Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/mu5vQENMQGT62T0XlilUIKP3ZMo.roa
File: mu5vQENMQGT62T0XlilUIKP3ZMo.roa (raw, json)
Hash identifier: ovlRYMvdugoGVAXo7tSae+HYY/huAzodNxSfsvcMJW0=
Subject key identifier: 9A:EE:6F:40:43:4C:40:64:FA:D9:3D:17:96:29:54:20:A3:F7:64:CA
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 01958037C8C3DE8EA8F8CE39FA848B8BE447
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/mu5vQENMQGT62T0XlilUIKP3ZMo.roa
Signing time: Mon 10 Mar 2025 13:21:34 +0000
ROA not before: Mon 10 Mar 2025 13:21:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29632
IP address blocks: 62.205.128.0/19 maxlen: 20
62.205.128.0/20 maxlen: 20
62.205.132.0/24 maxlen: 24
62.205.134.0/24 maxlen: 24
62.205.144.0/20 maxlen: 20
62.205.152.0/24 maxlen: 24
62.205.159.0/24 maxlen: 24
94.131.0.0/23 maxlen: 23
94.131.4.0/24 maxlen: 24
94.131.6.0/24 maxlen: 24
94.131.7.0/24 maxlen: 24
95.164.20.0/24 maxlen: 24
95.164.40.0/22 maxlen: 22
95.164.49.0/24 maxlen: 24
95.164.50.0/24 maxlen: 24
95.164.56.0/22 maxlen: 22
95.164.72.0/22 maxlen: 22
95.164.76.0/24 maxlen: 24
95.164.80.0/22 maxlen: 22
95.164.170.0/23 maxlen: 23
95.164.172.0/22 maxlen: 22
195.214.212.0/22 maxlen: 22
2a01:d0:303::/48 maxlen: 48
2a01:d0:305::/48 maxlen: 48
2a01:d0:308::/48 maxlen: 48
2a01:d0:317::/48 maxlen: 48
2a01:d0:31d::/48 maxlen: 48
2a01:d0:333::/48 maxlen: 48
2a01:d0:962::/48 maxlen: 48
2a01:d0:1657::/48 maxlen: 48
2a01:d0:7fff::/48 maxlen: 48
2a01:d0:8000::/33 maxlen: 33
2a01:d0:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft
rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:80:37:c8:c3:de:8e:a8:f8:ce:39:fa:84:8b:8b:e4:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Mar 10 13:21:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9aee6f40434c4064fad93d1796295420a3f764ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:bc:3f:eb:49:47:82:e6:85:10:86:7e:d6:d5:
5c:de:dd:dd:1a:27:97:b1:3e:03:13:89:37:fc:9c:
50:60:4d:e2:bc:3a:f3:0f:30:35:2d:a9:a9:3b:34:
27:6f:9e:50:ea:f9:b2:cb:05:a5:b8:4b:50:61:43:
f4:c6:85:e0:8d:26:ea:b2:e9:c9:3a:4c:ed:d3:4c:
6f:41:fe:87:d4:eb:51:54:54:b6:2e:5c:e8:a2:e8:
ee:e5:13:e7:39:b4:90:1e:46:df:d6:71:eb:46:15:
60:da:cd:28:a2:d7:65:60:22:15:47:52:69:eb:72:
9f:41:58:56:12:9c:ed:aa:cb:93:74:25:12:36:06:
e7:7f:1c:5a:86:5a:0c:05:0c:13:c1:51:35:e2:47:
e2:b6:43:51:38:56:1e:ce:6e:ab:03:b0:12:f8:19:
e0:84:2d:48:82:47:49:59:bd:11:99:8c:0c:c1:bd:
55:ef:4d:37:ee:48:1f:e2:2b:cf:42:54:fd:df:c6:
d1:68:67:96:e8:50:fb:53:87:24:8b:9e:50:ae:7c:
84:db:11:82:94:53:2e:72:da:9d:9d:3a:22:63:95:
1a:99:6d:47:83:49:c8:1f:00:e0:35:21:f0:b1:af:
5f:59:0f:55:a9:84:5b:df:e5:cf:09:ca:fe:70:6f:
b8:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:EE:6F:40:43:4C:40:64:FA:D9:3D:17:96:29:54:20:A3:F7:64:CA
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/mu5vQENMQGT62T0XlilUIKP3ZMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.205.128.0/19
