Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/zVUWguf5pjghejhRd7Ny0TVMo5E.roa
File: zVUWguf5pjghejhRd7Ny0TVMo5E.roa (raw, json)
Hash identifier: NjWrzzFudTL38mC/sj/7bSyVSobc+7VuDZH9qGUDXkc=
Subject key identifier: CD:55:16:82:E7:F9:A6:38:21:7A:38:51:77:B3:72:D1:35:4C:A3:91
Certificate issuer: /CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Certificate serial: 019735AAC364757413CDB7178973A3773F06
Authority key identifier: 0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/zVUWguf5pjghejhRd7Ny0TVMo5E.roa
Signing time: Tue 03 Jun 2025 12:01:12 +0000
ROA not before: Tue 03 Jun 2025 12:01:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 45.66.135.0/24 maxlen: 24
45.82.165.0/24 maxlen: 24
45.85.2.0/24 maxlen: 24
45.90.140.0/24 maxlen: 24
45.128.152.0/24 maxlen: 24
45.134.18.0/24 maxlen: 24
45.144.242.0/24 maxlen: 24
45.144.243.0/24 maxlen: 24
81.90.190.0/24 maxlen: 24
89.31.124.0/24 maxlen: 24
91.220.202.0/24 maxlen: 24
91.220.203.0/24 maxlen: 24
147.78.14.0/24 maxlen: 24
152.89.210.0/24 maxlen: 24
185.105.191.0/24 maxlen: 24
185.120.17.0/24 maxlen: 24
185.126.68.0/24 maxlen: 24
185.126.136.0/24 maxlen: 24
185.126.137.0/24 maxlen: 24
185.126.224.0/24 maxlen: 24
185.126.227.0/24 maxlen: 24
185.167.117.0/24 maxlen: 24
185.167.118.0/24 maxlen: 24
185.167.119.0/24 maxlen: 24
185.171.122.0/24 maxlen: 24
185.171.123.0/24 maxlen: 24
185.172.114.0/24 maxlen: 24
185.175.142.0/24 maxlen: 24
185.175.143.0/24 maxlen: 24
185.187.236.0/24 maxlen: 24
188.119.102.0/24 maxlen: 24
192.54.56.0/24 maxlen: 24
192.54.58.0/24 maxlen: 24
192.54.59.0/24 maxlen: 24
193.37.56.0/24 maxlen: 24
193.37.57.0/24 maxlen: 24
193.38.136.0/24 maxlen: 24
194.124.32.0/24 maxlen: 24
194.156.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.mft
rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:35:aa:c3:64:75:74:13:cd:b7:17:89:73:a3:77:3f:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Validity
Not Before: Jun 3 12:01:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd551682e7f9a638217a385177b372d1354ca391
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:08:f3:76:68:a9:8e:c2:78:31:a2:63:f9:30:
3e:27:96:42:8c:8f:b2:86:0b:21:31:71:a8:77:0e:
d9:93:13:6d:3a:ff:40:c2:87:77:4d:b6:23:ee:f7:
7a:cd:90:c0:f5:78:56:1d:99:65:0f:85:91:fa:a7:
43:c8:33:2b:84:e4:29:f4:d6:69:56:47:f9:42:70:
de:3f:7b:98:fd:8e:03:0f:bf:a0:02:90:db:5d:c4:
12:93:9c:8b:ec:4b:03:4b:46:32:c8:fc:98:e2:ee:
a4:ab:10:d3:e4:5e:eb:cf:c8:74:ee:a1:4d:80:36:
33:34:05:f0:e3:80:dd:9a:ea:92:c2:01:50:c8:fd:
7c:f0:15:9f:f2:19:e4:a6:56:44:f4:0b:d4:3d:61:
9a:56:14:d4:67:b5:f3:65:f9:23:8a:a5:0e:f7:52:
df:e5:f0:5b:c0:4e:af:3b:ae:e0:93:34:f5:77:b8:
01:da:a8:e0:31:f1:e4:52:c1:20:46:4b:80:55:22:
f3:1d:dd:39:da:13:a2:97:8b:de:60:09:31:d8:4a:
29:82:32:79:d5:49:29:40:27:13:10:93:6d:e3:98:
26:d1:08:70:8b:1e:0a:91:b7:55:36:4a:78:be:58:
2a:14:1f:33:70:f8:a6:52:58:28:90:91:75:ed:2c:
80:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:55:16:82:E7:F9:A6:38:21:7A:38:51:77:B3:72:D1:35:4C:A3:91
X509v3 Authority Key Identifier:
keyid:0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/zVUWguf5pjghejhRd7Ny0TVMo5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.135.0/24
