Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/Qc9ZFwkB4-cyHF3LSkCBWzHVWOI.roa
File: Qc9ZFwkB4-cyHF3LSkCBWzHVWOI.roa (raw, json)
Hash identifier: RT6UiXG2/uWjcKF8JDD2niojE/xCiHwIen62OA697RU=
Subject key identifier: 41:CF:59:17:09:01:E3:E7:32:1C:5D:CB:4A:40:81:5B:31:D5:58:E2
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 0196F85F4439C44388805B2184234C3B9732
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/Qc9ZFwkB4-cyHF3LSkCBWzHVWOI.roa
Signing time: Thu 22 May 2025 14:21:54 +0000
ROA not before: Thu 22 May 2025 14:21:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209372
IP address blocks: 5.104.72.0/24 maxlen: 24
5.104.74.0/24 maxlen: 24
31.40.194.0/24 maxlen: 24
45.130.184.0/24 maxlen: 24
45.130.185.0/24 maxlen: 24
45.130.186.0/24 maxlen: 24
45.140.4.0/24 maxlen: 24
45.140.6.0/24 maxlen: 24
45.140.7.0/24 maxlen: 24
77.83.20.0/22 maxlen: 24
84.252.64.0/22 maxlen: 24
88.218.80.0/24 maxlen: 24
88.218.239.0/24 maxlen: 24
91.132.126.0/24 maxlen: 24
91.132.127.0/24 maxlen: 24
91.245.239.0/24 maxlen: 24
95.214.83.0/24 maxlen: 24
95.214.92.0/24 maxlen: 24
95.214.93.0/24 maxlen: 24
95.214.95.0/24 maxlen: 24
176.118.188.0/24 maxlen: 24
176.118.189.0/24 maxlen: 24
176.118.191.0/24 maxlen: 24
185.177.76.0/24 maxlen: 24
185.177.77.0/24 maxlen: 24
193.160.68.0/24 maxlen: 24
193.160.72.0/24 maxlen: 24
194.28.157.0/24 maxlen: 24
194.53.188.0/22 maxlen: 24
194.124.41.0/24 maxlen: 24
212.69.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.mft
rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 05:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f8:5f:44:39:c4:43:88:80:5b:21:84:23:4c:3b:97:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: May 22 14:21:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=41cf59170901e3e7321c5dcb4a40815b31d558e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a9:b6:27:e0:70:d6:b3:8a:94:09:8c:d0:dc:
52:3b:e4:2a:ae:33:0a:02:6d:e9:e1:3a:56:a5:43:
92:34:66:39:83:ab:a7:56:cb:e3:e0:ef:2d:45:58:
1a:7d:20:2a:a3:8c:54:f9:8f:86:7e:ff:75:b4:2f:
d6:d0:f3:97:16:4a:46:a5:52:72:21:33:7d:6a:77:
8f:cf:14:22:8e:68:ce:12:e0:20:ba:55:95:4b:33:
2d:e4:2a:ac:d0:8c:d0:79:cd:aa:52:20:cf:65:af:
cf:91:0f:79:67:b3:9b:cb:6d:ed:4a:07:5d:c9:6b:
8c:5b:98:bf:d9:e0:56:da:a5:4f:f8:da:3e:62:4d:
d7:28:33:3b:90:7e:eb:0f:1d:1e:6a:d1:dd:e0:a4:
ea:6b:56:bb:f7:69:e2:1a:ca:12:8e:b4:dc:06:72:
a4:eb:86:98:44:44:9a:d9:6b:5a:ce:fb:0c:12:04:
a5:2a:ab:01:d5:f1:08:8d:dd:fe:14:2a:60:e4:50:
1b:40:dc:b7:c6:9e:b1:a7:a6:dd:a7:29:c6:70:ed:
15:45:9a:52:31:38:7b:f1:22:18:61:bc:b9:cd:17:
f1:70:bb:32:f6:a5:a6:ba:70:ac:b5:3f:92:95:64:
12:1a:d2:19:4b:62:fe:22:9a:be:b5:6d:dd:a4:85:
fa:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:CF:59:17:09:01:E3:E7:32:1C:5D:CB:4A:40:81:5B:31:D5:58:E2
