Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/56c934-cf14-4a4f-ae7c-3bd1978bf2f6/1/6bhIWgLQxbAp4w8iIoK4TQEW4N0.roa
File: 6bhIWgLQxbAp4w8iIoK4TQEW4N0.roa (raw, json)
Hash identifier: KVboi8crnrOLsGeA88bhFJ6POQSaWb28pYwX5axEOtE=
Subject key identifier: E9:B8:48:5A:02:D0:C5:B0:29:E3:0F:22:22:82:B8:4D:01:16:E0:DD
Certificate issuer: /CN=edb926f8c603aab79cb46a883bf632564a3faabf
Certificate serial: 01958ECBB5526A997A3B1D4E911CC64419C1
Authority key identifier: ED:B9:26:F8:C6:03:AA:B7:9C:B4:6A:88:3B:F6:32:56:4A:3F:AA:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7bkm-MYDqrectGqIO_YyVko_qr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/56c934-cf14-4a4f-ae7c-3bd1978bf2f6/1/6bhIWgLQxbAp4w8iIoK4TQEW4N0.roa
Signing time: Thu 13 Mar 2025 09:17:49 +0000
ROA not before: Thu 13 Mar 2025 09:17:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42695
IP address blocks: 31.12.84.0/22 maxlen: 24
31.132.58.0/24 maxlen: 24
37.153.138.0/23 maxlen: 24
37.153.172.0/23 maxlen: 24
45.114.120.0/22 maxlen: 24
45.114.121.0/24 maxlen: 24
45.114.122.0/24 maxlen: 24
45.114.123.0/24 maxlen: 24
46.254.8.0/21 maxlen: 24
46.254.10.0/23 maxlen: 23
46.254.12.0/24 maxlen: 24
46.254.13.0/24 maxlen: 24
46.254.14.0/24 maxlen: 24
46.254.15.0/24 maxlen: 24
77.81.6.0/23 maxlen: 24
77.81.188.0/23 maxlen: 24
86.107.48.0/23 maxlen: 24
86.107.49.0/24 maxlen: 24
86.107.242.0/23 maxlen: 24
89.36.90.0/23 maxlen: 23
89.40.216.0/23 maxlen: 23
89.42.140.0/23 maxlen: 24
89.45.226.0/23 maxlen: 24
89.45.226.0/24 maxlen: 24
89.45.227.0/24 maxlen: 24
89.46.80.0/21 maxlen: 24
89.46.80.0/24 maxlen: 24
89.46.81.0/24 maxlen: 24
89.46.82.0/24 maxlen: 24
89.46.83.0/24 maxlen: 24
89.46.86.0/24 maxlen: 24
91.106.192.0/21 maxlen: 24
91.123.192.0/20 maxlen: 24
103.57.72.0/22 maxlen: 24
103.57.74.0/24 maxlen: 24
103.81.143.0/24 maxlen: 24
116.206.168.0/22 maxlen: 24
141.255.184.0/21 maxlen: 24
185.2.152.0/22 maxlen: 22
185.16.84.0/22 maxlen: 24
185.52.156.0/22 maxlen: 24
185.62.204.0/22 maxlen: 24
185.62.207.0/24 maxlen: 24
185.103.48.0/23 maxlen: 23
185.103.51.0/24 maxlen: 24
188.95.224.0/21 maxlen: 24
188.212.108.0/23 maxlen: 24
188.240.18.0/23 maxlen: 24
188.240.92.0/22 maxlen: 24
188.240.222.0/23 maxlen: 24
188.241.198.0/23 maxlen: 24
188.241.198.0/24 maxlen: 24
2a00:16d8::/32 maxlen: 48
2a03:b000:200::/40 maxlen: 40
2a03:b000:400::/40 maxlen: 40
2a03:b000:600::/40 maxlen: 40
2a03:b000:700::/40 maxlen: 40
2a03:b000:800::/40 maxlen: 40
2a03:d7c0::/29 maxlen: 48
2a04:f180::/29 maxlen: 48
2a06:2980::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/56c934-cf14-4a4f-ae7c-3bd1978bf2f6/1/7bkm-MYDqrectGqIO_YyVko_qr8.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/56c934-cf14-4a4f-ae7c-3bd1978bf2f6/1/7bkm-MYDqrectGqIO_YyVko_qr8.mft
