Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/LSUjY22nbXmiCbKYSvjkpLOlwJ0.roa
File: LSUjY22nbXmiCbKYSvjkpLOlwJ0.roa (raw, json)
Hash identifier: 2B/DnJQQcDMoJmbD3yPRvJKI69sYoXHy9Xbk2/LXV1M=
Subject key identifier: 2D:25:23:63:6D:A7:6D:79:A2:09:B2:98:4A:F8:E4:A4:B3:A5:C0:9D
Certificate issuer: /CN=95a5adf6af1fcc0570adf858fd5bfbe28791a186
Certificate serial: 0195D1D5B95939911A4A9121D1BF15241198
Authority key identifier: 95:A5:AD:F6:AF:1F:CC:05:70:AD:F8:58:FD:5B:FB:E2:87:91:A1:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/laWt9q8fzAVwrfhY_Vv74oeRoYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/LSUjY22nbXmiCbKYSvjkpLOlwJ0.roa
Signing time: Wed 26 Mar 2025 09:43:19 +0000
ROA not before: Wed 26 Mar 2025 09:43:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5413
IP address blocks: 5.22.224.0/21 maxlen: 24
45.83.76.0/22 maxlen: 24
45.83.76.0/24 maxlen: 24
62.44.64.0/19 maxlen: 24
62.69.32.0/19 maxlen: 24
62.72.128.0/19 maxlen: 24
62.105.64.0/18 maxlen: 24
62.232.0.0/16 maxlen: 24
77.44.0.0/17 maxlen: 24
77.73.120.0/21 maxlen: 24
77.107.128.0/18 maxlen: 24
78.41.208.0/21 maxlen: 24
78.141.0.0/18 maxlen: 24
80.64.48.0/20 maxlen: 24
80.69.128.0/20 maxlen: 24
80.89.80.0/20 maxlen: 24
80.234.128.0/17 maxlen: 24
82.195.96.0/19 maxlen: 24
83.219.32.0/19 maxlen: 24
89.145.192.0/18 maxlen: 24
91.236.17.0/24 maxlen: 24
93.92.120.0/21 maxlen: 24
93.95.104.0/21 maxlen: 24
94.30.0.0/17 maxlen: 24
109.170.128.0/17 maxlen: 24
130.185.64.0/21 maxlen: 24
176.35.0.0/16 maxlen: 24
185.3.76.0/22 maxlen: 24
185.8.204.0/22 maxlen: 24
185.138.152.0/22 maxlen: 24
185.144.110.0/24 maxlen: 24
185.196.204.0/22 maxlen: 24
193.28.154.0/24 maxlen: 24
193.38.52.0/24 maxlen: 24
193.41.96.0/21 maxlen: 24
193.192.34.0/23 maxlen: 24
193.192.64.0/19 maxlen: 24
193.242.113.0/24 maxlen: 24
193.242.115.0/24 maxlen: 24
193.242.116.0/24 maxlen: 24
194.1.210.0/24 maxlen: 24
194.79.240.0/22 maxlen: 24
194.79.241.0/24 maxlen: 24
194.126.64.0/19 maxlen: 24
194.143.160.0/19 maxlen: 24
194.153.0.0/19 maxlen: 24
194.154.160.0/19 maxlen: 24
195.38.64.0/19 maxlen: 24
195.70.64.0/19 maxlen: 24
195.147.0.0/16 maxlen: 24
195.147.4.0/24 maxlen: 24
195.200.128.0/19 maxlen: 24
195.224.0.0/16 maxlen: 24
195.226.32.0/19 maxlen: 24
212.19.64.0/19 maxlen: 24
212.35.224.0/19 maxlen: 24
212.88.32.0/19 maxlen: 24
212.102.192.0/19 maxlen: 24
212.102.214.0/24 maxlen: 24
212.103.224.0/19 maxlen: 24
212.241.128.0/17 maxlen: 24
213.205.128.0/18 maxlen: 24
217.67.48.0/20 maxlen: 24
2001:b98::/29 maxlen: 48
2001:b98::/32 maxlen: 32
2a00:b300::/29 maxlen: 48
2a03:4200::/32 maxlen: 48
2a04:b2c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/laWt9q8fzAVwrfhY_Vv74oeRoYY.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/laWt9q8fzAVwrfhY_Vv74oeRoYY.mft
