Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/StWwJRIdLVG2AMr41LeqT3VLiMY.roa
File: StWwJRIdLVG2AMr41LeqT3VLiMY.roa (raw, json)
Hash identifier: eHQmJVkUkkZ8vtMtrgklqHvKfJQIUIWoCE0Hf2r79IE=
Subject key identifier: 4A:D5:B0:25:12:1D:2D:51:B6:00:CA:F8:D4:B7:AA:4F:75:4B:88:C6
Certificate issuer: /CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Certificate serial: 0196B3D0D7B970D1C46425C3EC2B81504F75
Authority key identifier: 70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/StWwJRIdLVG2AMr41LeqT3VLiMY.roa
Signing time: Fri 09 May 2025 06:52:10 +0000
ROA not before: Fri 09 May 2025 06:52:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200738
IP address blocks: 45.129.20.0/24 maxlen: 24
45.129.21.0/24 maxlen: 24
45.129.22.0/24 maxlen: 24
45.129.23.0/24 maxlen: 24
77.83.124.0/22 maxlen: 22
92.114.56.0/22 maxlen: 22
93.114.240.0/22 maxlen: 22
109.230.216.0/23 maxlen: 23
109.230.222.0/24 maxlen: 24
134.255.215.0/24 maxlen: 24
176.100.208.0/22 maxlen: 22
176.100.212.0/22 maxlen: 22
176.100.224.0/20 maxlen: 20
176.100.224.0/24 maxlen: 24
176.100.225.0/24 maxlen: 24
185.97.168.0/22 maxlen: 22
185.159.252.0/22 maxlen: 22
185.170.147.0/24 maxlen: 24
188.215.8.0/22 maxlen: 22
193.26.148.0/22 maxlen: 22
193.31.36.0/22 maxlen: 22
193.35.14.0/23 maxlen: 23
193.35.26.0/23 maxlen: 23
2a06:6c0::/48 maxlen: 48
2a06:6c0:1::/48 maxlen: 48
2a06:6c0:2::/48 maxlen: 48
2a06:6c0:3::/48 maxlen: 48
2a06:6c0:11::/48 maxlen: 48
2a06:6c0:12::/48 maxlen: 48
2a06:6c0:13::/48 maxlen: 48
2a06:6c0:21::/48 maxlen: 48
2a06:6c0:22::/48 maxlen: 48
2a06:6c0:23::/48 maxlen: 48
2a06:6c0:24::/48 maxlen: 48
2a06:6c0:25::/48 maxlen: 48
2a06:6c0:26::/48 maxlen: 48
2a06:6c0:254::/48 maxlen: 48
2a06:6c0:255::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.mft
rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 21:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b3:d0:d7:b9:70:d1:c4:64:25:c3:ec:2b:81:50:4f:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Validity
Not Before: May 9 06:52:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ad5b025121d2d51b600caf8d4b7aa4f754b88c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c3:84:b9:7e:1c:50:af:89:7d:e3:fe:db:66:
ce:03:13:15:b3:fc:a8:f2:99:2a:6b:4e:56:34:19:
dd:10:b7:ac:a2:91:a3:34:27:85:fc:a9:1d:c0:7a:
5d:22:a1:33:0a:42:cc:e7:ab:e0:a9:6c:53:72:0f:
e1:2b:dd:82:38:6b:b1:28:45:f7:56:60:4a:84:f6:
03:09:ee:34:73:8c:f5:83:f6:fb:78:ad:bb:f3:54:
94:41:05:c9:41:41:97:cd:fa:6d:69:fe:6d:87:6e:
fa:e0:9c:37:99:b0:05:2f:27:02:e4:90:23:80:9e:
aa:d5:6e:62:4f:bf:ec:68:79:e9:ea:b0:29:a5:b4:
d4:fb:64:f1:2f:1e:1e:b7:86:fe:02:40:81:35:44:
71:5b:69:e4:be:09:1e:23:1a:5a:d8:4a:ee:a9:59:
4e:ee:b6:5a:d1:73:21:39:b6:d0:c4:ed:73:fe:79:
05:16:79:de:08:74:d3:26:2b:fa:eb:ce:21:f1:ab:
74:90:b1:d0:43:bc:44:7a:c0:f4:f6:df:1d:89:62:
29:e0:16:fd:27:36:97:35:92:7d:9e:19:2e:1a:2a:
1e:9f:e1:c9:f5:4e:59:de:90:d7:2c:51:de:ce:21:
0f:9d:1e:52:51:31:e5:89:3f:4b:3c:aa:81:7e:3d:
a1:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:D5:B0:25:12:1D:2D:51:B6:00:CA:F8:D4:B7:AA:4F:75:4B:88:C6
X509v3 Authority Key Identifier:
keyid:70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/StWwJRIdLVG2AMr41LeqT3VLiMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.20.0/22
