Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/Lx4QL8l0KgaffC4QXEWzVHcEawc.roa
File: Lx4QL8l0KgaffC4QXEWzVHcEawc.roa (raw, json)
Hash identifier: DxG2rV8lArm7XTxrRaRlBv42lE1FblGks/y6Gbm7tWY=
Subject key identifier: 2F:1E:10:2F:C9:74:2A:06:9F:7C:2E:10:5C:45:B3:54:77:04:6B:07
Certificate issuer: /CN=91c1c85bf5c53471a997ef9fa999d0c16be85444
Certificate serial: 0196C8E23761C16D89F8A3178CA8FD2D7708
Authority key identifier: 91:C1:C8:5B:F5:C5:34:71:A9:97:EF:9F:A9:99:D0:C1:6B:E8:54:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/Lx4QL8l0KgaffC4QXEWzVHcEawc.roa
Signing time: Tue 13 May 2025 09:03:10 +0000
ROA not before: Tue 13 May 2025 09:03:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51185
IP address blocks: 45.157.64.0/24 maxlen: 24
45.157.65.0/24 maxlen: 24
45.157.66.0/24 maxlen: 24
45.157.67.0/24 maxlen: 24
94.124.64.0/21 maxlen: 21
94.124.64.0/24 maxlen: 24
94.124.65.0/24 maxlen: 24
94.124.66.0/24 maxlen: 24
94.124.67.0/24 maxlen: 24
94.124.68.0/24 maxlen: 24
94.124.69.0/24 maxlen: 24
94.124.70.0/24 maxlen: 24
94.124.71.0/24 maxlen: 24
178.248.48.0/24 maxlen: 24
178.248.49.0/24 maxlen: 24
178.248.50.0/24 maxlen: 24
178.248.51.0/24 maxlen: 24
178.248.52.0/24 maxlen: 24
178.248.53.0/24 maxlen: 24
178.248.54.0/24 maxlen: 24
178.248.55.0/24 maxlen: 24
185.45.208.0/24 maxlen: 24
185.45.209.0/24 maxlen: 24
185.45.210.0/24 maxlen: 24
185.45.211.0/24 maxlen: 24
185.187.156.0/24 maxlen: 24
185.187.157.0/24 maxlen: 24
185.187.158.0/24 maxlen: 24
185.187.159.0/24 maxlen: 24
2a02:2890::/48 maxlen: 48
2a02:2890:efff::/48 maxlen: 48
2a02:2890:ffff::/48 maxlen: 48
2a02:2891::/48 maxlen: 48
2a02:2891:1::/48 maxlen: 48
2a02:2891:2::/48 maxlen: 48
2a02:2891:4::/48 maxlen: 48
2a02:2891:9::/48 maxlen: 48
2a02:2891:10::/48 maxlen: 48
2a02:2891:11::/48 maxlen: 48
2a02:2891:12::/48 maxlen: 48
2a02:2891:13::/48 maxlen: 48
2a02:2891:15::/48 maxlen: 48
2a02:2891:16::/48 maxlen: 48
2a02:2891:18::/48 maxlen: 48
2a02:2891:29::/48 maxlen: 48
2a02:2891:ff::/48 maxlen: 48
2a02:2891:157::/48 maxlen: 48
2a02:2892:32::/48 maxlen: 48
2a02:2892:40::/48 maxlen: 48
2a02:2892:53::/48 maxlen: 48
2a02:2893:158::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c8:e2:37:61:c1:6d:89:f8:a3:17:8c:a8:fd:2d:77:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91c1c85bf5c53471a997ef9fa999d0c16be85444
