Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/L_dIoL-v8Ses7NHNA9_hOVuTcYA.roa
File: L_dIoL-v8Ses7NHNA9_hOVuTcYA.roa (raw, json)
Hash identifier: spjcPc+t+vh7tkw91Ed++bnrR9F1eRl6ADtzWUxuTUY=
Subject key identifier: 2F:F7:48:A0:BF:AF:F1:27:AC:EC:D1:CD:03:DF:E1:39:5B:93:71:80
Certificate issuer: /CN=2ba1cfd757f51f2feb74509e9c39be46806be642
Certificate serial: 019711981624D40DCFB9128011A7381C678A
Authority key identifier: 2B:A1:CF:D7:57:F5:1F:2F:EB:74:50:9E:9C:39:BE:46:80:6B:E6:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K6HP11f1Hy_rdFCenDm-RoBr5kI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/L_dIoL-v8Ses7NHNA9_hOVuTcYA.roa
Signing time: Tue 27 May 2025 11:54:29 +0000
ROA not before: Tue 27 May 2025 11:54:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25441
IP address blocks: 62.231.32.0/19 maxlen: 19
78.135.128.0/17 maxlen: 17
78.135.208.0/21 maxlen: 21
78.135.216.0/21 maxlen: 21
78.135.224.0/21 maxlen: 21
78.135.232.0/21 maxlen: 21
78.135.240.0/21 maxlen: 21
78.135.248.0/21 maxlen: 21
83.141.64.0/18 maxlen: 18
85.134.128.0/17 maxlen: 17
85.134.128.0/21 maxlen: 21
85.134.136.0/21 maxlen: 21
85.134.144.0/21 maxlen: 21
85.134.152.0/21 maxlen: 21
85.134.160.0/21 maxlen: 21
85.134.168.0/21 maxlen: 21
85.134.176.0/21 maxlen: 21
85.134.184.0/21 maxlen: 21
85.134.192.0/21 maxlen: 21
85.134.200.0/21 maxlen: 21
85.134.208.0/21 maxlen: 21
85.134.216.0/21 maxlen: 21
85.134.224.0/21 maxlen: 21
85.134.232.0/21 maxlen: 21
85.134.240.0/21 maxlen: 21
85.134.248.0/21 maxlen: 21
87.192.0.0/18 maxlen: 18
87.192.64.0/20 maxlen: 20
87.192.82.0/23 maxlen: 23
87.192.84.0/22 maxlen: 22
87.192.128.0/18 maxlen: 18
87.192.192.0/20 maxlen: 20
87.192.216.0/22 maxlen: 22
87.192.222.0/23 maxlen: 23
87.192.224.0/19 maxlen: 19
87.232.0.0/19 maxlen: 19
87.232.192.0/24 maxlen: 24
87.232.194.0/23 maxlen: 23
87.232.196.0/22 maxlen: 22
87.232.225.0/24 maxlen: 24
87.232.228.0/22 maxlen: 22
89.124.0.0/17 maxlen: 17
89.124.0.0/24 maxlen: 24
89.124.128.0/18 maxlen: 18
89.124.192.0/19 maxlen: 19
89.124.224.0/20 maxlen: 20
89.124.245.0/24 maxlen: 24
89.124.248.0/21 maxlen: 21
89.125.0.0/16 maxlen: 16
89.126.0.0/16 maxlen: 16
89.126.0.0/22 maxlen: 22
89.126.4.0/22 maxlen: 22
89.126.8.0/22 maxlen: 22
89.126.12.0/22 maxlen: 22
89.126.16.0/22 maxlen: 22
89.126.20.0/22 maxlen: 22
89.126.24.0/22 maxlen: 22
89.126.28.0/22 maxlen: 22
89.127.0.0/17 maxlen: 17
89.127.128.0/18 maxlen: 18
89.127.192.0/19 maxlen: 19
89.127.224.0/20 maxlen: 20