77.83.124.0/22
92.114.56.0/22
93.114.240.0/22
109.230.216.0/23
109.230.222.0/24
134.255.215.0/24
176.100.208.0/21
176.100.224.0/20
185.97.168.0/22
185.159.252.0/22
185.170.147.0/24
188.215.8.0/22
193.26.148.0/22
193.31.36.0/22
193.35.14.0/23
193.35.26.0/23
IPv6:
2a06:6c0::/46
2a06:6c0:11::-2a06:6c0:13:ffff:ffff:ffff:ffff:ffff
2a06:6c0:21::-2a06:6c0:26:ffff:ffff:ffff:ffff:ffff
2a06:6c0:254::/47
Signature Algorithm: sha256WithRSAEncryption
2d:19:ca:f2:45:86:64:a6:c5:91:5e:22:ac:2c:b1:26:bc:a3:
20:c0:46:c2:f8:ed:7e:e3:1c:b0:23:2f:25:28:77:48:0e:1b:
84:39:e5:8d:de:64:c6:23:55:5e:cf:a1:ed:13:56:02:2e:2d:
ce:cc:18:1a:2c:56:84:64:6f:bd:9a:88:68:8f:89:ce:76:eb:
03:ef:78:38:79:df:86:93:c7:45:5a:68:4e:4a:22:90:ec:98:
ca:2d:6f:83:0d:ab:19:84:cd:3c:ec:78:e5:12:ea:28:85:e5:
a1:58:2a:01:38:f6:5d:39:7a:5b:f7:c1:cd:a2:af:dc:8a:1b:
bd:6f:b0:4d:30:cc:60:db:88:14:81:4e:ed:bf:b0:50:6d:24:
ba:d0:3b:00:8b:3d:d0:55:50:2f:c9:57:65:aa:63:d4:81:c6:
f5:d1:bc:8d:e1:70:25:49:99:9a:ac:8e:61:9c:a0:f9:e7:4d:
72:90:f5:7e:26:d8:a8:e6:03:ec:55:a8:22:bf:83:22:c6:c1:
70:65:d3:54:6d:06:18:73:f9:a2:e5:23:8f:64:7f:60:0c:e5:
31:3e:16:fe:6c:6a:6e:30:9e:d3:00:ae:3b:99:9f:9f:62:e8:
28:af:66:a0:49:11:4c:d4:e1:41:c5:05:96:34:d2:ed:b8:f8:
05:5a:eb:f6
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAZaz0Ne5cNHEZCXD7CuBUE91MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOTRhNDI1NTk1ZTkyM2M0YjUzYjljMDAwYWE4ZjE5YWQ5
MjNmMjAwHhcNMjUwNTA5MDY1MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWQ1YjAyNTEyMWQyZDUxYjYwMGNhZjhkNGI3YWE0Zjc1NGI4OGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMOEuX4cUK+JfeP+22bOAxMVs/yo
8pkqa05WNBndELesopGjNCeF/KkdwHpdIqEzCkLM56vgqWxTcg/hK92COGuxKEX3
VmBKhPYDCe40c4z1g/b7eK2781SUQQXJQUGXzfptaf5th2764Jw3mbAFLycC5JAj
gJ6q1W5iT7/saHnp6rAppbTU+2TxLx4et4b+AkCBNURxW2nkvgkeIxpa2EruqVlO
7rZa0XMhObbQxO1z/nkFFnneCHTTJiv6684h8at0kLHQQ7xEesD09t8diWIp4Bb9
JzaXNZJ9nhkuGioen+HJ9U5Z3pDXLFHeziEPnR5SUTHliT9LPKqBfj2hJwIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFErVsCUSHS1RtgDK+NS3qk91S4jGMB8GA1UdIwQY
MBaAFHCUpCVZXpI8S1O5wACqjxmtkj8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0pTa0pWbGVranhMVTduQUFLcVBHYTJTUHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS85NjMxNzAtNThiZS00NmJiLWE1ZGUt
Nzc3MzczZTYwNTVlLzEvU3RXd0pSSWRMVkcyQU1yNDFMZXFUM1ZMaU1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS85NjMxNzAtNThiZS00NmJiLWE1ZGUtNzc3MzczZTYwNTVl
LzEvY0pTa0pWbGVranhMVTduQUFLcVBHYTJTUHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDBsBAIAATBmAwQCLYEU
AwQCTVN8AwQCXHI4AwQCXXLwAwQBbebYAwQAbebeAwQAhv/XAwQDsGTQAwQEsGTg
AwQCuWGoAwQCuZ/8AwQAuaqTAwQCvNcIAwQCwRqUAwQCwR8kAwQBwSMOAwQBwSMa
MEAEAgACMDoDBwIqBgbAAAAwEgMHACoGBsAAEQMHAioGBsAAEDASAwcAKgYGwAAh
AwcAKgYGwAAmAwcBKgYGwAJUMA0GCSqGSIb3DQEBCwUAA4IBAQAtGcryRYZkpsWR
XiKsLLEmvKMgwEbC+O1+4xywIy8lKHdIDhuEOeWN3mTGI1Vez6HtE1YCLi3OzBga
LFaEZG+9mohoj4nOdusD73g4ed+Gk8dFWmhOSiKQ7JjKLW+DDasZhM087HjlEuoo
heWhWCoBOPZdOXpb98HNoq/cihu9b7BNMMxg24gUgU7tv7BQbSS60DsAiz3QVVAv
yVdlqmPUgcb10byN4XAlSZmarI5hnKD5501ykPV+Jtio5gPsVagiv4MixsFwZdNU
bQYYc/mi5SOPZH9gDOUxPhb+bGpuMJ7TAK47mZ+fYugor2agSRFM1OFBxQWWNNLt
uPgFWuv2
-----END CERTIFICATE-----
Generated at Mon Jun 9 07:56:58 2025 by rpki-client