Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/QFczUkAgEuyKmzEnbolrTA6X2HY.roa
File: QFczUkAgEuyKmzEnbolrTA6X2HY.roa (raw, json)
Hash identifier: 9oqBYWgD2K4y/lveKI1WmKGPvOv0tK+0eRuH2GWZVYI=
Subject key identifier: 40:57:33:52:40:20:12:EC:8A:9B:31:27:6E:89:6B:4C:0E:97:D8:76
Certificate issuer: /CN=80a9fff63a3477957ff75ccdc003dab68cf9d155
Certificate serial: 0195B3FC47D41BE30EEEEB66726128C626F0
Authority key identifier: 80:A9:FF:F6:3A:34:77:95:7F:F7:5C:CD:C0:03:DA:B6:8C:F9:D1:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gKn_9jo0d5V_91zNwAPatoz50VU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/QFczUkAgEuyKmzEnbolrTA6X2HY.roa
Signing time: Thu 20 Mar 2025 14:36:49 +0000
ROA not before: Thu 20 Mar 2025 14:36:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 5.39.0.0/17 maxlen: 17
5.135.0.0/16 maxlen: 16
5.196.0.0/16 maxlen: 16
37.59.0.0/16 maxlen: 16
37.187.0.0/16 maxlen: 16
46.105.0.0/16 maxlen: 16
46.105.198.0/24 maxlen: 24
46.105.199.0/24 maxlen: 24
46.105.200.0/24 maxlen: 24
46.105.201.0/24 maxlen: 24
46.105.202.0/24 maxlen: 24
46.105.203.0/24 maxlen: 24
46.105.204.0/24 maxlen: 24
46.105.206.0/24 maxlen: 24
46.105.207.0/24 maxlen: 24
51.38.0.0/16 maxlen: 16
51.68.0.0/16 maxlen: 16
51.75.0.0/16 maxlen: 16
51.77.0.0/16 maxlen: 16
51.83.0.0/16 maxlen: 16
51.89.0.0/16 maxlen: 16
51.91.0.0/16 maxlen: 16
51.178.0.0/16 maxlen: 16
51.195.0.0/16 maxlen: 16
51.210.0.0/16 maxlen: 16
51.254.0.0/15 maxlen: 15
54.36.0.0/16 maxlen: 16
54.37.0.0/16 maxlen: 16
54.38.0.0/16 maxlen: 16
57.128.0.0/17 maxlen: 17
57.128.128.0/18 maxlen: 18
57.129.0.0/17 maxlen: 17
57.129.128.0/17 maxlen: 17
57.131.0.0/17 maxlen: 17
79.137.0.0/17 maxlen: 17
87.98.128.0/17 maxlen: 17
91.121.0.0/16 maxlen: 16
91.134.0.0/16 maxlen: 16
92.222.0.0/16 maxlen: 16
94.23.0.0/16 maxlen: 16
135.125.0.0/17 maxlen: 17
135.125.128.0/17 maxlen: 17
137.74.0.0/16 maxlen: 16
141.94.0.0/16 maxlen: 16
141.95.0.0/17 maxlen: 17
141.95.128.0/17 maxlen: 17
141.227.128.0/20 maxlen: 24
141.227.160.0/19 maxlen: 24
145.239.0.0/16 maxlen: 16
146.59.0.0/16 maxlen: 16
146.59.0.0/17 maxlen: 17
147.135.128.0/17 maxlen: 17
149.202.0.0/16 maxlen: 16
151.80.0.0/16 maxlen: 16
152.228.128.0/17 maxlen: 17
162.19.0.0/17 maxlen: 17
162.19.128.0/17 maxlen: 17
164.132.0.0/16 maxlen: 16
176.31.0.0/16 maxlen: 16
178.32.0.0/15 maxlen: 15
188.165.0.0/16 maxlen: 16
193.70.0.0/17 maxlen: 17
198.244.128.0/17 maxlen: 17
213.32.0.0/17 maxlen: 17
213.186.32.0/19 maxlen: 19
213.251.128.0/18 maxlen: 18
217.182.0.0/16 maxlen: 16
2001:41d0::/32 maxlen: 32
2001:41d0:ab00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/gKn_9jo0d5V_91zNwAPatoz50VU.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/gKn_9jo0d5V_91zNwAPatoz50VU.mft
