Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/QV9PJiaRafvQ_hgIDmO7ZnKcbY4.roa
File: QV9PJiaRafvQ_hgIDmO7ZnKcbY4.roa (raw, json)
Hash identifier: 2QXB3Kem47g74nl/LcX2OLvSfpYG+14vPRpNfDO+Mik=
Subject key identifier: 41:5F:4F:26:26:91:69:FB:D0:FE:18:08:0E:63:BB:66:72:9C:6D:8E
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 0196F76AD22AE5351F3C69124D7C2FF32E32
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/QV9PJiaRafvQ_hgIDmO7ZnKcbY4.roa
Signing time: Thu 22 May 2025 09:54:55 +0000
ROA not before: Thu 22 May 2025 09:54:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203
IP address blocks: 5.39.176.0/21 maxlen: 24
5.159.208.0/21 maxlen: 24
5.181.72.0/22 maxlen: 24
31.192.96.0/21 maxlen: 24
45.8.100.0/22 maxlen: 24
45.132.108.0/22 maxlen: 24
45.137.44.0/22 maxlen: 24
80.74.240.0/21 maxlen: 24
80.74.248.0/21 maxlen: 24
80.87.16.0/20 maxlen: 24
83.150.252.0/22 maxlen: 24
85.95.96.0/19 maxlen: 24
87.236.128.0/21 maxlen: 24
88.151.152.0/21 maxlen: 24
89.38.120.0/21 maxlen: 24
91.143.64.0/20 maxlen: 24
92.42.120.0/21 maxlen: 24
93.115.176.0/20 maxlen: 24
94.142.168.0/21 maxlen: 24
95.129.64.0/21 maxlen: 24
176.58.0.0/21 maxlen: 24
185.52.144.0/22 maxlen: 24
185.79.184.0/22 maxlen: 24
185.90.0.0/22 maxlen: 24
185.94.204.0/22 maxlen: 24
185.99.76.0/22 maxlen: 24
185.145.88.0/22 maxlen: 24
185.178.216.0/22 maxlen: 24
185.182.200.0/23 maxlen: 24
185.204.212.0/22 maxlen: 24
185.229.4.0/22 maxlen: 24
185.246.132.0/22 maxlen: 24
185.247.200.0/22 maxlen: 24
185.248.252.0/24 maxlen: 24
185.248.253.0/24 maxlen: 24
185.248.254.0/24 maxlen: 24
185.248.255.0/24 maxlen: 24
188.94.16.0/21 maxlen: 24
193.24.3.0/24 maxlen: 24
193.24.6.0/24 maxlen: 24
193.24.13.0/24 maxlen: 24
193.24.31.0/24 maxlen: 24
195.26.32.0/19 maxlen: 24
195.88.8.0/23 maxlen: 24
212.11.68.0/22 maxlen: 24
212.11.72.0/22 maxlen: 24
217.145.128.0/20 maxlen: 24
2a00:f1c0::/32 maxlen: 32
2a0d:7680::/29 maxlen: 29
2a0e:a1c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f7:6a:d2:2a:e5:35:1f:3c:69:12:4d:7c:2f:f3:2e:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: May 22 09:54:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=415f4f26269169fbd0fe18080e63bb66729c6d8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:f9:28:26:17:5b:b5:2d:aa:c3:24:f3:d6:7f:
4e:fb:bb:b1:97:5d:4f:a8:8a:78:18:37:64:29:30:
5f:e2:6a:a6:a9:cc:92:4c:60:42:46:d1:5d:0d:14:
a1:d0:2a:3b:ec:e0:91:6c:98:7d:4f:09:b3:17:92:
c1:56:ff:3f:6b:ca:17:44:ac:02:83:7d:10:a8:a5:
bc:22:d9:a6:5a:cd:d4:50:32:ff:7b:fe:87:7d:01:
d6:1b:ec:bf:0c:29:4a:86:fe:3b:b0:2e:f6:c8:7b:
bc:b2:d8:58:18:3d:c3:0b:9d:58:aa:2d:a4:4c:2d:
46:f0:55:e8:58:95:35:c5:06:a1:88:93:13:87:44:
61:e1:54:4b:7d:d8:d8:38:05:ed:46:69:bb:56:cd:
02:5c:12:b3:41:11:38:7a:c7:b5:ef:db:d9:46:29:
a1:ce:bc:d9:38:bb:84:97:7d:08:7b:6b:89:11:b8:
06:14:ba:7a:fb:c6:44:85:68:7f:20:40:0d:ae:9b:
6b:8c:14:30:be:01:23:5e:78:7d:25:3e:ed:22:0e:
a9:71:26:ae:d4:f2:53:27:eb:37:52:58:76:dd:ef:
46:3b:e7:1c:cf:3a:64:4c:df:d1:de:27:b3:1e:b3:
ee:e2:c5:f3:6b:6c:d5:8a:c5:52:e1:d2:7f:09:ab:
51:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:5F:4F:26:26:91:69:FB:D0:FE:18:08:0E:63:BB:66:72:9C:6D:8E
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/QV9PJiaRafvQ_hgIDmO7ZnKcbY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.176.0/21