89.127.240.0/21 maxlen: 21
89.127.248.0/22 maxlen: 22
89.127.254.0/23 maxlen: 23
185.247.52.0/22 maxlen: 22
2001:4d68::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/K6HP11f1Hy_rdFCenDm-RoBr5kI.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/K6HP11f1Hy_rdFCenDm-RoBr5kI.mft
rsync://rpki.ripe.net/repository/DEFAULT/K6HP11f1Hy_rdFCenDm-RoBr5kI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 08:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:11:98:16:24:d4:0d:cf:b9:12:80:11:a7:38:1c:67:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ba1cfd757f51f2feb74509e9c39be46806be642
Validity
Not Before: May 27 11:54:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ff748a0bfaff127acecd1cd03dfe1395b937180
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:05:ed:c4:18:85:ed:70:13:bf:6f:ab:cf:f3:
b8:ab:7f:d7:7e:39:f5:a5:ec:b8:ad:82:8b:f6:27:
fd:b8:28:7c:4f:8e:7f:8a:a7:5d:8c:b0:39:2f:f2:
d5:34:1f:f3:9c:1b:7a:e9:a0:fe:92:4b:2b:a0:26:
23:b1:ae:cd:fb:b8:94:b1:f2:f2:d1:d7:b6:8a:cf:
2f:fb:ec:0d:ad:03:d8:85:6f:69:11:d1:59:a6:89:
47:f7:29:43:d5:28:0d:3b:a2:73:0c:dd:c5:e4:8e:
f0:a1:88:32:80:b9:4e:d3:26:ba:46:87:e3:a8:ff:
d9:c2:d4:e8:fa:21:5e:5c:75:29:37:c7:e0:0f:53:
5e:ef:a6:f3:d4:ce:28:e5:d2:04:c5:9f:d8:3d:c3:
d3:91:6c:d7:6b:62:f0:64:67:e4:de:69:b8:70:a5:
59:67:68:61:41:84:48:e4:b9:a4:8b:d7:67:8e:d3:
d0:d6:e3:ad:23:a0:94:a5:4a:c7:6a:2d:e7:03:45:
2b:c6:83:8b:2a:6e:0b:3f:df:12:07:60:cf:d3:4b:
58:86:0a:20:aa:f2:64:2b:b2:8c:83:d0:8d:7a:3f:
35:26:8b:95:1a:47:08:40:45:a6:03:45:d0:1a:b1:
cc:0c:ab:19:3b:86:13:f7:df:50:4b:c3:78:0b:0e:
67:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:F7:48:A0:BF:AF:F1:27:AC:EC:D1:CD:03:DF:E1:39:5B:93:71:80
X509v3 Authority Key Identifier:
keyid:2B:A1:CF:D7:57:F5:1F:2F:EB:74:50:9E:9C:39:BE:46:80:6B:E6:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K6HP11f1Hy_rdFCenDm-RoBr5kI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/L_dIoL-v8Ses7NHNA9_hOVuTcYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/K6HP11f1Hy_rdFCenDm-RoBr5kI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.231.32.0/19
78.135.128.0/17
83.141.64.0/18
85.134.128.0/17
87.192.0.0-87.192.79.255
87.192.82.0-87.192.87.255
87.192.128.0-87.192.207.255
87.192.216.0/22
87.192.222.0-87.192.255.255
87.232.0.0/19
87.232.192.0/24
87.232.194.0-87.232.199.255
87.232.225.0/24
87.232.228.0/22
89.124.0.0-89.124.239.255
89.124.245.0/24
89.124.248.0-89.127.251.255
89.127.254.0/23
185.247.52.0/22
IPv6:
2001:4d68::/32
