Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/19a649-0442-4f3d-9cb9-8cf9d50adf29/1/s1k4VuonWOZZPAV_JNyFAmc3QSo.roa
File: s1k4VuonWOZZPAV_JNyFAmc3QSo.roa (raw, json)
Hash identifier: cR7PeQtOyIJC20HWqCOMhvmrx9KSgQEbtA0y8RtkXyM=
Subject key identifier: B3:59:38:56:EA:27:58:E6:59:3C:05:7F:24:DC:85:02:67:37:41:2A
Certificate issuer: /CN=865786c75fc16584b0271ff27b971d723416618d
Certificate serial: 01944F7C62863C8B3311FC910343B0972010
Authority key identifier: 86:57:86:C7:5F:C1:65:84:B0:27:1F:F2:7B:97:1D:72:34:16:61:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hleGx1_BZYSwJx_ye5cdcjQWYY0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/19a649-0442-4f3d-9cb9-8cf9d50adf29/1/s1k4VuonWOZZPAV_JNyFAmc3QSo.roa
Signing time: Fri 10 Jan 2025 09:12:18 +0000
ROA not before: Fri 10 Jan 2025 09:12:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41798
IP address blocks: 2.57.96.0/24 maxlen: 24
2.57.97.0/24 maxlen: 24
2.57.98.0/24 maxlen: 24
2.57.99.0/24 maxlen: 24
37.17.176.0/21 maxlen: 21
37.17.176.0/24 maxlen: 24
37.17.177.0/24 maxlen: 24
37.17.178.0/24 maxlen: 24
37.17.179.0/24 maxlen: 24
37.17.180.0/24 maxlen: 24
37.17.181.0/24 maxlen: 24
37.17.182.0/24 maxlen: 24
37.17.183.0/24 maxlen: 24
37.208.40.0/21 maxlen: 21
37.208.40.0/24 maxlen: 24
37.208.41.0/24 maxlen: 24
37.208.42.0/24 maxlen: 24
37.208.43.0/24 maxlen: 24
37.208.44.0/24 maxlen: 24
37.208.45.0/24 maxlen: 24
37.208.46.0/24 maxlen: 24
37.208.47.0/24 maxlen: 24
45.140.24.0/23 maxlen: 23
45.140.24.0/24 maxlen: 24
45.140.25.0/24 maxlen: 24
82.115.44.0/22 maxlen: 22
82.115.45.0/24 maxlen: 24
87.255.202.0/23 maxlen: 23
87.255.202.0/24 maxlen: 24
87.255.203.0/24 maxlen: 24
87.255.204.0/22 maxlen: 22
87.255.204.0/24 maxlen: 24
87.255.205.0/24 maxlen: 24
87.255.206.0/24 maxlen: 24
87.255.207.0/24 maxlen: 24
87.255.208.0/20 maxlen: 20
87.255.208.0/24 maxlen: 24
87.255.209.0/24 maxlen: 24
87.255.210.0/24 maxlen: 24
87.255.211.0/24 maxlen: 24
87.255.212.0/24 maxlen: 24
87.255.213.0/24 maxlen: 24
87.255.214.0/24 maxlen: 24
87.255.215.0/24 maxlen: 24
87.255.216.0/24 maxlen: 24
87.255.217.0/24 maxlen: 24
87.255.218.0/24 maxlen: 24
87.255.219.0/24 maxlen: 24
87.255.220.0/24 maxlen: 24
87.255.221.0/24 maxlen: 24
87.255.222.0/24 maxlen: 24
87.255.223.0/24 maxlen: 24
91.185.0.0/19 maxlen: 19
91.185.0.0/24 maxlen: 24
91.185.1.0/24 maxlen: 24
91.185.2.0/24 maxlen: 24
91.185.3.0/24 maxlen: 24
91.185.4.0/24 maxlen: 24
91.185.5.0/24 maxlen: 24
91.185.6.0/24 maxlen: 24
91.185.7.0/24 maxlen: 24
91.185.8.0/24 maxlen: 24
91.185.9.0/24 maxlen: 24
91.185.10.0/24 maxlen: 24
91.185.11.0/24 maxlen: 24
91.185.12.0/24 maxlen: 24
91.185.13.0/24 maxlen: 24
91.185.14.0/24 maxlen: 24
91.185.15.0/24 maxlen: 24
91.185.16.0/24 maxlen: 24
91.185.17.0/24 maxlen: 24
