Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/XOmOBh50cvCvJmnFjaJhaHYW2sE.roa
File: XOmOBh50cvCvJmnFjaJhaHYW2sE.roa (raw, json)
Hash identifier: 6F6wNjub6rC7wNAaFOeBE6JJ3w2cU7C6GJM4bNB9ZQQ=
Subject key identifier: 5C:E9:8E:06:1E:74:72:F0:AF:26:69:C5:8D:A2:61:68:76:16:DA:C1
Certificate issuer: /CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Certificate serial: 01942825E41ADFC2A9A592EC472A39D9B9EA
Authority key identifier: 87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/XOmOBh50cvCvJmnFjaJhaHYW2sE.roa
Signing time: Thu 02 Jan 2025 17:52:39 +0000
ROA not before: Thu 02 Jan 2025 17:52:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16347
IP address blocks: 2.59.144.0/22 maxlen: 22
5.10.128.0/21 maxlen: 21
5.183.248.0/22 maxlen: 22
23.90.192.0/18 maxlen: 18
31.204.80.0/21 maxlen: 21
45.80.252.0/22 maxlen: 22
45.86.96.0/22 maxlen: 22
45.89.76.0/22 maxlen: 22
45.92.180.0/22 maxlen: 22
45.129.216.0/24 maxlen: 24
45.129.217.0/24 maxlen: 24
45.129.218.0/24 maxlen: 24
45.133.68.0/22 maxlen: 22
45.142.108.0/22 maxlen: 22
45.152.16.0/22 maxlen: 22
46.18.120.0/22 maxlen: 22
46.18.124.0/24 maxlen: 24
46.18.125.0/24 maxlen: 24
46.18.126.0/23 maxlen: 23
62.192.156.0/22 maxlen: 22
79.99.160.0/21 maxlen: 21
88.86.224.0/19 maxlen: 19
88.218.12.0/22 maxlen: 22
92.119.232.0/22 maxlen: 22
94.154.4.0/24 maxlen: 24
94.187.128.0/19 maxlen: 19
168.220.128.0/19 maxlen: 19
185.20.16.0/22 maxlen: 22
185.48.252.0/22 maxlen: 22
185.86.88.0/22 maxlen: 22
185.87.100.0/22 maxlen: 22
185.98.116.0/22 maxlen: 22
185.132.64.0/22 maxlen: 22
185.133.80.0/22 maxlen: 22
185.134.156.0/22 maxlen: 22
185.135.176.0/22 maxlen: 22
185.138.116.0/22 maxlen: 22
185.163.136.0/22 maxlen: 22
185.163.212.0/22 maxlen: 22
185.163.220.0/22 maxlen: 22
185.163.228.0/22 maxlen: 22
185.169.156.0/22 maxlen: 22
185.186.88.0/22 maxlen: 22
185.191.36.0/22 maxlen: 22
185.197.108.0/22 maxlen: 22
185.241.140.0/22 maxlen: 22
185.254.8.0/22 maxlen: 22
192.214.192.0/19 maxlen: 19
195.216.140.0/22 maxlen: 22
2a00:41e0::/29 maxlen: 29
2a00:6780::/29 maxlen: 32
2a00:6780::/32 maxlen: 32
2a01:648::/29 maxlen: 29
2a05:b780::/29 maxlen: 29
2a05:c100::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.mft
rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:e4:1a:df:c2:a9:a5:92:ec:47:2a:39:d9:b9:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Validity
