Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/S6pEjPdKiDCWT5YS10t21bo7p-Q.roa
File: S6pEjPdKiDCWT5YS10t21bo7p-Q.roa (raw, json)
Hash identifier: pTlwMPVuX2tODYiLJ6YhmWJdp6Y8iDisqjt0seyZtRU=
Subject key identifier: 4B:AA:44:8C:F7:4A:88:30:96:4F:96:12:D7:4B:76:D5:BA:3B:A7:E4
Certificate issuer: /CN=84bfc451fc4f2411addd00a9fbb17346ad6e8996
Certificate serial: 0195CED090F30298357C463EBC1F6DBE8739
Authority key identifier: 84:BF:C4:51:FC:4F:24:11:AD:DD:00:A9:FB:B1:73:46:AD:6E:89:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hL_EUfxPJBGt3QCp-7FzRq1uiZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/S6pEjPdKiDCWT5YS10t21bo7p-Q.roa
Signing time: Tue 25 Mar 2025 19:38:49 +0000
ROA not before: Tue 25 Mar 2025 19:38:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207375
IP address blocks: 31.14.180.0/23 maxlen: 23
31.14.182.0/24 maxlen: 24
37.156.69.0/24 maxlen: 24
37.156.70.0/24 maxlen: 24
45.81.169.0/24 maxlen: 24
45.81.170.0/23 maxlen: 23
45.81.170.0/24 maxlen: 24
45.81.171.0/24 maxlen: 24
84.247.44.0/23 maxlen: 25
85.204.109.0/24 maxlen: 24
86.105.24.0/24 maxlen: 24
86.105.232.0/24 maxlen: 24
86.107.186.0/23 maxlen: 23
89.32.171.0/24 maxlen: 24
89.32.240.0/21 maxlen: 21
89.33.17.0/24 maxlen: 24
89.33.30.0/24 maxlen: 24
89.33.65.0/24 maxlen: 24
89.35.34.0/24 maxlen: 24
89.35.76.0/24 maxlen: 24
89.35.88.0/24 maxlen: 24
89.35.91.0/24 maxlen: 24
89.35.163.0/24 maxlen: 24
89.35.248.0/24 maxlen: 24
89.37.40.0/24 maxlen: 24
89.46.40.0/23 maxlen: 23
89.47.176.0/23 maxlen: 23
89.47.178.0/24 maxlen: 24
89.47.180.0/23 maxlen: 23
89.47.182.0/24 maxlen: 24
93.113.72.0/21 maxlen: 21
176.223.144.0/20 maxlen: 20
188.211.172.0/22 maxlen: 22
188.212.157.0/24 maxlen: 24
188.213.86.0/23 maxlen: 23
188.240.70.0/24 maxlen: 24
193.164.216.0/23 maxlen: 23
2a00:bba0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/hL_EUfxPJBGt3QCp-7FzRq1uiZY.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/hL_EUfxPJBGt3QCp-7FzRq1uiZY.mft
rsync://rpki.ripe.net/repository/DEFAULT/hL_EUfxPJBGt3QCp-7FzRq1uiZY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 13:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ce:d0:90:f3:02:98:35:7c:46:3e:bc:1f:6d:be:87:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84bfc451fc4f2411addd00a9fbb17346ad6e8996
Validity
