Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/c4kqcT1XSHJJ0FNREY_3KgQV5Zg.roa
File: c4kqcT1XSHJJ0FNREY_3KgQV5Zg.roa (raw, json)
Hash identifier: BFqJRUOC40P0vfCEnDcc5S1ZBpr8qXlnCPbjKvFWFf8=
Subject key identifier: 73:89:2A:71:3D:57:48:72:49:D0:53:51:11:8F:F7:2A:04:15:E5:98
Certificate issuer: /CN=878abb29977a65b140cacb6e72ab24ceddd4e8c5
Certificate serial: 0196FCE3945BFA8A1131D65CD784DD982CA7
Authority key identifier: 87:8A:BB:29:97:7A:65:B1:40:CA:CB:6E:72:AB:24:CE:DD:D4:E8:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h4q7KZd6ZbFAystucqskzt3U6MU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/c4kqcT1XSHJJ0FNREY_3KgQV5Zg.roa
Signing time: Fri 23 May 2025 11:24:55 +0000
ROA not before: Fri 23 May 2025 11:24:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 132839
IP address blocks: 2.59.100.0/22 maxlen: 24
2.59.100.0/24 maxlen: 24
2.59.101.0/24 maxlen: 24
2.59.102.0/24 maxlen: 24
2.59.103.0/24 maxlen: 24
45.8.28.0/22 maxlen: 24
45.8.29.0/24 maxlen: 24
45.8.30.0/24 maxlen: 24
45.9.108.0/22 maxlen: 24
45.9.108.0/24 maxlen: 24
45.9.109.0/24 maxlen: 24
45.9.110.0/24 maxlen: 24
45.9.111.0/24 maxlen: 24
45.10.208.0/22 maxlen: 24
45.10.208.0/23 maxlen: 23
45.10.208.0/24 maxlen: 24
45.10.209.0/24 maxlen: 24
45.10.210.0/24 maxlen: 24
45.13.160.0/22 maxlen: 24
45.13.160.0/24 maxlen: 24
45.66.188.0/22 maxlen: 24
45.66.188.0/24 maxlen: 24
45.66.189.0/24 maxlen: 24
45.66.190.0/24 maxlen: 24
45.66.191.0/24 maxlen: 24
45.80.112.0/22 maxlen: 24
45.80.113.0/24 maxlen: 24
45.80.114.0/23 maxlen: 24
45.80.114.0/24 maxlen: 24
45.87.228.0/22 maxlen: 24
45.87.228.0/24 maxlen: 24
45.87.231.0/24 maxlen: 24
45.93.64.0/22 maxlen: 24
45.93.64.0/24 maxlen: 24
45.93.65.0/24 maxlen: 24
45.93.66.0/24 maxlen: 24
45.93.67.0/24 maxlen: 24
45.131.156.0/22 maxlen: 24
45.131.156.0/24 maxlen: 24
45.131.157.0/24 maxlen: 24
45.131.158.0/24 maxlen: 24
45.131.159.0/24 maxlen: 24
45.142.76.0/22 maxlen: 24
45.142.77.0/24 maxlen: 24
45.142.78.0/24 maxlen: 24
45.142.79.0/24 maxlen: 24
45.147.212.0/22 maxlen: 24
45.147.213.0/24 maxlen: 24
45.147.214.0/24 maxlen: 24
45.147.215.0/24 maxlen: 24
45.149.68.0/22 maxlen: 24
45.149.68.0/24 maxlen: 24
45.149.69.0/24 maxlen: 24
45.156.168.0/22 maxlen: 24
45.156.169.0/24 maxlen: 24
45.156.171.0/24 maxlen: 24
45.156.216.0/22 maxlen: 24
45.158.220.0/22 maxlen: 24
45.158.221.0/24 maxlen: 24
45.158.223.0/24 maxlen: 24
62.192.188.0/22 maxlen: 24
62.192.188.0/24 maxlen: 24
62.192.189.0/24 maxlen: 24
62.192.190.0/24 maxlen: 24
62.192.191.0/24 maxlen: 24
83.150.224.0/22 maxlen: 24
83.150.224.0/24 maxlen: 24
83.150.225.0/24 maxlen: 24
85.208.56.0/22 maxlen: 24
85.208.56.0/24 maxlen: 24
85.208.57.0/24 maxlen: 24
85.208.58.0/24 maxlen: 24
85.208.59.0/24 maxlen: 24
92.118.144.0/22 maxlen: 24
92.118.144.0/24 maxlen: 24
92.118.145.0/24 maxlen: 24
92.118.146.0/24 maxlen: 24
