Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/yzzFmTHK2NMZuZ2AAk8SnQ-1m5w.roa
File: yzzFmTHK2NMZuZ2AAk8SnQ-1m5w.roa (raw, json)
Hash identifier: E0pDySpIPcBOXgMkb9NUkzPB+ZNaFjuo0W7UzF4MzNM=
Subject key identifier: CB:3C:C5:99:31:CA:D8:D3:19:B9:9D:80:02:4F:12:9D:0F:B5:9B:9C
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 0194221FFCF32DA17EAC246975E61D534714
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/yzzFmTHK2NMZuZ2AAk8SnQ-1m5w.roa
Signing time: Wed 01 Jan 2025 13:48:29 +0000
ROA not before: Wed 01 Jan 2025 13:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26548
IP address blocks: 5.181.170.0/24 maxlen: 24
5.183.252.0/24 maxlen: 24
45.10.164.0/24 maxlen: 24
45.10.165.0/24 maxlen: 24
45.10.166.0/24 maxlen: 24
45.10.167.0/24 maxlen: 24
45.66.208.0/24 maxlen: 24
45.132.184.0/24 maxlen: 24
45.138.100.0/24 maxlen: 24
45.148.124.0/24 maxlen: 24
77.220.192.0/24 maxlen: 24
77.220.193.0/24 maxlen: 24
77.220.194.0/24 maxlen: 24
77.220.195.0/24 maxlen: 24
83.171.225.0/24 maxlen: 24
91.132.198.0/24 maxlen: 24
93.177.118.0/23 maxlen: 24
141.98.84.0/24 maxlen: 24
147.78.180.0/24 maxlen: 24
147.78.181.0/24 maxlen: 24
147.78.182.0/24 maxlen: 24
147.78.183.0/24 maxlen: 24
185.61.217.0/24 maxlen: 24
185.61.218.0/24 maxlen: 24
185.61.219.0/24 maxlen: 24
185.61.221.0/24 maxlen: 24
185.61.222.0/24 maxlen: 24
185.61.223.0/24 maxlen: 24
185.68.185.0/24 maxlen: 24
185.77.220.0/24 maxlen: 24
185.77.221.0/24 maxlen: 24
185.77.222.0/24 maxlen: 24
185.77.223.0/24 maxlen: 24
185.88.100.0/24 maxlen: 24
194.104.8.0/24 maxlen: 24
194.104.9.0/24 maxlen: 24
194.104.11.0/24 maxlen: 24
213.108.0.0/24 maxlen: 24
213.108.1.0/24 maxlen: 24
213.108.2.0/24 maxlen: 24
213.108.3.0/24 maxlen: 24
217.145.224.0/24 maxlen: 24
217.145.226.0/24 maxlen: 24
217.145.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:fc:f3:2d:a1:7e:ac:24:69:75:e6:1d:53:47:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Jan 1 13:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb3cc59931cad8d319b99d80024f129d0fb59b9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:5b:f0:0a:55:98:30:45:dd:58:80:c3:b8:45:
2a:b0:b7:9f:65:7f:0c:7d:8b:ed:c6:6e:0f:a5:6b:
85:59:0f:57:bd:f5:be:e2:55:59:d0:4b:8c:bd:7d:
f9:6f:5b:b9:08:4a:62:17:3a:24:5c:3a:52:26:09:
85:82:9c:ed:54:a6:c4:fe:7d:47:15:22:f7:ef:1e:
85:78:73:e0:9f:c9:c1:14:90:be:de:e1:d1:bb:47:
db:b6:b0:b9:fe:3c:66:89:25:a2:4e:2b:68:9b:c5:
7d:34:f3:01:cf:93:dd:a1:f3:e0:bf:fc:19:97:be:
69:c1:7b:f7:aa:74:9e:d8:39:fa:c1:39:81:85:92:
01:46:8e:04:d4:96:c4:bb:0b:cf:60:d5:2e:2e:4b:
4f:a3:52:76:9e:90:15:ea:12:97:43:a0:54:1c:1a:
77:fb:18:ac:fd:66:9b:f9:d9:00:d0:2d:32:56:19:
ef:eb:d3:4f:23:50:9b:33:86:60:bf:f3:bb:29:b4:
79:b1:78:b2:3c:6d:ed:80:11:89:78:42:d2:2a:cb:
a2:b7:00:b2:4f:75:38:e7:51:11:1e:d6:35:fe:e8:
eb:0f:08:1f:21:e9:c0:87:d1:1f:35:e5:3e:39:6a:
34:52:16:71:a5:1f:56:ca:d0:ea:0d:a0:35:71:5d:
73:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:3C:C5:99:31:CA:D8:D3:19:B9:9D:80:02:4F:12:9D:0F:B5:9B:9C
