Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/496d56-86ff-48be-bde3-271fde2dc655/1/OP-qluzkX5DpP--tqOyTqe3xHcQ.roa
File: OP-qluzkX5DpP--tqOyTqe3xHcQ.roa (raw, json)
Hash identifier: jbnp8pZaghnbGo5f+Z7LlRrvT6qH4dxP9RPLOACmte4=
Subject key identifier: 38:FF:AA:96:EC:E4:5F:90:E9:3F:EF:AD:A8:EC:93:A9:ED:F1:1D:C4
Certificate issuer: /CN=75790c7ecf24d28be2e13fe069118cee27d58002
Certificate serial: 019425FD4FA66978C89B7EC93978421554CC
Authority key identifier: 75:79:0C:7E:CF:24:D2:8B:E2:E1:3F:E0:69:11:8C:EE:27:D5:80:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dXkMfs8k0ovi4T_gaRGM7ifVgAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/496d56-86ff-48be-bde3-271fde2dc655/1/OP-qluzkX5DpP--tqOyTqe3xHcQ.roa
Signing time: Thu 02 Jan 2025 07:49:05 +0000
ROA not before: Thu 02 Jan 2025 07:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12302
IP address blocks: 31.5.0.0/16 maxlen: 16
31.5.0.0/17 maxlen: 17
31.5.128.0/17 maxlen: 17
31.14.35.0/24 maxlen: 24
62.121.64.0/18 maxlen: 19
77.81.16.0/20 maxlen: 21
78.96.0.0/15 maxlen: 16
78.96.80.0/22 maxlen: 22
81.89.0.0/20 maxlen: 21
82.208.128.0/18 maxlen: 19
82.210.128.0/18 maxlen: 19
83.103.128.0/17 maxlen: 18
84.117.0.0/16 maxlen: 16
84.117.0.0/17 maxlen: 17
84.117.128.0/17 maxlen: 17
85.186.0.0/16 maxlen: 17
85.204.0.0/20 maxlen: 21
85.204.0.0/21 maxlen: 21
85.204.184.0/21 maxlen: 22
85.204.188.0/22 maxlen: 22
86.104.136.0/21 maxlen: 22
86.105.64.0/20 maxlen: 21
86.106.32.0/19 maxlen: 20
86.106.48.0/20 maxlen: 20
89.33.72.0/21 maxlen: 22
89.38.72.0/22 maxlen: 23
89.42.248.0/21 maxlen: 22
89.42.252.0/22 maxlen: 22
89.44.78.0/23 maxlen: 23
89.44.78.0/24 maxlen: 24
89.136.0.0/15 maxlen: 16
93.113.32.0/23 maxlen: 23
93.113.241.0/24 maxlen: 24
93.113.242.0/23 maxlen: 23
93.117.66.0/23 maxlen: 23
93.117.138.0/23 maxlen: 23
93.117.154.0/23 maxlen: 23
93.118.46.0/23 maxlen: 23
93.119.126.0/23 maxlen: 23
93.119.137.0/24 maxlen: 24
93.119.138.0/23 maxlen: 23
93.119.224.0/23 maxlen: 23
93.119.226.0/24 maxlen: 24
95.76.0.0/15 maxlen: 16
95.76.16.0/22 maxlen: 22
185.63.136.0/22 maxlen: 23
188.208.117.0/24 maxlen: 24
188.208.118.0/23 maxlen: 23
188.214.153.0/24 maxlen: 24
188.214.195.0/24 maxlen: 24
188.214.196.0/23 maxlen: 23
188.240.64.0/22 maxlen: 22
188.240.64.0/23 maxlen: 23
188.240.66.0/23 maxlen: 23
193.178.165.0/24 maxlen: 24
194.102.99.0/24 maxlen: 24
194.102.146.0/24 maxlen: 24
194.102.248.0/21 maxlen: 22
194.105.17.0/24 maxlen: 24
194.105.24.0/22 maxlen: 22
194.105.28.0/22 maxlen: 23
195.234.172.0/24 maxlen: 24
213.164.224.0/19 maxlen: 20
2a04:2400::/27 maxlen: 27
2a04:2400::/28 maxlen: 28