92.118.147.0/24 maxlen: 24
185.51.164.0/22 maxlen: 24
185.51.164.0/24 maxlen: 24
185.51.167.0/24 maxlen: 24
193.42.15.0/24 maxlen: 24
193.42.132.0/24 maxlen: 24
193.42.135.0/24 maxlen: 24
193.42.149.0/24 maxlen: 24
193.108.46.0/23 maxlen: 24
193.108.46.0/24 maxlen: 24
193.108.96.0/23 maxlen: 24
193.108.96.0/24 maxlen: 24
193.108.97.0/24 maxlen: 24
193.164.222.0/23 maxlen: 24
193.168.4.0/23 maxlen: 24
193.168.4.0/24 maxlen: 24
194.146.84.0/22 maxlen: 24
194.146.84.0/24 maxlen: 24
194.146.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/h4q7KZd6ZbFAystucqskzt3U6MU.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/h4q7KZd6ZbFAystucqskzt3U6MU.mft
rsync://rpki.ripe.net/repository/DEFAULT/h4q7KZd6ZbFAystucqskzt3U6MU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fc:e3:94:5b:fa:8a:11:31:d6:5c:d7:84:dd:98:2c:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=878abb29977a65b140cacb6e72ab24ceddd4e8c5
Validity
Not Before: May 23 11:24:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=73892a713d57487249d05351118ff72a0415e598
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:34:9e:11:f4:0d:f6:7f:07:de:60:45:40:bc:
bd:ee:18:cf:20:d0:cf:d8:38:15:a2:4c:7a:6a:01:
cb:3c:9b:db:2d:f9:35:e1:d5:37:00:ab:32:7a:b0:
cf:82:cf:fe:3a:38:9e:e5:7c:4c:72:39:7b:08:bf:
94:c4:22:3f:03:35:43:b9:a4:c7:e5:da:07:53:04:
45:99:55:31:ef:b0:e7:a6:fa:21:6c:17:04:a3:1f:
2b:a7:f9:d9:e1:5a:30:23:47:70:8b:90:f9:72:c6:
db:91:62:61:6a:f7:3b:c4:fe:fb:af:05:4e:e0:41:
50:fc:10:14:a4:94:58:48:05:58:b9:65:63:97:ba:
66:d5:49:4c:fd:d8:0b:3a:4b:11:d5:96:1b:bd:30:
09:89:73:5a:10:50:61:7c:d0:39:d4:c4:f3:ed:32:
fd:c9:a6:8c:96:8b:c3:4c:00:c5:75:4a:83:ee:3d:
e9:c6:f3:71:25:73:01:9f:8c:93:a2:9c:01:55:97:
59:63:fe:e7:cd:b5:5c:e9:63:cb:22:9f:2c:6a:5f:
c3:9f:b7:37:4b:3b:82:9d:ca:8a:83:d6:a4:de:6f:
7c:c8:af:09:6c:0a:f2:70:e7:54:7b:64:3f:43:82:
33:b8:cb:db:40:e9:39:3c:20:94:0e:7b:4a:c4:86:
b8:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:89:2A:71:3D:57:48:72:49:D0:53:51:11:8F:F7:2A:04:15:E5:98
X509v3 Authority Key Identifier:
keyid:87:8A:BB:29:97:7A:65:B1:40:CA:CB:6E:72:AB:24:CE:DD:D4:E8:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h4q7KZd6ZbFAystucqskzt3U6MU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/c4kqcT1XSHJJ0FNREY_3KgQV5Zg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/h4q7KZd6ZbFAystucqskzt3U6MU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.100.0/22
45.8.28.0/22
45.9.108.0/22
45.10.208.0/22
45.13.160.0/22
45.66.188.0/22
45.80.112.0/22
45.87.228.0/22
45.93.64.0/22
45.131.156.0/22
45.142.76.0/22
45.147.212.0/22
45.149.68.0/22
45.156.168.0/22
45.156.216.0/22
45.158.220.0/22
62.192.188.0/22
83.150.224.0/22
85.208.56.0/22
92.118.144.0/22
185.51.164.0/22
193.42.15.0/24
193.42.132.0/24
193.42.135.0/24
193.42.149.0/24
193.108.46.0/23
193.108.96.0/23
193.164.222.0/23