45.82.165.0/24
45.85.2.0/24
45.90.140.0/24
45.128.152.0/24
45.134.18.0/24
45.144.242.0/23
81.90.190.0/24
89.31.124.0/24
91.220.202.0/23
147.78.14.0/24
152.89.210.0/24
185.105.191.0/24
185.120.17.0/24
185.126.68.0/24
185.126.136.0/23
185.126.224.0/24
185.126.227.0/24
185.167.117.0-185.167.119.255
185.171.122.0/23
185.172.114.0/24
185.175.142.0/23
185.187.236.0/24
188.119.102.0/24
192.54.56.0/24
192.54.58.0/23
193.37.56.0/23
193.38.136.0/24
194.124.32.0/24
194.156.229.0/24
Signature Algorithm: sha256WithRSAEncryption
78:93:b7:10:a3:7f:20:5d:7b:68:c1:72:c8:e8:97:20:b5:e2:
39:5d:57:c2:9d:8c:45:a8:86:d1:1d:94:46:26:a6:31:27:b6:
35:32:37:88:ec:ee:b1:eb:2e:11:b5:65:b3:16:78:40:1d:db:
2f:b3:a8:74:db:94:36:16:aa:7f:e3:6c:1e:34:7c:51:c5:63:
26:0b:95:0b:c2:28:1d:7c:09:2f:4e:5e:22:ca:a4:31:09:b7:
d8:f7:62:70:de:8f:07:2a:83:00:30:13:f4:f6:c0:3c:11:fc:
1e:fe:c0:e0:bd:61:dc:f5:86:9a:c6:9a:b1:c1:bc:40:d4:1b:
01:c9:f4:b2:76:e9:73:23:b0:34:ea:e0:05:78:03:27:7b:1c:
a3:96:ee:d9:b4:2e:08:93:4e:ae:bd:e9:0a:89:40:c2:ca:63:
6c:79:ee:61:51:3a:8b:7e:c1:40:94:04:49:50:0a:36:92:3d:
b9:13:2e:13:1b:97:49:5e:c0:0b:1b:18:62:39:8d:de:3b:31:
6d:d4:16:e8:36:90:2e:fb:3f:e4:10:77:a7:d5:d4:57:2b:97:
4c:b9:3b:52:56:d4:ef:7c:a2:cd:de:3b:e0:25:b0:9e:e5:63:
5b:65:7e:ca:fb:71:52:a6:ac:99:e2:49:f6:20:52:87:39:8d:
00:2c:54:2b
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgISAZc1qsNkdXQTzbcXiXOjdz8GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMjQ3ZTczMzkxZWM5ZDZhMmE0NmYyY2IwYjAyZmM5OTQy
ODhmMTMwHhcNMjUwNjAzMTIwMTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDU1MTY4MmU3ZjlhNjM4MjE3YTM4NTE3N2IzNzJkMTM1NGNhMzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgjzdmipjsJ4MaJj+TA+J5ZCjI+y
hgshMXGodw7ZkxNtOv9Awod3TbYj7vd6zZDA9XhWHZllD4WR+qdDyDMrhOQp9NZp
Vkf5QnDeP3uY/Y4DD7+gApDbXcQSk5yL7EsDS0YyyPyY4u6kqxDT5F7rz8h07qFN
gDYzNAXw44DdmuqSwgFQyP188BWf8hnkplZE9AvUPWGaVhTUZ7XzZfkjiqUO91Lf
5fBbwE6vO67gkzT1d7gB2qjgMfHkUsEgRkuAVSLzHd052hOil4veYAkx2EopgjJ5
1UkpQCcTEJNt45gm0Qhwix4KkbdVNkp4vlgqFB8zcPimUlgokJF17SyAkwIDAQAB
o4ICxDCCAsAwHQYDVR0OBBYEFM1VFoLn+aY4IXo4UXezctE1TKORMB8GA1UdIwQY
MBaAFAskfnM5HsnWoqRvLLCwL8mUKI8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMt
NzM2Nzg5ZWU2ZmQwLzEvelZVV2d1ZjVwamdoZWpoUmQ3TnkwVFZNbzVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMtNzM2Nzg5ZWU2ZmQw
LzEvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHZBggrBgEFBQcBBwEB/wSByTCBxjCBwwQCAAEwgbwDBAAt
QocDBAAtUqUDBAAtVQIDBAAtWowDBAAtgJgDBAAthhIDBAEtkPIDBABRWr4DBABZ
H3wDBAFb3MoDBACTTg4DBACYWdIDBAC5ab8DBAC5eBEDBAC5fkQDBAG5fogDBAC5
fuADBAC5fuMwDAMEALmndQMEA7mncAMEAbmregMEALmscgMEAbmvjgMEALm77AME
ALx3ZgMEAMA2OAMEAcA2OgMEAcElOAMEAMEmiAMEAMJ8IAMEAMKc5TANBgkqhkiG
9w0BAQsFAAOCAQEAeJO3EKN/IF17aMFyyOiXILXiOV1Xwp2MRaiG0R2URiamMSe2
NTI3iOzusesuEbVlsxZ4QB3bL7OodNuUNhaqf+NsHjR8UcVjJguVC8IoHXwJL05e
IsqkMQm32PdicN6PByqDADAT9PbAPBH8Hv7A4L1h3PWGmsaascG8QNQbAcn0snbp
cyOwNOrgBXgDJ3sco5bu2bQuCJNOrr3pColAwspjbHnuYVE6i37BQJQESVAKNpI9
uRMuExuXSV7ACxsYYjmN3jsxbdQW6DaQLvs/5BB3p9XUVyuXTLk7UlbU73yizd47
4CWwnuVjW2V+yvtxUqasmeJJ9iBShzmNACxUKw==
-----END CERTIFICATE-----
Generated at Sat Jun 7 12:12:32 2025 by rpki-client