Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/eN0YwTsvKhVj4VK2vqfdGdQuG6c.roa
File: eN0YwTsvKhVj4VK2vqfdGdQuG6c.roa (raw, json)
Hash identifier: 0pMOohyPI4AU8urMbNdYs9eGhiIKMo2+HPTFBCTefiE=
Subject key identifier: 78:DD:18:C1:3B:2F:2A:15:63:E1:52:B6:BE:A7:DD:19:D4:2E:1B:A7
Certificate issuer: /CN=64fa66fb84a781a0584fd0d1c2df39bda4760519
Certificate serial: 0195D82098F01B6531460CA232D6A8427641
Authority key identifier: 64:FA:66:FB:84:A7:81:A0:58:4F:D0:D1:C2:DF:39:BD:A4:76:05:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/eN0YwTsvKhVj4VK2vqfdGdQuG6c.roa
Signing time: Thu 27 Mar 2025 15:02:49 +0000
ROA not before: Thu 27 Mar 2025 15:02:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49367
IP address blocks: 31.193.188.0/24 maxlen: 24
37.156.174.0/24 maxlen: 24
45.83.56.0/22 maxlen: 22
45.86.144.0/22 maxlen: 22
77.81.103.0/24 maxlen: 24
85.204.255.0/24 maxlen: 24
86.107.110.0/24 maxlen: 24
89.34.236.0/23 maxlen: 23
89.34.239.0/24 maxlen: 24
89.39.201.0/24 maxlen: 24
89.39.254.0/24 maxlen: 24
89.40.142.0/23 maxlen: 23
89.40.227.0/24 maxlen: 24
89.42.134.0/24 maxlen: 24
89.43.34.0/24 maxlen: 24
89.43.35.0/24 maxlen: 24
89.43.52.0/24 maxlen: 24
89.44.237.0/24 maxlen: 24
91.212.52.0/24 maxlen: 24
91.229.186.0/24 maxlen: 24
92.114.86.0/24 maxlen: 24
92.114.87.0/24 maxlen: 24
93.113.144.0/21 maxlen: 21
93.113.144.0/22 maxlen: 22
93.113.144.0/24 maxlen: 24
93.113.145.0/24 maxlen: 24
93.113.146.0/24 maxlen: 24
93.113.147.0/24 maxlen: 24
93.113.148.0/22 maxlen: 22
93.113.148.0/24 maxlen: 24
93.113.149.0/24 maxlen: 24
93.113.150.0/24 maxlen: 24
93.113.151.0/24 maxlen: 24
94.176.108.0/24 maxlen: 24
94.176.212.0/24 maxlen: 24
94.177.21.0/24 maxlen: 24
94.177.48.0/23 maxlen: 23
94.177.98.0/24 maxlen: 24
94.177.99.0/24 maxlen: 24
185.184.240.0/22 maxlen: 22
185.184.240.0/24 maxlen: 24
185.184.241.0/24 maxlen: 24
185.184.242.0/24 maxlen: 24
185.184.243.0/24 maxlen: 24
185.198.244.0/24 maxlen: 24
185.198.245.0/24 maxlen: 24
185.198.246.0/24 maxlen: 24
185.198.247.0/24 maxlen: 24
188.208.16.0/23 maxlen: 23
188.208.16.0/24 maxlen: 24
188.208.17.0/24 maxlen: 24
188.211.248.0/24 maxlen: 24
188.214.199.0/24 maxlen: 24
188.215.6.0/23 maxlen: 23
188.215.6.0/24 maxlen: 24
188.215.7.0/24 maxlen: 24
188.215.94.0/24 maxlen: 24
188.240.228.0/23 maxlen: 23
188.240.228.0/24 maxlen: 24
188.240.229.0/24 maxlen: 24
188.241.126.0/24 maxlen: 24
193.239.140.0/23 maxlen: 23
217.198.177.0/24 maxlen: 24
