Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/qDEIt49JLY1H1gFAAbmQ8aaWUYI.roa
File: qDEIt49JLY1H1gFAAbmQ8aaWUYI.roa (raw, json)
Hash identifier: xIlEw0FiUYRvplwXdUlAk/D6XIj861qLM1Kz3WS/HKs=
Subject key identifier: A8:31:08:B7:8F:49:2D:8D:47:D6:01:40:01:B9:90:F1:A6:96:51:82
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 0195D1D5BA5DD8DD30F56E7C7507C67BFB7D
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/qDEIt49JLY1H1gFAAbmQ8aaWUYI.roa
Signing time: Wed 26 Mar 2025 09:43:19 +0000
ROA not before: Wed 26 Mar 2025 09:43:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3356
IP address blocks: 5.159.208.0/21 maxlen: 24
5.181.72.0/22 maxlen: 24
31.192.96.0/21 maxlen: 24
45.8.100.0/22 maxlen: 24
45.132.108.0/22 maxlen: 24
45.137.44.0/22 maxlen: 24
80.74.240.0/21 maxlen: 24
80.74.248.0/21 maxlen: 24
83.150.252.0/22 maxlen: 24
85.95.96.0/19 maxlen: 24
92.42.120.0/21 maxlen: 24
95.129.64.0/21 maxlen: 24
176.58.0.0/21 maxlen: 24
185.79.184.0/22 maxlen: 24
185.90.0.0/22 maxlen: 24
185.94.204.0/22 maxlen: 24
185.99.76.0/22 maxlen: 24
185.145.88.0/22 maxlen: 24
185.178.216.0/22 maxlen: 24
185.182.200.0/23 maxlen: 24
185.204.212.0/22 maxlen: 24
185.229.4.0/22 maxlen: 24
185.246.132.0/22 maxlen: 24
185.247.200.0/22 maxlen: 24
185.248.252.0/24 maxlen: 24
185.248.253.0/24 maxlen: 24
185.248.254.0/24 maxlen: 24
185.248.255.0/24 maxlen: 24
188.94.16.0/21 maxlen: 24
193.24.3.0/24 maxlen: 24
193.24.6.0/24 maxlen: 24
193.24.13.0/24 maxlen: 24
193.24.31.0/24 maxlen: 24
195.26.32.0/19 maxlen: 24
195.88.8.0/23 maxlen: 24
212.11.68.0/22 maxlen: 24
212.11.72.0/22 maxlen: 24
217.145.128.0/20 maxlen: 24
2a00:f1c0::/32 maxlen: 32
2a0d:7680::/29 maxlen: 29
2a0e:a1c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 21:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d1:d5:ba:5d:d8:dd:30:f5:6e:7c:75:07:c6:7b:fb:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Mar 26 09:43:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a83108b78f492d8d47d6014001b990f1a6965182
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3f:99:5e:4a:1c:46:3e:05:bc:e9:81:76:8e:
93:74:66:9f:0b:85:ce:83:e8:ac:37:e0:6c:a0:26:
ba:b3:5c:fa:2a:be:4c:70:f8:bd:5e:a9:00:f1:5b:
ac:c7:2f:ae:63:6a:f8:50:3f:f8:78:26:b1:45:9e:
ad:bb:60:82:b4:7d:29:cf:57:01:7b:00:8c:46:47:
13:91:6e:24:aa:e0:e6:7b:48:e2:d5:f5:8a:0e:98:
d0:12:67:b3:a3:56:86:a0:c6:96:97:e3:e9:bd:58:
63:80:66:16:01:19:d6:18:5d:69:54:90:29:57:a3:
18:6e:15:50:49:0a:17:20:f9:b0:6a:69:18:76:00:
81:77:2d:44:8e:fe:f7:4d:3b:40:ca:24:9d:ca:f3:
97:b7:66:08:86:72:bd:12:4b:85:03:fa:bf:0a:9e:
d2:14:8a:7c:96:b7:22:10:d9:7f:8f:39:54:09:56:
da:6c:7e:b5:3d:a0:02:96:5e:b0:d3:47:1b:37:2e:
6e:a5:ca:d4:d9:a1:24:f3:e0:61:35:6b:3d:66:43:
56:e0:3a:66:10:84:44:28:ed:55:19:94:fc:d7:11:
e9:8e:12:74:5b:06:51:75:a4:f8:18:09:9c:19:dd:
81:d3:31:a1:38:64:3e:aa:8b:67:0f:b6:9f:b6:ab:
7c:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:31:08:B7:8F:49:2D:8D:47:D6:01:40:01:B9:90:F1:A6:96:51:82
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/qDEIt49JLY1H1gFAAbmQ8aaWUYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.208.0/21
