Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/OUUAGwuhS9k0RLk2OQ2YMgWfJ9k.roa
File: OUUAGwuhS9k0RLk2OQ2YMgWfJ9k.roa (raw, json)
Hash identifier: I6UnjrAhwxJpksTNqd8b4yrJQsgKAZ6ux+daYCpTF24=
Subject key identifier: 39:45:00:1B:0B:A1:4B:D9:34:44:B9:36:39:0D:98:32:05:9F:27:D9
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 0197163EA9E4ACF3BCC339A1D07060ECCDD3
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/OUUAGwuhS9k0RLk2OQ2YMgWfJ9k.roa
Signing time: Wed 28 May 2025 09:34:54 +0000
ROA not before: Wed 28 May 2025 09:34:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48309
IP address blocks: 37.191.64.0/20 maxlen: 24
37.191.92.0/22 maxlen: 24
188.136.128.0/24 maxlen: 24
188.136.129.0/24 maxlen: 24
188.136.130.0/24 maxlen: 24
188.136.131.0/24 maxlen: 24
188.136.132.0/24 maxlen: 24
188.136.133.0/24 maxlen: 24
188.136.135.0/24 maxlen: 24
188.136.140.0/24 maxlen: 24
188.136.142.0/24 maxlen: 24
188.136.143.0/24 maxlen: 24
188.136.144.0/24 maxlen: 24
188.136.146.0/24 maxlen: 24
188.136.147.0/24 maxlen: 24
188.136.149.0/24 maxlen: 24
188.136.150.0/24 maxlen: 24
188.136.152.0/24 maxlen: 24
188.136.153.0/24 maxlen: 24
188.136.154.0/24 maxlen: 24
188.136.155.0/24 maxlen: 24
188.136.156.0/24 maxlen: 24
188.136.160.0/24 maxlen: 24
188.136.161.0/24 maxlen: 24
188.136.162.0/24 maxlen: 24
188.136.163.0/24 maxlen: 24
188.136.164.0/24 maxlen: 24
188.136.165.0/24 maxlen: 24
188.136.166.0/24 maxlen: 24
188.136.167.0/24 maxlen: 24
188.136.168.0/24 maxlen: 24
188.136.169.0/24 maxlen: 24
188.136.170.0/24 maxlen: 24
188.136.171.0/24 maxlen: 24
188.136.172.0/24 maxlen: 24
188.136.173.0/24 maxlen: 24
188.136.187.0/24 maxlen: 24
188.136.189.0/24 maxlen: 24
188.136.190.0/24 maxlen: 24
188.136.191.0/24 maxlen: 24
188.136.196.0/24 maxlen: 24
188.136.210.0/24 maxlen: 24
188.136.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.mft
rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 21:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:16:3e:a9:e4:ac:f3:bc:c3:39:a1:d0:70:60:ec:cd:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: May 28 09:34:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3945001b0ba14bd93444b936390d9832059f27d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:1c:5f:92:e6:ab:52:78:50:22:3c:b8:a1:87:
b8:b6:74:42:83:fb:5c:3e:f6:04:4c:33:a3:20:02:
c3:ff:17:0e:8d:5b:1d:4e:f7:c6:d8:dc:7a:53:6e:
58:e0:c3:66:4a:c6:f8:68:85:60:f1:65:01:d3:60:
0e:80:6e:1b:ee:5d:a3:6e:bd:be:1b:6d:13:75:8e:
0a:f8:59:0d:17:be:a9:88:9b:35:2a:a7:9d:3d:44:
2d:55:af:16:ee:9e:a7:ed:3c:cb:f3:f3:e3:8c:95:
27:96:08:07:fe:b7:99:9f:73:3e:68:b5:b1:b7:14:
36:7d:49:e2:c3:5a:a9:4d:3e:69:31:b1:2d:59:fc:
13:f1:1f:b8:3e:51:b2:e3:79:72:7e:73:33:7b:b4:
00:0a:34:ec:dc:39:5e:3a:43:be:6a:61:f2:e2:af:
06:0a:6c:b9:d6:0b:07:cd:d6:ff:55:5e:22:c5:df:
50:3d:48:b9:15:c5:5b:d9:80:b8:1c:5f:74:a5:dd:
96:f8:fc:88:cd:b2:04:2f:ba:24:b0:9e:08:b2:68:
40:5b:3d:31:23:0d:86:85:78:b6:e7:be:1b:ec:45:
1d:64:9d:3f:a5:7b:a5:02:d3:b1:6b:63:d2:d9:4f:
c0:58:84:39:e0:ee:70:2a:ec:34:04:d1:71:73:b1:
46:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:45:00:1B:0B:A1:4B:D9:34:44:B9:36:39:0D:98:32:05:9F:27:D9
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/OUUAGwuhS9k0RLk2OQ2YMgWfJ9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.191.64.0/20
37.191.92.0/22
188.136.128.0-188.136.133.255
188.136.135.0/24
188.136.140.0/24
188.136.142.0-188.136.144.255
188.136.146.0/23
188.136.149.0-188.136.150.255
188.136.152.0-188.136.156.255
188.136.160.0-188.136.173.255
188.136.187.0/24
188.136.189.0-188.136.191.255
188.136.196.0/24
188.136.210.0/23
Signature Algorithm: sha256WithRSAEncryption
24:b4:d6:18:85:b2:f3:31:ca:cc:f2:f6:e7:5f:30:32:44:a9:
cc:4f:89:5b:7e:81:cf:f4:72:97:25:7b:d1:a8:02:38:54:4f:
53:f0:37:63:55:9f:05:e2:06:60:9c:09:7e:4b:cb:bc:59:08:
ea:af:6e:15:20:1b:91:fe:c6:95:40:86:04:e9:d2:56:b7:09:
a7:d8:c1:08:18:20:ea:e3:b7:44:c5:6d:06:7e:ee:d8:2f:91:
ad:55:c8:78:2d:08:c2:cc:37:97:41:b0:7f:53:5f:65:fe:1c:
1e:75:e1:d4:f3:68:bd:e1:df:d8:52:a6:57:e5:a1:ef:74:5e:
a0:87:30:68:96:da:39:f7:33:2d:19:b8:91:6e:61:ec:b3:57:
d2:91:18:21:0b:4b:2e:37:13:be:26:39:72:d3:00:45:4f:b2:
8c:f9:62:37:79:ea:a4:33:bc:81:4d:de:e8:8e:7e:a4:c8:6c:
4c:9c:35:fc:4a:f1:a9:7f:72:6a:fb:d9:3c:3e:dd:ed:fe:b1:
52:40:93:63:b2:dd:2d:c6:6f:6e:d0:55:0e:ed:6c:39:76:e7:
16:c5:4a:bf:de:87:ca:2a:57:37:25:94:a7:8c:fe:6a:e6:f7:
c7:00:3d:39:a9:db:2b:97:3c:20:89:71:08:76:c0:3e:c7:79:
62:dc:6a:ff
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZcWPqnkrPO8wzmh0HBg7M3TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNjk4YzRiNjEyYWZlZTJjYmIxY2RkNTA5ZTRmMDI0NmZi
YjgwZTEwHhcNMjUwNTI4MDkzNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTQ1MDAxYjBiYTE0YmQ5MzQ0NGI5MzYzOTBkOTgzMjA1OWYyN2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBxfkuarUnhQIjy4oYe4tnRCg/tc
PvYETDOjIALD/xcOjVsdTvfG2Nx6U25Y4MNmSsb4aIVg8WUB02AOgG4b7l2jbr2+
G20TdY4K+FkNF76piJs1KqedPUQtVa8W7p6n7TzL8/PjjJUnlggH/reZn3M+aLWx
txQ2fUniw1qpTT5pMbEtWfwT8R+4PlGy43lyfnMze7QACjTs3DleOkO+amHy4q8G
Cmy51gsHzdb/VV4ixd9QPUi5FcVb2YC4HF90pd2W+PyIzbIEL7oksJ4IsmhAWz0x
Iw2GhXi2574b7EUdZJ0/pXulAtOxa2PS2U/AWIQ54O5wKuw0BNFxc7FGvwIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFDlFABsLoUvZNES5NjkNmDIFnyfZMB8GA1UdIwQY
MBaAFFtpjEthKv7iy7HN1Qnk8CRvu4DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMt
Y2MyZmFmZTNhOGI0LzEvT1VVQUd3dWhTOWswUkxrMk9RMllNZ1dmSjlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMtY2MyZmFmZTNhOGI0
LzEvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAQl
v0ADBAIlv1wwDAMEB7yIgAMEAbyIhAMEALyIhwMEALyIjDAMAwQBvIiOAwQAvIiQ
AwQBvIiSMAwDBAC8iJUDBAC8iJYwDAMEA7yImAMEALyInDAMAwQFvIigAwQBvIis
AwQAvIi7MAwDBAC8iL0DBAa8iIADBAC8iMQDBAG8iNIwDQYJKoZIhvcNAQELBQAD
ggEBACS01hiFsvMxyszy9udfMDJEqcxPiVt+gc/0cpcle9GoAjhUT1PwN2NVnwXi
BmCcCX5Ly7xZCOqvbhUgG5H+xpVAhgTp0la3CafYwQgYIOrjt0TFbQZ+7tgvka1V
yHgtCMLMN5dBsH9TX2X+HB514dTzaL3h39hSplfloe90XqCHMGiW2jn3My0ZuJFu
YeyzV9KRGCELSy43E74mOXLTAEVPsoz5Yjd56qQzvIFN3uiOfqTIbEycNfxK8al/
cmr72Tw+3e3+sVJAk2Oy3S3Gb27QVQ7tbDl25xbFSr/eh8oqVzcllKeM/mrm98cA
PTmp2yuXPCCJcQh2wD7HeWLcav8=
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:46:58 2025 by rpki-client