Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/F-tWEgFXNk85dgLML3v4CjJQNJI.roa
File: F-tWEgFXNk85dgLML3v4CjJQNJI.roa (raw, json)
Hash identifier: KLZ5Ryps6kGcz+Vvj/Jt1Z7hc5rWBKew1n0+/36PDXM=
Subject key identifier: 17:EB:56:12:01:57:36:4F:39:76:02:CC:2F:7B:F8:0A:32:50:34:92
Certificate issuer: /CN=3d8a553e05f0319bf452fa206c14ccda87304654
Certificate serial: 019594D08AC706BC14085E9008CC06F0F3B3
Authority key identifier: 3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/F-tWEgFXNk85dgLML3v4CjJQNJI.roa
Signing time: Fri 14 Mar 2025 13:20:49 +0000
ROA not before: Fri 14 Mar 2025 13:20:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8368
IP address blocks: 46.243.24.0/21 maxlen: 24
78.41.64.0/21 maxlen: 24
78.110.192.0/20 maxlen: 24
82.146.96.0/19 maxlen: 24
85.158.208.0/21 maxlen: 24
87.237.8.0/21 maxlen: 24
88.82.32.0/19 maxlen: 24
89.35.16.0/21 maxlen: 24
89.250.176.0/20 maxlen: 24
91.197.108.0/22 maxlen: 24
94.140.160.0/19 maxlen: 24
94.158.248.0/24 maxlen: 24
94.158.250.0/24 maxlen: 24
95.171.160.0/19 maxlen: 24
178.132.8.0/21 maxlen: 24
185.47.0.0/22 maxlen: 24
185.48.100.0/22 maxlen: 24
185.78.180.0/22 maxlen: 24
185.81.224.0/22 maxlen: 24
185.90.184.0/22 maxlen: 22
185.174.64.0/22 maxlen: 24
185.214.4.0/22 maxlen: 24
185.224.236.0/22 maxlen: 22
188.64.72.0/21 maxlen: 24
188.118.0.0/18 maxlen: 24
195.110.54.0/23 maxlen: 24
195.144.64.0/19 maxlen: 24
195.225.100.0/22 maxlen: 24
213.193.200.0/21 maxlen: 24
213.193.224.0/21 maxlen: 24
213.193.248.0/23 maxlen: 24
2001:4158::/29 maxlen: 48
2001:4c40::/32 maxlen: 48
2a00:1fb8::/32 maxlen: 48
2a01:8c20::/32 maxlen: 48
2a0b:8b00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 22:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:94:d0:8a:c7:06:bc:14:08:5e:90:08:cc:06:f0:f3:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8a553e05f0319bf452fa206c14ccda87304654
Validity
Not Before: Mar 14 13:20:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17eb56120157364f397602cc2f7bf80a32503492
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e8:39:9a:43:2e:55:d4:32:03:2f:ea:8b:10:
24:2a:59:5b:45:da:dc:18:8c:47:25:43:11:61:40:
fc:f4:37:af:07:b7:b2:70:c1:97:53:e7:b3:76:75:
da:af:f2:99:db:0c:c7:78:df:13:68:4b:29:55:8e:
43:5e:b5:c3:75:da:3e:c5:eb:6c:da:59:30:09:f2:
79:e9:76:3b:b0:4c:6e:fe:df:0c:9f:d4:4a:4e:b1:
9a:44:29:05:2a:9e:5a:c8:9c:db:3f:00:95:8b:09:
0a:39:5a:49:6d:c8:54:26:49:6c:b7:4b:b0:59:bb:
65:c3:c8:85:30:98:5a:3a:c9:32:0a:de:b9:76:57:
f2:de:8b:ad:1a:71:6e:8f:08:aa:5c:8f:49:97:87:
5c:c3:03:9d:4c:e3:c1:f0:50:b0:0f:af:df:a9:23:
86:f5:cd:5d:27:dc:ab:24:60:de:5b:8f:52:4a:08:
10:be:63:e5:23:05:8d:09:5a:20:7c:43:3c:1b:18:
32:42:f2:07:da:22:4f:3f:ef:23:04:16:99:73:ed:
b4:ae:a2:ec:39:de:97:d1:5e:5c:51:b1:a1:22:d0:
f6:53:1d:a1:7f:c3:2d:c4:f7:28:54:3e:34:30:27:
be:02:97:e0:9d:d8:8a:6b:0c:8e:8d:24:25:a1:6a:
06:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:EB:56:12:01:57:36:4F:39:76:02:CC:2F:7B:F8:0A:32:50:34:92
X509v3 Authority Key Identifier:
keyid:3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/F-tWEgFXNk85dgLML3v4CjJQNJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.24.0/21
78.41.64.0/21
78.110.192.0/20
82.146.96.0/19
85.158.208.0/21
87.237.8.0/21