94.131.0.0/23
94.131.4.0/24
94.131.6.0/23
95.164.20.0/24
95.164.40.0/22
95.164.49.0-95.164.50.255
95.164.56.0/22
95.164.72.0-95.164.76.255
95.164.80.0/22
95.164.170.0-95.164.175.255
195.214.212.0/22
IPv6:
2a01:d0:303::/48
2a01:d0:305::/48
2a01:d0:308::/48
2a01:d0:317::/48
2a01:d0:31d::/48
2a01:d0:333::/48
2a01:d0:962::/48
2a01:d0:1657::/48
2a01:d0:7fff::-2a01:d0:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
13:90:99:b0:33:61:67:f8:3b:04:98:12:14:00:27:a3:2f:62:
f2:b3:d7:77:29:20:bd:c6:43:cf:8b:b5:cc:14:c3:87:0c:81:
4f:e7:fb:ff:d4:00:b7:a0:6c:4f:01:74:15:ae:c2:b0:13:ad:
07:df:99:a8:8a:e0:a1:71:64:23:2a:ab:a5:3d:02:eb:39:43:
02:4d:e9:a1:15:cb:8c:42:04:be:d7:6c:26:0a:33:d7:76:0c:
1d:67:51:0e:42:c2:9c:22:0a:5b:5e:08:15:d9:3e:d3:e5:e2:
b4:65:ef:79:b6:54:aa:f8:06:22:e2:0c:3d:22:84:eb:84:10:
a3:8c:ee:0f:ff:29:c5:2a:65:ca:c5:28:3f:b1:5e:82:3f:67:
c1:05:f4:0c:39:0b:8c:8e:b8:0f:18:d2:14:56:80:37:90:16:
3f:82:90:7c:52:e6:0f:6c:b0:7a:f3:bc:a8:91:ea:d6:bc:b7:
0b:b4:30:c8:1a:6e:a9:67:0c:8d:72:14:d8:f4:db:d8:05:46:
f4:ca:a8:a3:9a:b1:13:ad:3a:b7:05:0c:f3:19:91:6e:47:09:
f1:31:94:0e:c8:e1:df:17:db:01:5b:32:a4:4d:e3:be:2e:14:
e8:c7:8d:f4:09:e4:30:3f:b9:4d:f1:c1:de:00:17:d0:17:cb:
1c:44:7a:ef
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAZWAN8jD3o6o+M45+oSLi+RHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjUwMzEwMTMyMTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWVlNmY0MDQzNGM0MDY0ZmFkOTNkMTc5NjI5NTQyMGEzZjc2NGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Lw/60lHguaFEIZ+1tVc3t3dGieX
sT4DE4k3/JxQYE3ivDrzDzA1LampOzQnb55Q6vmyywWluEtQYUP0xoXgjSbqsunJ
Okzt00xvQf6H1OtRVFS2Llzoouju5RPnObSQHkbf1nHrRhVg2s0ootdlYCIVR1Jp
63KfQVhWEpztqsuTdCUSNgbnfxxahloMBQwTwVE14kfitkNROFYezm6rA7AS+Bng
hC1IgkdJWb0RmYwMwb1V70037kgf4ivPQlT938bRaGeW6FD7U4cki55QrnyE2xGC
lFMuctqdnToiY5UamW1Hg0nIHwDgNSHwsa9fWQ9VqYRb3+XPCcr+cG+4ZwIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFJrub0BDTEBk+tk9F5YpVCCj92TKMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvbXU1dlFFTk1RR1Q2MlQwWGxpbFVJS1AzWk1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjBmBAIAATBgAwQFPs2A
AwQBXoMAAwQAXoMEAwQBXoMGAwQAX6QUAwQCX6QoMAwDBABfpDEDBABfpDIDBAJf
pDgwDAMEA1+kSAMEAF+kTAMEAl+kUDAMAwQBX6SqAwQEX6SgAwQCw9bUMGAEAgAC
MFoDBwAqAQDQAwMDBwAqAQDQAwUDBwAqAQDQAwgDBwAqAQDQAxcDBwAqAQDQAx0D
BwAqAQDQAzMDBwAqAQDQCWIDBwAqAQDQFlcwEAMHACoBANB//wMFACoBANAwDQYJ
KoZIhvcNAQELBQADggEBABOQmbAzYWf4OwSYEhQAJ6MvYvKz13cpIL3GQ8+LtcwU
w4cMgU/n+//UALegbE8BdBWuwrATrQffmaiK4KFxZCMqq6U9Aus5QwJN6aEVy4xC
BL7XbCYKM9d2DB1nUQ5CwpwiClteCBXZPtPl4rRl73m2VKr4BiLiDD0ihOuEEKOM
7g//KcUqZcrFKD+xXoI/Z8EF9Aw5C4yOuA8Y0hRWgDeQFj+CkHxS5g9ssHrzvKiR
6ta8twu0MMgabqlnDI1yFNj029gFRvTKqKOasROtOrcFDPMZkW5HCfExlA7I4d8X
2wFbMqRN474uFOjHjfQJ5DA/uU3xwd4AF9AXyxxEeu8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:08:01 2025 by rpki-client