91.185.18.0/24 maxlen: 24
91.185.19.0/24 maxlen: 24
91.185.20.0/24 maxlen: 24
91.185.21.0/24 maxlen: 24
91.185.22.0/24 maxlen: 24
91.185.23.0/24 maxlen: 24
91.185.24.0/24 maxlen: 24
91.185.25.0/24 maxlen: 24
91.185.26.0/24 maxlen: 24
91.185.27.0/24 maxlen: 24
91.185.28.0/24 maxlen: 24
91.185.29.0/24 maxlen: 24
91.185.30.0/24 maxlen: 24
91.185.31.0/24 maxlen: 24
91.246.80.0/20 maxlen: 20
91.246.80.0/24 maxlen: 24
91.246.81.0/24 maxlen: 24
91.246.82.0/24 maxlen: 24
91.246.83.0/24 maxlen: 24
91.246.84.0/24 maxlen: 24
91.246.85.0/24 maxlen: 24
91.246.86.0/24 maxlen: 24
91.246.87.0/24 maxlen: 24
91.246.88.0/24 maxlen: 24
91.246.89.0/24 maxlen: 24
91.246.90.0/24 maxlen: 24
91.246.91.0/24 maxlen: 24
91.246.92.0/24 maxlen: 24
91.246.93.0/24 maxlen: 24
91.246.94.0/24 maxlen: 24
91.246.95.0/24 maxlen: 24
91.246.96.0/21 maxlen: 21
91.246.96.0/24 maxlen: 24
91.246.97.0/24 maxlen: 24
91.246.98.0/24 maxlen: 24
91.246.99.0/24 maxlen: 24
91.246.100.0/24 maxlen: 24
91.246.101.0/24 maxlen: 24
91.246.102.0/24 maxlen: 24
91.246.103.0/24 maxlen: 24
94.141.224.0/20 maxlen: 20
94.141.224.0/24 maxlen: 24
94.141.225.0/24 maxlen: 24
94.141.226.0/24 maxlen: 24
94.141.227.0/24 maxlen: 24
94.141.228.0/24 maxlen: 24
94.141.229.0/24 maxlen: 24
94.141.230.0/24 maxlen: 24
94.141.231.0/24 maxlen: 24
94.141.232.0/24 maxlen: 24
94.141.233.0/24 maxlen: 24
94.141.234.0/24 maxlen: 24
94.141.235.0/24 maxlen: 24
94.141.236.0/24 maxlen: 24
94.141.237.0/24 maxlen: 24
94.141.238.0/24 maxlen: 24
94.141.239.0/24 maxlen: 24
94.141.240.0/22 maxlen: 22
94.141.240.0/24 maxlen: 24
94.141.241.0/24 maxlen: 24
94.141.242.0/24 maxlen: 24
94.141.243.0/24 maxlen: 24
94.141.248.0/22 maxlen: 22
94.141.248.0/24 maxlen: 24
94.141.249.0/24 maxlen: 24
94.141.250.0/24 maxlen: 24
94.141.251.0/24 maxlen: 24
146.19.255.0/24 maxlen: 24
176.98.224.0/20 maxlen: 20
176.98.224.0/24 maxlen: 24
176.98.225.0/24 maxlen: 24
176.98.226.0/24 maxlen: 24
176.98.227.0/24 maxlen: 24
176.98.228.0/24 maxlen: 24
176.98.229.0/24 maxlen: 24
176.98.230.0/24 maxlen: 24
176.98.231.0/24 maxlen: 24
176.98.232.0/24 maxlen: 24
176.98.233.0/24 maxlen: 24
176.98.234.0/24 maxlen: 24
176.98.235.0/24 maxlen: 24
176.98.236.0/24 maxlen: 24
176.98.237.0/24 maxlen: 24
176.98.238.0/24 maxlen: 24
176.98.239.0/24 maxlen: 24
176.98.240.0/22 maxlen: 22
176.98.240.0/24 maxlen: 24
176.98.241.0/24 maxlen: 24
176.98.242.0/24 maxlen: 24
176.98.243.0/24 maxlen: 24
178.22.168.0/21 maxlen: 21
178.22.168.0/24 maxlen: 24
178.22.169.0/24 maxlen: 24
178.22.170.0/24 maxlen: 24
178.22.171.0/24 maxlen: 24
178.22.172.0/24 maxlen: 24
178.22.173.0/24 maxlen: 24
178.22.174.0/24 maxlen: 24
178.22.175.0/24 maxlen: 24
185.187.17.0/24 maxlen: 24
193.104.253.0/24 maxlen: 24
193.111.175.0/24 maxlen: 24
194.26.239.0/24 maxlen: 24