rsync://rpki.ripe.net/repository/DEFAULT/gKn_9jo0d5V_91zNwAPatoz50VU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b3:fc:47:d4:1b:e3:0e:ee:eb:66:72:61:28:c6:26:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80a9fff63a3477957ff75ccdc003dab68cf9d155
Validity
Not Before: Mar 20 14:36:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40573352402012ec8a9b31276e896b4c0e97d876
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:8b:52:17:89:72:8d:d1:ea:60:81:a4:a5:71:
41:29:e2:3e:87:5f:31:21:c5:fd:50:7b:93:0e:ab:
e7:03:82:b7:3e:73:b6:c1:57:3f:7c:71:92:3c:e7:
68:c8:84:bf:41:b4:a4:81:5b:80:f5:d5:e4:dd:5b:
b0:66:a3:f1:e1:af:17:b6:cc:02:1c:d2:81:15:7b:
ea:f5:fa:3f:3d:21:2c:bc:e2:fd:af:9e:e4:49:ab:
17:bd:d4:e8:c9:bb:a8:5b:76:aa:26:3f:e9:a2:04:
ff:5f:d3:70:b3:b7:ec:d9:03:ff:55:b0:7d:49:30:
24:b9:04:51:bd:e3:6e:9f:1a:14:57:31:63:7b:01:
73:16:a6:26:4f:33:2e:cf:37:32:78:df:6b:d9:20:
cd:f9:12:7f:3d:85:d6:b5:0c:28:53:4b:96:7e:d7:
41:04:31:c6:bc:a2:84:13:84:53:f4:88:61:e4:02:
48:9e:f6:b8:1b:b6:e8:56:65:3a:87:3d:b4:70:c1:
07:21:10:9c:74:33:50:fa:fe:51:79:98:b3:0a:38:
55:a4:94:30:04:e5:5b:04:1d:2f:fb:f4:04:87:55:
3c:98:0c:3a:ed:15:45:25:f6:be:0c:62:5d:ad:45:
7f:fd:cb:79:b7:70:96:e8:ab:52:e6:76:75:8b:92:
c8:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:57:33:52:40:20:12:EC:8A:9B:31:27:6E:89:6B:4C:0E:97:D8:76
X509v3 Authority Key Identifier:
keyid:80:A9:FF:F6:3A:34:77:95:7F:F7:5C:CD:C0:03:DA:B6:8C:F9:D1:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gKn_9jo0d5V_91zNwAPatoz50VU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/QFczUkAgEuyKmzEnbolrTA6X2HY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/gKn_9jo0d5V_91zNwAPatoz50VU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.0.0/17
5.135.0.0/16
5.196.0.0/16
37.59.0.0/16
37.187.0.0/16
46.105.0.0/16
51.38.0.0/16
51.68.0.0/16
51.75.0.0/16
51.77.0.0/16
51.83.0.0/16
51.89.0.0/16
51.91.0.0/16
51.178.0.0/16
51.195.0.0/16
51.210.0.0/16
51.254.0.0/15
54.36.0.0-54.38.255.255
57.128.0.0-57.128.191.255
57.129.0.0/16
57.131.0.0/17
79.137.0.0/17
87.98.128.0/17
91.121.0.0/16
91.134.0.0/16
92.222.0.0/16
94.23.0.0/16
135.125.0.0/16
137.74.0.0/16
141.94.0.0/15
141.227.128.0/20
141.227.160.0/19
145.239.0.0/16
146.59.0.0/16
147.135.128.0/17
149.202.0.0/16
151.80.0.0/16
152.228.128.0/17
162.19.0.0/16
164.132.0.0/16
176.31.0.0/16
178.32.0.0/15
188.165.0.0/16
193.70.0.0/17
198.244.128.0/17
213.32.0.0/17
213.186.32.0/19
213.251.128.0/18
217.182.0.0/16
IPv6:
2001:41d0::/32
Signature Algorithm: sha256WithRSAEncryption
17:9b:1a:4c:d9:43:2c:be:fa:4f:db:c2:65:6a:91:cf:20:22:
e4:eb:94:22:7f:61:77:0a:ca:27:18:fc:c8:21:de:96:9e:cc:
aa:47:53:87:dc:e6:1a:88:64:3f:10:20:fc:26:05:d6:69:45:
e4:6e:5b:ee:74:89:d2:9d:8c:dc:97:f3:4a:3f:8c:3a:4a:d5:
d4:49:3f:54:b1:f4:d9:d8:7d:6d:e1:2f:81:e0:5b:43:0e:80:
dc:47:75:7e:a1:c0:a4:51:41:72:41:d9:b6:6e:e7:21:6d:27:
42:32:3b:ac:23:37:4d:c8:e9:05:e8:4f:ab:fa:90:56:e0:9b:
00:27:09:5b:ad:ca:6b:cd:af:fd:f0:87:d7:e0:d2:18:69:09:
2c:12:8a:22:64:cc:c9:f9:55:7c:06:15:af:c2:35:f5:7f:10:
1c:b3:dd:d9:0f:f3:78:c4:d2:cd:ab:12:f7:0f:61:1b:7d:0f:
8a:22:31:64:3a:2b:43:9a:c8:1c:f8:ff:13:ac:0d:59:c1:99:
d8:f4:6a:45:64:d2:b4:89:d4:38:b0:96:39:89:c4:3f:73:0f:
98:8b:de:ab:3e:ff:56:82:02:ff:70:86:2b:59:83:2c:80:dd:
82:6f:8a:40:68:5b:44:3e:68:36:01:6a:b9:7b:59:f2:9b:5a:
8c:19:87:fd
-----BEGIN CERTIFICATE-----
MIIGITCCBQmgAwIBAgISAZWz/EfUG+MO7utmcmEoxibwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwYTlmZmY2M2EzNDc3OTU3ZmY3NWNjZGMwMDNkYWI2OGNm
OWQxNTUwHhcNMjUwMzIwMTQzNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDU3MzM1MjQwMjAxMmVjOGE5YjMxMjc2ZTg5NmI0YzBlOTdkODc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApItSF4lyjdHqYIGkpXFBKeI+h18x
IcX9UHuTDqvnA4K3PnO2wVc/fHGSPOdoyIS/QbSkgVuA9dXk3VuwZqPx4a8XtswC
HNKBFXvq9fo/PSEsvOL9r57kSasXvdToybuoW3aqJj/pogT/X9Nws7fs2QP/VbB9
STAkuQRRveNunxoUVzFjewFzFqYmTzMuzzcyeN9r2SDN+RJ/PYXWtQwoU0uWftdB
BDHGvKKEE4RT9Ihh5AJInva4G7boVmU6hz20cMEHIRCcdDNQ+v5ReZizCjhVpJQw
BOVbBB0v+/QEh1U8mAw67RVFJfa+DGJdrUV//ct5t3CW6KtS5nZ1i5LI5wIDAQAB
o4IDLTCCAykwHQYDVR0OBBYEFEBXM1JAIBLsipsxJ26Ja0wOl9h2MB8GA1UdIwQY
MBaAFICp//Y6NHeVf/dczcAD2raM+dFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0tuXzlqbzBkNVZfOTF6TndBUGF0b3o1MFZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9iMDg0YmYtYTQ1NC00M2NmLWFjOTIt
NDdkOThlNTg1NDVhLzEvUUZjelVrQWdFdXlLbXpFbmJvbHJUQTZYMkhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9iMDg0YmYtYTQ1NC00M2NmLWFjOTItNDdkOThlNTg1NDVh
LzEvZ0tuXzlqbzBkNVZfOTF6TndBUGF0b3o1MFZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQQYIKwYBBQUHAQcBAf8EggEwMIIBLDCCARkEAgABMIIB
EQMEBwUnAAMDAAWHAwMABcQDAwAlOwMDACW7AwMALmkDAwAzJgMDADNEAwMAM0sD
AwAzTQMDADNTAwMAM1kDAwAzWwMDADOyAwMAM8MDAwAz0gMDATP+MAoDAwI2JAMD
ADYmMAsDAwc5gAMEBjmAgAMDADmBAwQHOYMAAwQHT4kAAwQHV2KAAwMAW3kDAwBb
hgMDAFzeAwMAXhcDAwCHfQMDAIlKAwMBjV4DBASN44ADBAWN46ADAwCR7wMDAJI7
AwQHk4eAAwMAlcoDAwCXUAMEB5jkgAMDAKITAwMApIQDAwCwHwMDAbIgAwMAvKUD
BAfBRgADBAfG9IADBAfVIAADBAXVuiADBAbV+4ADAwDZtjANBAIAAjAHAwUAIAFB
0DANBgkqhkiG9w0BAQsFAAOCAQEAF5saTNlDLL76T9vCZWqRzyAi5OuUIn9hdwrK
Jxj8yCHelp7MqkdTh9zmGohkPxAg/CYF1mlF5G5b7nSJ0p2M3JfzSj+MOkrV1Ek/
VLH02dh9beEvgeBbQw6A3Ed1fqHApFFBckHZtm7nIW0nQjI7rCM3TcjpBehPq/qQ
VuCbACcJW63Ka82v/fCH1+DSGGkJLBKKImTMyflVfAYVr8I19X8QHLPd2Q/zeMTS
zasS9w9hG30PiiIxZDorQ5rIHPj/E6wNWcGZ2PRqRWTStInUOLCWOYnEP3MPmIve
qz7/VoIC/3CGK1mDLIDdgm+KQGhbRD5oNgFquXtZ8ptajBmH/Q==
-----END CERTIFICATE-----
Generated at Fri Apr 11 07:41:18 2025 by rpki-client