Not Before: Jan 2 17:52:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ce98e061e7472f0af2669c58da261687616dac1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:52:07:1b:bb:36:d0:75:84:44:01:17:41:b2:
26:63:69:02:d2:35:89:82:bc:f9:02:fc:62:d9:25:
3c:33:41:47:fe:b2:03:a4:e5:a6:58:8e:4d:51:a9:
47:92:aa:6c:0b:d3:60:eb:0d:01:63:8c:4d:4b:92:
d6:31:de:bc:6f:f5:61:a2:d4:c3:09:4a:4b:5d:dc:
1b:52:98:68:be:10:11:55:4b:56:e8:1c:31:f5:3a:
bd:49:ae:f9:5d:d2:0f:7a:d1:7f:7c:43:0c:ed:22:
8e:a8:ef:87:6a:8f:4a:15:f0:9e:58:c1:ee:1e:60:
e6:ac:a9:25:35:85:dc:3e:18:b5:26:9a:98:91:f3:
28:46:54:3f:a3:4f:cb:1c:d4:06:23:26:a4:69:e9:
30:d3:fb:1b:55:92:08:cd:a9:44:a9:e1:a3:e6:d3:
d5:2c:83:44:3c:8b:4b:f5:78:5e:c5:5c:80:b9:79:
82:b5:e7:c5:27:fe:3a:ad:9e:93:9c:f1:c7:93:b9:
dc:df:ce:94:ce:e3:5a:62:01:f8:37:8a:d4:fc:b8:
23:2e:79:b8:14:6b:d6:9d:6b:7b:25:a7:63:dc:37:
24:cd:ce:77:43:67:fd:c8:d5:99:71:48:39:b7:50:
fc:cd:31:49:ca:62:77:8b:c4:a1:ee:5f:6d:3c:ea:
ab:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:E9:8E:06:1E:74:72:F0:AF:26:69:C5:8D:A2:61:68:76:16:DA:C1
X509v3 Authority Key Identifier:
keyid:87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/XOmOBh50cvCvJmnFjaJhaHYW2sE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.144.0/22
5.10.128.0/21
5.183.248.0/22
23.90.192.0/18
31.204.80.0/21
45.80.252.0/22
45.86.96.0/22
45.89.76.0/22
45.92.180.0/22
45.129.216.0-45.129.218.255
45.133.68.0/22
45.142.108.0/22
45.152.16.0/22
46.18.120.0/21
62.192.156.0/22
79.99.160.0/21
88.86.224.0/19
88.218.12.0/22
92.119.232.0/22
94.154.4.0/24
94.187.128.0/19
168.220.128.0/19
185.20.16.0/22
185.48.252.0/22
185.86.88.0/22
185.87.100.0/22
185.98.116.0/22
185.132.64.0/22
185.133.80.0/22
185.134.156.0/22
185.135.176.0/22
185.138.116.0/22
185.163.136.0/22
185.163.212.0/22
185.163.220.0/22
185.163.228.0/22
185.169.156.0/22
185.186.88.0/22
185.191.36.0/22
185.197.108.0/22
185.241.140.0/22
185.254.8.0/22
192.214.192.0/19
195.216.140.0/22
IPv6:
2a00:41e0::/29
2a00:6780::/29
2a01:648::/29
2a05:b780::/29
2a05:c100::/29
Signature Algorithm: sha256WithRSAEncryption
17:ca:d4:2b:a1:76:6b:e2:27:c8:8e:64:98:e3:d4:0b:db:29:
22:47:6b:6b:5a:73:09:e2:93:c0:6b:8b:2b:82:f5:0c:9b:80:
7a:20:ed:15:ae:2c:44:8c:b3:d9:32:49:d1:7b:09:fd:93:cb:
59:a7:21:38:ae:7b:cc:bf:0e:c4:b8:d7:b2:0a:15:3b:ee:0e:
c2:e0:83:40:df:3f:39:54:ad:e3:6d:e8:48:22:5c:62:80:9c:
64:e8:f2:82:d6:96:da:8a:79:f9:21:1b:48:07:92:f2:bf:1a:
6b:4c:1c:3a:53:0f:5f:cc:f4:73:06:81:89:1a:76:bd:75:43:
30:4e:a0:6f:09:c7:0f:04:16:1b:a5:2a:16:89:2c:4f:e4:92:
9b:01:c2:a2:c4:15:fd:b6:36:d4:eb:22:de:0f:2a:25:54:c6:
93:70:d5:c5:2e:34:c8:08:22:40:b2:cb:88:7e:f4:c2:8d:65:
84:d2:95:99:b8:e8:43:fa:f5:62:61:81:2f:a3:9b:b0:dc:05:
ce:83:44:13:24:dc:cd:c3:e5:20:d3:c1:17:d4:7e:e6:48:0c:
c3:0d:a5:68:65:c8:71:b7:e7:24:6a:8e:8c:50:a9:b9:22:83:
e4:fd:c5:82:3b:8d:84:b1:32:86:b3:51:75:e9:d7:db:d7:74:
bd:60:b9:9a
-----BEGIN CERTIFICATE-----
MIIGPDCCBSSgAwIBAgISAZQoJeQa38KppZLsRyo52bnqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZDk5MDEzMTQ2N2I3N2QxMTE2MmI3OWZiZTNiMDZjYThh
YjJkMzkwHhcNMjUwMTAyMTc1MjM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2U5OGUwNjFlNzQ3MmYwYWYyNjY5YzU4ZGEyNjE2ODc2MTZkYWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA31IHG7s20HWERAEXQbImY2kC0jWJ
grz5Avxi2SU8M0FH/rIDpOWmWI5NUalHkqpsC9Ng6w0BY4xNS5LWMd68b/VhotTD
CUpLXdwbUphovhARVUtW6Bwx9Tq9Sa75XdIPetF/fEMM7SKOqO+Hao9KFfCeWMHu
HmDmrKklNYXcPhi1JpqYkfMoRlQ/o0/LHNQGIyakaekw0/sbVZIIzalEqeGj5tPV
LINEPItL9XhexVyAuXmCtefFJ/46rZ6TnPHHk7nc386UzuNaYgH4N4rU/LgjLnm4
FGvWnWt7Jadj3Dckzc53Q2f9yNWZcUg5t1D8zTFJymJ3i8Sh7l9tPOqrowIDAQAB
o4IDSDCCA0QwHQYDVR0OBBYEFFzpjgYedHLwryZpxY2iYWh2FtrBMB8GA1UdIwQY
MBaAFIfZkBMUZ7d9ERYrefvjsGyoqy05MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDltUUV4Um50MzBSRml0NS0tT3diS2lyTFRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81ZGVhOTctN2VmNy00ZGIwLTk0YmMt
YjhlOGIzNGRiMjkwLzEvWE9tT0JoNTBjdkN2Sm1uRmphSmhhSFlXMnNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81ZGVhOTctN2VmNy00ZGIwLTk0YmMtYjhlOGIzNGRiMjkw
LzEvaDltUUV4Um50MzBSRml0NS0tT3diS2lyTFRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBXAYIKwYBBQUHAQcBAf8EggFLMIIBRzCCARgEAgABMIIB
EAMEAgI7kAMEAwUKgAMEAgW3+AMEBhdawAMEAx/MUAMEAi1Q/AMEAi1WYAMEAi1Z
TAMEAi1ctDAMAwQDLYHYAwQALYHaAwQCLYVEAwQCLY5sAwQCLZgQAwQDLhJ4AwQC
PsCcAwQDT2OgAwQFWFbgAwQCWNoMAwQCXHfoAwQAXpoEAwQFXruAAwQFqNyAAwQC
uRQQAwQCuTD8AwQCuVZYAwQCuVdkAwQCuWJ0AwQCuYRAAwQCuYVQAwQCuYacAwQC
uYewAwQCuYp0AwQCuaOIAwQCuaPUAwQCuaPcAwQCuaPkAwQCuamcAwQCubpYAwQC
ub8kAwQCucVsAwQCufGMAwQCuf4IAwQFwNbAAwQCw9iMMCkEAgACMCMDBQMqAEHg
AwUDKgBngAMFAyoBBkgDBQMqBbeAAwUDKgXBADANBgkqhkiG9w0BAQsFAAOCAQEA
F8rUK6F2a+InyI5kmOPUC9spIkdra1pzCeKTwGuLK4L1DJuAeiDtFa4sRIyz2TJJ
0XsJ/ZPLWachOK57zL8OxLjXsgoVO+4OwuCDQN8/OVSt423oSCJcYoCcZOjygtaW
2op5+SEbSAeS8r8aa0wcOlMPX8z0cwaBiRp2vXVDME6gbwnHDwQWG6UqFoksT+SS
mwHCosQV/bY21Osi3g8qJVTGk3DVxS40yAgiQLLLiH70wo1lhNKVmbjoQ/r1YmGB
L6ObsNwFzoNEEyTczcPlINPBF9R+5kgMww2laGXIcbfnJGqOjFCpuSKD5P3FgjuN
hLEyhrNRdenX29d0vWC5mg==
-----END CERTIFICATE-----
Generated at Wed Apr 16 22:02:09 2025 by rpki-client