193.168.4.0/23
194.146.84.0/22
Signature Algorithm: sha256WithRSAEncryption
be:ed:71:17:ec:9e:fa:82:36:99:21:3e:f0:67:8d:e2:74:da:
1b:7c:f5:f0:ff:fc:f8:30:04:bf:42:0c:9a:c5:08:35:bb:23:
37:09:a9:13:24:28:67:86:c0:f4:f1:93:8e:b7:43:0f:d3:af:
0a:7f:8a:0a:ff:96:cd:63:9d:2f:08:e8:ff:89:bf:d8:27:f5:
3f:a6:63:e2:04:c6:37:77:b5:f3:8d:4a:5b:be:25:bb:db:11:
d5:95:52:44:e6:54:16:cb:7b:b9:57:ee:af:4b:ef:1c:d1:46:
99:0c:9d:cf:40:13:67:8d:57:47:89:21:6a:b2:0e:78:81:62:
a1:41:26:31:75:36:42:bc:c7:e2:b9:bd:e1:87:ef:d8:7d:49:
17:8e:2f:d9:18:13:71:9b:c8:5c:07:9a:84:54:bc:67:41:23:
f6:68:48:32:52:6f:f0:41:8a:f5:23:60:f6:47:6c:d4:19:e9:
8b:5b:80:27:50:64:80:9c:38:91:3c:a8:74:69:15:9a:c9:2a:
7f:9e:4c:76:2e:5d:5c:d2:9b:67:65:38:d9:cf:ac:89:2b:5b:
d2:87:e2:e5:cd:a8:ca:f9:c2:cd:84:0c:80:ac:06:a1:14:7e:
f2:36:ca:09:92:a7:54:18:2c:85:f4:b8:3c:f3:0b:a4:45:c5:
49:34:02:a5
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAZb845Rb+ooRMdZc14TdmCynMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3OGFiYjI5OTc3YTY1YjE0MGNhY2I2ZTcyYWIyNGNlZGRk
NGU4YzUwHhcNMjUwNTIzMTEyNDU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mzg5MmE3MTNkNTc0ODcyNDlkMDUzNTExMThmZjcyYTA0MTVlNTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTSeEfQN9n8H3mBFQLy97hjPINDP
2DgVokx6agHLPJvbLfk14dU3AKsyerDPgs/+Ojie5XxMcjl7CL+UxCI/AzVDuaTH
5doHUwRFmVUx77DnpvohbBcEox8rp/nZ4VowI0dwi5D5csbbkWJhavc7xP77rwVO
4EFQ/BAUpJRYSAVYuWVjl7pm1UlM/dgLOksR1ZYbvTAJiXNaEFBhfNA51MTz7TL9
yaaMlovDTADFdUqD7j3pxvNxJXMBn4yTopwBVZdZY/7nzbVc6WPLIp8sal/Dn7c3
SzuCncqKg9ak3m98yK8JbArycOdUe2Q/Q4IzuMvbQOk5PCCUDntKxIa4fwIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFHOJKnE9V0hySdBTURGP9yoEFeWYMB8GA1UdIwQY
MBaAFIeKuymXemWxQMrLbnKrJM7d1OjFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDRxN0taZDZaYkZBeXN0dWNxc2t6dDNVNk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8wNmI4ZjUtMWE3Ni00NWY4LWI5N2Et
YWM4NjQ3ZDA1NThhLzEvYzRrcWNUMVhTSEpKMEZOUkVZXzNLZ1FWNVpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8wNmI4ZjUtMWE3Ni00NWY4LWI5N2EtYWM4NjQ3ZDA1NThh
LzEvaDRxN0taZDZaYkZBeXN0dWNxc2t6dDNVNk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBuwQCAAEwgbQDBAIC
O2QDBAItCBwDBAItCWwDBAItCtADBAItDaADBAItQrwDBAItUHADBAItV+QDBAIt
XUADBAItg5wDBAItjkwDBAItk9QDBAItlUQDBAItnKgDBAItnNgDBAItntwDBAI+
wLwDBAJTluADBAJV0DgDBAJcdpADBAK5M6QDBADBKg8DBADBKoQDBADBKocDBADB
KpUDBAHBbC4DBAHBbGADBAHBpN4DBAHBqAQDBALCklQwDQYJKoZIhvcNAQELBQAD
ggEBAL7tcRfsnvqCNpkhPvBnjeJ02ht89fD//PgwBL9CDJrFCDW7IzcJqRMkKGeG
wPTxk463Qw/Trwp/igr/ls1jnS8I6P+Jv9gn9T+mY+IExjd3tfONSlu+JbvbEdWV
UkTmVBbLe7lX7q9L7xzRRpkMnc9AE2eNV0eJIWqyDniBYqFBJjF1NkK8x+K5veGH
79h9SReOL9kYE3GbyFwHmoRUvGdBI/ZoSDJSb/BBivUjYPZHbNQZ6YtbgCdQZICc
OJE8qHRpFZrJKn+eTHYuXVzSm2dlONnPrIkrW9KH4uXNqMr5ws2EDICsBqEUfvI2
ygmSp1QYLIX0uDzzC6RFxUk0AqU=
-----END CERTIFICATE-----
Generated at Fri Jun 6 16:51:30 2025 by rpki-client