Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/gUX26Ns6rqAlu-ixVPnEVURo2ec.roa
File: gUX26Ns6rqAlu-ixVPnEVURo2ec.roa (raw, json)
Hash identifier: WlMrZuW0r4RvIkL/qKH8NZx/WIHxm9qbKJuxr85j0wY=
Subject key identifier: 81:45:F6:E8:DB:3A:AE:A0:25:BB:E8:B1:54:F9:C4:55:44:68:D9:E7
Certificate issuer: /CN=345fb3feb15c03c4d34d9ff444d9ad7e30067208
Certificate serial: 0195B95D3C1561146B1777A08870B1EC46F4
Authority key identifier: 34:5F:B3:FE:B1:5C:03:C4:D3:4D:9F:F4:44:D9:AD:7E:30:06:72:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/gUX26Ns6rqAlu-ixVPnEVURo2ec.roa
Signing time: Fri 21 Mar 2025 15:40:49 +0000
ROA not before: Fri 21 Mar 2025 15:40:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25540
IP address blocks: 45.81.212.0/22 maxlen: 22
77.81.49.0/24 maxlen: 24
83.172.137.0/24 maxlen: 24
83.172.142.0/23 maxlen: 23
83.172.149.0/24 maxlen: 24
83.172.152.0/24 maxlen: 24
83.172.154.0/23 maxlen: 23
83.172.156.0/23 maxlen: 23
83.172.158.0/24 maxlen: 24
83.172.166.0/23 maxlen: 23
83.172.168.0/24 maxlen: 24
83.172.170.0/23 maxlen: 23
83.172.184.0/23 maxlen: 23
83.172.187.0/24 maxlen: 24
83.172.190.0/24 maxlen: 24
83.172.191.0/24 maxlen: 24
89.37.107.0/24 maxlen: 24
93.114.176.0/22 maxlen: 22
94.177.28.0/24 maxlen: 24
94.177.144.0/24 maxlen: 24
130.93.0.0/17 maxlen: 24
130.93.0.0/24 maxlen: 24
130.93.128.0/18 maxlen: 22
130.93.128.0/19 maxlen: 19
130.93.160.0/20 maxlen: 20
130.93.176.0/22 maxlen: 22
185.9.248.0/22 maxlen: 22
185.12.0.0/22 maxlen: 22
185.23.164.0/22 maxlen: 22
185.120.176.0/22 maxlen: 22
185.122.160.0/22 maxlen: 22
185.133.128.0/22 maxlen: 22
185.137.72.0/22 maxlen: 22
185.153.172.0/22 maxlen: 22
193.84.89.0/24 maxlen: 24
195.68.224.0/22 maxlen: 22
2a02:ec00::/29 maxlen: 29
2a0e:4180::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.mft
rsync://rpki.ripe.net/repository/DEFAULT/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b9:5d:3c:15:61:14:6b:17:77:a0:88:70:b1:ec:46:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=345fb3feb15c03c4d34d9ff444d9ad7e30067208
Validity
Not Before: Mar 21 15:40:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8145f6e8db3aaea025bbe8b154f9c4554468d9e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:cd:8d:a2:ef:76:0b:cd:8e:5e:78:ba:42:4c:
19:87:df:4b:0b:95:8b:95:db:a2:c8:8a:fb:bf:db:
8b:2d:3e:01:43:29:8e:b7:3f:0f:ea:b1:db:42:dc:
29:6f:91:ab:a0:b2:13:19:2c:8b:a3:c4:08:19:94:
99:f3:80:cb:dc:f8:3e:22:71:ac:ec:68:ab:39:12:
6d:4a:40:92:62:1b:3c:a0:ec:f8:b9:33:db:9f:a7:
e9:02:5b:1f:ce:4b:a0:34:ee:6a:17:e4:2e:ef:d5:
74:50:0f:1d:a4:be:cf:a9:bd:b1:d0:9c:b2:b1:e7:
c1:53:16:44:9c:b5:6c:6c:bf:e1:69:c6:6d:08:bf:
eb:9e:bd:1d:ba:22:37:ac:2d:0f:f2:a0:56:e1:09:
75:c7:16:84:d6:7d:3d:62:b6:d6:b0:3e:ea:4a:b0:
28:7e:cf:c6:16:a4:de:f9:b4:34:22:fb:36:93:b1:
e2:a8:4f:42:97:26:42:7d:d2:d0:4d:7a:46:fb:a0:
4d:10:da:ac:c3:af:ec:64:e9:74:b3:17:87:48:f5:
6d:bd:54:7f:59:55:ce:7f:10:38:07:f2:b9:4c:4e:
23:12:a1:49:1f:32:a5:a4:cc:96:13:1d:20:b9:a7:
a2:4b:12:3b:4a:de:04:d2:7b:b3:7e:83:d0:9f:8b:
be:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:45:F6:E8:DB:3A:AE:A0:25:BB:E8:B1:54:F9:C4:55:44:68:D9:E7
X509v3 Authority Key Identifier:
keyid:34:5F:B3:FE:B1:5C:03:C4:D3:4D:9F:F4:44:D9:AD:7E:30:06:72:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/gUX26Ns6rqAlu-ixVPnEVURo2ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.212.0/22
77.81.49.0/24
83.172.137.0/24
83.172.142.0/23
83.172.149.0/24
83.172.152.0/24
83.172.154.0-83.172.158.255
83.172.166.0-83.172.168.255
83.172.170.0/23
83.172.184.0/23
83.172.187.0/24
83.172.190.0/23
89.37.107.0/24
93.114.176.0/22
94.177.28.0/24
94.177.144.0/24
130.93.0.0-130.93.191.255
185.9.248.0/22
185.12.0.0/22
185.23.164.0/22
185.120.176.0/22
185.122.160.0/22
185.133.128.0/22
185.137.72.0/22
185.153.172.0/22
193.84.89.0/24
195.68.224.0/22
IPv6:
2a02:ec00::/29
2a0e:4180::/29
Signature Algorithm: sha256WithRSAEncryption
92:14:20:8b:cd:e9:b4:d9:83:12:3c:c0:89:da:22:63:91:a2:
0d:da:2d:ae:2e:71:bf:d3:4e:31:7f:1e:79:5b:c9:32:3c:1b:
e2:50:c6:41:5b:61:16:4c:6f:57:b0:a9:50:3f:4e:31:71:91:
52:c1:b5:20:df:40:82:2c:64:5c:19:f4:1f:7f:c3:62:0f:cd:
0e:c7:95:8b:da:c2:52:f7:b2:f8:e3:7e:41:ab:37:81:f1:a2:
7d:64:2b:dd:e3:f4:f6:ae:c2:fe:25:1d:b3:84:48:f7:5f:e4:
b0:7b:5c:1d:71:b5:b8:b6:83:88:3b:d6:cf:ba:85:b4:54:a1:
ce:3e:82:ad:b0:7e:b8:64:a1:83:00:59:cf:59:88:ed:f8:66:
d8:06:d8:c0:8f:70:8d:1f:d2:07:c6:d7:2c:56:ac:ee:4d:03:
9b:6b:a3:38:3c:9a:ff:cd:aa:4c:15:01:08:2f:e8:a8:17:e8:
6b:20:79:7a:e0:57:95:dc:40:0f:18:cf:c4:99:ac:88:7c:bf:
f3:3e:cf:66:86:ed:5e:a3:9f:b2:cf:2f:c7:98:84:86:b6:42:
0e:e1:54:b1:58:ef:70:78:de:a1:6e:f6:40:39:8d:4a:a4:61:
6a:3e:a8:3e:b1:8d:26:54:d9:c0:8f:a4:55:f6:b8:32:8a:90:
ec:d4:52:76
-----BEGIN CERTIFICATE-----
MIIFyzCCBLOgAwIBAgISAZW5XTwVYRRrF3egiHCx7Eb0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NWZiM2ZlYjE1YzAzYzRkMzRkOWZmNDQ0ZDlhZDdlMzAw
NjcyMDgwHhcNMjUwMzIxMTU0MDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTQ1ZjZlOGRiM2FhZWEwMjViYmU4YjE1NGY5YzQ1NTQ0NjhkOWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxc2Nou92C82OXni6QkwZh99LC5WL
lduiyIr7v9uLLT4BQymOtz8P6rHbQtwpb5GroLITGSyLo8QIGZSZ84DL3Pg+InGs
7GirORJtSkCSYhs8oOz4uTPbn6fpAlsfzkugNO5qF+Qu79V0UA8dpL7Pqb2x0Jyy
sefBUxZEnLVsbL/hacZtCL/rnr0duiI3rC0P8qBW4Ql1xxaE1n09YrbWsD7qSrAo
fs/GFqTe+bQ0Ivs2k7HiqE9ClyZCfdLQTXpG+6BNENqsw6/sZOl0sxeHSPVtvVR/
WVXOfxA4B/K5TE4jEqFJHzKlpMyWEx0guaeiSxI7St4E0nuzfoPQn4u+/wIDAQAB
o4IC1zCCAtMwHQYDVR0OBBYEFIFF9ujbOq6gJbvosVT5xFVEaNnnMB8GA1UdIwQY
MBaAFDRfs/6xXAPE002f9ETZrX4wBnIIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkYtel9yRmNBOFRUVFpfMFJObXRmakFHY2dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hNDQyYzUtZDE0Zi00MjlmLWE1MTUt
YmM1NGIxMjExYjYwLzEvZ1VYMjZOczZycUFsdS1peFZQbkVWVVJvMmVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hNDQyYzUtZDE0Zi00MjlmLWE1MTUtYmM1NGIxMjExYjYw
LzEvTkYtel9yRmNBOFRUVFpfMFJObXRmakFHY2dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHsBggrBgEFBQcBBwEB/wSB3DCB2TCBwAQCAAEwgbkDBAIt
UdQDBABNUTEDBABTrIkDBAFTrI4DBABTrJUDBABTrJgwDAMEAVOsmgMEAFOsnjAM
AwQBU6ymAwQAU6yoAwQBU6yqAwQBU6y4AwQAU6y7AwQBU6y+AwQAWSVrAwQCXXKw
AwQAXrEcAwQAXrGQMAsDAwCCXQMEBoJdgAMEArkJ+AMEArkMAAMEArkXpAMEArl4
sAMEArl6oAMEArmFgAMEArmJSAMEArmZrAMEAMFUWQMEAsNE4DAUBAIAAjAOAwUD
KgLsAAMFAyoOQYAwDQYJKoZIhvcNAQELBQADggEBAJIUIIvN6bTZgxI8wInaImOR
og3aLa4ucb/TTjF/HnlbyTI8G+JQxkFbYRZMb1ewqVA/TjFxkVLBtSDfQIIsZFwZ
9B9/w2IPzQ7HlYvawlL3svjjfkGrN4Hxon1kK93j9Pauwv4lHbOESPdf5LB7XB1x
tbi2g4g71s+6hbRUoc4+gq2wfrhkoYMAWc9ZiO34ZtgG2MCPcI0f0gfG1yxWrO5N
A5trozg8mv/NqkwVAQgv6KgX6GsgeXrgV5XcQA8Yz8SZrIh8v/M+z2aG7V6jn7LP
L8eYhIa2Qg7hVLFY73B43qFu9kA5jUqkYWo+qD6xjSZU2cCPpFX2uDKKkOzUUnY=
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:01:48 2025 by rpki-client