5.159.208.0/21
5.181.72.0/22
31.192.96.0/21
45.8.100.0/22
45.132.108.0/22
45.137.44.0/22
80.74.240.0/20
80.87.16.0/20
83.150.252.0/22
85.95.96.0/19
87.236.128.0/21
88.151.152.0/21
89.38.120.0/21
91.143.64.0/20
92.42.120.0/21
93.115.176.0/20
94.142.168.0/21
95.129.64.0/21
176.58.0.0/21
185.52.144.0/22
185.79.184.0/22
185.90.0.0/22
185.94.204.0/22
185.99.76.0/22
185.145.88.0/22
185.178.216.0/22
185.182.200.0/23
185.204.212.0/22
185.229.4.0/22
185.246.132.0/22
185.247.200.0/22
185.248.252.0/22
188.94.16.0/21
193.24.3.0/24
193.24.6.0/24
193.24.13.0/24
193.24.31.0/24
195.26.32.0/19
195.88.8.0/23
212.11.68.0-212.11.75.255
217.145.128.0/20
IPv6:
2a00:f1c0::/32
2a0d:7680::/29
2a0e:a1c0::/29
Signature Algorithm: sha256WithRSAEncryption
40:06:79:d4:23:43:66:31:34:b2:55:a3:f9:db:72:13:a9:ab:
8b:1d:b3:6a:97:64:6c:07:30:cb:89:fd:ec:5e:d7:d5:67:11:
1f:91:2d:61:09:f9:5c:20:f6:eb:d4:90:2c:34:d4:a4:87:0f:
5d:05:28:2a:d9:4a:fa:a4:3d:64:4a:55:33:ce:11:18:36:2c:
36:d1:69:a9:32:50:83:53:b3:75:f3:d3:03:ed:43:13:ad:f0:
bd:3e:b2:71:54:11:d9:88:54:4f:35:5d:af:45:59:5b:01:c5:
ce:f5:e3:15:86:a3:2a:cb:eb:2d:01:1d:36:ea:35:6f:a8:a7:
cc:b4:6e:bf:91:7b:fb:05:76:6b:80:c6:2d:68:b1:84:58:0d:
b7:66:bd:25:7f:7e:71:8c:97:d9:10:0f:d8:bc:43:66:70:05:
85:9a:f8:19:f4:41:4d:7d:aa:6a:31:7a:6a:cd:57:d8:4d:e4:
0e:ff:d2:39:60:64:9b:40:7f:a7:b8:15:97:a1:b9:f4:1b:98:
fa:61:24:6d:48:d6:81:b3:b8:ad:98:8e:c7:69:b3:b5:78:be:
1c:ca:8c:ff:92:50:3b:57:05:51:d0:17:0d:10:4e:0c:7f:7e:
52:fa:d9:82:60:f1:82:19:76:b7:15:25:44:d2:4c:e1:ef:c4:
35:57:d8:30
-----BEGIN CERTIFICATE-----
MIIGIjCCBQqgAwIBAgISAZb3atIq5TUfPGkSTXwv8y4yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjUwNTIyMDk1NDU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTVmNGYyNjI2OTE2OWZiZDBmZTE4MDgwZTYzYmI2NjcyOWM2ZDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/koJhdbtS2qwyTz1n9O+7uxl11P
qIp4GDdkKTBf4mqmqcySTGBCRtFdDRSh0Co77OCRbJh9TwmzF5LBVv8/a8oXRKwC
g30QqKW8ItmmWs3UUDL/e/6HfQHWG+y/DClKhv47sC72yHu8sthYGD3DC51Yqi2k
TC1G8FXoWJU1xQahiJMTh0Rh4VRLfdjYOAXtRmm7Vs0CXBKzQRE4ese179vZRimh
zrzZOLuEl30Ie2uJEbgGFLp6+8ZEhWh/IEANrptrjBQwvgEjXnh9JT7tIg6pcSau
1PJTJ+s3Ulh23e9GO+cczzpkTN/R3iezHrPu4sXza2zVisVS4dJ/CatRjwIDAQAB
o4IDLjCCAyowHQYDVR0OBBYEFEFfTyYmkWn70P4YCA5ju2ZynG2OMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvUVY5UEppYVJhZnZRX2hnSURtTzdabktjYlk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQgYIKwYBBQUHAQcBAf8EggExMIIBLTCCAQwEAgABMIIB
BAMEAwUnsAMEAwWf0AMEAgW1SAMEAx/AYAMEAi0IZAMEAi2EbAMEAi2JLAMEBFBK
8AMEBFBXEAMEAlOW/AMEBVVfYAMEA1fsgAMEA1iXmAMEA1kmeAMEBFuPQAMEA1wq
eAMEBF1zsAMEA16OqAMEA1+BQAMEA7A6AAMEArk0kAMEArlPuAMEArlaAAMEArle
zAMEArljTAMEArmRWAMEArmy2AMEAbm2yAMEArnM1AMEArnlBAMEArn2hAMEArn3
yAMEArn4/AMEA7xeEAMEAMEYAwMEAMEYBgMEAMEYDQMEAMEYHwMEBcMaIAMEAcNY
CDAMAwQC1AtEAwQC1AtIAwQE2ZGAMBsEAgACMBUDBQAqAPHAAwUDKg12gAMFAyoO
ocAwDQYJKoZIhvcNAQELBQADggEBAEAGedQjQ2YxNLJVo/nbchOpq4sds2qXZGwH
MMuJ/exe19VnER+RLWEJ+Vwg9uvUkCw01KSHD10FKCrZSvqkPWRKVTPOERg2LDbR
aakyUINTs3Xz0wPtQxOt8L0+snFUEdmIVE81Xa9FWVsBxc714xWGoyrL6y0BHTbq
NW+op8y0br+Re/sFdmuAxi1osYRYDbdmvSV/fnGMl9kQD9i8Q2ZwBYWa+Bn0QU19
qmoxemrNV9hN5A7/0jlgZJtAf6e4FZehufQbmPphJG1I1oGzuK2Yjsdps7V4vhzK
jP+SUDtXBVHQFw0QTgx/flL62YJg8YIZdrcVJUTSTOHvxDVX2DA=
-----END CERTIFICATE-----
Generated at Fri Jun 6 12:15:09 2025 by rpki-client