Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/BImX4IZet7zX5a_M5dyVHlAPHJk.roa
File: BImX4IZet7zX5a_M5dyVHlAPHJk.roa (raw, json)
Hash identifier: Zoyc7YnxXZln2WfSEPCQd562hViP+xGutPUH9Hj2ssQ=
Subject key identifier: 04:89:97:E0:86:5E:B7:BC:D7:E5:AF:CC:E5:DC:95:1E:50:0F:1C:99
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 01973F71E39E96CE0B8FB72E1DC6783773A4
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/BImX4IZet7zX5a_M5dyVHlAPHJk.roa
Signing time: Thu 05 Jun 2025 09:35:17 +0000
ROA not before: Thu 05 Jun 2025 09:35:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28964
IP address blocks: 77.105.8.0/24 maxlen: 24
77.105.39.0/24 maxlen: 24
79.175.66.0/24 maxlen: 24
79.175.120.0/24 maxlen: 24
81.18.51.0/24 maxlen: 24
81.18.56.0/24 maxlen: 24
81.18.57.0/24 maxlen: 24
81.18.58.0/24 maxlen: 24
81.18.63.0/24 maxlen: 24
93.186.65.0/24 maxlen: 24
93.186.77.0/24 maxlen: 24
109.121.48.0/24 maxlen: 24
109.121.49.0/24 maxlen: 24
109.121.53.0/24 maxlen: 24
178.219.2.0/24 maxlen: 24
178.253.212.0/24 maxlen: 24
178.253.216.0/24 maxlen: 24
178.253.217.0/24 maxlen: 24
178.253.218.0/24 maxlen: 24
178.253.235.0/24 maxlen: 24
178.253.238.0/24 maxlen: 24
178.253.245.0/24 maxlen: 24
178.253.246.0/24 maxlen: 24
188.255.179.0/24 maxlen: 24
188.255.190.0/24 maxlen: 24
188.255.192.0/23 maxlen: 23
188.255.195.0/24 maxlen: 24
188.255.196.0/22 maxlen: 22
188.255.207.0/24 maxlen: 24
188.255.217.0/24 maxlen: 24
188.255.228.0/24 maxlen: 24
188.255.230.0/23 maxlen: 23
188.255.253.0/24 maxlen: 24
212.69.2.0/24 maxlen: 24
212.69.3.0/24 maxlen: 24
212.69.4.0/24 maxlen: 24
212.69.5.0/24 maxlen: 24
212.69.19.0/24 maxlen: 24
212.69.21.0/24 maxlen: 24
212.69.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3f:71:e3:9e:96:ce:0b:8f:b7:2e:1d:c6:78:37:73:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jun 5 09:35:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=048997e0865eb7bcd7e5afcce5dc951e500f1c99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:cb:b4:f2:a6:55:42:99:e1:49:f0:15:c2:50:
5a:1a:e8:a9:ce:7e:04:e2:9a:b2:4f:3f:5d:c9:88:
7a:fc:ab:c5:88:93:a4:47:c1:08:7d:7b:7d:f3:c5:
d2:1f:7e:d2:9f:37:b0:8e:95:75:af:1c:e0:45:ea:
a4:fa:a7:81:a1:ec:16:96:d6:b8:e5:fb:9e:cc:96:
15:78:06:4b:e1:d3:b9:00:b9:f4:c8:66:6b:46:d8:
d4:4b:7d:30:5a:8d:91:df:ef:ee:24:6c:a5:1b:8c:
5d:e7:b1:5b:0f:75:6b:76:d0:4e:0e:b7:dc:bc:32:
d4:98:63:6d:ba:96:d3:74:33:8e:61:0a:ed:4b:95:
7c:87:fa:36:97:0a:a9:72:d7:fe:e7:39:18:d0:08:
41:c3:cb:52:d4:b2:e5:9a:55:ec:28:d4:a4:8f:03:
00:93:b4:6f:6e:46:2a:e2:5e:c8:e0:bc:c4:71:a4:
49:32:3f:c7:f0:75:ef:30:96:b3:93:8c:3a:4d:21:
c8:27:c6:25:b2:91:55:d9:02:22:c9:e9:8d:43:e2:
e7:24:b8:b0:32:a5:50:b3:cb:36:f0:0a:51:f0:66:
58:00:6c:68:a8:3c:68:d0:54:68:31:fd:b4:9d:5a:
f4:b0:b3:50:bb:8c:63:6a:b5:10:36:aa:ba:28:c4:
7d:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:89:97:E0:86:5E:B7:BC:D7:E5:AF:CC:E5:DC:95:1E:50:0F:1C:99
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/BImX4IZet7zX5a_M5dyVHlAPHJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.8.0/24
