Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/zBonQZgEPDvj1nGNR_bu7NzMU0U.roa
File: zBonQZgEPDvj1nGNR_bu7NzMU0U.roa (raw, json)
Hash identifier: s94OjMSrqoWnsXwDlW8kAk2CQ0Z0teuNflnJXhN+I6g=
Subject key identifier: CC:1A:27:41:98:04:3C:3B:E3:D6:71:8D:47:F6:EE:EC:DC:CC:53:45
Certificate issuer: /CN=7d149f62447853689c12fb288afeb6b681cfebc1
Certificate serial: 0194266C1869A217050901F6B79CCA0C164F
Authority key identifier: 7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/zBonQZgEPDvj1nGNR_bu7NzMU0U.roa
Signing time: Thu 02 Jan 2025 09:50:05 +0000
ROA not before: Thu 02 Jan 2025 09:50:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42772
IP address blocks: 87.252.246.0/24 maxlen: 24
87.252.252.0/24 maxlen: 24
87.252.254.0/24 maxlen: 24
87.252.255.0/24 maxlen: 24
91.149.128.0/21 maxlen: 21
91.149.128.0/24 maxlen: 24
91.149.129.0/24 maxlen: 24
91.149.130.0/24 maxlen: 24
91.149.131.0/24 maxlen: 24
91.149.132.0/24 maxlen: 24
91.149.133.0/24 maxlen: 24
91.149.134.0/24 maxlen: 24
91.149.135.0/24 maxlen: 24
91.149.144.0/21 maxlen: 21
91.149.152.0/24 maxlen: 24
91.149.153.0/24 maxlen: 24
91.149.154.0/24 maxlen: 24
91.149.162.0/24 maxlen: 24
91.149.165.0/24 maxlen: 24
91.149.168.0/24 maxlen: 24
91.149.169.0/24 maxlen: 24
91.149.184.0/24 maxlen: 24
91.149.185.0/24 maxlen: 24
91.149.186.0/24 maxlen: 24
91.149.187.0/24 maxlen: 24
91.149.188.0/24 maxlen: 24
91.149.190.0/24 maxlen: 24
91.149.191.0/24 maxlen: 24
93.125.0.0/24 maxlen: 24
93.125.2.0/24 maxlen: 24
93.125.3.0/24 maxlen: 24
93.125.4.0/24 maxlen: 24
93.125.5.0/24 maxlen: 24
93.125.6.0/24 maxlen: 24
93.125.7.0/24 maxlen: 24
93.125.8.0/24 maxlen: 24
93.125.9.0/24 maxlen: 24
93.125.10.0/24 maxlen: 24
93.125.11.0/24 maxlen: 24
93.125.12.0/24 maxlen: 24
93.125.13.0/24 maxlen: 24
93.125.14.0/24 maxlen: 24
93.125.15.0/24 maxlen: 24
93.125.16.0/24 maxlen: 24
93.125.17.0/24 maxlen: 24
93.125.41.0/24 maxlen: 24
93.125.62.0/24 maxlen: 24
93.125.63.0/24 maxlen: 24
93.125.64.0/24 maxlen: 24
93.125.65.0/24 maxlen: 24
93.125.66.0/24 maxlen: 24
93.125.67.0/24 maxlen: 24
93.125.68.0/24 maxlen: 24
93.125.69.0/24 maxlen: 24
93.125.81.0/24 maxlen: 24
93.125.83.0/24 maxlen: 24
93.125.84.0/24 maxlen: 24
93.125.85.0/24 maxlen: 24
93.125.86.0/24 maxlen: 24
93.125.100.0/24 maxlen: 24
93.125.101.0/24 maxlen: 24
93.125.102.0/24 maxlen: 24
93.125.103.0/24 maxlen: 24
93.125.112.0/24 maxlen: 24
93.125.115.0/24 maxlen: 24
93.125.116.0/24 maxlen: 24
93.125.117.0/24 maxlen: 24
93.125.125.0/24 maxlen: 24
178.172.146.0/24 maxlen: 24
178.172.147.0/24 maxlen: 24
178.172.151.0/24 maxlen: 24
178.172.152.0/24 maxlen: 24
178.172.206.0/24 maxlen: 24
178.172.207.0/24 maxlen: 24
178.172.209.0/24 maxlen: 24
178.172.210.0/24 maxlen: 24
178.172.240.0/24 maxlen: 24
