Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/cbOYcDDp_GHixzoJlNu8TyNQJ-o.roa
File: cbOYcDDp_GHixzoJlNu8TyNQJ-o.roa (raw, json)
Hash identifier: //2ULiIGDQdEfg1252SfRrlzjzF9OFFKOmOBFoZU2OE=
Subject key identifier: 71:B3:98:70:30:E9:FC:61:E2:C7:3A:09:94:DB:BC:4F:23:50:27:EA
Certificate issuer: /CN=959efe6ef97728a4282ae2c7b05a240506571f1c
Certificate serial: 0196B1ED71DB45CA98FAF1038EB8F03D5A37
Authority key identifier: 95:9E:FE:6E:F9:77:28:A4:28:2A:E2:C7:B0:5A:24:05:06:57:1F:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lZ7-bvl3KKQoKuLHsFokBQZXHxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/cbOYcDDp_GHixzoJlNu8TyNQJ-o.roa
Signing time: Thu 08 May 2025 22:04:10 +0000
ROA not before: Thu 08 May 2025 22:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202105
IP address blocks: 83.136.8.0/24 maxlen: 24
83.136.9.0/24 maxlen: 24
83.136.10.0/24 maxlen: 24
83.136.11.0/24 maxlen: 24
83.136.12.0/24 maxlen: 24
83.136.13.0/24 maxlen: 24
83.136.14.0/24 maxlen: 24
83.136.15.0/24 maxlen: 24
87.237.224.0/24 maxlen: 24
87.237.225.0/24 maxlen: 24
87.237.226.0/24 maxlen: 24
87.237.227.0/24 maxlen: 24
87.237.228.0/24 maxlen: 24
87.237.229.0/24 maxlen: 24
87.237.230.0/24 maxlen: 24
87.237.231.0/24 maxlen: 24
185.11.120.0/24 maxlen: 24
185.11.121.0/24 maxlen: 24
185.11.122.0/24 maxlen: 24
185.11.123.0/24 maxlen: 24
185.23.78.0/24 maxlen: 24
185.51.204.0/24 maxlen: 24
185.51.205.0/24 maxlen: 24
185.51.206.0/24 maxlen: 24
185.51.207.0/24 maxlen: 24
185.82.116.0/24 maxlen: 24
185.82.117.0/24 maxlen: 24
185.82.118.0/24 maxlen: 24
185.82.119.0/24 maxlen: 24
185.108.240.0/24 maxlen: 24
185.108.241.0/24 maxlen: 24
185.108.242.0/24 maxlen: 24
185.108.243.0/24 maxlen: 24
185.133.84.0/24 maxlen: 24
185.133.85.0/24 maxlen: 24
185.133.86.0/24 maxlen: 24
185.133.87.0/24 maxlen: 24
185.164.24.0/24 maxlen: 24
185.164.25.0/24 maxlen: 24
185.164.26.0/24 maxlen: 24
185.164.27.0/24 maxlen: 24
185.164.28.0/24 maxlen: 24
185.164.29.0/24 maxlen: 24
185.164.30.0/24 maxlen: 24
185.164.31.0/24 maxlen: 24
185.203.108.0/24 maxlen: 24
185.203.109.0/24 maxlen: 24
185.203.110.0/24 maxlen: 24
185.203.111.0/24 maxlen: 24
185.206.28.0/24 maxlen: 24
185.206.29.0/24 maxlen: 24
185.206.30.0/24 maxlen: 24
185.206.132.0/24 maxlen: 24
185.206.133.0/24 maxlen: 24
185.206.134.0/24 maxlen: 24
185.206.135.0/24 maxlen: 24
185.217.8.0/24 maxlen: 24
185.217.9.0/24 maxlen: 24
185.217.10.0/24 maxlen: 24
185.217.11.0/24 maxlen: 24
