73:bc:
b1:4d:12:b2:33:f9:54:8f:b4:69:44:87:60:86:82:79:e4:b3:
dc:f7:98:41:8f:3e:f0:e8:28:36:25:f6:94:34:91:f1:c8:de:
8f:1a:ec:b2
-----BEGIN CERTIFICATE-----
MIIGHDCCBQSgAwIBAgISAZYZ3KKDzGdchybm+7rW9+j1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUwNDA5MDkyMzMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjI2OTE1OGE0MjhhZGVkM2QwOWIxMDRhZTkzN2YxNjAxZDAzZTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhKcjDJfU1XHsEit66Pg5S04oBex
rRJv4nSdXa/NadN50pZKX1Aed8tTWFJujUq4p60+GVahzfa0vkhnkpJIz+Y1EPtv
6Tqu/W9prOrPxbA9GAkNYFxeV3MSM92XPAJ6Z6GQ5AkZhS0CtzbKuLaVPEWHZ8xL
bsGeKU0pMsaKw5Jr7+4yuj+rrP3C4QkU3hg5ycOBo36f01cmL3CK1iwABCqxCPtm
xeg/ZHDDMo5op7PkMmtmQPl9P1oeQ7yPKHqvR5htG35do1I2FeDKoumPXQtpwnI6
LRSZW4NoBCG74YOrstC1g8K9v32TQpQNto+AVwLP5Nm5sfffdNXTd91IXwIDAQAB
o4IDKDCCAyQwHQYDVR0OBBYEFP8mkVikKK3tPQmxBK6TfxYB0D4XMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvX3lhUldLUW9yZTA5Q2JFRXJwTl9GZ0hRUGhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBPAYIKwYBBQUHAQcBAf8EggErMIIBJzCBiwQCAAEwgYQD
BAICOKQDBAAFtjADBAItURQDBAItjNwDBAJNU/ADBABObNkDBAJTj3QDBAJVyqAD
BAJZvpwDBAKy2pADBAK5uSgDBAK5ukADBAK540QDBAK56kgDBAK58uADBADBHx4D
BALBIkwDBALB3cADBADCH48DBALCMhADBALCOOADBALUawwwgZYEAgACMIGPAwcE
KgsLggAAMA8DBQIqCwuEAwYBKgsLhgADBwQqCwuG//ADBwAqCwuH/xIDBwAqCwuH
/7QDBwQqCwuH/8ADBwAqCwuH/9IDBwAqCwuH/9oDBwAqCwuH/+wDBwQqCwuH//Aw
EgMHBCoLcIAAEAMHBioLcIAAAAMHBCoLcIb/8AMHBCoLcIf/8AMFAyoNd8AwDQYJ
KoZIhvcNAQELBQADggEBAE2Bkly+yWer+F5YXk9ODpFX8LejHRbtzJ2KVaVGlwIL
tQ7tjKjOxSzMzK6ok90JzxvRUYzxTCGB0UhYriBfRIv1y6W+k6SeMyy/6GcFNGyw
tqWocAW+d5WxrLCNSQRGgYKpbAay4316+rkSx5pcbDlgDNDD0N76K9qFvbexzxdc
5mWL5hyzp8J1j9yqBgpWJRBkr+g7IpqKQ3FKPPZ0WEVHtrzRRrG4nM2NNpQKFNIq
EK7DUbUcv7MAFXzktVJ3YgqtoAgvqjK9ZyhHHlNc6Cbrubg5VWJzvLFNErIz+VSP
tGlEh2CGgnnks9z3mEGPPvDoKDYl9pQ0kfHI3o8a7LI=
-----END CERTIFICATE-----
Generated at Sat Apr 12 21:11:07 2025 by rpki-client