Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TO117LXRxrCo1IsARLsa8O_LPWM.roa
File: TO117LXRxrCo1IsARLsa8O_LPWM.roa (raw, json)
Hash identifier: QGLtZki1tkrVS6UheOHefQKW/Y0UIl7/YXdtbi2rD/k=
Subject key identifier: 4C:ED:75:EC:B5:D1:C6:B0:A8:D4:8B:00:44:BB:1A:F0:EF:CB:3D:63
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01972F9443232A50583D8A9D491B5B130298
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TO117LXRxrCo1IsARLsa8O_LPWM.roa
Signing time: Mon 02 Jun 2025 07:38:55 +0000
ROA not before: Mon 02 Jun 2025 07:38:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 82.152.57.0/24 maxlen: 24
82.152.58.0/24 maxlen: 24
82.152.73.0/24 maxlen: 24
82.152.75.0/24 maxlen: 24
82.152.76.0/23 maxlen: 24
82.152.79.0/24 maxlen: 24
82.152.86.0/23 maxlen: 24
82.152.88.0/24 maxlen: 24
82.152.109.0/24 maxlen: 24
82.152.226.0/24 maxlen: 24
82.152.240.0/24 maxlen: 24
82.152.243.0/24 maxlen: 24
82.153.38.0/24 maxlen: 24
82.153.56.0/24 maxlen: 24
82.153.61.0/24 maxlen: 24
82.153.83.0/24 maxlen: 24
82.153.84.0/24 maxlen: 24
82.153.152.0/24 maxlen: 24
82.153.186.0/24 maxlen: 24
82.153.201.0/24 maxlen: 24
82.153.239.0/24 maxlen: 24
89.213.43.0/24 maxlen: 24
89.213.54.0/24 maxlen: 24
89.213.98.0/24 maxlen: 24
89.213.161.0/24 maxlen: 24
89.213.232.0/23 maxlen: 24
89.213.234.0/23 maxlen: 24
89.213.236.0/23 maxlen: 24
109.176.27.0/24 maxlen: 24
109.176.32.0/21 maxlen: 24
109.176.40.0/21 maxlen: 24
109.176.48.0/21 maxlen: 24
109.176.56.0/21 maxlen: 24
109.176.201.0/24 maxlen: 24
109.176.235.0/24 maxlen: 24
213.130.130.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.210.41.0/24 maxlen: 24
213.218.214.0/24 maxlen: 24
213.218.231.0/24 maxlen: 24
213.218.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 20:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2f:94:43:23:2a:50:58:3d:8a:9d:49:1b:5b:13:02:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 2 07:38:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ced75ecb5d1c6b0a8d48b0044bb1af0efcb3d63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:32:1b:dc:0d:f8:b0:56:14:b1:49:6e:a0:bf:
61:be:ea:61:eb:22:7d:a6:c6:aa:f3:81:f5:70:75:
76:9a:cf:f4:fd:ae:24:c9:6a:48:72:50:05:17:d9:
0b:6d:c3:22:88:ee:99:f2:56:f9:c3:55:94:89:14:
b2:82:ae:94:2e:b5:b2:8b:a5:bc:bd:8f:ef:15:89:
ae:d9:40:a3:a3:e3:2d:1a:6d:25:2e:25:6f:fd:3e:
67:5f:4d:96:8b:7f:31:0a:52:8f:bd:cc:0f:98:e3:
b4:fc:f9:d2:4c:7a:4b:a4:fa:2a:3b:0f:b5:b0:32:
52:c1:2d:63:f3:65:14:29:fd:47:9e:6c:fb:52:ee:
3a:91:a3:4a:f7:ce:3d:78:eb:49:33:ca:2d:1f:8f:
e1:14:b3:f6:aa:75:96:31:c6:ed:f0:0f:17:3b:f8:
da:10:06:ad:43:fa:e6:82:74:2b:57:73:ec:91:43:
e2:f8:08:16:f3:37:90:b3:7c:8e:bf:34:c8:6e:4f:
5a:bf:b8:13:94:40:09:7a:5b:8b:d6:ea:9e:f0:76:
32:e9:35:f1:0c:a2:be:1d:2c:1d:22:d5:ac:d3:51:
70:df:38:ca:c6:ea:f9:74:e3:62:9a:6b:5e:b5:a7:
81:28:46:ba:aa:80:89:7a:67:13:9f:e9:c1:8e:88:
e5:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:ED:75:EC:B5:D1:C6:B0:A8:D4:8B:00:44:BB:1A:F0:EF:CB:3D:63
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TO117LXRxrCo1IsARLsa8O_LPWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.57.0-82.152.58.255
