Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/EDfpHvpbp3EfEt163dJ9FtchsUM.roa
File: EDfpHvpbp3EfEt163dJ9FtchsUM.roa (raw, json)
Hash identifier: uE0vljL2iCJjJtw/TfxMJtyywBT0HvZb4IVr++tc5OA=
Subject key identifier: 10:37:E9:1E:FA:5B:A7:71:1F:12:DD:7A:DD:D2:7D:16:D7:21:B1:43
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 0195A92BB9734B2F609E6E8482DD36CB8FDE
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/EDfpHvpbp3EfEt163dJ9FtchsUM.roa
Signing time: Tue 18 Mar 2025 12:12:49 +0000
ROA not before: Tue 18 Mar 2025 12:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200845
IP address blocks: 2.59.192.0/22 maxlen: 22
2.59.192.0/23 maxlen: 23
2.59.192.0/24 maxlen: 24
2.59.193.0/24 maxlen: 24
2.59.194.0/23 maxlen: 23
2.59.194.0/24 maxlen: 24
2.59.195.0/24 maxlen: 24
31.15.0.0/22 maxlen: 22
31.15.0.0/23 maxlen: 23
31.15.0.0/24 maxlen: 24
31.15.1.0/24 maxlen: 24
31.15.2.0/23 maxlen: 23
31.15.2.0/24 maxlen: 24
31.15.3.0/24 maxlen: 25
31.15.4.0/24 maxlen: 24
31.15.5.0/24 maxlen: 24
31.15.6.0/24 maxlen: 24
31.15.7.0/24 maxlen: 24
45.81.104.0/22 maxlen: 22
45.81.104.0/23 maxlen: 23
45.81.104.0/24 maxlen: 24
45.81.105.0/24 maxlen: 24
45.81.106.0/23 maxlen: 23
45.81.106.0/24 maxlen: 24
45.81.107.0/24 maxlen: 24
45.81.124.0/22 maxlen: 22
45.81.124.0/23 maxlen: 23
45.81.124.0/24 maxlen: 24
45.81.125.0/24 maxlen: 24
45.81.126.0/23 maxlen: 23
45.81.126.0/24 maxlen: 24
45.81.127.0/24 maxlen: 24
45.130.160.0/22 maxlen: 22
45.133.60.0/22 maxlen: 22
45.133.60.0/23 maxlen: 23
45.133.60.0/24 maxlen: 24
45.133.61.0/24 maxlen: 24
45.133.62.0/23 maxlen: 23
45.133.62.0/24 maxlen: 24
45.133.63.0/24 maxlen: 24
45.137.12.0/23 maxlen: 23
45.137.12.0/24 maxlen: 24
45.137.13.0/24 maxlen: 24
45.137.136.0/23 maxlen: 23
45.137.139.0/24 maxlen: 24
45.145.132.0/22 maxlen: 22
45.145.132.0/23 maxlen: 23
45.145.132.0/24 maxlen: 24
45.145.133.0/24 maxlen: 24
45.145.134.0/23 maxlen: 23
45.145.134.0/24 maxlen: 24
45.145.135.0/24 maxlen: 24
45.150.84.0/22 maxlen: 22
45.150.84.0/23 maxlen: 23
45.150.84.0/24 maxlen: 24
45.150.85.0/24 maxlen: 24
45.150.86.0/23 maxlen: 23
45.150.86.0/24 maxlen: 24
45.150.87.0/24 maxlen: 24
45.152.140.0/22 maxlen: 22
45.152.140.0/23 maxlen: 23
45.152.140.0/24 maxlen: 24
45.152.141.0/24 maxlen: 24
45.152.142.0/23 maxlen: 23
45.152.142.0/24 maxlen: 24
45.152.143.0/24 maxlen: 24
45.155.56.0/22 maxlen: 22
45.155.56.0/23 maxlen: 23
45.155.56.0/24 maxlen: 24
45.155.57.0/24 maxlen: 24
45.155.58.0/23 maxlen: 23
45.155.58.0/24 maxlen: 24
45.155.59.0/24 maxlen: 24
89.190.152.0/22 maxlen: 22
89.190.152.0/24 maxlen: 24
89.190.153.0/24 maxlen: 24
89.190.154.0/24 maxlen: 24
89.190.155.0/24 maxlen: 24
92.118.180.0/22 maxlen: 22
92.118.180.0/23 maxlen: 23