77.105.39.0/24
79.175.66.0/24
79.175.120.0/24
81.18.51.0/24
81.18.56.0-81.18.58.255
81.18.63.0/24
93.186.65.0/24
93.186.77.0/24
109.121.48.0/23
109.121.53.0/24
178.219.2.0/24
178.253.212.0/24
178.253.216.0-178.253.218.255
178.253.235.0/24
178.253.238.0/24
178.253.245.0-178.253.246.255
188.255.179.0/24
188.255.190.0/24
188.255.192.0/23
188.255.195.0-188.255.199.255
188.255.207.0/24
188.255.217.0/24
188.255.228.0/24
188.255.230.0/23
188.255.253.0/24
212.69.2.0-212.69.5.255
212.69.19.0/24
212.69.21.0/24
212.69.30.0/24
Signature Algorithm: sha256WithRSAEncryption
69:80:df:c0:34:83:c0:65:2c:fd:d9:29:02:9c:34:be:c8:e9:
61:17:75:be:a4:89:5f:e6:06:d4:f2:91:94:52:fd:40:74:fc:
e0:c4:d1:e0:8f:26:8b:e4:5d:a1:ff:e5:6e:e8:f4:38:74:26:
38:c1:2e:22:39:78:7d:36:06:bc:6f:52:5a:06:80:33:57:25:
91:dd:f3:56:99:cf:32:7e:9d:42:c3:15:26:b5:a2:cc:42:45:
78:9b:73:dd:50:98:7c:de:a3:1f:58:9d:65:a3:4a:87:f0:0a:
15:50:71:b3:7a:2c:88:44:30:84:12:3e:19:8a:79:05:93:91:
5e:4a:11:30:a6:ae:ed:2f:39:d1:8c:af:1a:bf:4d:39:05:a5:
6b:c1:52:17:c5:01:70:31:9f:19:f5:11:ce:c7:05:c1:a6:e8:
e9:6a:45:64:79:6d:2d:13:2a:69:62:74:3a:61:e9:a3:23:ea:
54:55:cc:52:37:b0:f7:96:50:d2:49:a1:a3:b1:f7:22:ff:67:
2f:27:1f:09:38:32:78:6c:56:6e:3a:b7:80:7c:ed:92:68:90:
9f:43:61:06:14:67:e5:c9:82:29:2f:e3:e8:53:01:55:53:20:
06:2a:7e:e7:b8:27:77:32:7b:1c:30:4d:d0:da:ef:ce:cd:1c:
c6:39:88:cc
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgISAZc/ceOels4Lj7cuHcZ4N3OkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjUwNjA1MDkzNTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDg5OTdlMDg2NWViN2JjZDdlNWFmY2NlNWRjOTUxZTUwMGYxYzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscu08qZVQpnhSfAVwlBaGuipzn4E
4pqyTz9dyYh6/KvFiJOkR8EIfXt988XSH37SnzewjpV1rxzgReqk+qeBoewWlta4
5fuezJYVeAZL4dO5ALn0yGZrRtjUS30wWo2R3+/uJGylG4xd57FbD3VrdtBODrfc
vDLUmGNtupbTdDOOYQrtS5V8h/o2lwqpctf+5zkY0AhBw8tS1LLlmlXsKNSkjwMA
k7RvbkYq4l7I4LzEcaRJMj/H8HXvMJazk4w6TSHIJ8YlspFV2QIiyemNQ+LnJLiw
MqVQs8s28ApR8GZYAGxoqDxo0FRoMf20nVr0sLNQu4xjarUQNqq6KMR94wIDAQAB
o4IC5DCCAuAwHQYDVR0OBBYEFASJl+CGXre81+WvzOXclR5QDxyZMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvQkltWDRJWmV0N3pYNWFfTTVkeVZIbEFQSEprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH5BggrBgEFBQcBBwEB/wSB6TCB5jCB4wQCAAEwgdwDBABN
aQgDBABNaScDBABPr0IDBABPr3gDBABREjMwDAMEA1ESOAMEAFESOgMEAFESPwME
AF26QQMEAF26TQMEAW15MAMEAG15NQMEALLbAgMEALL91DAMAwQDsv3YAwQAsv3a
AwQAsv3rAwQAsv3uMAwDBACy/fUDBACy/fYDBAC8/7MDBAC8/74DBAG8/8AwDAME
ALz/wwMEA7z/wAMEALz/zwMEALz/2QMEALz/5AMEAbz/5gMEALz//TAMAwQB1EUC
AwQB1EUEAwQA1EUTAwQA1EUVAwQA1EUeMA0GCSqGSIb3DQEBCwUAA4IBAQBpgN/A
NIPAZSz92SkCnDS+yOlhF3W+pIlf5gbU8pGUUv1AdPzgxNHgjyaL5F2h/+Vu6PQ4
dCY4wS4iOXh9Nga8b1JaBoAzVyWR3fNWmc8yfp1CwxUmtaLMQkV4m3PdUJh83qMf
WJ1lo0qH8AoVUHGzeiyIRDCEEj4ZinkFk5FeShEwpq7tLznRjK8av005BaVrwVIX
xQFwMZ8Z9RHOxwXBpujpakVkeW0tEyppYnQ6YemjI+pUVcxSN7D3llDSSaGjsfci
/2cvJx8JODJ4bFZuOreAfO2SaJCfQ2EGFGflyYIpL+PoUwFVUyAGKn7nuCd3Mnsc
ME3Q2u/OzRzGOYjM
-----END CERTIFICATE-----
Generated at Sat Jun 7 01:10:31 2025 by rpki-client