Validity
Not Before: May 13 09:03:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f1e102fc9742a069f7c2e105c45b35477046b07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:22:e8:c5:6d:9b:7e:61:dd:51:7d:dc:11:93:
83:77:47:ef:38:e3:97:96:ac:37:5f:e2:35:f5:aa:
2c:b9:b9:3e:5b:c7:82:d4:13:f1:0c:f9:54:76:67:
7b:3f:16:19:4b:7a:6d:f5:b8:5c:4e:10:b1:1a:22:
88:e1:7e:c0:13:3b:12:75:e8:71:55:d4:4b:36:45:
20:8d:0d:18:c4:17:57:8c:9f:5d:60:7e:52:5c:87:
0f:8d:91:94:3a:e9:ea:71:17:04:99:74:69:81:18:
b8:c0:5f:15:49:3b:84:e3:50:c2:c9:ed:41:2b:ec:
ac:f3:75:4e:ed:03:81:4a:f2:68:b0:e4:82:b0:86:
0b:63:ca:7a:43:5d:2b:05:5c:2b:c9:7e:72:1a:70:
d2:de:d3:f0:fc:35:20:5e:8b:0e:29:4e:1e:d1:d8:
5b:c5:ed:81:14:66:ca:bc:1f:70:8c:fd:38:71:66:
c9:8c:60:cc:e7:71:58:9d:55:05:78:66:b6:fc:2f:
e4:f7:21:0a:44:35:a0:90:ad:2e:db:84:3a:61:ed:
38:96:ab:4b:56:57:23:c2:0e:9e:f2:33:53:b9:d2:
2c:fa:fb:7d:ce:87:bf:58:f8:87:98:9d:e7:76:8f:
10:72:72:83:a6:74:41:2b:b2:5c:28:eb:ed:16:ab:
4b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:1E:10:2F:C9:74:2A:06:9F:7C:2E:10:5C:45:B3:54:77:04:6B:07
X509v3 Authority Key Identifier:
keyid:91:C1:C8:5B:F5:C5:34:71:A9:97:EF:9F:A9:99:D0:C1:6B:E8:54:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/Lx4QL8l0KgaffC4QXEWzVHcEawc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.64.0/22
94.124.64.0/21
178.248.48.0/21
185.45.208.0/22
185.187.156.0/22
IPv6:
2a02:2890::/48
2a02:2890:efff::/48
2a02:2890:ffff::-2a02:2891:2:ffff:ffff:ffff:ffff:ffff
2a02:2891:4::/48
2a02:2891:9::/48
2a02:2891:10::/46
2a02:2891:15::-2a02:2891:16:ffff:ffff:ffff:ffff:ffff
2a02:2891:18::/48
2a02:2891:29::/48
2a02:2891:ff::/48
2a02:2891:157::/48
2a02:2892:32::/48
2a02:2892:40::/48
2a02:2892:53::/48
2a02:2893:158::/48
Signature Algorithm: sha256WithRSAEncryption
32:02:fd:22:7a:2f:b4:72:9f:26:4a:ba:7e:71:76:99:a1:a8:
e2:c4:a4:2e:89:fe:3e:92:d4:aa:34:b9:c2:a5:fd:67:36:f3:
8c:05:9e:43:62:25:93:73:3b:da:38:2b:8b:d9:84:21:a0:28:
9f:17:b7:20:09:73:b8:a9:f1:ec:5b:5e:60:a0:f1:c1:a2:56:
42:11:c1:b7:0a:d2:9a:58:d1:a4:d8:76:34:61:4f:41:3c:66:
79:d6:3e:be:a6:6e:fa:1f:3e:a5:36:a5:2e:09:6e:d5:4c:bf:
90:28:8c:fe:e2:ae:55:4e:5c:e5:e7:21:64:be:29:39:b2:10:
5e:76:65:89:2d:43:41:39:2c:05:48:56:0f:e7:51:db:38:52:
16:75:8c:87:9d:99:2b:c9:4e:f7:e1:24:a9:1e:05:e0:fb:13:
91:cb:ca:3f:ea:eb:f0:84:14:6a:56:20:fc:32:0d:01:a8:e3:
fd:04:36:84:86:2a:26:9f:b5:09:30:9c:f5:d5:47:34:31:2f:
58:42:b7:95:a3:b8:a8:ca:7b:65:31:e6:a3:30:32:66:d4:12:
af:e9:2b:6b:fd:cb:d9:6a:de:0f:d7:e4:c2:60:2c:ff:77:ac:
0b:6a:6f:f0:79:0d:85:04:61:1f:cb:d4:8a:29:ad:b9:05:96:
e5:eb:af:3e
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgISAZbI4jdhwW2J+KMXjKj9LXcIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYzFjODViZjVjNTM0NzFhOTk3ZWY5ZmE5OTlkMGMxNmJl
ODU0NDQwHhcNMjUwNTEzMDkwMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjFlMTAyZmM5NzQyYTA2OWY3YzJlMTA1YzQ1YjM1NDc3MDQ2YjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyLoxW2bfmHdUX3cEZODd0fvOOOX
lqw3X+I19aosubk+W8eC1BPxDPlUdmd7PxYZS3pt9bhcThCxGiKI4X7AEzsSdehx
VdRLNkUgjQ0YxBdXjJ9dYH5SXIcPjZGUOunqcRcEmXRpgRi4wF8VSTuE41DCye1B
K+ys83VO7QOBSvJosOSCsIYLY8p6Q10rBVwryX5yGnDS3tPw/DUgXosOKU4e0dhb
xe2BFGbKvB9wjP04cWbJjGDM53FYnVUFeGa2/C/k9yEKRDWgkK0u24Q6Ye04lqtL
Vlcjwg6e8jNTudIs+vt9zoe/WPiHmJ3ndo8QcnKDpnRBK7JcKOvtFqtL2wIDAQAB
o4ICyzCCAscwHQYDVR0OBBYEFC8eEC/JdCoGn3wuEFxFs1R3BGsHMB8GA1UdIwQY
MBaAFJHByFv1xTRxqZfvn6mZ0MFr6FREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wMzQ3ZDMtZTU0Yy00NGMwLThmN2Et
NDUxNDM3NGU2ZmZhLzEvTHg0UUw4bDBLZ2FmZkM0UVhFV3pWSGNFYXdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wMzQ3ZDMtZTU0Yy00NGMwLThmN2EtNDUxNDM3NGU2ZmZh
LzEva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHgBggrBgEFBQcBBwEB/wSB0DCBzTAkBAIAATAeAwQCLZ1A
AwQDXnxAAwQDsvgwAwQCuS3QAwQCubucMIGkBAIAAjCBnQMHACoCKJAAAAMHACoC
KJDv/zASAwcAKgIokP//AwcAKgIokQACAwcAKgIokQAEAwcAKgIokQAJAwcCKgIo
kQAQMBIDBwAqAiiRABUDBwAqAiiRABYDBwAqAiiRABgDBwAqAiiRACkDBwAqAiiR
AP8DBwAqAiiRAVcDBwAqAiiSADIDBwAqAiiSAEADBwAqAiiSAFMDBwAqAiiTAVgw
DQYJKoZIhvcNAQELBQADggEBADIC/SJ6L7RynyZKun5xdpmhqOLEpC6J/j6S1Ko0
ucKl/Wc284wFnkNiJZNzO9o4K4vZhCGgKJ8XtyAJc7ip8exbXmCg8cGiVkIRwbcK
0ppY0aTYdjRhT0E8ZnnWPr6mbvofPqU2pS4JbtVMv5AojP7irlVOXOXnIWS+KTmy
EF52ZYktQ0E5LAVIVg/nUds4UhZ1jIedmSvJTvfhJKkeBeD7E5HLyj/q6/CEFGpW
IPwyDQGo4/0ENoSGKiaftQkwnPXVRzQxL1hCt5WjuKjKe2Ux5qMwMmbUEq/pK2v9
y9lq3g/X5MJgLP93rAtqb/B5DYUEYR/L1IoprbkFluXrrz4=
-----END CERTIFICATE-----
Generated at Sun Jun 8 13:45:02 2025 by rpki-client