178.172.241.0/24 maxlen: 24
213.184.224.0/22 maxlen: 22
213.184.224.0/24 maxlen: 24
213.184.225.0/24 maxlen: 24
213.184.226.0/24 maxlen: 24
213.184.227.0/24 maxlen: 24
213.184.233.0/24 maxlen: 24
213.184.244.0/24 maxlen: 24
213.184.245.0/24 maxlen: 24
213.184.248.0/24 maxlen: 24
213.184.249.0/24 maxlen: 24
213.184.250.0/24 maxlen: 24
213.184.251.0/24 maxlen: 24
213.184.252.0/24 maxlen: 24
213.184.253.0/24 maxlen: 24
213.184.254.0/24 maxlen: 24
213.184.255.0/24 maxlen: 24
217.21.33.0/24 maxlen: 24
217.21.48.0/24 maxlen: 24
217.21.54.0/24 maxlen: 24
217.21.59.0/24 maxlen: 24
217.21.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.mft
rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:18:69:a2:17:05:09:01:f6:b7:9c:ca:0c:16:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d149f62447853689c12fb288afeb6b681cfebc1
Validity
Not Before: Jan 2 09:50:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc1a274198043c3be3d6718d47f6eeecdccc5345
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:e0:e4:47:11:2b:26:a8:4c:13:7f:2b:7f:36:
04:7c:26:6d:31:25:76:5c:9b:67:1a:27:8b:f5:b6:
79:5c:de:eb:08:04:db:84:84:39:20:b6:ba:25:9d:
db:11:93:ec:da:8b:c2:d7:2b:83:68:b7:20:42:04:
a6:d8:93:ca:e8:75:80:f6:c1:46:12:3e:1d:07:cb:
3b:67:b5:8d:38:17:b7:48:5d:d2:5b:02:79:31:bc:
3d:10:a8:f8:82:c9:9b:39:3d:9a:83:5e:2f:69:39:
34:7a:0d:b0:73:94:f5:38:c4:bb:1d:5c:43:df:a5:
9d:e7:4e:87:89:4e:16:61:13:ce:42:1b:09:b0:b4:
ca:64:c4:4a:3b:5b:8e:71:fa:86:2d:21:3e:21:b3:
45:b6:2b:9b:18:cd:31:7a:0c:8e:d0:57:9f:b6:5e:
86:2c:23:6b:ef:5f:6c:a7:32:92:88:75:62:8a:6d:
12:51:08:c6:75:b1:83:d4:fb:b2:60:30:66:bb:2c:
6f:5f:49:0c:cb:38:db:68:65:e2:38:62:9c:dc:23:
c5:97:08:a6:69:ee:b0:99:a7:f4:18:34:61:49:65:
8d:b3:30:73:28:04:94:5b:d8:c7:06:d5:11:98:07:
b2:35:69:9d:ea:7e:cb:e4:e8:89:37:62:0f:e3:39:
ce:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:1A:27:41:98:04:3C:3B:E3:D6:71:8D:47:F6:EE:EC:DC:CC:53:45
X509v3 Authority Key Identifier:
keyid:7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/zBonQZgEPDvj1nGNR_bu7NzMU0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.252.246.0/24
87.252.252.0/24
87.252.254.0/23
91.149.128.0/21
91.149.144.0-91.149.154.255
91.149.162.0/24
91.149.165.0/24
91.149.168.0/23
91.149.184.0-91.149.188.255
91.149.190.0/23
93.125.0.0/24
93.125.2.0-93.125.17.255
93.125.41.0/24
93.125.62.0-93.125.69.255
93.125.81.0/24
93.125.83.0-93.125.86.255
93.125.100.0/22
93.125.112.0/24
93.125.115.0-93.125.117.255
93.125.125.0/24
178.172.146.0/23
178.172.151.0-178.172.152.255
178.172.206.0/23
178.172.209.0-178.172.210.255
178.172.240.0/23
213.184.224.0/22
213.184.233.0/24
213.184.244.0/23
213.184.248.0/21
217.21.33.0/24
217.21.48.0/24
217.21.54.0/24
217.21.59.0-217.21.60.255