Not Before: Mar 25 19:38:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4baa448cf74a8830964f9612d74b76d5ba3ba7e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b6:ae:0d:5f:60:f1:ab:23:67:61:a8:27:34:
2d:7d:8e:f2:34:90:80:49:6f:9b:18:53:c2:c9:e0:
35:03:45:90:67:a6:77:ef:85:97:85:be:72:7e:5a:
2e:50:bc:ce:38:da:a4:c3:11:11:72:0b:4a:6a:f5:
a9:07:83:60:7e:d3:5b:ab:31:c6:07:10:7c:5f:96:
8c:8d:58:aa:11:f8:ba:5d:cf:2f:5c:e0:eb:64:ee:
25:59:78:1c:4d:63:34:94:9b:26:bc:3a:b2:d3:57:
d3:2f:6b:1e:12:eb:d2:77:0d:26:5d:12:42:ed:2c:
ee:59:7a:c9:26:ae:f0:73:1a:70:04:f1:15:56:45:
88:9e:3a:ef:f4:6f:d6:27:85:d9:9d:55:18:35:97:
2d:1f:60:05:e5:f9:50:10:5d:e2:ae:1d:96:94:33:
a4:92:f4:29:77:5f:e7:c0:45:ca:26:ed:17:1a:e3:
4b:0d:b6:4b:0c:7f:07:b5:bb:5c:bb:66:e2:c2:ff:
80:84:b9:0c:0d:d2:97:44:1f:56:c0:4c:e4:0c:31:
9c:48:6b:7a:05:3a:35:52:87:05:5e:51:a9:0c:f8:
95:e7:74:87:04:ca:bd:d7:97:f9:6e:6a:4d:43:4a:
23:a3:38:c0:98:46:8a:57:db:5f:1a:41:b4:95:62:
10:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:AA:44:8C:F7:4A:88:30:96:4F:96:12:D7:4B:76:D5:BA:3B:A7:E4
X509v3 Authority Key Identifier:
keyid:84:BF:C4:51:FC:4F:24:11:AD:DD:00:A9:FB:B1:73:46:AD:6E:89:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hL_EUfxPJBGt3QCp-7FzRq1uiZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/S6pEjPdKiDCWT5YS10t21bo7p-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/hL_EUfxPJBGt3QCp-7FzRq1uiZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.180.0-31.14.182.255
37.156.69.0-37.156.70.255
45.81.169.0-45.81.171.255
84.247.44.0/23
85.204.109.0/24
86.105.24.0/24
86.105.232.0/24
86.107.186.0/23
89.32.171.0/24
89.32.240.0/21
89.33.17.0/24
89.33.30.0/24
89.33.65.0/24
89.35.34.0/24
89.35.76.0/24
89.35.88.0/24
89.35.91.0/24
89.35.163.0/24
89.35.248.0/24
89.37.40.0/24
89.46.40.0/23
89.47.176.0-89.47.178.255
89.47.180.0-89.47.182.255
93.113.72.0/21
176.223.144.0/20
188.211.172.0/22
188.212.157.0/24
188.213.86.0/23
188.240.70.0/24
193.164.216.0/23
IPv6:
2a00:bba0::/32
Signature Algorithm: sha256WithRSAEncryption
03:a6:95:c1:b3:08:ff:30:bc:11:d9:da:6e:e3:39:69:5c:e8:
ef:4b:8a:3b:e3:f5:f6:52:37:2a:cc:23:70:ff:cd:e2:45:9b:
f0:ed:49:fd:95:34:bf:45:10:f1:55:12:b0:60:d4:57:26:c9:
07:3a:eb:87:05:7b:05:4f:f6:74:3f:16:ae:70:e0:20:ef:b2:
d0:a6:1d:dd:d4:d1:66:2d:39:6b:95:a4:49:cf:4c:04:d6:a1:
94:60:d8:fa:be:5d:67:0f:d9:0c:4f:31:6a:cf:74:b0:f6:6b:
49:df:a9:61:32:44:09:23:f7:24:26:5a:66:c3:bd:55:7f:a3:
cf:51:79:71:28:87:c6:f0:89:13:ed:79:64:6e:1b:c2:f6:06:
91:55:d8:68:f8:40:e5:76:74:7a:c6:28:37:40:9f:82:83:6b:
9e:fa:df:1f:3a:d1:a5:b9:51:e3:15:e0:a6:52:e2:d1:ae:31:
c0:68:d3:15:2a:9a:1f:89:e3:96:86:b8:fe:66:0e:02:45:a4:
97:7f:12:f2:b6:4b:dc:f7:30:27:4f:e6:cc:42:fa:c8:28:ee:
70:38:c2:80:eb:b0:ae:d9:cb:89:c5:2a:ff:1c:5e:8a:8c:8a:
8e:03:a9:e1:29:c2:84:43:2d:6d:98:37:92:d9:6e:bd:4c:56:
55:d9:e1:72
-----BEGIN CERTIFICATE-----
MIIF6DCCBNCgAwIBAgISAZXO0JDzApg1fEY+vB9tvoc5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YmZjNDUxZmM0ZjI0MTFhZGRkMDBhOWZiYjE3MzQ2YWQ2
ZTg5OTYwHhcNMjUwMzI1MTkzODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmFhNDQ4Y2Y3NGE4ODMwOTY0Zjk2MTJkNzRiNzZkNWJhM2JhN2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7auDV9g8asjZ2GoJzQtfY7yNJCA
SW+bGFPCyeA1A0WQZ6Z374WXhb5yflouULzOONqkwxERcgtKavWpB4NgftNbqzHG
BxB8X5aMjViqEfi6Xc8vXODrZO4lWXgcTWM0lJsmvDqy01fTL2seEuvSdw0mXRJC
7SzuWXrJJq7wcxpwBPEVVkWInjrv9G/WJ4XZnVUYNZctH2AF5flQEF3irh2WlDOk
kvQpd1/nwEXKJu0XGuNLDbZLDH8Htbtcu2biwv+AhLkMDdKXRB9WwEzkDDGcSGt6
BTo1UocFXlGpDPiV53SHBMq915f5bmpNQ0ojozjAmEaKV9tfGkG0lWIQWwIDAQAB
o4IC9DCCAvAwHQYDVR0OBBYEFEuqRIz3Sogwlk+WEtdLdtW6O6fkMB8GA1UdIwQY
MBaAFIS/xFH8TyQRrd0Aqfuxc0atbomWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExfRVVmeFBKQkd0M1FDcC03RnpScTF1aVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9iN2JlNjQtODZkNC00NDNiLTk2ODYt
ZjY2MzE3OTc3OTY4LzEvUzZwRWpQZEtpRENXVDVZUzEwdDIxYm83cC1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9iN2JlNjQtODZkNC00NDNiLTk2ODYtZjY2MzE3OTc3OTY4
LzEvaExfRVVmeFBKQkd0M1FDcC03RnpScTF1aVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCAYIKwYBBQUHAQcBAf8EgfgwgfUwgeMEAgABMIHcMAwD
BAIfDrQDBAAfDrYwDAMEACWcRQMEACWcRjAMAwQALVGpAwQCLVGoAwQBVPcsAwQA
VcxtAwQAVmkYAwQAVmnoAwQBVmu6AwQAWSCrAwQDWSDwAwQAWSERAwQAWSEeAwQA
WSFBAwQAWSMiAwQAWSNMAwQAWSNYAwQAWSNbAwQAWSOjAwQAWSP4AwQAWSUoAwQB
WS4oMAwDBARZL7ADBABZL7IwDAMEAlkvtAMEAFkvtgMEA11xSAMEBLDfkAMEArzT
rAMEALzUnQMEAbzVVgMEALzwRgMEAcGk2DANBAIAAjAHAwUAKgC7oDANBgkqhkiG
9w0BAQsFAAOCAQEAA6aVwbMI/zC8EdnabuM5aVzo70uKO+P19lI3KswjcP/N4kWb
8O1J/ZU0v0UQ8VUSsGDUVybJBzrrhwV7BU/2dD8WrnDgIO+y0KYd3dTRZi05a5Wk
Sc9MBNahlGDY+r5dZw/ZDE8xas90sPZrSd+pYTJECSP3JCZaZsO9VX+jz1F5cSiH
xvCJE+15ZG4bwvYGkVXYaPhA5XZ0esYoN0CfgoNrnvrfHzrRpblR4xXgplLi0a4x
wGjTFSqaH4njloa4/mYOAkWkl38S8rZL3PcwJ0/mzEL6yCjucDjCgOuwrtnLicUq
/xxeioyKjgOp4SnChEMtbZg3ktluvUxWVdnhcg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:34:15 2025 by rpki-client