82.152.73.0/24
82.152.75.0-82.152.77.255
82.152.79.0/24
82.152.86.0-82.152.88.255
82.152.109.0/24
82.152.226.0/24
82.152.240.0/24
82.152.243.0/24
82.153.38.0/24
82.153.56.0/24
82.153.61.0/24
82.153.83.0-82.153.84.255
82.153.152.0/24
82.153.186.0/24
82.153.201.0/24
82.153.239.0/24
89.213.43.0/24
89.213.54.0/24
89.213.98.0/24
89.213.161.0/24
89.213.232.0-89.213.237.255
109.176.27.0/24
109.176.32.0/19
109.176.201.0/24
109.176.235.0/24
213.130.130.0/24
213.130.149.0/24
213.210.41.0/24
213.218.214.0/24
213.218.231.0/24
213.218.239.0/24
Signature Algorithm: sha256WithRSAEncryption
13:26:a1:4f:03:f7:bf:8a:9c:4e:e0:af:4b:46:84:62:c8:89:
1f:d9:9c:35:bd:9b:80:7d:1d:fa:ee:9d:3d:11:b6:93:f6:35:
00:d5:e2:51:ca:68:5b:2f:1d:f3:4e:7b:7b:ae:c1:90:08:71:
94:c3:dc:06:de:4c:8c:45:b4:e7:58:80:d6:70:82:78:2f:94:
52:4a:de:df:f8:77:b2:dc:d1:db:7d:63:19:d0:30:1c:eb:d8:
ae:19:54:2a:ab:f2:32:7b:70:ac:9a:c8:6d:a9:0c:b4:69:97:
97:2b:64:36:97:bc:1f:87:fc:a2:1e:d6:88:2b:65:10:bd:bd:
bc:0b:9e:26:c1:2b:86:93:77:ce:02:b9:e7:fc:42:b7:8f:fb:
52:f9:48:26:11:a2:f6:e5:2a:36:0d:d1:e0:cf:96:67:6c:64:
7d:23:e5:14:88:65:dc:e5:86:a9:5d:d8:11:be:4b:4b:31:a8:
a7:c5:6a:84:6f:0f:69:9d:12:30:ac:04:0f:09:1a:75:a7:04:
59:b4:0a:a3:d9:14:ae:1d:07:80:7c:c5:ef:16:0e:cc:cb:4d:
53:39:58:b0:4b:fc:a7:cc:b5:cf:da:ca:be:21:de:ea:92:fe:
05:3e:b3:3a:d6:db:76:c7:f2:75:76:fb:94:cc:73:b1:51:85:
b7:12:d9:d5
-----BEGIN CERTIFICATE-----
MIIF5TCCBM2gAwIBAgISAZcvlEMjKlBYPYqdSRtbEwKYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNjAyMDczODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2VkNzVlY2I1ZDFjNmIwYThkNDhiMDA0NGJiMWFmMGVmY2IzZDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjIb3A34sFYUsUluoL9hvuph6yJ9
psaq84H1cHV2ms/0/a4kyWpIclAFF9kLbcMiiO6Z8lb5w1WUiRSygq6ULrWyi6W8
vY/vFYmu2UCjo+MtGm0lLiVv/T5nX02Wi38xClKPvcwPmOO0/PnSTHpLpPoqOw+1
sDJSwS1j82UUKf1Hnmz7Uu46kaNK9849eOtJM8otH4/hFLP2qnWWMcbt8A8XO/ja
EAatQ/rmgnQrV3PskUPi+AgW8zeQs3yOvzTIbk9av7gTlEAJeluL1uqe8HYy6TXx
DKK+HSwdItWs01Fw3zjKxur5dONimmtetaeBKEa6qoCJemcTn+nBjojlbQIDAQAB
o4IC8TCCAu0wHQYDVR0OBBYEFEztdey10cawqNSLAES7GvDvyz1jMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVE8xMTdMWFJ4ckNvMUlzQVJMc2E4T19MUFdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBQYIKwYBBQUHAQcBAf8EgfUwgfIwge8EAgABMIHoMAwD
BABSmDkDBABSmDoDBABSmEkwDAMEAFKYSwMEAVKYTAMEAFKYTzAMAwQBUphWAwQA
UphYAwQAUphtAwQAUpjiAwQAUpjwAwQAUpjzAwQAUpkmAwQAUpk4AwQAUpk9MAwD
BABSmVMDBABSmVQDBABSmZgDBABSmboDBABSmckDBABSme8DBABZ1SsDBABZ1TYD
BABZ1WIDBABZ1aEwDAMEA1nV6AMEAVnV7AMEAG2wGwMEBW2wIAMEAG2wyQMEAG2w
6wMEANWCggMEANWClQMEANXSKQMEANXa1gMEANXa5wMEANXa7zANBgkqhkiG9w0B
AQsFAAOCAQEAEyahTwP3v4qcTuCvS0aEYsiJH9mcNb2bgH0d+u6dPRG2k/Y1ANXi
UcpoWy8d8057e67BkAhxlMPcBt5MjEW051iA1nCCeC+UUkre3/h3stzR231jGdAw
HOvYrhlUKqvyMntwrJrIbakMtGmXlytkNpe8H4f8oh7WiCtlEL29vAueJsErhpN3
zgK55/xCt4/7UvlIJhGi9uUqNg3R4M+WZ2xkfSPlFIhl3OWGqV3YEb5LSzGop8Vq
hG8PaZ0SMKwEDwkadacEWbQKo9kUrh0HgHzF7xYOzMtNUzlYsEv8p8y1z9rKviHe
6pL+BT6zOtbbdsfydXb7lMxzsVGFtxLZ1Q==
-----END CERTIFICATE-----
Generated at Fri Jun 6 04:56:58 2025 by rpki-client