88.82.32.0/19
89.35.16.0/21
89.250.176.0/20
91.197.108.0/22
94.140.160.0/19
94.158.248.0/24
94.158.250.0/24
95.171.160.0/19
178.132.8.0/21
185.47.0.0/22
185.48.100.0/22
185.78.180.0/22
185.81.224.0/22
185.90.184.0/22
185.174.64.0/22
185.214.4.0/22
185.224.236.0/22
188.64.72.0/21
188.118.0.0/18
195.110.54.0/23
195.144.64.0/19
195.225.100.0/22
213.193.200.0/21
213.193.224.0/21
213.193.248.0/23
IPv6:
2001:4158::/29
2001:4c40::/32
2a00:1fb8::/32
2a01:8c20::/32
2a0b:8b00::/29
Signature Algorithm: sha256WithRSAEncryption
90:d7:89:48:09:20:40:ee:d7:57:90:a9:10:49:01:74:a4:cd:
e2:5c:c0:44:e7:1f:16:08:9b:3a:4a:ea:09:17:34:b2:e4:15:
8e:6c:8c:22:c5:2f:22:59:67:ac:06:0f:ed:31:2b:7b:cb:0a:
32:42:19:0c:57:b3:aa:5c:e1:82:48:ab:db:68:7e:80:54:2a:
98:e0:3a:02:92:f6:c9:79:5d:84:0d:cc:30:f6:fb:be:b2:cc:
33:7b:1c:70:10:cf:b6:1d:25:90:cc:88:31:dc:2c:ef:f5:6c:
da:7a:79:4c:ad:07:74:ca:df:f3:2c:37:9f:6b:4b:26:44:8f:
23:23:7b:35:46:b0:73:a1:ba:d5:e8:8e:1e:ce:96:07:3e:22:
94:d4:51:b5:23:87:ae:98:3e:45:bf:ab:e3:66:59:40:22:0b:
26:ed:6a:ce:69:72:a5:57:69:98:3f:7c:1f:9d:c2:7f:63:5f:
ae:b1:ef:98:97:ad:7c:ef:bb:9b:a3:d2:e1:a1:d6:e6:30:6e:
65:8e:f5:09:3e:c1:4a:64:e3:5a:8a:e5:cf:ca:38:17:9c:81:
83:16:d8:39:7b:3a:4c:78:41:b8:b4:51:b0:af:94:7c:e2:b6:
27:89:e5:5d:26:77:03:3b:87:c0:be:e2:80:ef:ed:33:f4:00:
ab:60:3c:42
-----BEGIN CERTIFICATE-----
MIIF4jCCBMqgAwIBAgISAZWU0IrHBrwUCF6QCMwG8POzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGE1NTNlMDVmMDMxOWJmNDUyZmEyMDZjMTRjY2RhODcz
MDQ2NTQwHhcNMjUwMzE0MTMyMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2ViNTYxMjAxNTczNjRmMzk3NjAyY2MyZjdiZjgwYTMyNTAzNDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsug5mkMuVdQyAy/qixAkKllbRdrc
GIxHJUMRYUD89DevB7eycMGXU+ezdnXar/KZ2wzHeN8TaEspVY5DXrXDddo+xets
2lkwCfJ56XY7sExu/t8Mn9RKTrGaRCkFKp5ayJzbPwCViwkKOVpJbchUJklst0uw
Wbtlw8iFMJhaOskyCt65dlfy3outGnFujwiqXI9Jl4dcwwOdTOPB8FCwD6/fqSOG
9c1dJ9yrJGDeW49SSggQvmPlIwWNCVogfEM8GxgyQvIH2iJPP+8jBBaZc+20rqLs
Od6X0V5cUbGhItD2Ux2hf8MtxPcoVD40MCe+ApfgndiKawyOjSQloWoGQQIDAQAB
o4IC7jCCAuowHQYDVR0OBBYEFBfrVhIBVzZPOXYCzC97+AoyUDSSMB8GA1UdIwQY
MBaAFD2KVT4F8DGb9FL6IGwUzNqHMEZUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81MmNlNTQtZTQ5Yy00MTFjLTg1Mjct
MGZiNDgyM2Y1Yjg3LzEvRi10V0VnRlhOazg1ZGdMTUwzdjRDakpRTkpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81MmNlNTQtZTQ5Yy00MTFjLTg1MjctMGZiNDgyM2Y1Yjg3
LzEvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAgYIKwYBBQUHAQcBAf8EgfIwge8wgcEEAgABMIG6AwQD
LvMYAwQDTilAAwQETm7AAwQFUpJgAwQDVZ7QAwQDV+0IAwQFWFIgAwQDWSMQAwQE
WfqwAwQCW8VsAwQFXoygAwQAXp74AwQAXp76AwQFX6ugAwQDsoQIAwQCuS8AAwQC
uTBkAwQCuU60AwQCuVHgAwQCuVq4AwQCua5AAwQCudYEAwQCueDsAwQDvEBIAwQG
vHYAAwQBw242AwQFw5BAAwQCw+FkAwQD1cHIAwQD1cHgAwQB1cH4MCkEAgACMCMD
BQMgAUFYAwUAIAFMQAMFACoAH7gDBQAqAYwgAwUDKguLADANBgkqhkiG9w0BAQsF
AAOCAQEAkNeJSAkgQO7XV5CpEEkBdKTN4lzAROcfFgibOkrqCRc0suQVjmyMIsUv
IllnrAYP7TEre8sKMkIZDFezqlzhgkir22h+gFQqmOA6ApL2yXldhA3MMPb7vrLM
M3sccBDPth0lkMyIMdws7/Vs2np5TK0HdMrf8yw3n2tLJkSPIyN7NUawc6G61eiO
Hs6WBz4ilNRRtSOHrpg+Rb+r42ZZQCILJu1qzmlypVdpmD98H53Cf2NfrrHvmJet
fO+7m6PS4aHW5jBuZY71CT7BSmTjWorlz8o4F5yBgxbYOXs6THhBuLRRsK+UfOK2
J4nlXSZ3AzuHwL7igO/tM/QAq2A8Qg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:15:13 2025 by rpki-client