Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/6LW3HdXOKBwIbU5-SlCvzLy4EZU.roa
File: 6LW3HdXOKBwIbU5-SlCvzLy4EZU.roa (raw, json)
Hash identifier: YuOTY0Uwi7tVFe450/BSt8c610Y3KB0hwo5O1vNlxzo=
Subject key identifier: E8:B5:B7:1D:D5:CE:28:1C:08:6D:4E:7E:4A:50:AF:CC:BC:B8:11:95
Certificate issuer: /CN=579ade9feaedc406df5e11bcef0393cd5e9fd0dd
Certificate serial: 019744BBF4322F7797E23D970BBBF2883D48
Authority key identifier: 57:9A:DE:9F:EA:ED:C4:06:DF:5E:11:BC:EF:03:93:CD:5E:9F:D0:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V5ren-rtxAbfXhG87wOTzV6f0N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/6LW3HdXOKBwIbU5-SlCvzLy4EZU.roa
Signing time: Fri 06 Jun 2025 10:14:17 +0000
ROA not before: Fri 06 Jun 2025 10:14:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49121
IP address blocks: 5.57.209.0/24 maxlen: 24
37.221.68.0/24 maxlen: 24
37.221.69.0/24 maxlen: 24
37.221.70.0/24 maxlen: 24
37.221.71.0/24 maxlen: 24
45.87.117.0/24 maxlen: 24
45.87.118.0/24 maxlen: 24
45.87.119.0/24 maxlen: 24
185.186.0.0/24 maxlen: 24
185.186.1.0/24 maxlen: 24
185.232.166.0/24 maxlen: 24
194.61.10.0/23 maxlen: 24
194.61.10.0/24 maxlen: 24
194.61.11.0/24 maxlen: 24
194.147.74.0/23 maxlen: 23
194.147.74.0/24 maxlen: 24
2a09:e200::/48 maxlen: 48
2a09:e200:e200::/48 maxlen: 48
2a09:e206:c1::/48 maxlen: 48
2a09:e207:810::/48 maxlen: 48
2a09:e207:820::/48 maxlen: 48
2a09:e207:830::/48 maxlen: 48
2a09:e207:860::/48 maxlen: 48
2a09:e207:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/V5ren-rtxAbfXhG87wOTzV6f0N0.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/V5ren-rtxAbfXhG87wOTzV6f0N0.mft
rsync://rpki.ripe.net/repository/DEFAULT/V5ren-rtxAbfXhG87wOTzV6f0N0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 16:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:44:bb:f4:32:2f:77:97:e2:3d:97:0b:bb:f2:88:3d:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=579ade9feaedc406df5e11bcef0393cd5e9fd0dd
Validity
Not Before: Jun 6 10:14:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e8b5b71dd5ce281c086d4e7e4a50afccbcb81195
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:32:02:e8:f8:42:7a:2b:4d:99:54:5b:62:ca:
11:37:87:f1:67:dc:d7:43:5c:51:6d:91:27:73:6d:
b8:77:08:03:5a:1f:7f:72:7b:0f:00:4f:aa:52:ef:
59:35:60:6b:5b:47:f2:e7:9d:94:93:b6:83:63:e9:
81:75:7a:b7:85:db:8c:71:9c:ff:81:1f:56:8d:dc:
98:2b:7a:ab:19:a9:cd:4a:e8:8b:32:f7:25:ad:27:
5d:90:80:fa:36:d4:55:d5:e9:64:79:eb:7c:c2:0b:
7b:b9:c8:ed:ab:ea:85:28:90:e0:67:80:7f:aa:c8:
c6:32:e5:68:71:3b:dc:7a:0a:14:b0:2e:a0:63:7c:
0e:e9:15:46:e8:c5:33:fe:67:9b:6e:0e:c2:5e:3e:
60:2a:df:4d:17:fc:93:32:1e:31:8c:4b:d7:bd:31:
ae:fa:35:f7:05:3f:ae:6c:68:f9:c8:ea:a9:53:e7:
2e:2c:bb:bd:89:5b:62:4e:b1:e0:68:90:a0:50:37:
5f:18:f5:d8:dd:d9:a1:7b:55:37:a6:df:8a:d3:a4:
7c:6a:ad:79:ca:a1:99:44:06:25:1d:a1:65:df:83:
9c:1b:7e:fd:20:2e:a2:15:38:6c:af:6e:0d:40:33:
ad:99:42:7a:85:6e:0f:b3:a1:e8:0d:fd:81:85:25:
f2:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:B5:B7:1D:D5:CE:28:1C:08:6D:4E:7E:4A:50:AF:CC:BC:B8:11:95
X509v3 Authority Key Identifier:
keyid:57:9A:DE:9F:EA:ED:C4:06:DF:5E:11:BC:EF:03:93:CD:5E:9F:D0:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5ren-rtxAbfXhG87wOTzV6f0N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/6LW3HdXOKBwIbU5-SlCvzLy4EZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/220ed7-8dc2-4c01-92bb-208ef32c0202/1/V5ren-rtxAbfXhG87wOTzV6f0N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.209.0/24
37.221.68.0/22
45.87.117.0-45.87.119.255
185.186.0.0/23
185.232.166.0/24
194.61.10.0/23
194.147.74.0/23
IPv6:
2a09:e200::/48
2a09:e200:e200::/48
2a09:e206:c1::/48
2a09:e207:810::/48
2a09:e207:820::/48
2a09:e207:830::/48
2a09:e207:860::/48
2a09:e207:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
6b:67:73:ed:86:f5:77:fb:65:d0:f7:7b:9d:31:b3:db:9a:ab:
3d:8a:80:c5:4b:d5:31:29:dc:fb:89:a0:b5:92:1a:e9:69:46:
3e:1f:12:a3:a3:05:e0:f6:d8:2e:fb:7b:b8:40:d9:93:f8:e8:
13:e2:f3:54:59:31:8f:a5:c7:dc:0a:a4:e2:d0:c2:5b:af:cb:
06:a8:62:1d:d9:1c:93:be:6b:a1:51:70:21:ca:87:08:7d:df:
2e:e5:27:c8:1b:f2:c3:85:d9:69:08:db:2a:a3:34:37:97:e1:
f4:bf:db:29:3f:91:e0:26:a9:8e:e3:d8:9a:02:de:9d:0e:83:
28:13:e4:1b:37:70:28:ce:1d:99:c2:a9:b8:54:e6:7e:70:54:
38:4e:d7:7b:80:83:27:2f:b2:28:80:66:68:21:d5:3a:e2:41:
f8:d8:59:8b:15:89:07:a3:83:b7:56:cc:bd:3b:57:cd:f4:ce:
e0:4c:d1:3f:6a:6d:1f:32:21:f4:1c:5b:39:b5:f0:d0:8c:57:
5e:83:c4:83:bc:f4:0d:29:ff:4b:48:2a:c0:ce:7f:ea:f4:b7:
3d:1e:41:27:9a:cc:dd:72:cb:2a:6f:31:a2:6b:7d:2a:8f:98:
c6:73:d4:71:81:5f:9a:39:90:36:8a:3f:62:15:d2:78:29:0a:
8a:8c:18:8d
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAZdEu/QyL3eX4j2XC7vyiD1IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OWFkZTlmZWFlZGM0MDZkZjVlMTFiY2VmMDM5M2NkNWU5
ZmQwZGQwHhcNMjUwNjA2MTAxNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGI1YjcxZGQ1Y2UyODFjMDg2ZDRlN2U0YTUwYWZjY2JjYjgxMTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTIC6PhCeitNmVRbYsoRN4fxZ9zX
Q1xRbZEnc224dwgDWh9/cnsPAE+qUu9ZNWBrW0fy552Uk7aDY+mBdXq3hduMcZz/
gR9WjdyYK3qrGanNSuiLMvclrSddkID6NtRV1elkeet8wgt7ucjtq+qFKJDgZ4B/
qsjGMuVocTvcegoUsC6gY3wO6RVG6MUz/mebbg7CXj5gKt9NF/yTMh4xjEvXvTGu
+jX3BT+ubGj5yOqpU+cuLLu9iVtiTrHgaJCgUDdfGPXY3dmhe1U3pt+K06R8aq15
yqGZRAYlHaFl34OcG379IC6iFThsr24NQDOtmUJ6hW4Ps6HoDf2BhSXyEwIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFOi1tx3VzigcCG1OfkpQr8y8uBGVMB8GA1UdIwQY
MBaAFFea3p/q7cQG314RvO8Dk81en9DdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjVyZW4tcnR4QWJmWGhHODd3T1R6VjZmME4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8yMjBlZDctOGRjMi00YzAxLTkyYmIt
MjA4ZWYzMmMwMjAyLzEvNkxXM0hkWE9LQndJYlU1LVNsQ3Z6THk0RVpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8yMjBlZDctOGRjMi00YzAxLTkyYmItMjA4ZWYzMmMwMjAy
LzEvVjVyZW4tcnR4QWJmWGhHODd3T1R6VjZmME4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijA4BAIAATAyAwQABTnR
AwQCJd1EMAwDBAAtV3UDBAMtV3ADBAG5ugADBAC56KYDBAHCPQoDBAHCk0owTgQC
AAIwSAMHACoJ4gAAAAMHACoJ4gDiAAMHACoJ4gYAwQMHACoJ4gcIEAMHACoJ4gcI
IAMHACoJ4gcIMAMHACoJ4gcIYAMHACoJ4gf//zANBgkqhkiG9w0BAQsFAAOCAQEA
a2dz7Yb1d/tl0Pd7nTGz25qrPYqAxUvVMSnc+4mgtZIa6WlGPh8So6MF4PbYLvt7
uEDZk/joE+LzVFkxj6XH3Aqk4tDCW6/LBqhiHdkck75roVFwIcqHCH3fLuUnyBvy
w4XZaQjbKqM0N5fh9L/bKT+R4CapjuPYmgLenQ6DKBPkGzdwKM4dmcKpuFTmfnBU
OE7Xe4CDJy+yKIBmaCHVOuJB+NhZixWJB6ODt1bMvTtXzfTO4EzRP2ptHzIh9Bxb
ObXw0IxXXoPEg7z0DSn/S0gqwM5/6vS3PR5BJ5rM3XLLKm8xomt9Ko+YxnPUcYFf
mjmQNoo/YhXSeCkKiowYjQ==
-----END CERTIFICATE-----
Generated at Mon Jun 9 01:22:39 2025 by rpki-client