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/yzzFmTHK2NMZuZ2AAk8SnQ-1m5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.170.0/24
5.183.252.0/24
45.10.164.0/22
45.66.208.0/24
45.132.184.0/24
45.138.100.0/24
45.148.124.0/24
77.220.192.0/22
83.171.225.0/24
91.132.198.0/24
93.177.118.0/23
141.98.84.0/24
147.78.180.0/22
185.61.217.0-185.61.219.255
185.61.221.0-185.61.223.255
185.68.185.0/24
185.77.220.0/22
185.88.100.0/24
194.104.8.0/23
194.104.11.0/24
213.108.0.0/22
217.145.224.0/24
217.145.226.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:7c:a6:60:a0:e0:20:14:f5:15:75:6d:99:8c:c1:dc:79:c7:
60:78:cb:a7:ad:e3:f2:99:2d:ed:83:8d:81:60:2a:36:66:9e:
9f:42:31:b8:01:34:4f:c1:cc:46:73:75:91:65:f7:26:3c:4c:
ae:71:bb:3c:f6:96:24:4a:f6:08:99:2a:63:43:cb:8d:a5:55:
89:b0:f7:e3:e1:c4:b7:06:bc:af:d0:cb:60:9b:2b:69:c9:3e:
32:fc:9d:9a:37:51:de:40:80:3b:ee:94:51:cc:a6:68:5c:89:
ee:5b:a9:87:dc:99:92:ad:2f:a0:5e:70:32:53:9d:50:64:2d:
26:a9:d0:9c:3b:8e:2d:ce:a7:08:9a:c6:7c:8b:09:f3:05:06:
99:1d:97:9a:5f:d4:76:c4:df:bc:ae:cf:b9:19:51:92:ff:29:
bb:7e:3c:cd:c2:76:ec:1c:a7:07:86:3c:3e:46:b6:9a:5f:d1:
26:d6:1d:33:c8:32:e9:9b:81:9f:f4:54:8d:1b:03:4f:84:84:
c3:a4:04:10:d8:fb:9e:fd:3c:3f:03:f3:ce:df:aa:c8:cb:07:
f3:82:32:fe:9d:43:12:c7:4a:3d:1c:91:14:1d:b8:89:cb:05:
22:4e:54:aa:d4:82:e6:f3:d0:33:96:de:a3:a6:40:9f:ef:12:
72:fd:36:e1
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAZQiH/zzLaF+rCRpdeYdU0cUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjUwMTAxMTM0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjNjYzU5OTMxY2FkOGQzMTliOTlkODAwMjRmMTI5ZDBmYjU5YjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVvwClWYMEXdWIDDuEUqsLefZX8M
fYvtxm4PpWuFWQ9XvfW+4lVZ0EuMvX35b1u5CEpiFzokXDpSJgmFgpztVKbE/n1H
FSL37x6FeHPgn8nBFJC+3uHRu0fbtrC5/jxmiSWiTitom8V9NPMBz5PdofPgv/wZ
l75pwXv3qnSe2Dn6wTmBhZIBRo4E1JbEuwvPYNUuLktPo1J2npAV6hKXQ6BUHBp3
+xis/Wab+dkA0C0yVhnv69NPI1CbM4Zgv/O7KbR5sXiyPG3tgBGJeELSKsuitwCy
T3U451ERHtY1/ujrDwgfIenAh9EfNeU+OWo0UhZxpR9WytDqDaA1cV1zvwIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFMs8xZkxytjTGbmdgAJPEp0PtZucMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEveXp6Rm1USEsyTk1adVoyQUFrOFNuUS0xbTV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAEwgZoDBAAF
taoDBAAFt/wDBAItCqQDBAAtQtADBAAthLgDBAAtimQDBAAtlHwDBAJN3MADBABT
q+EDBABbhMYDBAFdsXYDBACNYlQDBAKTTrQwDAMEALk92QMEArk92DAMAwQAuT3d
AwQFuT3AAwQAuUS5AwQCuU3cAwQAuVhkAwQBwmgIAwQAwmgLAwQC1WwAAwQA2ZHg
AwQB2ZHiMA0GCSqGSIb3DQEBCwUAA4IBAQBqfKZgoOAgFPUVdW2ZjMHcecdgeMun
rePymS3tg42BYCo2Zp6fQjG4ATRPwcxGc3WRZfcmPEyucbs89pYkSvYImSpjQ8uN
pVWJsPfj4cS3Bryv0MtgmytpyT4y/J2aN1HeQIA77pRRzKZoXInuW6mH3JmSrS+g
XnAyU51QZC0mqdCcO44tzqcImsZ8iwnzBQaZHZeaX9R2xN+8rs+5GVGS/ym7fjzN
wnbsHKcHhjw+RraaX9Em1h0zyDLpm4Gf9FSNGwNPhITDpAQQ2Pue/Tw/A/PO36rI
ywfzgjL+nUMSx0o9HJEUHbiJywUiTlSq1ILm89Azlt6jpkCf7xJy/Tbh
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:48:12 2025 by rpki-client