Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Alcw5bqlDy76iV6c7S-O4-OARxU.roa
File: Alcw5bqlDy76iV6c7S-O4-OARxU.roa (raw, json)
Hash identifier: 6PM7jMBzQWTA4t/Nn+DwFnlxCf+V4o07GoBa6fjtRkI=
Subject key identifier: 02:57:30:E5:BA:A5:0F:2E:FA:89:5E:9C:ED:2F:8E:E3:E3:80:47:15
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 0196F76AD32F8C41C24E441BBB39F1254BBB
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Alcw5bqlDy76iV6c7S-O4-OARxU.roa
Signing time: Thu 22 May 2025 09:54:55 +0000
ROA not before: Thu 22 May 2025 09:54:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21267
IP address blocks: 5.39.176.0/21 maxlen: 24
5.159.208.0/21 maxlen: 24
5.181.72.0/22 maxlen: 24
31.192.96.0/21 maxlen: 24
45.8.100.0/22 maxlen: 24
45.132.108.0/22 maxlen: 24
45.137.44.0/22 maxlen: 24
80.74.240.0/21 maxlen: 24
80.74.248.0/21 maxlen: 24
80.87.16.0/20 maxlen: 24
83.150.252.0/22 maxlen: 24
85.95.96.0/19 maxlen: 24
87.236.128.0/21 maxlen: 24
88.151.152.0/21 maxlen: 24
89.38.120.0/21 maxlen: 24
91.143.64.0/20 maxlen: 24
92.42.120.0/21 maxlen: 24
93.115.176.0/20 maxlen: 24
94.142.168.0/21 maxlen: 24
95.129.64.0/21 maxlen: 24
176.58.0.0/21 maxlen: 24
185.52.144.0/22 maxlen: 24
185.79.184.0/22 maxlen: 24
185.90.0.0/22 maxlen: 24
185.94.204.0/22 maxlen: 24
185.99.76.0/22 maxlen: 24
185.145.88.0/22 maxlen: 24
185.178.216.0/22 maxlen: 24
185.178.218.0/24 maxlen: 24
185.178.219.0/24 maxlen: 24
185.182.200.0/23 maxlen: 24
185.204.212.0/22 maxlen: 24
185.229.4.0/22 maxlen: 24
185.246.132.0/22 maxlen: 24
185.247.200.0/22 maxlen: 24
185.248.252.0/24 maxlen: 24
185.248.253.0/24 maxlen: 24
185.248.254.0/24 maxlen: 24
185.248.255.0/24 maxlen: 24
188.94.16.0/21 maxlen: 24
188.94.19.0/24 maxlen: 24
188.94.21.0/24 maxlen: 24
193.24.3.0/24 maxlen: 24
193.24.6.0/24 maxlen: 24
193.24.13.0/24 maxlen: 24
193.24.31.0/24 maxlen: 24
195.26.32.0/19 maxlen: 24
195.88.8.0/23 maxlen: 24
212.11.68.0/22 maxlen: 24
212.11.72.0/22 maxlen: 24
217.145.128.0/20 maxlen: 24
2a00:f1c0::/32 maxlen: 32
2a0d:7680::/29 maxlen: 29
2a0e:a1c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Jun 2025 18:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f7:6a:d3:2f:8c:41:c2:4e:44:1b:bb:39:f1:25:4b:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: May 22 09:54:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=025730e5baa50f2efa895e9ced2f8ee3e3804715