92.118.180.0/24 maxlen: 24
92.118.181.0/24 maxlen: 24
92.118.182.0/23 maxlen: 23
92.118.182.0/24 maxlen: 24
92.118.183.0/24 maxlen: 24
178.19.40.0/24 maxlen: 24
178.19.41.0/24 maxlen: 24
178.19.42.0/24 maxlen: 24
185.28.51.0/24 maxlen: 24
185.225.244.0/22 maxlen: 22
185.225.244.0/24 maxlen: 24
185.225.245.0/24 maxlen: 24
185.225.246.0/24 maxlen: 24
185.225.247.0/24 maxlen: 24
185.229.216.0/22 maxlen: 22
185.229.216.0/23 maxlen: 23
185.229.217.0/24 maxlen: 24
185.229.218.0/23 maxlen: 23
185.229.219.0/24 maxlen: 24
185.231.184.0/22 maxlen: 22
185.231.186.0/24 maxlen: 24
185.231.187.0/24 maxlen: 24
185.241.122.0/23 maxlen: 23
185.244.228.0/23 maxlen: 23
185.244.228.0/24 maxlen: 24
185.244.229.0/24 maxlen: 24
185.244.230.0/24 maxlen: 24
185.244.231.0/24 maxlen: 24
185.246.12.0/23 maxlen: 23
185.246.12.0/24 maxlen: 24
185.246.13.0/24 maxlen: 24
185.246.14.0/24 maxlen: 24
185.246.15.0/24 maxlen: 24
194.31.104.0/22 maxlen: 22
194.31.104.0/23 maxlen: 23
194.31.104.0/24 maxlen: 24
194.31.105.0/24 maxlen: 24
194.31.106.0/23 maxlen: 23
194.31.106.0/24 maxlen: 24
194.31.107.0/24 maxlen: 24
194.32.112.0/22 maxlen: 22
194.32.112.0/24 maxlen: 24
194.32.113.0/24 maxlen: 24
194.32.114.0/24 maxlen: 24
194.32.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 19:01:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a9:2b:b9:73:4b:2f:60:9e:6e:84:82:dd:36:cb:8f:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Mar 18 12:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1037e91efa5ba7711f12dd7addd27d16d721b143
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:3e:b3:8c:90:e5:69:1c:4f:1a:3b:9a:9b:fe:
c4:63:25:92:dc:51:7d:83:24:8a:92:1d:3a:c2:83:
5a:c8:b3:19:38:d0:9d:56:2a:2c:b6:3b:b9:fe:34:
6a:6b:09:05:bb:fd:01:4b:14:c1:ea:38:6e:cc:a3:
43:47:d8:e3:4c:67:45:1c:05:11:28:48:88:1d:62:
3d:4f:6b:e9:d6:56:2b:8d:cb:8c:40:8f:0d:af:72:
40:a6:fe:08:a1:b0:e3:34:3a:8e:55:4b:5a:9c:dc:
f1:81:0a:b3:04:50:43:d8:78:77:3d:6c:71:57:9b:
f9:44:3b:55:c1:bd:3e:8b:0d:86:15:d6:ea:fe:d4:
53:73:3b:7f:75:f4:5d:38:7c:6c:bf:1b:a8:80:2d:
41:43:49:8d:44:95:82:0e:b7:25:ca:3b:17:26:96:
c8:8d:c6:f5:e0:7e:27:2e:49:62:fe:40:68:8c:fe:
16:72:3f:e1:c0:74:c9:21:2d:12:11:78:22:79:a1:
fa:cb:3e:a7:c3:95:48:0a:65:4f:a3:ba:53:97:e2:
22:11:d1:8b:34:43:dc:41:29:57:f8:0e:4c:fd:f2:
af:a5:73:ab:34:94:8b:c0:25:35:fb:bc:d7:7d:42:
38:81:10:04:f2:c9:0d:f5:af:09:8a:8a:a0:31:da:
91:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:37:E9:1E:FA:5B:A7:71:1F:12:DD:7A:DD:D2:7D:16:D7:21:B1:43
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/EDfpHvpbp3EfEt163dJ9FtchsUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.192.0/22
31.15.0.0/21
45.81.104.0/22
45.81.124.0/22
45.130.160.0/22
