Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/M50l2TLVDGKCkq2RDGMEMm5XxV8.roa
File: M50l2TLVDGKCkq2RDGMEMm5XxV8.roa (raw, json)
Hash identifier: 1Dyz+yOn0+0GeFlqTL5iMZbt2l3sFGDQmR2XrS/QRxQ=
Subject key identifier: 33:9D:25:D9:32:D5:0C:62:82:92:AD:91:0C:63:04:32:6E:57:C5:5F
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 01994C681DC6B16278E300C74EBEBB40B6B0
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/M50l2TLVDGKCkq2RDGMEMm5XxV8.roa
Signing time: Mon 15 Sep 2025 08:05:15 +0000
ROA not before: Mon 15 Sep 2025 08:05:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 2.57.242.0/24 maxlen: 24
45.88.15.0/24 maxlen: 24
45.135.182.0/24 maxlen: 24
77.81.101.0/24 maxlen: 24
89.35.119.0/24 maxlen: 24
89.35.129.0/24 maxlen: 24
89.37.185.0/24 maxlen: 24
94.177.145.0/24 maxlen: 24
103.56.84.0/24 maxlen: 24
167.17.176.0/24 maxlen: 24
167.17.177.0/24 maxlen: 24
167.17.178.0/24 maxlen: 24
167.17.180.0/24 maxlen: 24
167.17.182.0/24 maxlen: 24
167.17.191.0/24 maxlen: 24
188.208.103.0/24 maxlen: 24
188.213.0.0/24 maxlen: 24
188.214.107.0/24 maxlen: 24
193.124.225.0/24 maxlen: 24
194.85.249.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
202.71.12.0/24 maxlen: 24
202.71.13.0/24 maxlen: 24
202.71.15.0/24 maxlen: 24
204.77.1.0/24 maxlen: 24
206.245.129.0/24 maxlen: 24
206.245.131.0/24 maxlen: 24
206.245.133.0/24 maxlen: 24
208.123.185.0/24 maxlen: 24
208.123.190.0/24 maxlen: 24
212.192.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 19:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:4c:68:1d:c6:b1:62:78:e3:00:c7:4e:be:bb:40:b6:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Sep 15 08:05:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=339d25d932d50c628292ad910c6304326e57c55f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3c:33:39:f2:23:10:77:e7:1f:38:80:d6:32:
ee:51:35:c3:99:55:26:36:11:3f:68:19:cc:72:18:
fd:85:94:ce:54:d8:ef:d1:a2:51:5b:12:a0:1c:07:
34:13:1d:d3:02:e6:21:46:b1:86:01:ec:f0:dc:bb:
3c:01:58:a8:38:92:08:e1:85:51:ee:72:05:f7:0a:
1c:5b:c6:3f:59:93:17:cc:b8:b3:60:8c:33:86:e2:
32:3e:9a:3f:14:78:33:66:0b:a3:86:c1:0c:49:fb:
b1:93:cd:2c:10:c5:6a:31:01:b5:1e:e2:c4:dc:41:
07:1b:ab:e8:24:23:93:f0:5d:8e:90:59:ba:71:91:
e5:fd:09:10:25:3a:cb:1b:aa:52:34:cc:ed:c2:9c:
97:c6:94:7c:d1:70:dc:12:f1:e3:5a:c7:0b:68:19:
41:9b:55:97:f8:76:64:2a:ed:37:76:6c:0f:f3:56:
dd:07:14:a5:62:6e:6e:a9:e6:b5:2e:7d:1a:27:76:
5d:e4:4b:ed:25:35:9d:57:fb:07:3c:a1:18:f7:1d:
e3:06:fd:42:e6:30:25:6b:67:4b:cb:1a:0b:f9:b3:
eb:50:e1:5e:1b:fa:24:eb:39:a3:3f:ce:00:ba:7a:
c1:c2:0b:ed:ec:26:c8:a9:de:1a:0f:b7:7e:aa:2d:
b0:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:9D:25:D9:32:D5:0C:62:82:92:AD:91:0C:63:04:32:6E:57:C5:5F
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/M50l2TLVDGKCkq2RDGMEMm5XxV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.242.0/24