5.181.72.0/22
31.192.96.0/21
45.8.100.0/22
45.132.108.0/22
45.137.44.0/22
80.74.240.0/20
83.150.252.0/22
85.95.96.0/19
92.42.120.0/21
95.129.64.0/21
176.58.0.0/21
185.79.184.0/22
185.90.0.0/22
185.94.204.0/22
185.99.76.0/22
185.145.88.0/22
185.178.216.0/22
185.182.200.0/23
185.204.212.0/22
185.229.4.0/22
185.246.132.0/22
185.247.200.0/22
185.248.252.0/22
188.94.16.0/21
193.24.3.0/24
193.24.6.0/24
193.24.13.0/24
193.24.31.0/24
195.26.32.0/19
195.88.8.0/23
212.11.68.0-212.11.75.255
217.145.128.0/20
IPv6:
2a00:f1c0::/32
2a0d:7680::/29
2a0e:a1c0::/29
Signature Algorithm: sha256WithRSAEncryption
59:f9:c8:bc:6d:81:56:2a:af:1a:6b:89:c5:47:e7:3d:80:97:
ad:21:6b:ef:4b:7f:6b:5b:89:0e:e1:d3:b7:0f:92:2a:18:fe:
98:fb:f2:c2:c9:33:d7:d2:8d:b8:94:ac:84:16:01:4b:01:c4:
78:f1:b0:04:76:1d:04:a4:39:4b:16:a3:a2:19:91:7d:1b:47:
5e:f8:5d:0b:23:8e:92:a1:87:e4:63:47:97:8c:4b:68:b5:c7:
7b:69:2c:11:45:5b:65:08:7c:ff:6c:5f:1f:60:03:46:e1:dd:
91:99:72:fa:cf:16:1b:f2:1e:72:f5:2a:9e:ce:87:ef:49:08:
b7:28:98:19:55:3c:c3:3e:86:35:d5:3d:57:2c:52:ba:29:ad:
b4:fe:66:f3:a7:96:14:16:13:ed:22:87:04:c2:12:70:9b:dc:
8b:e4:b5:e0:03:5f:ae:53:1c:12:71:99:46:1c:5d:a1:07:f5:
a7:10:d3:35:37:8e:ca:d6:97:32:e9:27:c5:b5:4a:70:1e:8a:
fc:59:e6:8e:c3:8c:d5:01:a1:a4:6c:48:52:4a:46:0b:19:db:
0d:9d:c5:00:f0:45:c4:d0:8e:86:65:af:e1:f8:8f:0d:2c:9a:
66:d3:c3:02:cd:78:b9:b2:4d:a4:e5:40:b3:12:e0:ff:c3:34:
60:98:0f:71
-----BEGIN CERTIFICATE-----
MIIF6DCCBNCgAwIBAgISAZXR1bpd2N0w9W58dQfGe/t9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjUwMzI2MDk0MzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODMxMDhiNzhmNDkyZDhkNDdkNjAxNDAwMWI5OTBmMWE2OTY1MTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsD+ZXkocRj4FvOmBdo6TdGafC4XO
g+isN+BsoCa6s1z6Kr5McPi9XqkA8Vusxy+uY2r4UD/4eCaxRZ6tu2CCtH0pz1cB
ewCMRkcTkW4kquDme0ji1fWKDpjQEmezo1aGoMaWl+PpvVhjgGYWARnWGF1pVJAp
V6MYbhVQSQoXIPmwamkYdgCBdy1Ejv73TTtAyiSdyvOXt2YIhnK9EkuFA/q/Cp7S
FIp8lrciENl/jzlUCVbabH61PaACll6w00cbNy5upcrU2aEk8+BhNWs9ZkNW4Dpm
EIREKO1VGZT81xHpjhJ0WwZRdaT4GAmcGd2B0zGhOGQ+qotnD7aftqt8UQIDAQAB
o4IC9DCCAvAwHQYDVR0OBBYEFKgxCLePSS2NR9YBQAG5kPGmllGCMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvcURFSXQ0OUpMWTFIMWdGQUFibVE4YWFXVVlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCAYIKwYBBQUHAQcBAf8EgfgwgfUwgdUEAgABMIHOAwQD
BZ/QAwQCBbVIAwQDH8BgAwQCLQhkAwQCLYRsAwQCLYksAwQEUErwAwQCU5b8AwQF
VV9gAwQDXCp4AwQDX4FAAwQDsDoAAwQCuU+4AwQCuVoAAwQCuV7MAwQCuWNMAwQC
uZFYAwQCubLYAwQBubbIAwQCuczUAwQCueUEAwQCufaEAwQCuffIAwQCufj8AwQD
vF4QAwQAwRgDAwQAwRgGAwQAwRgNAwQAwRgfAwQFwxogAwQBw1gIMAwDBALUC0QD
BALUC0gDBATZkYAwGwQCAAIwFQMFACoA8cADBQMqDXaAAwUDKg6hwDANBgkqhkiG
9w0BAQsFAAOCAQEAWfnIvG2BViqvGmuJxUfnPYCXrSFr70t/a1uJDuHTtw+SKhj+
mPvywskz19KNuJSshBYBSwHEePGwBHYdBKQ5SxajohmRfRtHXvhdCyOOkqGH5GNH
l4xLaLXHe2ksEUVbZQh8/2xfH2ADRuHdkZly+s8WG/IecvUqns6H70kItyiYGVU8
wz6GNdU9VyxSuimttP5m86eWFBYT7SKHBMIScJvci+S14ANfrlMcEnGZRhxdoQf1
pxDTNTeOytaXMuknxbVKcB6K/FnmjsOM1QGhpGxIUkpGCxnbDZ3FAPBFxNCOhmWv
4fiPDSyaZtPDAs14ubJNpOVAsxLg/8M0YJgPcQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:49:13 2025 by rpki-client