45.133.60.0/22
45.137.12.0/23
45.137.136.0/23
45.137.139.0/24
45.145.132.0/22
45.150.84.0/22
45.152.140.0/22
45.155.56.0/22
89.190.152.0/22
92.118.180.0/22
178.19.40.0-178.19.42.255
185.28.51.0/24
185.225.244.0/22
185.229.216.0/22
185.231.184.0/22
185.241.122.0/23
185.244.228.0/22
185.246.12.0/22
194.31.104.0/22
194.32.112.0/22
Signature Algorithm: sha256WithRSAEncryption
14:61:34:61:fb:23:ed:19:c9:d4:5d:bd:ed:cb:66:5a:8f:4f:
85:92:cf:b7:e4:b3:ff:69:aa:e4:ae:8c:44:2f:b2:58:cb:10:
b4:68:b2:1b:e1:10:05:f8:65:dd:c2:4c:25:ac:bb:3d:ea:6e:
b0:3e:e5:ce:8d:8e:25:6e:89:14:61:ad:ea:ee:ff:62:30:af:
ad:05:2d:97:37:0e:7e:1c:8f:f1:19:a0:60:52:48:2c:fa:67:
04:e4:4a:7a:00:17:81:ae:10:2a:b4:52:3a:3b:4a:21:5a:31:
da:ca:38:ec:2e:b2:29:ca:1d:b1:bf:cb:1f:ce:4b:51:5b:22:
3f:c1:d1:65:4c:04:ef:db:eb:0a:24:85:3a:5f:ad:36:fb:47:
f8:02:09:be:53:e0:2d:03:a3:42:38:9a:c4:3e:b8:51:bb:03:
16:1b:5a:99:1e:8c:e9:c5:33:dc:6b:32:8a:16:27:7c:2b:6a:
53:c0:bb:46:43:55:c2:f1:71:d1:06:fc:db:61:72:5f:4d:56:
8a:8e:10:3e:c8:e7:08:01:a4:b3:fb:29:d6:3e:e1:7b:ec:5b:
c8:7e:cf:f9:a6:d4:c2:86:79:30:6b:fe:ef:aa:ec:f8:62:03:
16:31:44:37:e3:e7:b1:d9:97:3d:d8:39:53:03:f9:85:3f:43:
dd:96:af:1f
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAZWpK7lzSy9gnm6Egt02y4/eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwMzE4MTIxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDM3ZTkxZWZhNWJhNzcxMWYxMmRkN2FkZGQyN2QxNmQ3MjFiMTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6D6zjJDlaRxPGjuam/7EYyWS3FF9
gySKkh06woNayLMZONCdViostju5/jRqawkFu/0BSxTB6jhuzKNDR9jjTGdFHAUR
KEiIHWI9T2vp1lYrjcuMQI8Nr3JApv4IobDjNDqOVUtanNzxgQqzBFBD2Hh3PWxx
V5v5RDtVwb0+iw2GFdbq/tRTczt/dfRdOHxsvxuogC1BQ0mNRJWCDrclyjsXJpbI
jcb14H4nLkli/kBojP4Wcj/hwHTJIS0SEXgieaH6yz6nw5VICmVPo7pTl+IiEdGL
NEPcQSlX+A5M/fKvpXOrNJSLwCU1+7zXfUI4gRAE8skN9a8JioqgMdqRhwIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFBA36R76W6dxHxLdet3SfRbXIbFDMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvRURmcEh2cGJwM0VmRXQxNjNkSjlGdGNoc1VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAIC
O8ADBAMfDwADBAItUWgDBAItUXwDBAItgqADBAIthTwDBAEtiQwDBAEtiYgDBAAt
iYsDBAItkYQDBAItllQDBAItmIwDBAItmzgDBAJZvpgDBAJcdrQwDAMEA7ITKAME
ALITKgMEALkcMwMEArnh9AMEArnl2AMEArnnuAMEAbnxegMEArn05AMEArn2DAME
AsIfaAMEAsIgcDANBgkqhkiG9w0BAQsFAAOCAQEAFGE0Yfsj7RnJ1F297ctmWo9P
hZLPt+Sz/2mq5K6MRC+yWMsQtGiyG+EQBfhl3cJMJay7PepusD7lzo2OJW6JFGGt
6u7/YjCvrQUtlzcOfhyP8RmgYFJILPpnBORKegAXga4QKrRSOjtKIVox2so47C6y
Kcodsb/LH85LUVsiP8HRZUwE79vrCiSFOl+tNvtH+AIJvlPgLQOjQjiaxD64UbsD
FhtamR6M6cUz3GsyihYnfCtqU8C7RkNVwvFx0Qb822FyX01Wio4QPsjnCAGks/sp
1j7he+xbyH7P+abUwoZ5MGv+76rs+GIDFjFEN+PnsdmXPdg5UwP5hT9D3ZavHw==
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:44:18 2025 by rpki-client