212.23.218.0/24 maxlen: 24
212.46.53.0/24 maxlen: 24
2a00:ab40::/32 maxlen: 48
2a00:ab40:3000::/48 maxlen: 48
2a00:ab40:4000::/48 maxlen: 48
2a00:ab40:5000::/48 maxlen: 48
2a00:ab40:7200::/48 maxlen: 48
2a00:ab40:7201::/48 maxlen: 48
2a00:ab40:7300::/48 maxlen: 48
2a00:ab40:7301::/48 maxlen: 48
2a00:ab40:7400::/48 maxlen: 48
2a00:ab40:7401::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/19a649-0442-4f3d-9cb9-8cf9d50adf29/1/hleGx1_BZYSwJx_ye5cdcjQWYY0.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/19a649-0442-4f3d-9cb9-8cf9d50adf29/1/hleGx1_BZYSwJx_ye5cdcjQWYY0.mft
rsync://rpki.ripe.net/repository/DEFAULT/hleGx1_BZYSwJx_ye5cdcjQWYY0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4f:7c:62:86:3c:8b:33:11:fc:91:03:43:b0:97:20:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=865786c75fc16584b0271ff27b971d723416618d
Validity
Not Before: Jan 10 09:12:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3593856ea2758e6593c057f24dc85026737412a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b2:b1:e4:40:38:79:45:d0:7c:68:a4:4a:1a:
4c:12:a9:1b:d8:aa:6a:54:08:54:28:91:a2:b7:4c:
82:3e:55:a1:3d:54:b6:24:3a:3a:75:8c:16:f7:aa:
e6:2c:93:07:60:93:22:e9:81:35:ae:ca:eb:4d:52:
01:b0:2e:3a:6a:df:d3:ab:85:d2:ba:b5:24:9e:fe:
79:cd:c5:a0:e8:6a:2f:1a:61:3b:08:89:42:d2:0d:
7b:0c:32:2d:24:7d:5b:76:8a:3a:d3:d1:b4:be:36:
d9:14:df:8d:c3:86:fd:bd:d1:76:30:1b:1f:04:6a:
0f:67:29:17:cb:be:df:06:56:95:7b:57:0e:9f:8c:
6d:5b:15:60:bd:b3:0b:c5:49:b3:bd:97:14:85:32:
15:07:04:9a:bd:7a:6c:9f:da:90:84:8b:dd:8b:c7:
a4:61:ca:30:a3:69:71:71:78:5f:22:1f:4f:8c:df:
15:43:01:f5:c4:4d:52:86:6a:e5:00:2e:ef:6c:28:
a5:0f:f8:64:11:a4:14:7c:5e:ab:f1:d0:f3:4a:31:
23:98:3e:b5:41:46:a3:a8:d8:0e:b9:76:dd:33:6f:
bb:8a:9e:4d:f0:d7:b8:63:72:81:d4:d6:0b:44:5c:
a5:97:6c:31:4b:72:6e:2b:ab:11:48:da:a1:18:80:
5e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:59:38:56:EA:27:58:E6:59:3C:05:7F:24:DC:85:02:67:37:41:2A
X509v3 Authority Key Identifier:
keyid:86:57:86:C7:5F:C1:65:84:B0:27:1F:F2:7B:97:1D:72:34:16:61:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hleGx1_BZYSwJx_ye5cdcjQWYY0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/19a649-0442-4f3d-9cb9-8cf9d50adf29/1/s1k4VuonWOZZPAV_JNyFAmc3QSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/19a649-0442-4f3d-9cb9-8cf9d50adf29/1/hleGx1_BZYSwJx_ye5cdcjQWYY0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.96.0/22
37.17.176.0/21
37.208.40.0/21
45.140.24.0/23
82.115.44.0/22
87.255.202.0-87.255.223.255
91.185.0.0/19
91.246.80.0-91.246.103.255
94.141.224.0-94.141.243.255
94.141.248.0/22
146.19.255.0/24
176.98.224.0-176.98.243.255
178.22.168.0/21
185.187.17.0/24
193.104.253.0/24
193.111.175.0/24
194.26.239.0/24
212.23.218.0/24
212.46.53.0/24
IPv6:
2a00:ab40::/32