Signature Algorithm: sha256WithRSAEncryption
05:9e:65:16:3d:08:11:a3:d6:2f:a5:7e:48:e8:18:29:d9:39:
43:1b:7b:48:29:2a:bd:24:93:65:5f:b2:d6:5b:e2:a4:16:62:
c1:f8:1b:3d:72:59:24:22:ea:56:5f:83:0e:d3:05:3f:64:0b:
5a:c1:dc:ed:91:97:7a:d5:95:20:70:9d:51:84:3c:3b:f5:b6:
f8:f0:32:4d:ad:a5:21:5b:3d:db:ae:1d:73:86:8d:17:70:de:
5c:32:9f:07:f2:d7:02:e4:3c:dc:d6:8f:c8:a9:e6:cd:a8:44:
6c:5a:b9:6b:f9:ad:43:3d:72:c9:d0:bc:87:f2:5d:6c:21:4f:
75:6d:cb:86:06:e4:da:fa:5f:90:ab:35:38:25:f2:27:1f:2e:
63:b7:2f:0d:5e:9b:d4:9e:94:f6:92:e4:ca:f6:27:cf:ba:95:
a2:90:31:74:d8:0b:5a:a7:c2:f6:44:92:39:ae:df:12:a9:8b:
09:97:82:e3:c9:c1:c5:fc:ff:ef:30:08:fc:3a:38:79:fc:71:
4f:61:8a:c4:79:47:cc:50:28:ca:e4:40:bf:3a:a9:93:89:48:
d4:bf:e6:76:38:53:c2:cf:c8:0a:ca:93:2e:d4:82:52:aa:9c:
05:85:58:37:c3:8b:bf:ce:b5:59:b0:72:96:16:29:e2:1e:0c:
13:4a:2a:41
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAZQmbBhpohcFCQH2t5zKDBZPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMTQ5ZjYyNDQ3ODUzNjg5YzEyZmIyODhhZmViNmI2ODFj
ZmViYzEwHhcNMjUwMTAyMDk1MDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzFhMjc0MTk4MDQzYzNiZTNkNjcxOGQ0N2Y2ZWVlY2RjY2M1MzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1uDkRxErJqhME38rfzYEfCZtMSV2
XJtnGieL9bZ5XN7rCATbhIQ5ILa6JZ3bEZPs2ovC1yuDaLcgQgSm2JPK6HWA9sFG
Ej4dB8s7Z7WNOBe3SF3SWwJ5Mbw9EKj4gsmbOT2ag14vaTk0eg2wc5T1OMS7HVxD
36Wd506HiU4WYRPOQhsJsLTKZMRKO1uOcfqGLSE+IbNFtiubGM0xegyO0Feftl6G
LCNr719spzKSiHViim0SUQjGdbGD1PuyYDBmuyxvX0kMyzjbaGXiOGKc3CPFlwim
ae6wmaf0GDRhSWWNszBzKASUW9jHBtURmAeyNWmd6n7L5OiJN2IP4znOFQIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFMwaJ0GYBDw749ZxjUf27uzczFNFMB8GA1UdIwQY
MBaAFH0Un2JEeFNonBL7KIr+traBz+vBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTct
YWFiMGU0MTRjYzYzLzEvekJvblFaZ0VQRHZqMW5HTlJfYnU3TnpNVTBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTctYWFiMGU0MTRjYzYz
LzEvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCCARYEAgABMIIB
DgMEAFf89gMEAFf8/AMEAVf8/gMEA1uVgDAMAwQEW5WQAwQAW5WaAwQAW5WiAwQA
W5WlAwQBW5WoMAwDBANblbgDBABblbwDBAFblb4DBABdfQAwDAMEAV19AgMEAV19
EAMEAF19KTAMAwQBXX0+AwQBXX1EAwQAXX1RMAwDBABdfVMDBABdfVYDBAJdfWQD
BABdfXAwDAMEAF19cwMEAV19dAMEAF19fQMEAbKskjAMAwQAsqyXAwQAsqyYAwQB
sqzOMAwDBACyrNEDBACyrNIDBAGyrPADBALVuOADBADVuOkDBAHVuPQDBAPVuPgD
BADZFSEDBADZFTADBADZFTYwDAMEANkVOwMEANkVPDANBgkqhkiG9w0BAQsFAAOC
AQEABZ5lFj0IEaPWL6V+SOgYKdk5Qxt7SCkqvSSTZV+y1lvipBZiwfgbPXJZJCLq
Vl+DDtMFP2QLWsHc7ZGXetWVIHCdUYQ8O/W2+PAyTa2lIVs9264dc4aNF3DeXDKf
B/LXAuQ83NaPyKnmzahEbFq5a/mtQz1yydC8h/JdbCFPdW3Lhgbk2vpfkKs1OCXy
Jx8uY7cvDV6b1J6U9pLkyvYnz7qVopAxdNgLWqfC9kSSOa7fEqmLCZeC48nBxfz/
7zAI/Do4efxxT2GKxHlHzFAoyuRAvzqpk4lI1L/mdjhTws/ICsqTLtSCUqqcBYVY
N8OLv861WbBylhYp4h4ME0oqQQ==
-----END CERTIFICATE-----
Generated at Wed Apr 16 22:14:20 2025 by rpki-client