rsync://rpki.ripe.net/repository/DEFAULT/laWt9q8fzAVwrfhY_Vv74oeRoYY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 21:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d1:d5:b9:59:39:91:1a:4a:91:21:d1:bf:15:24:11:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95a5adf6af1fcc0570adf858fd5bfbe28791a186
Validity
Not Before: Mar 26 09:43:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d2523636da76d79a209b2984af8e4a4b3a5c09d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:08:17:32:2e:58:9f:1c:b9:4d:3e:a9:ff:d0:
91:83:8e:88:a7:db:d5:f4:e8:15:8c:88:75:b0:ca:
b7:cc:0d:22:0b:12:40:da:94:df:5d:a9:6f:9d:c7:
a5:3c:c2:12:52:89:d0:52:19:47:28:70:95:98:91:
6b:0b:fc:96:7a:b1:07:82:4f:b2:d3:7e:33:2c:a3:
f7:01:fa:dd:f9:c6:a5:73:80:83:3f:73:48:1b:86:
72:9d:c5:f0:30:14:2f:db:20:63:8c:ac:38:b9:64:
85:33:7c:02:21:cd:a3:e9:3a:32:61:3b:9f:5a:56:
79:af:e0:e9:4f:bd:76:a6:40:b4:f0:92:be:ab:35:
de:6a:86:aa:9a:05:8f:4e:b5:05:48:9d:e3:75:bf:
09:f2:ef:e7:6b:31:d6:dd:d1:05:71:7b:f8:13:75:
bb:58:c5:70:30:e6:4d:4e:50:53:af:f6:02:12:53:
0e:0b:28:c0:d1:16:ca:39:48:e3:12:5e:25:02:6d:
22:4c:86:a4:38:a6:31:9c:52:73:c8:e2:b5:47:0b:
47:9d:84:28:97:9b:ee:d0:82:6b:82:1c:6c:19:c5:
82:ba:c5:0f:0f:63:f5:09:89:4d:b5:57:f4:da:20:
77:64:bb:c0:12:04:59:bd:54:55:8f:2b:79:56:7f:
8d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:25:23:63:6D:A7:6D:79:A2:09:B2:98:4A:F8:E4:A4:B3:A5:C0:9D
X509v3 Authority Key Identifier:
keyid:95:A5:AD:F6:AF:1F:CC:05:70:AD:F8:58:FD:5B:FB:E2:87:91:A1:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/laWt9q8fzAVwrfhY_Vv74oeRoYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/LSUjY22nbXmiCbKYSvjkpLOlwJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/laWt9q8fzAVwrfhY_Vv74oeRoYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.224.0/21
45.83.76.0/22
62.44.64.0/19
62.69.32.0/19
62.72.128.0/19
62.105.64.0/18
62.232.0.0/16
77.44.0.0/17
77.73.120.0/21
77.107.128.0/18
78.41.208.0/21
78.141.0.0/18
80.64.48.0/20
80.69.128.0/20
80.89.80.0/20
80.234.128.0/17
82.195.96.0/19
83.219.32.0/19
89.145.192.0/18
91.236.17.0/24
93.92.120.0/21
93.95.104.0/21
94.30.0.0/17
109.170.128.0/17
130.185.64.0/21
176.35.0.0/16
185.3.76.0/22
185.8.204.0/22
185.138.152.0/22
185.144.110.0/24
185.196.204.0/22
193.28.154.0/24
193.38.52.0/24
193.41.96.0/21
193.192.34.0/23
193.192.64.0/19
193.242.113.0/24
193.242.115.0-193.242.116.255
194.1.210.0/24
194.79.240.0/22
194.126.64.0/19
194.143.160.0/19
194.153.0.0/19
194.154.160.0/19
195.38.64.0/19
195.70.64.0/19
195.147.0.0/16
195.200.128.0/19
195.224.0.0/16
195.226.32.0/19
212.19.64.0/19
212.35.224.0/19
212.88.32.0/19
212.102.192.0/19
212.103.224.0/19
212.241.128.0/17
213.205.128.0/18
217.67.48.0/20
IPv6:
2001:b98::/29
2a00:b300::/29
2a03:4200::/32
2a04:b2c0::/29
Signature Algorithm: sha256WithRSAEncryption
46:98:f1:73:c0:fd:76:03:ac:2d:17:62:54:3c:5e:bb:94:0d:
1a:76:6f:a5:33:15:fc:5c:74:72:02:63:a5:8d:b1:63:cd:d8:
ca:86:17:19:df:61:0b:ff:b8:7c:d0:dc:30:46:34:51:4d:ae:
91:0f:23:50:34:b7:a3:51:92:84:9c:4b:19:b4:5b:d0:3d:f5:
49:63:d8:60:b1:36:25:91:2c:16:6e:64:65:d1:3f:ec:ee:ac:
ee:39:65:12:a6:c6:04:bd:e4:cd:9a:10:a9:5b:d8:64:82:bf:
05:54:6b:c8:af:f3:a4:ac:57:ab:60:af:43:4a:64:44:0c:39:
60:44:0a:81:a9:1e:6e:69:56:bd:d1:a5:01:4b:4b:e3:fb:9f:
92:ca:9a:af:9e:c6:c1:92:3b:05:4b:ab:04:1f:9e:4f:e3:d9:
8a:47:97:4d:24:ba:18:24:ba:da:8f:1f:d8:52:c6:96:11:a7:
f5:37:ef:89:47:5a:47:d9:36:41:86:ab:0c:cc:00:6d:51:78:
5b:ef:43:49:2c:db:be:26:af:90:c9:96:52:41:28:4d:b0:12:
1e:fd:98:c0:3b:75:e8:0e:5d:e9:99:ba:1c:f7:f5:fb:0a:a9:
c3:5a:03:dd:c6:27:25:f5:f4:10:b8:25:46:8a:15:da:fd:bc:
8f:d5:11:04
-----BEGIN CERTIFICATE-----
MIIGhTCCBW2gAwIBAgISAZXR1blZOZEaSpEh0b8VJBGYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YTVhZGY2YWYxZmNjMDU3MGFkZjg1OGZkNWJmYmUyODc5
MWExODYwHhcNMjUwMzI2MDk0MzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDI1MjM2MzZkYTc2ZDc5YTIwOWIyOTg0YWY4ZTRhNGIzYTVjMDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQgXMi5Ynxy5TT6p/9CRg46Ip9vV
9OgVjIh1sMq3zA0iCxJA2pTfXalvncelPMISUonQUhlHKHCVmJFrC/yWerEHgk+y
034zLKP3Afrd+calc4CDP3NIG4ZyncXwMBQv2yBjjKw4uWSFM3wCIc2j6ToyYTuf
WlZ5r+DpT712pkC08JK+qzXeaoaqmgWPTrUFSJ3jdb8J8u/nazHW3dEFcXv4E3W7
WMVwMOZNTlBTr/YCElMOCyjA0RbKOUjjEl4lAm0iTIakOKYxnFJzyOK1RwtHnYQo
l5vu0IJrghxsGcWCusUPD2P1CYlNtVf02iB3ZLvAEgRZvVRVjyt5Vn+NnwIDAQAB
o4IDkTCCA40wHQYDVR0OBBYEFC0lI2Ntp215ogmymEr45KSzpcCdMB8GA1UdIwQY
MBaAFJWlrfavH8wFcK34WP1b++KHkaGGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGFXdDlxOGZ6QVZ3cmZoWV9Wdjc0b2VSb1lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9kM2YxYmEtZDllNS00NWM1LWJjYTIt
MTYxOWQwOGM2OTY1LzEvTFNValkyMm5iWG1pQ2JLWVN2amtwTE9sd0owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9kM2YxYmEtZDllNS00NWM1LWJjYTItMTYxOWQwOGM2OTY1
LzEvbGFXdDlxOGZ6QVZ3cmZoWV9Wdjc0b2VSb1lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBpQYIKwYBBQUHAQcBAf8EggGUMIIBkDCCAWgEAgABMIIB
YAMEAwUW4AMEAi1TTAMEBT4sQAMEBT5FIAMEBT5IgAMEBj5pQAMDAD7oAwQHTSwA
AwQDTUl4AwQGTWuAAwQDTinQAwQGTo0AAwQEUEAwAwQEUEWAAwQEUFlQAwQHUOqA
AwQFUsNgAwQFU9sgAwQGWZHAAwQAW+wRAwQDXVx4AwQDXV9oAwQHXh4AAwQHbaqA
AwQDgrlAAwMAsCMDBAK5A0wDBAK5CMwDBAK5ipgDBAC5kG4DBAK5xMwDBADBHJoD
BADBJjQDBAPBKWADBAHBwCIDBAXBwEADBADB8nEwDAMEAMHycwMEAMHydAMEAMIB
0gMEAsJP8AMEBcJ+QAMEBcKPoAMEBcKZAAMEBcKaoAMEBcMmQAMEBcNGQAMDAMOT
AwQFw8iAAwMAw+ADBAXD4iADBAXUE0ADBAXUI+ADBAXUWCADBAXUZsADBAXUZ+AD
BAfU8YADBAbVzYADBATZQzAwIgQCAAIwHAMFAyABC5gDBQMqALMAAwUAKgNCAAMF
AyoEssAwDQYJKoZIhvcNAQELBQADggEBAEaY8XPA/XYDrC0XYlQ8XruUDRp2b6Uz
FfxcdHICY6WNsWPN2MqGFxnfYQv/uHzQ3DBGNFFNrpEPI1A0t6NRkoScSxm0W9A9
9Ulj2GCxNiWRLBZuZGXRP+zurO45ZRKmxgS95M2aEKlb2GSCvwVUa8iv86SsV6tg
r0NKZEQMOWBECoGpHm5pVr3RpQFLS+P7n5LKmq+exsGSOwVLqwQfnk/j2YpHl00k
uhgkutqPH9hSxpYRp/U374lHWkfZNkGGqwzMAG1ReFvvQ0ks274mr5DJllJBKE2w
Eh79mMA7degOXemZuhz39fsKqcNaA93GJyX19BC4JUaKFdr9vI/VEQQ=
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:37:37 2025 by rpki-client