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/Qc9ZFwkB4-cyHF3LSkCBWzHVWOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.72.0/24
5.104.74.0/24
31.40.194.0/24
45.130.184.0-45.130.186.255
45.140.4.0/24
45.140.6.0/23
77.83.20.0/22
84.252.64.0/22
88.218.80.0/24
88.218.239.0/24
91.132.126.0/23
91.245.239.0/24
95.214.83.0/24
95.214.92.0/23
95.214.95.0/24
176.118.188.0/23
176.118.191.0/24
185.177.76.0/23
193.160.68.0/24
193.160.72.0/24
194.28.157.0/24
194.53.188.0/22
194.124.41.0/24
212.69.135.0/24
Signature Algorithm: sha256WithRSAEncryption
15:0c:71:4e:d5:5b:22:f1:ed:14:61:ee:ae:55:ff:6a:25:a6:
30:02:69:6f:f3:cb:07:0d:80:ff:dd:f6:62:5e:db:30:99:02:
94:3d:49:ea:e6:e6:78:d7:97:94:8d:cd:dc:6c:93:a0:f9:d8:
79:95:e8:f3:5b:38:0d:8d:86:38:7c:93:27:93:23:66:07:9d:
52:b5:b5:73:57:68:b6:79:27:01:d1:84:c5:c8:60:7e:5d:c5:
c2:52:68:b8:ac:5b:61:a9:d6:a0:54:be:4e:db:62:49:66:79:
06:83:77:70:32:47:85:5b:bc:9f:d4:67:60:a7:ab:3e:82:b4:
50:93:ec:30:05:03:0e:11:02:17:fe:56:68:fa:66:30:93:4a:
bd:b6:f9:ab:72:30:d1:9d:29:08:88:a4:3d:5b:e4:8a:19:be:
a0:6f:84:99:6a:f8:3f:07:16:bc:a7:e5:55:a7:62:9b:4f:52:
24:9f:7d:b8:4c:9e:5a:df:d1:31:e8:62:4e:bc:7c:ad:e3:6a:
8c:6b:31:de:e4:eb:10:58:12:22:6c:b9:24:b1:2d:b2:d3:7f:
8c:66:0f:f7:43:01:5c:b5:77:ad:de:3b:d6:0f:5c:23:35:1a:
2d:7e:b8:42:9a:9a:54:b7:a3:87:2e:cc:a5:68:2a:74:81:b5:
a0:17:a2:ce
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZb4X0Q5xEOIgFshhCNMO5cyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjUwNTIyMTQyMTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWNmNTkxNzA5MDFlM2U3MzIxYzVkY2I0YTQwODE1YjMxZDU1OGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6m2J+Bw1rOKlAmM0NxSO+QqrjMK
Am3p4TpWpUOSNGY5g6unVsvj4O8tRVgafSAqo4xU+Y+Gfv91tC/W0POXFkpGpVJy
ITN9anePzxQijmjOEuAgulWVSzMt5Cqs0IzQec2qUiDPZa/PkQ95Z7Oby23tSgdd
yWuMW5i/2eBW2qVP+No+Yk3XKDM7kH7rDx0eatHd4KTqa1a792niGsoSjrTcBnKk
64aYRESa2WtazvsMEgSlKqsB1fEIjd3+FCpg5FAbQNy3xp6xp6bdpynGcO0VRZpS
MTh78SIYYby5zRfxcLsy9qWmunCstT+SlWQSGtIZS2L+Ipq+tW3dpIX6fQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFEHPWRcJAePnMhxdy0pAgVsx1VjiMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvUWM5WkZ3a0I0LWN5SEYzTFNrQ0JXekhWV09JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBnwQCAAEwgZgDBAAF
aEgDBAAFaEoDBAAfKMIwDAMEAy2CuAMEAC2CugMEAC2MBAMEAS2MBgMEAk1TFAME
AlT8QAMEAFjaUAMEAFja7wMEAVuEfgMEAFv17wMEAF/WUwMEAV/WXAMEAF/WXwME
AbB2vAMEALB2vwMEAbmxTAMEAMGgRAMEAMGgSAMEAMIcnQMEAsI1vAMEAMJ8KQME
ANRFhzANBgkqhkiG9w0BAQsFAAOCAQEAFQxxTtVbIvHtFGHurlX/aiWmMAJpb/PL
Bw2A/932Yl7bMJkClD1J6ubmeNeXlI3N3GyToPnYeZXo81s4DY2GOHyTJ5MjZged
UrW1c1dotnknAdGExchgfl3FwlJouKxbYanWoFS+TttiSWZ5BoN3cDJHhVu8n9Rn
YKerPoK0UJPsMAUDDhECF/5WaPpmMJNKvbb5q3Iw0Z0pCIikPVvkihm+oG+EmWr4
PwcWvKflVadim09SJJ99uEyeWt/RMehiTrx8reNqjGsx3uTrEFgSImy5JLEtstN/
jGYP90MBXLV3rd471g9cIzUaLX64QpqaVLejhy7MpWgqdIG1oBeizg==
-----END CERTIFICATE-----
Generated at Fri Jun 6 12:14:47 2025 by rpki-client