Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/7qMTrTDYcM2QQ56z85li1ofUyTg.roa
File: 7qMTrTDYcM2QQ56z85li1ofUyTg.roa (raw, json)
Hash identifier: iciXORWa6L+wLcQTsMjP02+eKm3TxOImN9wRNpvtLI0=
Subject key identifier: EE:A3:13:AD:30:D8:70:CD:90:43:9E:B3:F3:99:62:D6:87:D4:C9:38
Certificate issuer: /CN=5fbe65ae23f207fa695255f55a907ac1608be094
Certificate serial: 01953CF6CF168884C3E3662EF8866280AEC8
Authority key identifier: 5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/7qMTrTDYcM2QQ56z85li1ofUyTg.roa
Signing time: Tue 25 Feb 2025 11:56:02 +0000
ROA not before: Tue 25 Feb 2025 11:56:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211183
IP address blocks: 5.35.124.0/24 maxlen: 24
5.35.125.0/24 maxlen: 24
5.35.126.0/24 maxlen: 24
5.35.127.0/24 maxlen: 24
5.253.62.0/24 maxlen: 24
37.140.241.0/24 maxlen: 24
45.128.204.0/24 maxlen: 24
79.133.181.0/24 maxlen: 24
79.133.182.0/24 maxlen: 24
79.133.183.0/24 maxlen: 24
89.191.225.0/24 maxlen: 24
91.200.84.0/24 maxlen: 24
94.154.11.0/24 maxlen: 24
185.198.152.0/24 maxlen: 24
185.239.50.0/24 maxlen: 24
185.239.51.0/24 maxlen: 24
185.240.103.0/24 maxlen: 24
185.244.51.0/24 maxlen: 24
185.250.44.0/24 maxlen: 24
185.250.46.0/24 maxlen: 24
185.250.47.0/24 maxlen: 24
193.187.96.0/24 maxlen: 24
195.93.252.0/24 maxlen: 24
217.171.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 14:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3c:f6:cf:16:88:84:c3:e3:66:2e:f8:86:62:80:ae:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fbe65ae23f207fa695255f55a907ac1608be094
Validity
Not Before: Feb 25 11:56:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eea313ad30d870cd90439eb3f39962d687d4c938
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:e9:e7:7b:99:1d:5b:44:ec:f9:f4:7e:3f:ce:
86:4e:5b:36:e8:5e:73:dd:1c:4b:e0:a2:76:58:48:
17:fc:4e:5a:11:bf:71:8d:b0:f7:84:31:36:18:09:
38:24:dd:7b:ef:be:3d:a0:65:c2:c7:06:69:99:17:
97:2d:4c:77:4f:96:38:04:d6:11:69:ab:80:68:4a:
fc:5c:f4:ae:15:29:e1:78:5c:9e:c7:1b:a9:1b:5a:
82:ef:26:f4:84:0a:fb:57:45:1b:7a:93:7a:36:52:
aa:14:78:79:81:76:7b:f6:d6:ca:ae:9f:b9:c0:88:
06:62:8e:fb:78:b3:a6:b5:87:d6:cd:e5:1d:5c:22:
50:f7:91:0c:f1:dd:10:da:b7:b5:da:70:82:a6:05:
53:aa:89:dd:12:cd:f7:ef:77:af:22:24:ab:a2:2b:
66:d2:7c:05:31:d5:61:23:8f:ae:0e:4a:14:f0:2b:
b9:79:a6:ef:c2:1c:97:d8:0c:bf:77:ba:1c:01:17:
89:0d:7a:02:59:7b:ed:03:94:0a:65:7c:b6:f1:db:
ed:10:b9:61:30:bd:f1:36:53:47:ce:9e:c3:d1:ff:
10:cd:00:42:24:99:f4:62:eb:62:5c:7e:b4:c2:7e:
fc:63:39:e6:7d:3f:8e:49:0f:e4:19:49:4a:2a:4e:
85:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:A3:13:AD:30:D8:70:CD:90:43:9E:B3:F3:99:62:D6:87:D4:C9:38
X509v3 Authority Key Identifier:
keyid:5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/7qMTrTDYcM2QQ56z85li1ofUyTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.124.0/22