45.88.15.0/24
45.135.182.0/24
77.81.101.0/24
89.35.119.0/24
89.35.129.0/24
89.37.185.0/24
94.177.145.0/24
103.56.84.0/24
167.17.176.0-167.17.178.255
167.17.180.0/24
167.17.182.0/24
167.17.191.0/24
188.208.103.0/24
188.213.0.0/24
188.214.107.0/24
193.124.225.0/24
194.85.249.0/24
194.85.251.0/24
202.71.12.0/23
202.71.15.0/24
204.77.1.0/24
206.245.129.0/24
206.245.131.0/24
206.245.133.0/24
208.123.185.0/24
208.123.190.0/24
212.192.212.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:49:50:e9:11:44:aa:02:51:53:29:13:9a:8e:27:d1:23:e8:
36:28:e5:cc:5e:6a:ef:37:ee:14:48:14:66:e0:54:ba:b5:51:
dd:74:98:9c:a3:a2:9a:42:07:6c:ce:6b:7a:c5:3a:f9:5e:b8:
c8:f6:c4:9e:92:a7:bc:8e:e3:26:fd:b2:ce:7e:12:cf:85:dc:
9f:eb:12:ea:e9:2a:c9:aa:e2:35:c6:08:83:d9:04:e1:fd:47:
7c:5a:88:2a:8d:4d:ad:62:72:cb:1a:11:de:a4:ef:8b:2a:0d:
97:b0:a8:38:17:03:2e:ab:b2:01:a2:f1:c3:4c:53:1e:5c:ac:
4d:92:87:27:e9:8f:1e:da:8b:1a:13:e4:72:40:89:09:01:5b:
a1:fc:35:74:69:f0:94:ce:63:8e:01:5e:7a:bf:c8:90:00:6c:
16:1b:0c:e9:ee:59:83:69:f1:d2:2e:99:0d:af:bb:cb:0c:f0:
ad:55:3b:6d:68:29:ac:c3:65:1e:fe:76:79:d6:21:48:b6:04:
0f:7e:22:92:6b:2c:79:da:71:a1:b3:b0:0d:34:93:07:9d:e1:
89:27:0f:e3:d8:d5:b6:aa:86:99:7d:0c:40:82:c3:86:12:b1:
65:16:e3:6b:16:0a:31:9b:6c:15:18:e8:8b:65:01:72:f1:75:
a0:fa:66:29
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAZlMaB3GsWJ44wDHTr67QLawMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwOTE1MDgwNTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzlkMjVkOTMyZDUwYzYyODI5MmFkOTEwYzYzMDQzMjZlNTdjNTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTwzOfIjEHfnHziA1jLuUTXDmVUm
NhE/aBnMchj9hZTOVNjv0aJRWxKgHAc0Ex3TAuYhRrGGAezw3Ls8AVioOJII4YVR
7nIF9wocW8Y/WZMXzLizYIwzhuIyPpo/FHgzZgujhsEMSfuxk80sEMVqMQG1HuLE
3EEHG6voJCOT8F2OkFm6cZHl/QkQJTrLG6pSNMztwpyXxpR80XDcEvHjWscLaBlB
m1WX+HZkKu03dmwP81bdBxSlYm5uqea1Ln0aJ3Zd5EvtJTWdV/sHPKEY9x3jBv1C
5jAla2dLyxoL+bPrUOFeG/ok6zmjP84AunrBwgvt7CbIqd4aD7d+qi2wJQIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFDOdJdky1QxigpKtkQxjBDJuV8VfMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvTTUwbDJUTFZER0tDa3EyUkRHTUVNbTVYeFY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBAAC
OfIDBAAtWA8DBAAth7YDBABNUWUDBABZI3cDBABZI4EDBABZJbkDBABesZEDBABn
OFQwDAMEBKcRsAMEAKcRsgMEAKcRtAMEAKcRtgMEAKcRvwMEALzQZwMEALzVAAME
ALzWawMEAMF84QMEAMJV+QMEAMJV+wMEAcpHDAMEAMpHDwMEAMxNAQMEAM71gQME
AM71gwMEAM71hQMEANB7uQMEANB7vgMEANTA1DANBgkqhkiG9w0BAQsFAAOCAQEA
DklQ6RFEqgJRUykTmo4n0SPoNijlzF5q7zfuFEgUZuBUurVR3XSYnKOimkIHbM5r
esU6+V64yPbEnpKnvI7jJv2yzn4Sz4Xcn+sS6ukqyariNcYIg9kE4f1HfFqIKo1N
rWJyyxoR3qTviyoNl7CoOBcDLquyAaLxw0xTHlysTZKHJ+mPHtqLGhPkckCJCQFb
ofw1dGnwlM5jjgFeer/IkABsFhsM6e5Zg2nx0i6ZDa+7ywzwrVU7bWgprMNlHv52
edYhSLYED34ikmssedpxobOwDTSTB53hiScP49jVtqqGmX0MQILDhhKxZRbjaxYK
MZtsFRjoi2UBcvF1oPpmKQ==
-----END CERTIFICATE-----
Generated at Thu Sep 18 04:28:35 2025 by rpki-client