185.238.68.0/24 maxlen: 24
185.238.69.0/24 maxlen: 24
185.238.70.0/24 maxlen: 24
185.238.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/lZ7-bvl3KKQoKuLHsFokBQZXHxw.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/lZ7-bvl3KKQoKuLHsFokBQZXHxw.mft
rsync://rpki.ripe.net/repository/DEFAULT/lZ7-bvl3KKQoKuLHsFokBQZXHxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b1:ed:71:db:45:ca:98:fa:f1:03:8e:b8:f0:3d:5a:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=959efe6ef97728a4282ae2c7b05a240506571f1c
Validity
Not Before: May 8 22:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=71b3987030e9fc61e2c73a0994dbbc4f235027ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:da:08:ca:f6:ce:12:c0:d3:68:fa:35:82:35:
cc:dc:b2:91:41:78:31:7a:aa:1f:8d:70:eb:13:70:
82:b5:55:23:2a:b5:7d:b0:e4:21:44:ac:cc:36:54:
ef:a4:dc:23:00:49:de:01:50:48:b7:00:41:5e:b1:
d3:f3:04:da:88:3b:ce:12:f6:ba:ae:2d:52:1e:10:
ad:9f:91:5c:4d:d8:e4:e6:6a:97:61:68:48:42:0d:
9f:ec:95:74:c2:94:b0:cb:bc:00:05:c1:4f:86:b8:
1e:76:9b:99:8c:35:05:e4:ed:c4:c8:7e:82:0c:4d:
0a:f0:d9:6d:87:79:05:4b:ec:49:6f:32:88:ca:d0:
45:f4:9d:d2:56:8b:c8:c2:ed:02:bc:1c:be:95:e2:
92:5c:c4:59:74:36:2e:52:a5:9c:99:91:9a:e4:1b:
ca:0b:cd:58:1b:c5:27:c1:ad:40:66:fa:91:94:e5:
db:65:dc:16:c6:a6:e8:8f:96:59:4a:5f:92:8b:fc:
3e:6e:5c:a4:6c:2d:65:cc:46:ca:24:77:d4:4e:e0:
64:1f:ec:38:e6:d5:35:25:b7:7b:1c:cf:4d:ff:e1:
16:a7:31:db:6d:a6:aa:cc:41:05:5a:86:89:35:f1:
c8:7f:77:db:ee:21:b1:47:8d:a7:6a:99:6b:e0:65:
b8:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:B3:98:70:30:E9:FC:61:E2:C7:3A:09:94:DB:BC:4F:23:50:27:EA
X509v3 Authority Key Identifier:
keyid:95:9E:FE:6E:F9:77:28:A4:28:2A:E2:C7:B0:5A:24:05:06:57:1F:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lZ7-bvl3KKQoKuLHsFokBQZXHxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/cbOYcDDp_GHixzoJlNu8TyNQJ-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/lZ7-bvl3KKQoKuLHsFokBQZXHxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.8.0/21
87.237.224.0/21
185.11.120.0/22
185.23.78.0/24
185.51.204.0/22
185.82.116.0/22
185.108.240.0/22
185.133.84.0/22
185.164.24.0/21
185.203.108.0/22
185.206.28.0-185.206.30.255
185.206.132.0/22
185.217.8.0/22
185.238.68.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:a0:f6:7e:21:6f:eb:c5:cd:ad:18:17:30:1a:26:f0:82:cc:
75:bc:51:58:30:78:3e:01:f0:90:47:7f:89:42:b0:2d:cd:f1:
98:aa:a6:a6:18:09:16:06:65:d7:3f:05:68:51:c2:21:7a:6a:
fe:0d:3a:c2:1e:48:88:1e:8a:ee:c8:c4:e1:11:fc:db:df:bb:
f4:0a:13:f1:46:a6:b6:ae:79:ea:8d:5b:a4:07:16:6c:a3:65:
13:3f:0d:0e:64:ba:b7:dd:49:bc:75:a3:80:2d:be:07:2d:08:
50:f8:62:b0:2b:0b:7e:1c:9b:15:e5:24:41:49:56:8d:ef:fd:
bb:a6:65:ed:81:92:e1:12:b8:8c:8c:dd:88:1b:60:e6:6c:e9:
dd:12:50:cb:f4:35:d5:10:ce:ac:5f:6b:62:83:11:9d:33:71:
29:ab:d6:ca:dd:30:70:b6:81:38:8f:58:8b:84:8f:b4:db:50:
04:22:b0:00:13:81:f9:9e:f2:48:0e:53:18:dc:b7:50:7b:9a:
e5:40:c8:80:04:66:d8:b4:1b:31:62:28:80:bd:fa:32:cc:c3:
da:60:de:47:80:00:2e:c4:73:39:6a:4a:b1:13:d4:46:55:e6:
91:38:c8:d1:93:ed:ef:90:5d:9c:7d:50:89:b3:c6:68:eb:f1:
6d:b7:5e:18
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZax7XHbRcqY+vEDjrjwPVo3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1OWVmZTZlZjk3NzI4YTQyODJhZTJjN2IwNWEyNDA1MDY1
NzFmMWMwHhcNMjUwNTA4MjIwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWIzOTg3MDMwZTlmYzYxZTJjNzNhMDk5NGRiYmM0ZjIzNTAyN2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstoIyvbOEsDTaPo1gjXM3LKRQXgx
eqofjXDrE3CCtVUjKrV9sOQhRKzMNlTvpNwjAEneAVBItwBBXrHT8wTaiDvOEva6
ri1SHhCtn5FcTdjk5mqXYWhIQg2f7JV0wpSwy7wABcFPhrgedpuZjDUF5O3EyH6C
DE0K8Nlth3kFS+xJbzKIytBF9J3SVovIwu0CvBy+leKSXMRZdDYuUqWcmZGa5BvK
C81YG8Unwa1AZvqRlOXbZdwWxqboj5ZZSl+Si/w+blykbC1lzEbKJHfUTuBkH+w4
5tU1Jbd7HM9N/+EWpzHbbaaqzEEFWoaJNfHIf3fb7iGxR42naplr4GW42QIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFHGzmHAw6fxh4sc6CZTbvE8jUCfqMB8GA1UdIwQY
MBaAFJWe/m75dyikKCrix7BaJAUGVx8cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFo3LWJ2bDNLS1FvS3VMSHNGb2tCUVpYSHh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84YzFlNDktN2RkMS00NDhkLTg4MTUt
YTA5MjY2YmI0ZDhjLzEvY2JPWWNERHBfR0hpeHpvSmxOdThUeU5RSi1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84YzFlNDktN2RkMS00NDhkLTg4MTUtYTA5MjY2YmI0ZDhj
LzEvbFo3LWJ2bDNLS1FvS3VMSHNGb2tCUVpYSHh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQDU4gIAwQD
V+3gAwQCuQt4AwQAuRdOAwQCuTPMAwQCuVJ0AwQCuWzwAwQCuYVUAwQDuaQYAwQC
uctsMAwDBAK5zhwDBAC5zh4DBAK5zoQDBAK52QgDBAK57kQwDQYJKoZIhvcNAQEL
BQADggEBAJqg9n4hb+vFza0YFzAaJvCCzHW8UVgweD4B8JBHf4lCsC3N8ZiqpqYY
CRYGZdc/BWhRwiF6av4NOsIeSIgeiu7IxOER/Nvfu/QKE/FGpraueeqNW6QHFmyj
ZRM/DQ5kurfdSbx1o4AtvgctCFD4YrArC34cmxXlJEFJVo3v/bumZe2BkuESuIyM
3YgbYOZs6d0SUMv0NdUQzqxfa2KDEZ0zcSmr1srdMHC2gTiPWIuEj7TbUAQisAAT
gfme8kgOUxjct1B7muVAyIAEZti0GzFiKIC9+jLMw9pg3keAAC7EczlqSrET1EZV
5pE4yNGT7e+QXZx9UImzxmjr8W23Xhg=
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:04:50 2025 by rpki-client