Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/mvYs-hlLQyMdKxgPw0g_jo2b_pY.roa
File: mvYs-hlLQyMdKxgPw0g_jo2b_pY.roa (raw, json)
Hash identifier: 0QeO5mI8uGOMSEPrjMS+fRkkFQOtOiLS9tRis3ZfEow=
Subject key identifier: 9A:F6:2C:FA:19:4B:43:23:1D:2B:18:0F:C3:48:3F:8E:8D:9B:FE:96
Certificate issuer: /CN=878abb29977a65b140cacb6e72ab24ceddd4e8c5
Certificate serial: 01941F8C281EE1B0A199DC274B90B7773679
Authority key identifier: 87:8A:BB:29:97:7A:65:B1:40:CA:CB:6E:72:AB:24:CE:DD:D4:E8:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h4q7KZd6ZbFAystucqskzt3U6MU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/mvYs-hlLQyMdKxgPw0g_jo2b_pY.roa
Signing time: Wed 01 Jan 2025 01:47:46 +0000
ROA not before: Wed 01 Jan 2025 01:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 132839
IP address blocks: 2.59.100.0/22 maxlen: 22
2.59.100.0/24 maxlen: 24
2.59.101.0/24 maxlen: 24
2.59.102.0/24 maxlen: 24
2.59.103.0/24 maxlen: 24
45.8.28.0/22 maxlen: 22
45.9.108.0/22 maxlen: 22
45.9.108.0/24 maxlen: 24
45.9.109.0/24 maxlen: 24
45.9.110.0/24 maxlen: 24
45.9.111.0/24 maxlen: 24
45.10.208.0/22 maxlen: 22
45.13.160.0/22 maxlen: 22
45.13.160.0/24 maxlen: 24
45.66.188.0/22 maxlen: 22
45.66.188.0/24 maxlen: 24
45.66.189.0/24 maxlen: 24
45.66.190.0/24 maxlen: 24
45.66.191.0/24 maxlen: 24
45.80.112.0/22 maxlen: 22
45.87.228.0/22 maxlen: 22
45.87.231.0/24 maxlen: 24
45.93.64.0/22 maxlen: 22
45.93.64.0/24 maxlen: 24
45.93.65.0/24 maxlen: 24
45.93.66.0/24 maxlen: 24
45.93.67.0/24 maxlen: 24
45.131.156.0/22 maxlen: 22
45.131.156.0/24 maxlen: 24
45.131.157.0/24 maxlen: 24
45.131.158.0/24 maxlen: 24
45.131.159.0/24 maxlen: 24
45.142.76.0/22 maxlen: 22
45.142.79.0/24 maxlen: 24
45.147.212.0/22 maxlen: 22
45.147.215.0/24 maxlen: 24
45.149.68.0/22 maxlen: 22
45.149.68.0/24 maxlen: 24
45.149.69.0/24 maxlen: 24
45.156.168.0/22 maxlen: 22
45.156.169.0/24 maxlen: 24
45.156.171.0/24 maxlen: 24
45.156.216.0/22 maxlen: 22
45.158.220.0/22 maxlen: 22
45.158.221.0/24 maxlen: 24
45.158.223.0/24 maxlen: 24
62.192.188.0/22 maxlen: 22
62.192.188.0/24 maxlen: 24
62.192.189.0/24 maxlen: 24
62.192.190.0/24 maxlen: 24
62.192.191.0/24 maxlen: 24
83.150.224.0/22 maxlen: 22
83.150.224.0/24 maxlen: 24
83.150.225.0/24 maxlen: 24
85.208.56.0/22 maxlen: 22
85.208.56.0/24 maxlen: 24
85.208.57.0/24 maxlen: 24
85.208.58.0/24 maxlen: 24
85.208.59.0/24 maxlen: 24
92.118.144.0/22 maxlen: 22
92.118.144.0/24 maxlen: 24
92.118.145.0/24 maxlen: 24
92.118.146.0/24 maxlen: 24
92.118.147.0/24 maxlen: 24
185.51.164.0/22 maxlen: 22
185.51.164.0/24 maxlen: 24
185.51.167.0/24 maxlen: 24
193.42.15.0/24 maxlen: 24
193.42.132.0/24 maxlen: 24
193.42.135.0/24 maxlen: 24