2a04:68c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/ZPpm-4SngaBYT9DRwt85vaR2BRk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/ZPpm-4SngaBYT9DRwt85vaR2BRk.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d8:20:98:f0:1b:65:31:46:0c:a2:32:d6:a8:42:76:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64fa66fb84a781a0584fd0d1c2df39bda4760519
Validity
Not Before: Mar 27 15:02:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=78dd18c13b2f2a1563e152b6bea7dd19d42e1ba7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:c6:36:b3:5f:8d:3e:d8:aa:f1:47:d9:10:b0:
a7:02:45:21:b6:84:83:64:80:0a:77:36:7a:3b:b3:
0e:41:ad:6d:69:b1:b7:90:db:5e:cd:25:f4:9f:36:
2f:2b:d7:b9:24:c0:22:fe:69:40:af:79:45:a5:54:
53:8f:a3:f6:55:69:d0:60:f9:14:34:a4:14:d5:b3:
5c:f4:e1:af:7d:20:dc:47:fa:c0:0c:e2:09:18:7a:
78:14:d6:ea:e1:5e:b7:ca:9a:a0:50:0d:4e:2a:64:
27:08:4b:e8:1c:cc:c7:fe:73:77:81:f0:17:8f:a9:
7d:9d:69:60:08:47:5f:21:c1:54:a0:e0:c3:e1:64:
29:46:1f:8f:70:36:c6:81:f8:e1:be:ed:37:25:d5:
b4:7b:36:0c:b7:60:be:52:53:9b:d8:7e:4f:ff:ab:
3f:d4:ea:2f:63:42:5f:d4:5b:fe:b3:6d:89:e9:3c:
fd:6d:aa:51:62:1e:fb:9a:d6:81:5b:c1:34:19:8f:
07:01:d5:48:ef:0f:4f:1b:d1:f0:bf:e8:0e:36:73:
db:92:92:c1:b2:54:6f:87:6d:d8:c2:a3:7f:9d:c2:
91:84:09:27:da:84:63:1e:75:96:1e:9b:02:35:b5:
cb:1d:f1:0f:82:92:ae:85:41:af:e6:d1:a6:e8:b2:
b3:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:DD:18:C1:3B:2F:2A:15:63:E1:52:B6:BE:A7:DD:19:D4:2E:1B:A7
X509v3 Authority Key Identifier:
keyid:64:FA:66:FB:84:A7:81:A0:58:4F:D0:D1:C2:DF:39:BD:A4:76:05:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/eN0YwTsvKhVj4VK2vqfdGdQuG6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/ZPpm-4SngaBYT9DRwt85vaR2BRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.188.0/24
37.156.174.0/24
45.83.56.0/22
45.86.144.0/22
77.81.103.0/24
85.204.255.0/24
86.107.110.0/24
89.34.236.0/23
89.34.239.0/24
89.39.201.0/24
89.39.254.0/24
89.40.142.0/23
89.40.227.0/24
89.42.134.0/24
89.43.34.0/23
89.43.52.0/24
89.44.237.0/24
91.212.52.0/24
91.229.186.0/24
92.114.86.0/23
93.113.144.0/21
94.176.108.0/24
94.176.212.0/24
94.177.21.0/24
94.177.48.0/23
94.177.98.0/23
185.184.240.0/22
185.198.244.0/22
188.208.16.0/23
188.211.248.0/24
188.214.199.0/24
188.215.6.0/23
188.215.94.0/24
188.240.228.0/23
188.241.126.0/24
193.239.140.0/23
217.198.177.0/24
IPv6:
2a04:68c0::/32
Signature Algorithm: sha256WithRSAEncryption
31:15:60:96:ba:48:a3:05:13:8c:13:e0:39:f0:db:ae:2c:a6:
9f:ca:d3:ac:df:24:7b:c8:5c:b9:2c:5f:7e:cf:ac:52:76:ef:
8a:b3:3a:b0:e9:a3:d8:8b:01:94:3b:9e:5a:12:f8:f1:80:60:
ba:77:29:77:82:73:11:f6:21:90:cc:99:04:2e:23:f6:94:9c:
bc:97:49:53:2d:27:ea:ef:6c:85:16:bf:cc:bd:87:b1:5f:ed:
6a:fe:79:10:c8:84:48:b7:36:84:3c:73:1d:c2:d5:91:e9:15:
c3:1b:07:b0:01:55:fd:ab:90:69:d6:a3:5d:52:82:82:fe:2b:
df:8d:93:34:e4:9d:d6:1f:7c:6b:40:14:78:c3:c6:ed:80:ea:
c8:aa:60:67:6b:4f:29:99:71:5f:07:07:a7:bc:6e:d8:db:47:
6c:78:5c:65:8e:5c:c5:3c:b3:99:b9:e1:91:a4:33:08:49:7b:
40:a6:67:92:9e:3e:ea:27:f4:8a:04:ac:f2:9d:68:67:d9:73:
17:e1:6c:c7:8b:b4:46:8e:8a:3e:04:62:08:84:a0:c5:89:a1:
49:0d:6e:74:e5:dd:00:0a:ac:f9:6f:99:20:42:d7:50:26:65:
64:ab:3a:d7:49:f3:c5:47:fd:a5:5c:cb:c6:0c:1f:2c:a4:70:
2d:ee:f8:6f
-----BEGIN CERTIFICATE-----
MIIF6jCCBNKgAwIBAgISAZXYIJjwG2UxRgyiMtaoQnZBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZmE2NmZiODRhNzgxYTA1ODRmZDBkMWMyZGYzOWJkYTQ3
NjA1MTkwHhcNMjUwMzI3MTUwMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGRkMThjMTNiMmYyYTE1NjNlMTUyYjZiZWE3ZGQxOWQ0MmUxYmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA08Y2s1+NPtiq8UfZELCnAkUhtoSD
ZIAKdzZ6O7MOQa1tabG3kNtezSX0nzYvK9e5JMAi/mlAr3lFpVRTj6P2VWnQYPkU
NKQU1bNc9OGvfSDcR/rADOIJGHp4FNbq4V63ypqgUA1OKmQnCEvoHMzH/nN3gfAX
j6l9nWlgCEdfIcFUoODD4WQpRh+PcDbGgfjhvu03JdW0ezYMt2C+UlOb2H5P/6s/
1OovY0Jf1Fv+s22J6Tz9bapRYh77mtaBW8E0GY8HAdVI7w9PG9Hwv+gONnPbkpLB
slRvh23YwqN/ncKRhAkn2oRjHnWWHpsCNbXLHfEPgpKuhUGv5tGm6LKzVwIDAQAB
o4IC9jCCAvIwHQYDVR0OBBYEFHjdGME7LyoVY+FStr6n3RnULhunMB8GA1UdIwQY
MBaAFGT6ZvuEp4GgWE/Q0cLfOb2kdgUZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlBwbS00U25nYUJZVDlEUnd0ODV2YVIyQlJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82NjNiNGQtYjgwZS00OTQ2LTg0YzQt
NzQwOGViOGJjNTg2LzEvZU4wWXdUc3ZLaFZqNFZLMnZxZmRHZFF1RzZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi82NjNiNGQtYjgwZS00OTQ2LTg0YzQtNzQwOGViOGJjNTg2
LzEvWlBwbS00U25nYUJZVDlEUnd0ODV2YVIyQlJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCgYIKwYBBQUHAQcBAf8EgfowgfcwgeUEAgABMIHeAwQA
H8G8AwQAJZyuAwQCLVM4AwQCLVaQAwQATVFnAwQAVcz/AwQAVmtuAwQBWSLsAwQA
WSLvAwQAWSfJAwQAWSf+AwQBWSiOAwQAWSjjAwQAWSqGAwQBWSsiAwQAWSs0AwQA
WSztAwQAW9Q0AwQAW+W6AwQBXHJWAwQDXXGQAwQAXrBsAwQAXrDUAwQAXrEVAwQB
XrEwAwQBXrFiAwQCubjwAwQCucb0AwQBvNAQAwQAvNP4AwQAvNbHAwQBvNcGAwQA
vNdeAwQBvPDkAwQAvPF+AwQBwe+MAwQA2caxMA0EAgACMAcDBQAqBGjAMA0GCSqG
SIb3DQEBCwUAA4IBAQAxFWCWukijBROME+A58NuuLKafytOs3yR7yFy5LF9+z6xS
du+Kszqw6aPYiwGUO55aEvjxgGC6dyl3gnMR9iGQzJkELiP2lJy8l0lTLSfq72yF
Fr/MvYexX+1q/nkQyIRItzaEPHMdwtWR6RXDGwewAVX9q5Bp1qNdUoKC/ivfjZM0
5J3WH3xrQBR4w8btgOrIqmBna08pmXFfBwenvG7Y20dseFxljlzFPLOZueGRpDMI
SXtApmeSnj7qJ/SKBKzynWhn2XMX4WzHi7RGjoo+BGIIhKDFiaFJDW505d0ACqz5
b5kgQtdQJmVkqzrXSfPFR/2lXMvGDB8spHAt7vhv
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:24:19 2025 by rpki-client