2a04:2410::/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/496d56-86ff-48be-bde3-271fde2dc655/1/dXkMfs8k0ovi4T_gaRGM7ifVgAI.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/496d56-86ff-48be-bde3-271fde2dc655/1/dXkMfs8k0ovi4T_gaRGM7ifVgAI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dXkMfs8k0ovi4T_gaRGM7ifVgAI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:4f:a6:69:78:c8:9b:7e:c9:39:78:42:15:54:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75790c7ecf24d28be2e13fe069118cee27d58002
Validity
Not Before: Jan 2 07:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38ffaa96ece45f90e93fefada8ec93a9edf11dc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8a:95:66:cd:c6:8b:bb:ed:6b:fb:58:98:a5:
87:13:d3:82:c2:7c:fc:74:e1:73:f1:f0:da:f8:67:
af:e0:d1:3b:6f:6b:29:e8:68:c6:c8:10:ba:0e:29:
00:dd:0b:6c:91:b3:e2:37:74:df:5f:1c:3b:a7:3f:
75:fd:67:3c:7f:71:ff:1c:a7:87:c6:5a:47:f8:8a:
ea:78:47:1d:c5:28:d6:3f:a8:91:a0:72:aa:25:dc:
e2:1e:4b:80:61:15:f0:70:52:e7:fd:69:a2:7f:44:
0c:15:f5:c7:2c:1a:7d:b1:82:ba:2b:27:c0:be:0a:
09:b1:c0:9e:7b:5a:3f:cc:ee:db:2e:23:9f:fd:62:
8c:0f:70:c8:9a:de:12:f5:1b:aa:f0:8c:1d:3a:c3:
46:71:af:dc:f7:86:b8:33:cf:14:27:95:e2:4e:ef:
73:62:d9:89:e3:ab:3c:8c:f4:6d:25:71:f3:a8:d0:
55:2f:57:85:4e:15:a3:cd:e0:e0:00:9a:0d:4d:c8:
fc:57:a2:c9:69:09:6e:8d:aa:80:1f:fa:87:43:ee:
36:cc:6c:a3:b4:21:af:bf:66:34:b7:81:4f:7a:ac:
9c:38:16:2e:9c:3d:b3:bc:c8:68:d7:02:b0:75:ee:
4a:e3:f6:ea:ea:55:03:a4:04:23:54:0d:a1:01:55:
15:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:FF:AA:96:EC:E4:5F:90:E9:3F:EF:AD:A8:EC:93:A9:ED:F1:1D:C4
X509v3 Authority Key Identifier:
keyid:75:79:0C:7E:CF:24:D2:8B:E2:E1:3F:E0:69:11:8C:EE:27:D5:80:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXkMfs8k0ovi4T_gaRGM7ifVgAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/496d56-86ff-48be-bde3-271fde2dc655/1/OP-qluzkX5DpP--tqOyTqe3xHcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/496d56-86ff-48be-bde3-271fde2dc655/1/dXkMfs8k0ovi4T_gaRGM7ifVgAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.5.0.0/16
31.14.35.0/24
62.121.64.0/18
77.81.16.0/20
78.96.0.0/15
81.89.0.0/20
82.208.128.0/18
82.210.128.0/18
83.103.128.0/17
84.117.0.0/16
85.186.0.0/16
85.204.0.0/20
85.204.184.0/21
86.104.136.0/21
86.105.64.0/20
86.106.32.0/19
89.33.72.0/21
89.38.72.0/22
89.42.248.0/21
89.44.78.0/23
89.136.0.0/15
93.113.32.0/23
93.113.241.0-93.113.243.255
93.117.66.0/23
93.117.138.0/23
93.117.154.0/23
93.118.46.0/23
93.119.126.0/23
93.119.137.0-93.119.139.255
93.119.224.0-93.119.226.255
95.76.0.0/15
185.63.136.0/22
188.208.117.0-188.208.119.255
188.214.153.0/24
188.214.195.0-188.214.197.255
188.240.64.0/22
193.178.165.0/24
194.102.99.0/24
194.102.146.0/24
194.102.248.0/21
194.105.17.0/24
194.105.24.0/21
195.234.172.0/24
213.164.224.0/19
IPv6:
2a04:2400::/27
Signature Algorithm: sha256WithRSAEncryption
81:06:54:b2:37:27:36:93:f7:79:67:02:1f:c6:f1:3f:42:57:
63:64:15:9e:a8:b2:4d:db:0f:51:d5:31:3f:23:0d:f2:c4:97:
44:b2:fc:b2:f3:6e:3a:ab:59:66:75:4b:52:2d:8d:02:54:83:
c8:c1:92:11:b0:58:33:d7:d1:47:6a:4c:8c:5f:db:b1:dc:6b:
3e:2d:64:85:c0:c4:4c:6d:ae:5d:50:4c:b9:aa:c9:28:3f:89:
07:ec:33:1f:21:ff:d1:5a:10:22:fe:80:c4:21:55:b3:5c:4f:
cb:88:23:5c:3d:fd:ed:1e:bd:c5:9d:d6:7b:5d:b1:b4:af:1c:
39:4d:77:51:ee:bb:7f:e9:64:4d:98:59:1c:b3:9a:2d:52:68:
69:9e:c5:29:2a:da:c5:97:20:e2:70:46:37:46:c1:eb:a3:fd:
c6:25:90:91:01:36:ea:98:f9:93:b0:4b:86:0e:0f:27:77:91:
4a:35:14:8d:02:66:9e:91:d2:3f:2a:77:e1:8a:39:10:05:a8:
0f:4f:20:63:82:91:2a:6a:85:2e:f3:d4:62:43:9b:84:d5:2a:
37:84:17:25:19:f1:bc:a5:86:6a:8f:33:1c:97:cd:f3:6d:be:
e7:ec:a8:4d:37:13:90:c0:cf:ac:c2:49:69:f3:96:5f:5d:51:
19:7e:c5:cd
-----BEGIN CERTIFICATE-----
MIIGOjCCBSKgAwIBAgISAZQl/U+maXjIm37JOXhCFVTMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NzkwYzdlY2YyNGQyOGJlMmUxM2ZlMDY5MTE4Y2VlMjdk
NTgwMDIwHhcNMjUwMTAyMDc0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGZmYWE5NmVjZTQ1ZjkwZTkzZmVmYWRhOGVjOTNhOWVkZjExZGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoqVZs3Gi7vta/tYmKWHE9OCwnz8
dOFz8fDa+Gev4NE7b2sp6GjGyBC6DikA3QtskbPiN3TfXxw7pz91/Wc8f3H/HKeH
xlpH+IrqeEcdxSjWP6iRoHKqJdziHkuAYRXwcFLn/Wmif0QMFfXHLBp9sYK6KyfA
vgoJscCee1o/zO7bLiOf/WKMD3DImt4S9Ruq8IwdOsNGca/c94a4M88UJ5XiTu9z
YtmJ46s8jPRtJXHzqNBVL1eFThWjzeDgAJoNTcj8V6LJaQlujaqAH/qHQ+42zGyj
tCGvv2Y0t4FPeqycOBYunD2zvMho1wKwde5K4/bq6lUDpAQjVA2hAVUVjQIDAQAB
o4IDRjCCA0IwHQYDVR0OBBYEFDj/qpbs5F+Q6T/vrajsk6nt8R3EMB8GA1UdIwQY
MBaAFHV5DH7PJNKL4uE/4GkRjO4n1YACMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFhrTWZzOGswb3ZpNFRfZ2FSR003aWZWZ0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi80OTZkNTYtODZmZi00OGJlLWJkZTMt
MjcxZmRlMmRjNjU1LzEvT1AtcWx1emtYNURwUC0tdHFPeVRxZTN4SGNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi80OTZkNTYtODZmZi00OGJlLWJkZTMtMjcxZmRlMmRjNjU1
LzEvZFhrTWZzOGswb3ZpNFRfZ2FSR003aWZWZ0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBWgYIKwYBBQUHAQcBAf8EggFJMIIBRTCCATIEAgABMIIB
KgMDAB8FAwQAHw4jAwQGPnlAAwQETVEQAwMBTmADBARRWQADBAZS0IADBAZS0oAD
BAdTZ4ADAwBUdQMDAFW6AwQEVcwAAwQDVcy4AwQDVmiIAwQEVmlAAwQFVmogAwQD
WSFIAwQCWSZIAwQDWSr4AwQBWSxOAwMBWYgDBAFdcSAwDAMEAF1x8QMEAl1x8AME
AV11QgMEAV11igMEAV11mgMEAV12LgMEAV13fjAMAwQAXXeJAwQCXXeIMAwDBAVd
d+ADBABdd+IDAwFfTAMEArk/iDAMAwQAvNB1AwQDvNBwAwQAvNaZMAwDBAC81sMD
BAG81sQDBAK88EADBADBsqUDBADCZmMDBADCZpIDBAPCZvgDBADCaREDBAPCaRgD
BADD6qwDBAXVpOAwDQQCAAIwBwMFBSoEJAAwDQYJKoZIhvcNAQELBQADggEBAIEG
VLI3JzaT93lnAh/G8T9CV2NkFZ6osk3bD1HVMT8jDfLEl0Sy/LLzbjqrWWZ1S1It
jQJUg8jBkhGwWDPX0UdqTIxf27Hcaz4tZIXAxExtrl1QTLmqySg/iQfsMx8h/9Fa
ECL+gMQhVbNcT8uII1w9/e0evcWd1ntdsbSvHDlNd1Huu3/pZE2YWRyzmi1SaGme
xSkq2sWXIOJwRjdGweuj/cYlkJEBNuqY+ZOwS4YODyd3kUo1FI0CZp6R0j8qd+GK
ORAFqA9PIGOCkSpqhS7z1GJDm4TVKjeEFyUZ8bylhmqPMxyXzfNtvufsqE03E5DA
z6zCSWnzll9dURl+xc0=
-----END CERTIFICATE-----
Generated at Mon Apr 7 11:01:20 2025 by rpki-client