193.42.149.0/24 maxlen: 24
193.108.46.0/23 maxlen: 23
193.108.96.0/23 maxlen: 23
193.164.222.0/23 maxlen: 23
193.168.4.0/23 maxlen: 23
194.146.84.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/h4q7KZd6ZbFAystucqskzt3U6MU.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/h4q7KZd6ZbFAystucqskzt3U6MU.mft
rsync://rpki.ripe.net/repository/DEFAULT/h4q7KZd6ZbFAystucqskzt3U6MU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 10 Mar 2025 15:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:28:1e:e1:b0:a1:99:dc:27:4b:90:b7:77:36:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=878abb29977a65b140cacb6e72ab24ceddd4e8c5
Validity
Not Before: Jan 1 01:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9af62cfa194b43231d2b180fc3483f8e8d9bfe96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5c:00:b4:2f:4a:1f:1b:d4:12:d9:c8:3f:ee:
a4:c2:42:b2:ef:14:66:ac:89:ed:a8:54:c6:36:4f:
82:a5:dd:fd:9b:a9:b7:19:01:95:2d:17:d6:2a:e6:
5d:62:74:e4:da:75:1d:48:0d:7b:8f:b6:9d:c8:98:
be:90:16:8e:30:06:ea:14:0f:0b:20:4a:76:f2:de:
e5:ff:3f:3c:c0:de:4a:43:75:45:e9:09:66:5d:75:
6e:75:f0:73:26:b6:9f:0b:0a:56:1c:d3:7c:0f:71:
91:10:da:4f:99:18:d3:14:c4:0d:ad:a0:c6:8b:6b:
bf:da:39:b1:ba:eb:5f:20:9c:af:af:24:81:ca:51:
8d:95:e1:a4:16:5e:3a:fb:59:6d:5a:2f:23:64:57:
2f:61:7b:c6:4f:e0:84:a9:fc:f8:d5:01:54:86:0b:
ed:c9:bf:37:10:0a:01:b8:f4:15:c5:4f:f1:e8:45:
79:c4:cd:ac:b7:70:5e:ae:5d:a0:76:cb:3e:dc:c4:
a3:bc:f5:6e:d7:5e:1c:4d:9f:04:eb:ff:f1:91:ae:
51:98:0e:0b:c4:bd:ae:a9:5e:0a:f5:c2:73:fe:41:
ef:5b:6f:e1:55:cc:76:ba:7d:3e:13:a2:22:56:d9:
b8:3c:1d:0d:20:a9:c0:c2:d2:c6:57:5e:48:c1:1c:
69:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:F6:2C:FA:19:4B:43:23:1D:2B:18:0F:C3:48:3F:8E:8D:9B:FE:96
X509v3 Authority Key Identifier:
keyid:87:8A:BB:29:97:7A:65:B1:40:CA:CB:6E:72:AB:24:CE:DD:D4:E8:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h4q7KZd6ZbFAystucqskzt3U6MU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/mvYs-hlLQyMdKxgPw0g_jo2b_pY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/h4q7KZd6ZbFAystucqskzt3U6MU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.100.0/22
45.8.28.0/22
45.9.108.0/22
45.10.208.0/22
45.13.160.0/22
45.66.188.0/22
45.80.112.0/22
45.87.228.0/22
45.93.64.0/22
45.131.156.0/22
45.142.76.0/22
45.147.212.0/22
45.149.68.0/22
45.156.168.0/22
45.156.216.0/22
45.158.220.0/22
62.192.188.0/22
83.150.224.0/22
85.208.56.0/22
92.118.144.0/22
185.51.164.0/22
193.42.15.0/24
193.42.132.0/24
193.42.135.0/24
193.42.149.0/24
193.108.46.0/23
193.108.96.0/23
193.164.222.0/23
193.168.4.0/23
194.146.84.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:3c:a1:89:6b:7a:53:dd:46:3b:8b:04:a2:17:91:42:c1:79:
40:17:12:02:36:ce:fc:1e:66:e7:62:94:69:9d:89:8d:af:d5:
1c:fe:84:51:f8:b7:03:95:ee:75:c9:6f:da:bd:6e:5d:2c:9e:
19:f3:7e:94:9b:ed:8c:54:9e:11:49:92:d6:17:6b:78:6d:5e:
d6:1b:62:0c:98:d1:7a:1e:ba:4c:e3:8c:76:78:01:79:a6:fe:
ac:41:4a:1b:e2:06:e7:2d:24:17:5b:74:b0:d9:4d:97:86:46:
ab:7c:dd:0e:c1:eb:d7:f5:d2:22:24:2d:56:c1:18:3c:ee:25:
7a:b7:4d:90:f5:1a:e0:3d:e8:8f:8f:2c:c3:d0:0c:ab:33:e2:
ae:8d:dc:91:ec:d5:17:03:db:e1:0d:59:d4:80:6e:be:14:7c:
e6:2b:f4:19:90:1c:fe:3e:42:96:ce:30:eb:47:77:b4:92:4a:
ab:0e:ab:da:b5:f8:d7:ed:76:8b:f9:f0:a6:d1:16:fa:b3:d3:
d4:d4:93:5a:65:dd:38:08:00:48:aa:8c:6b:59:36:61:40:e7:
79:97:a4:5c:7b:39:18:dd:b6:22:73:a5:b3:49:29:11:1a:8a:
d8:b0:58:57:40:43:f2:54:cb:87:4b:f7:e4:c0:00:f6:9b:4f:
52:66:cb:ae
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAZQfjCge4bChmdwnS5C3dzZ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3OGFiYjI5OTc3YTY1YjE0MGNhY2I2ZTcyYWIyNGNlZGRk
NGU4YzUwHhcNMjUwMTAxMDE0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWY2MmNmYTE5NGI0MzIzMWQyYjE4MGZjMzQ4M2Y4ZThkOWJmZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFwAtC9KHxvUEtnIP+6kwkKy7xRm
rIntqFTGNk+Cpd39m6m3GQGVLRfWKuZdYnTk2nUdSA17j7adyJi+kBaOMAbqFA8L
IEp28t7l/z88wN5KQ3VF6QlmXXVudfBzJrafCwpWHNN8D3GRENpPmRjTFMQNraDG
i2u/2jmxuutfIJyvrySBylGNleGkFl46+1ltWi8jZFcvYXvGT+CEqfz41QFUhgvt
yb83EAoBuPQVxU/x6EV5xM2st3Berl2gdss+3MSjvPVu114cTZ8E6//xka5RmA4L
xL2uqV4K9cJz/kHvW2/hVcx2un0+E6IiVtm4PB0NIKnAwtLGV15IwRxp8wIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFJr2LPoZS0MjHSsYD8NIP46Nm/6WMB8GA1UdIwQY
MBaAFIeKuymXemWxQMrLbnKrJM7d1OjFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDRxN0taZDZaYkZBeXN0dWNxc2t6dDNVNk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8wNmI4ZjUtMWE3Ni00NWY4LWI5N2Et
YWM4NjQ3ZDA1NThhLzEvbXZZcy1obExReU1kS3hnUHcwZ19qbzJiX3BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8wNmI4ZjUtMWE3Ni00NWY4LWI5N2EtYWM4NjQ3ZDA1NThh
LzEvaDRxN0taZDZaYkZBeXN0dWNxc2t6dDNVNk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBuwQCAAEwgbQDBAIC
O2QDBAItCBwDBAItCWwDBAItCtADBAItDaADBAItQrwDBAItUHADBAItV+QDBAIt
XUADBAItg5wDBAItjkwDBAItk9QDBAItlUQDBAItnKgDBAItnNgDBAItntwDBAI+
wLwDBAJTluADBAJV0DgDBAJcdpADBAK5M6QDBADBKg8DBADBKoQDBADBKocDBADB
KpUDBAHBbC4DBAHBbGADBAHBpN4DBAHBqAQDBALCklQwDQYJKoZIhvcNAQELBQAD
ggEBAF48oYlrelPdRjuLBKIXkULBeUAXEgI2zvweZudilGmdiY2v1Rz+hFH4twOV
7nXJb9q9bl0snhnzfpSb7YxUnhFJktYXa3htXtYbYgyY0XoeukzjjHZ4AXmm/qxB
ShviBuctJBdbdLDZTZeGRqt83Q7B69f10iIkLVbBGDzuJXq3TZD1GuA96I+PLMPQ
DKsz4q6N3JHs1RcD2+ENWdSAbr4UfOYr9BmQHP4+QpbOMOtHd7SSSqsOq9q1+Nft
dov58KbRFvqz09TUk1pl3TgIAEiqjGtZNmFA53mXpFx7ORjdtiJzpbNJKREaitiw
WFdAQ/JUy4dL9+TAAPabT1Jmy64=
-----END CERTIFICATE-----
Generated at Mon Mar 10 00:44:29 2025 by rpki-client