Signature Algorithm: sha256WithRSAEncryption
00:f3:68:c4:0e:3b:8e:5f:0c:2d:3f:c2:6a:ae:a2:5d:a9:ec:
76:ea:50:97:6f:46:a2:15:bc:ba:4a:32:f5:f8:57:44:62:7a:
8b:bc:7e:42:22:8c:40:f2:35:b4:0d:5c:54:e3:c0:69:86:fd:
30:6d:5d:3c:e8:4e:41:79:30:19:d1:2c:63:e4:32:b1:f2:08:
6d:be:6e:bb:d5:66:2a:7e:1a:98:ac:05:30:5e:7b:03:81:7d:
53:39:9a:f8:c8:0c:27:c5:ac:da:12:0e:f1:27:bd:7e:d2:17:
dd:6c:71:e9:23:7b:5a:fc:b0:18:65:9e:62:4a:9b:31:df:90:
c0:1b:57:41:b2:c2:bc:bc:76:af:fc:88:38:8f:47:9a:4a:2d:
7f:9b:55:58:a8:4d:1e:a4:62:cf:27:e9:0d:23:b8:6d:96:e6:
c5:ed:19:96:01:c4:57:d9:31:8d:09:10:ae:22:b3:0c:79:18:
1f:f8:ad:6b:e9:fc:88:2c:89:5e:69:08:c9:4b:82:bb:ec:a4:
59:69:a6:5d:12:40:e2:cb:9e:57:15:89:d3:5b:fc:cf:ff:cf:
3a:2c:d9:4e:db:cb:aa:a0:76:00:3b:bb:12:6c:ef:8f:39:ec:
20:61:26:82:7f:cd:10:50:6d:38:ab:9a:91:b6:cd:69:55:9f:
03:6d:89:b1
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgISAZRPfGKGPIszEfyRA0OwlyAQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NTc4NmM3NWZjMTY1ODRiMDI3MWZmMjdiOTcxZDcyMzQx
NjYxOGQwHhcNMjUwMTEwMDkxMjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzU5Mzg1NmVhMjc1OGU2NTkzYzA1N2YyNGRjODUwMjY3Mzc0MTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7Kx5EA4eUXQfGikShpMEqkb2Kpq
VAhUKJGit0yCPlWhPVS2JDo6dYwW96rmLJMHYJMi6YE1rsrrTVIBsC46at/Tq4XS
urUknv55zcWg6GovGmE7CIlC0g17DDItJH1bdoo609G0vjbZFN+Nw4b9vdF2MBsf
BGoPZykXy77fBlaVe1cOn4xtWxVgvbMLxUmzvZcUhTIVBwSavXpsn9qQhIvdi8ek
Ycowo2lxcXhfIh9PjN8VQwH1xE1ShmrlAC7vbCilD/hkEaQUfF6r8dDzSjEjmD61
QUajqNgOuXbdM2+7ip5N8Ne4Y3KB1NYLRFyll2wxS3JuK6sRSNqhGIBeWQIDAQAB
o4ICqTCCAqUwHQYDVR0OBBYEFLNZOFbqJ1jmWTwFfyTchQJnN0EqMB8GA1UdIwQY
MBaAFIZXhsdfwWWEsCcf8nuXHXI0FmGNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGxlR3gxX0JaWVN3SnhfeWU1Y2RjalFXWVkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xOWE2NDktMDQ0Mi00ZjNkLTljYjkt
OGNmOWQ1MGFkZjI5LzEvczFrNFZ1b25XT1paUEFWX0pOeUZBbWMzUVNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xOWE2NDktMDQ0Mi00ZjNkLTljYjktOGNmOWQ1MGFkZjI5
LzEvaGxlR3gxX0JaWVN3SnhfeWU1Y2RjalFXWVkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG+BggrBgEFBQcBBwEB/wSBrjCBqzCBmQQCAAEwgZIDBAIC
OWADBAMlEbADBAMl0CgDBAEtjBgDBAJScywwDAMEAVf/ygMEBVf/wAMEBVu5ADAM
AwQEW/ZQAwQDW/ZgMAwDBAVejeADBAJejfADBAJejfgDBACSE/8wDAMEBbBi4AME
ArBi8AMEA7IWqAMEALm7EQMEAMFo/QMEAMFvrwMEAMIa7wMEANQX2gMEANQuNTAN
BAIAAjAHAwUAKgCrQDANBgkqhkiG9w0BAQsFAAOCAQEAAPNoxA47jl8MLT/Caq6i
XansdupQl29GohW8ukoy9fhXRGJ6i7x+QiKMQPI1tA1cVOPAaYb9MG1dPOhOQXkw
GdEsY+QysfIIbb5uu9VmKn4amKwFMF57A4F9Uzma+MgMJ8Ws2hIO8Se9ftIX3Wxx
6SN7WvywGGWeYkqbMd+QwBtXQbLCvLx2r/yIOI9Hmkotf5tVWKhNHqRizyfpDSO4
bZbmxe0ZlgHEV9kxjQkQriKzDHkYH/ita+n8iCyJXmkIyUuCu+ykWWmmXRJA4sue
VxWJ01v8z//POizZTtvLqqB2ADu7EmzvjznsIGEmgn/NEFBtOKuakbbNaVWfA22J
sQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:08:46 2025 by rpki-client