5.253.62.0/24
37.140.241.0/24
45.128.204.0/24
79.133.181.0-79.133.183.255
89.191.225.0/24
91.200.84.0/24
94.154.11.0/24
185.198.152.0/24
185.239.50.0/23
185.240.103.0/24
185.244.51.0/24
185.250.44.0/24
185.250.46.0/23
193.187.96.0/24
195.93.252.0/24
217.171.146.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:d3:ed:a5:82:42:75:0d:fc:9d:2d:dc:89:5c:83:9a:12:bd:
70:3d:d7:e5:35:9c:89:7c:90:dd:1d:26:e3:15:86:f6:06:14:
5b:03:31:fb:1b:21:0a:d2:9b:2b:11:51:77:a0:d3:cb:0d:29:
1f:13:fa:a5:a3:00:e0:89:cb:3d:cd:5c:d9:03:c8:ef:d3:18:
01:a9:2e:3a:07:08:7d:25:d1:97:fe:d9:f0:81:d1:1a:03:1b:
97:b8:ae:b1:1f:70:5d:cb:b9:be:1a:8d:9c:04:5e:58:51:da:
4b:7b:3a:86:36:a2:60:8a:4e:32:ad:d8:cc:fe:62:e6:8a:07:
16:fc:c1:0a:87:91:1c:5f:b6:ad:3a:60:23:3d:29:64:fc:5d:
7b:6f:71:d7:c4:67:3a:1e:be:0a:d3:6e:4a:2a:7a:90:35:92:
57:36:d1:73:e7:0f:20:b6:74:b0:21:a9:5e:4e:99:6d:70:ae:
2e:fa:d3:ef:5e:ca:5d:61:0e:ed:0a:3c:b4:10:56:15:a9:ce:
7e:6e:2b:7b:91:a8:38:bc:22:3e:35:45:ca:7b:29:c8:b7:9e:
4f:3f:5b:f1:1b:2e:88:ed:ae:6a:f6:c2:7a:f9:b5:ba:5c:79:
c5:9c:c6:d5:4e:b0:29:18:0a:e3:49:63:2a:2e:18:6b:a4:92:
6f:50:f7:17
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAZU89s8WiITD42Yu+IZigK7IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmU2NWFlMjNmMjA3ZmE2OTUyNTVmNTVhOTA3YWMxNjA4
YmUwOTQwHhcNMjUwMjI1MTE1NjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWEzMTNhZDMwZDg3MGNkOTA0MzllYjNmMzk5NjJkNjg3ZDRjOTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2unne5kdW0Ts+fR+P86GTls26F5z
3RxL4KJ2WEgX/E5aEb9xjbD3hDE2GAk4JN177749oGXCxwZpmReXLUx3T5Y4BNYR
aauAaEr8XPSuFSnheFyexxupG1qC7yb0hAr7V0UbepN6NlKqFHh5gXZ79tbKrp+5
wIgGYo77eLOmtYfWzeUdXCJQ95EM8d0Q2re12nCCpgVTqondEs3373evIiSroitm
0nwFMdVhI4+uDkoU8Cu5eabvwhyX2Ay/d7ocAReJDXoCWXvtA5QKZXy28dvtELlh
ML3xNlNHzp7D0f8QzQBCJJn0YutiXH60wn78YznmfT+OSQ/kGUlKKk6FswIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFO6jE60w2HDNkEOes/OZYtaH1Mk4MB8GA1UdIwQY
MBaAFF++Za4j8gf6aVJV9VqQesFgi+CUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUt
NDkyYWIzNzI2ODlkLzEvN3FNVHJURFljTTJRUTU2ejg1bGkxb2ZVeVRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUtNDkyYWIzNzI2ODlk
LzEvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAgUjfAME
AAX9PgMEACWM8QMEAC2AzDAMAwQAT4W1AwQDT4WwAwQAWb/hAwQAW8hUAwQAXpoL
AwQAucaYAwQBue8yAwQAufBnAwQAufQzAwQAufosAwQBufouAwQAwbtgAwQAw138
AwQA2auSMA0GCSqGSIb3DQEBCwUAA4IBAQB70+2lgkJ1DfydLdyJXIOaEr1wPdfl
NZyJfJDdHSbjFYb2BhRbAzH7GyEK0psrEVF3oNPLDSkfE/qlowDgics9zVzZA8jv
0xgBqS46Bwh9JdGX/tnwgdEaAxuXuK6xH3Bdy7m+Go2cBF5YUdpLezqGNqJgik4y
rdjM/mLmigcW/MEKh5EcX7atOmAjPSlk/F17b3HXxGc6Hr4K025KKnqQNZJXNtFz
5w8gtnSwIaleTpltcK4u+tPvXspdYQ7tCjy0EFYVqc5+bit7kag4vCI+NUXKeynI
t55PP1vxGy6I7a5q9sJ6+bW6XHnFnMbVTrApGArjSWMqLhhrpJJvUPcX
-----END CERTIFICATE-----
Generated at Sat Apr 12 18:49:25 2025 by rpki-client