rsync://rpki.ripe.net/repository/DEFAULT/7bkm-MYDqrectGqIO_YyVko_qr8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 13:02:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8e:cb:b5:52:6a:99:7a:3b:1d:4e:91:1c:c6:44:19:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edb926f8c603aab79cb46a883bf632564a3faabf
Validity
Not Before: Mar 13 09:17:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e9b8485a02d0c5b029e30f222282b84d0116e0dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3a:f8:25:fb:b5:26:b2:a4:6c:62:65:71:17:
10:6d:86:70:a5:99:af:ad:4f:c5:e3:48:77:54:ad:
b9:a2:ad:f4:f6:08:ab:98:6e:4d:de:e2:63:60:0c:
15:80:77:bc:f7:b0:1e:39:63:ce:ed:ae:31:f4:c3:
09:2b:14:74:fd:c6:24:b6:e3:3b:f8:8f:f2:a6:c5:
f5:90:ef:f4:30:5a:3e:50:35:5d:c9:cf:6e:b5:ea:
28:f4:6e:45:b1:68:6c:bd:1b:95:3a:c3:e1:10:ae:
18:49:3c:6b:89:89:39:49:03:af:0d:04:76:d2:c4:
71:da:7c:6d:ae:6c:94:37:cc:4c:87:08:f5:31:90:
a7:99:ae:f9:88:fb:36:5d:4a:a9:2d:1b:0a:35:36:
aa:ff:0f:8f:da:d5:2b:bd:18:e6:73:f3:5c:3d:75:
7d:b1:07:73:08:52:58:81:0e:3f:41:5b:0c:a9:21:
66:0c:1e:13:7b:5a:76:c7:c8:c3:04:d5:2a:79:7b:
4e:39:e3:34:aa:9c:5e:2f:c5:37:c7:4a:9a:ca:10:
a3:fe:30:1b:a6:7b:d2:3e:c5:07:55:d6:11:b9:6e:
86:b1:fc:58:bf:00:77:14:a7:12:ae:40:8c:43:33:
5a:99:47:c8:84:41:f1:84:6c:71:49:7e:77:25:97:
25:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:B8:48:5A:02:D0:C5:B0:29:E3:0F:22:22:82:B8:4D:01:16:E0:DD
X509v3 Authority Key Identifier:
keyid:ED:B9:26:F8:C6:03:AA:B7:9C:B4:6A:88:3B:F6:32:56:4A:3F:AA:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7bkm-MYDqrectGqIO_YyVko_qr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/56c934-cf14-4a4f-ae7c-3bd1978bf2f6/1/6bhIWgLQxbAp4w8iIoK4TQEW4N0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/56c934-cf14-4a4f-ae7c-3bd1978bf2f6/1/7bkm-MYDqrectGqIO_YyVko_qr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.12.84.0/22
31.132.58.0/24
37.153.138.0/23
37.153.172.0/23
45.114.120.0/22
46.254.8.0/21
77.81.6.0/23
77.81.188.0/23
86.107.48.0/23
86.107.242.0/23
89.36.90.0/23
89.40.216.0/23
89.42.140.0/23
89.45.226.0/23
89.46.80.0/21
91.106.192.0/21
91.123.192.0/20
103.57.72.0/22
103.81.143.0/24
116.206.168.0/22
141.255.184.0/21
185.2.152.0/22
185.16.84.0/22
185.52.156.0/22
185.62.204.0/22
185.103.48.0/23
185.103.51.0/24
188.95.224.0/21
188.212.108.0/23
188.240.18.0/23
188.240.92.0/22
188.240.222.0/23
188.241.198.0/23
IPv6:
2a00:16d8::/32
2a03:b000:200::/40
2a03:b000:400::/40
2a03:b000:600::-2a03:b000:8ff:ffff:ffff:ffff:ffff:ffff
2a03:d7c0::/29
2a04:f180::/29
2a06:2980::/29
Signature Algorithm: sha256WithRSAEncryption
18:ac:bd:50:fa:af:88:80:ed:dd:be:0b:9f:ed:00:48:d9:bb:
9f:4a:54:51:48:ab:7d:56:89:2a:56:00:80:54:b8:f2:4d:4e:
e3:c9:ca:c0:19:1e:05:e4:1a:be:8e:dc:8f:35:29:7c:30:af:
34:8c:b1:f1:a9:a2:80:01:79:b9:00:cd:1f:fb:cf:5d:ef:fc:
ba:85:4e:a3:50:0a:8b:7b:dc:7d:df:5a:df:a7:b7:88:69:a6:
fc:49:10:b8:7e:2d:40:5e:fb:15:6a:e0:78:1d:1b:70:9c:58:
f1:b6:e3:8b:16:b2:d6:6d:b0:87:0c:b5:12:62:e6:90:ef:0a:
74:e9:79:32:c6:f7:cc:8b:27:a7:50:f1:78:1c:90:4a:73:00:
84:18:08:1c:12:5b:76:10:39:f0:4a:2b:d5:7c:84:6b:a9:91:
d9:f0:e9:5f:cc:c5:e0:72:c5:e4:04:8f:e5:ea:92:2d:23:26:
2e:5d:cd:41:c3:da:42:64:7d:a6:ee:cc:90:db:b2:e8:ef:4f:
21:42:3c:83:0e:47:2d:bc:fe:03:89:fc:19:c6:0d:61:21:81:
1e:41:8c:e8:fa:5f:ff:2d:c0:c1:3e:5f:5c:5e:c0:34:c5:24:
e3:f0:fe:63:65:1b:29:21:1b:5e:13:f8:14:f2:6f:9a:58:5f:
14:6e:3b:e8
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgISAZWOy7VSapl6Ox1OkRzGRBnBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkYjkyNmY4YzYwM2FhYjc5Y2I0NmE4ODNiZjYzMjU2NGEz
ZmFhYmYwHhcNMjUwMzEzMDkxNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWI4NDg1YTAyZDBjNWIwMjllMzBmMjIyMjgyYjg0ZDAxMTZlMGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDr4Jfu1JrKkbGJlcRcQbYZwpZmv
rU/F40h3VK25oq309girmG5N3uJjYAwVgHe897AeOWPO7a4x9MMJKxR0/cYktuM7
+I/ypsX1kO/0MFo+UDVdyc9uteoo9G5FsWhsvRuVOsPhEK4YSTxriYk5SQOvDQR2
0sRx2nxtrmyUN8xMhwj1MZCnma75iPs2XUqpLRsKNTaq/w+P2tUrvRjmc/NcPXV9
sQdzCFJYgQ4/QVsMqSFmDB4Te1p2x8jDBNUqeXtOOeM0qpxeL8U3x0qayhCj/jAb
pnvSPsUHVdYRuW6GsfxYvwB3FKcSrkCMQzNamUfIhEHxhGxxSX53JZclTwIDAQAB
o4IDFzCCAxMwHQYDVR0OBBYEFOm4SFoC0MWwKeMPIiKCuE0BFuDdMB8GA1UdIwQY
MBaAFO25JvjGA6q3nLRqiDv2MlZKP6q/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2JrbS1NWURxcmVjdEdxSU9fWXlWa29fcXI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy81NmM5MzQtY2YxNC00YTRmLWFlN2Mt
M2JkMTk3OGJmMmY2LzEvNmJoSVdnTFF4YkFwNHc4aUlvSzRUUUVXNE4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy81NmM5MzQtY2YxNC00YTRmLWFlN2MtM2JkMTk3OGJmMmY2
LzEvN2JrbS1NWURxcmVjdEdxSU9fWXlWa29fcXI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKwYIKwYBBQUHAQcBAf8EggEaMIIBFjCBzQQCAAEwgcYD
BAIfDFQDBAAfhDoDBAElmYoDBAElmawDBAItcngDBAMu/ggDBAFNUQYDBAFNUbwD
BAFWazADBAFWa/IDBAFZJFoDBAFZKNgDBAFZKowDBAFZLeIDBANZLlADBANbasAD
BARbe8ADBAJnOUgDBABnUY8DBAJ0zqgDBAON/7gDBAK5ApgDBAK5EFQDBAK5NJwD
BAK5PswDBAG5ZzADBAC5ZzMDBAO8X+ADBAG81GwDBAG88BIDBAK88FwDBAG88N4D
BAG88cYwRAQCAAIwPgMFACoAFtgDBgAqA7AAAgMGACoDsAAEMBADBgEqA7AABgMG
ACoDsAAIAwUDKgPXwAMFAyoE8YADBQMqBimAMA0GCSqGSIb3DQEBCwUAA4IBAQAY
rL1Q+q+IgO3dvguf7QBI2bufSlRRSKt9VokqVgCAVLjyTU7jycrAGR4F5Bq+jtyP
NSl8MK80jLHxqaKAAXm5AM0f+89d7/y6hU6jUAqLe9x931rfp7eIaab8SRC4fi1A
XvsVauB4HRtwnFjxtuOLFrLWbbCHDLUSYuaQ7wp06XkyxvfMiyenUPF4HJBKcwCE
GAgcElt2EDnwSivVfIRrqZHZ8OlfzMXgcsXkBI/l6pItIyYuXc1Bw9pCZH2m7syQ
27Lo708hQjyDDkctvP4DifwZxg1hIYEeQYzo+l//LcDBPl9cXsA0xSTj8P5jZRsp
IRteE/gU8m+aWF8Ubjvo
-----END CERTIFICATE-----
Generated at Tue Apr 8 19:57:10 2025 by rpki-client