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:12:bf:6e:4f:37:14:5b:70:0c:59:ec:ce:60:
32:71:6e:8e:d7:55:59:95:52:a5:b1:05:50:a9:ad:
3e:d8:76:8c:1a:ad:f6:bb:7c:73:4b:5e:d4:75:9f:
65:be:55:24:70:c0:fa:9d:ae:2b:60:2a:9b:c9:a8:
3b:59:cf:57:59:1c:e3:c6:0b:71:cd:c0:72:fe:9f:
53:ec:c9:e5:d0:2c:ef:6d:89:4c:97:8e:aa:c4:f6:
4c:25:1f:e5:08:eb:50:54:44:32:3b:4c:2b:e0:27:
8b:dd:57:52:0e:83:d2:7e:0a:91:8b:94:6f:ab:0c:
13:95:84:d7:77:28:6e:df:be:7f:a9:89:10:32:ba:
3e:dd:0e:48:ae:ab:49:b1:b3:f3:c4:dc:0b:5f:56:
ea:5d:45:c2:16:58:94:e1:8e:1d:59:6d:53:f8:67:
46:ed:90:72:d0:ee:89:87:67:b0:19:7d:c3:14:51:
6a:c6:58:f5:77:b7:c2:a9:a7:62:ba:4f:e0:73:91:
91:17:3f:71:09:f2:d0:94:8d:8d:90:21:f5:73:ae:
59:d2:78:87:c3:16:76:f0:08:72:49:6d:69:5b:24:
c4:48:3b:fb:24:b5:01:3c:79:20:9a:67:7d:77:cf:
9d:a1:54:f0:02:4f:da:41:a3:d7:d9:3c:9c:dc:e2:
78:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:57:30:E5:BA:A5:0F:2E:FA:89:5E:9C:ED:2F:8E:E3:E3:80:47:15
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Alcw5bqlDy76iV6c7S-O4-OARxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.176.0/21
5.159.208.0/21
5.181.72.0/22
31.192.96.0/21
45.8.100.0/22
45.132.108.0/22
45.137.44.0/22
80.74.240.0/20
80.87.16.0/20
83.150.252.0/22
85.95.96.0/19
87.236.128.0/21
88.151.152.0/21
89.38.120.0/21
91.143.64.0/20
92.42.120.0/21
93.115.176.0/20
94.142.168.0/21
95.129.64.0/21
176.58.0.0/21
185.52.144.0/22
185.79.184.0/22
185.90.0.0/22
185.94.204.0/22
185.99.76.0/22
185.145.88.0/22
185.178.216.0/22
185.182.200.0/23
185.204.212.0/22
185.229.4.0/22
185.246.132.0/22
185.247.200.0/22
185.248.252.0/22
188.94.16.0/21
193.24.3.0/24
193.24.6.0/24
193.24.13.0/24
193.24.31.0/24
195.26.32.0/19
195.88.8.0/23
212.11.68.0-212.11.75.255
217.145.128.0/20
IPv6:
2a00:f1c0::/32
2a0d:7680::/29
2a0e:a1c0::/29
Signature Algorithm: sha256WithRSAEncryption
2f:ed:00:1b:32:b5:51:4d:fb:c6:d4:de:f1:81:5f:3c:9a:65:
5d:d6:d1:a7:63:16:a6:f3:bc:a4:cb:28:72:ec:c0:11:17:1f:
a0:df:07:c6:0b:b1:30:9e:77:2a:9f:b9:28:af:49:3f:02:82:
67:06:f1:c4:30:78:6d:5e:bf:b7:21:89:78:3e:da:ac:77:0b:
07:9a:58:0c:d0:48:51:85:ea:0c:8e:59:9a:5f:a5:ae:50:e1:
c1:e8:fd:e9:42:cb:65:e7:58:7a:a6:92:67:24:7e:61:60:2a:
22:fd:f0:7d:6d:90:3f:3b:c1:32:15:28:32:32:53:25:af:cc:
d0:bb:eb:d1:65:4e:5b:99:41:0e:be:58:b6:e4:3d:9c:54:92:
a6:e5:04:55:d5:42:0e:86:8b:4d:20:fb:2e:eb:2b:5a:10:ae:
b7:b3:7a:e8:b7:51:78:e2:cd:84:8f:7b:d9:2f:94:f5:b5:0e:
ea:46:b5:e6:37:f7:19:01:6f:db:68:a0:c9:07:58:06:ed:24:
ad:95:29:2f:94:d9:d6:52:d3:ff:20:83:f2:2f:65:bb:0f:39:
70:9e:cd:48:b1:28:65:eb:52:14:1e:70:76:85:2c:41:92:37:
3e:2f:46:16:09:f6:c5:f9:13:3d:54:0f:28:e5:a1:6c:69:32:
e3:a3:17:43
-----BEGIN CERTIFICATE-----
MIIGIjCCBQqgAwIBAgISAZb3atMvjEHCTkQbuznxJUu7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjUwNTIyMDk1NDU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjU3MzBlNWJhYTUwZjJlZmE4OTVlOWNlZDJmOGVlM2UzODA0NzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3RK/bk83FFtwDFnszmAycW6O11VZ
lVKlsQVQqa0+2HaMGq32u3xzS17UdZ9lvlUkcMD6na4rYCqbyag7Wc9XWRzjxgtx
zcBy/p9T7Mnl0CzvbYlMl46qxPZMJR/lCOtQVEQyO0wr4CeL3VdSDoPSfgqRi5Rv
qwwTlYTXdyhu375/qYkQMro+3Q5IrqtJsbPzxNwLX1bqXUXCFliU4Y4dWW1T+GdG
7ZBy0O6Jh2ewGX3DFFFqxlj1d7fCqadiuk/gc5GRFz9xCfLQlI2NkCH1c65Z0niH
wxZ28AhySW1pWyTESDv7JLUBPHkgmmd9d8+doVTwAk/aQaPX2Tyc3OJ4UwIDAQAB
o4IDLjCCAyowHQYDVR0OBBYEFAJXMOW6pQ8u+olenO0vjuPjgEcVMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvQWxjdzVicWxEeTc2aVY2YzdTLU80LU9BUnhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQgYIKwYBBQUHAQcBAf8EggExMIIBLTCCAQwEAgABMIIB
BAMEAwUnsAMEAwWf0AMEAgW1SAMEAx/AYAMEAi0IZAMEAi2EbAMEAi2JLAMEBFBK
8AMEBFBXEAMEAlOW/AMEBVVfYAMEA1fsgAMEA1iXmAMEA1kmeAMEBFuPQAMEA1wq
eAMEBF1zsAMEA16OqAMEA1+BQAMEA7A6AAMEArk0kAMEArlPuAMEArlaAAMEArle
zAMEArljTAMEArmRWAMEArmy2AMEAbm2yAMEArnM1AMEArnlBAMEArn2hAMEArn3
yAMEArn4/AMEA7xeEAMEAMEYAwMEAMEYBgMEAMEYDQMEAMEYHwMEBcMaIAMEAcNY
CDAMAwQC1AtEAwQC1AtIAwQE2ZGAMBsEAgACMBUDBQAqAPHAAwUDKg12gAMFAyoO
ocAwDQYJKoZIhvcNAQELBQADggEBAC/tABsytVFN+8bU3vGBXzyaZV3W0adjFqbz
vKTLKHLswBEXH6DfB8YLsTCedyqfuSivST8CgmcG8cQweG1ev7chiXg+2qx3Cwea
WAzQSFGF6gyOWZpfpa5Q4cHo/elCy2XnWHqmkmckfmFgKiL98H1tkD87wTIVKDIy
UyWvzNC769FlTluZQQ6+WLbkPZxUkqblBFXVQg6Gi00g+y7rK1oQrrezeui3UXji
zYSPe9kvlPW1DupGteY39xkBb9tooMkHWAbtJK2VKS+U2dZS0/8gg/IvZbsPOXCe
zUixKGXrUhQecHaFLEGSNz4vRhYJ9sX5Ez1UDyjloWxpMuOjF0M=
-----END CERTIFICATE-----
Generated at Fri Jun 13 01:39:08 2025 by rpki-client