Signature Algorithm: sha256WithRSAEncryption
66:2a:65:47:df:f4:14:3f:f8:01:3e:d8:cf:ed:3e:4c:50:55:
c0:00:e0:61:37:a1:94:e6:5e:5c:51:0b:ed:ed:82:f2:43:7c:
fc:51:41:f6:e7:5f:1f:37:57:29:6f:b2:10:ac:b2:73:87:81:
28:83:13:f9:b6:6c:63:92:cd:67:ae:76:c7:4d:f0:60:5d:45:
e6:af:47:72:0a:67:12:b1:0c:57:ef:83:c8:3a:6e:26:95:22:
28:74:29:d2:37:d1:cd:77:52:c5:b6:14:63:44:4e:0f:27:8e:
f1:fd:97:17:b5:9c:5d:07:0a:bb:22:13:68:bc:1a:32:f4:82:
ee:d9:53:75:be:a8:68:03:a7:8d:d3:ca:cf:27:7d:8d:81:6f:
a2:fe:e8:f4:01:c4:d9:60:47:c5:4f:34:6d:e7:5a:28:13:64:
c3:b0:91:e1:26:94:2d:e2:de:e4:68:98:33:04:0d:b0:aa:8e:
e8:30:76:66:ac:93:a7:95:7f:38:12:c3:01:3e:af:29:58:4f:
77:a9:84:e8:82:56:f4:bd:71:e3:6f:e4:84:14:2c:6b:f9:26:
46:a6:ca:a7:24:5b:1a:bd:51:41:3f:87:eb:54:af:e3:53:a6:
70:12:07:be:b0:d7:79:74:98:e8:39:b3:b5:94:4f:fc:94:87:
c5:1c:33:0d
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgISAZcRmBYk1A3PuRKAEac4HGeKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiYTFjZmQ3NTdmNTFmMmZlYjc0NTA5ZTljMzliZTQ2ODA2
YmU2NDIwHhcNMjUwNTI3MTE1NDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmY3NDhhMGJmYWZmMTI3YWNlY2QxY2QwM2RmZTEzOTViOTM3MTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgXtxBiF7XATv2+rz/O4q3/Xfjn1
pey4rYKL9if9uCh8T45/iqddjLA5L/LVNB/znBt66aD+kksroCYjsa7N+7iUsfLy
0de2is8v++wNrQPYhW9pEdFZpolH9ylD1SgNO6JzDN3F5I7woYgygLlO0ya6Rofj
qP/ZwtTo+iFeXHUpN8fgD1Ne76bz1M4o5dIExZ/YPcPTkWzXa2LwZGfk3mm4cKVZ
Z2hhQYRI5Lmki9dnjtPQ1uOtI6CUpUrHai3nA0UrxoOLKm4LP98SB2DP00tYhgog
qvJkK7KMg9CNej81JouVGkcIQEWmA0XQGrHMDKsZO4YT999QS8N4Cw5nNQIDAQAB
o4ICvjCCArowHQYDVR0OBBYEFC/3SKC/r/EnrOzRzQPf4Tlbk3GAMB8GA1UdIwQY
MBaAFCuhz9dX9R8v63RQnpw5vkaAa+ZCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzZIUDExZjFIeV9yZEZDZW5EbS1Sb0JyNWtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS83NDU5MTAtODZjNi00M2QxLTk3NjUt
NTc4OWRlNDI0YTQyLzEvTF9kSW9MLXY4U2VzN05ITkE5X2hPVnVUY1lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS83NDU5MTAtODZjNi00M2QxLTk3NjUtNTc4OWRlNDI0YTQy
LzEvSzZIUDExZjFIeV9yZEZDZW5EbS1Sb0JyNWtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDCBrgQCAAEwgacDBAU+
5yADBAdOh4ADBAZTjUADBAdVhoAwCwMDBlfAAwQEV8BAMAwDBAFXwFIDBANXwFAw
DAMEB1fAgAMEBFfAwAMEAlfA2DALAwQBV8DeAwMAV8ADBAVX6AADBABX6MAwDAME
AVfowgMEA1fowAMEAFfo4QMEAlfo5DALAwMCWXwDBARZfOADBABZfPUwDAMEA1l8
+AMEAll/+AMEAVl//gMEArn3NDANBAIAAjAHAwUAIAFNaDANBgkqhkiG9w0BAQsF
AAOCAQEAZiplR9/0FD/4AT7Yz+0+TFBVwADgYTehlOZeXFEL7e2C8kN8/FFB9udf
HzdXKW+yEKyyc4eBKIMT+bZsY5LNZ652x03wYF1F5q9HcgpnErEMV++DyDpuJpUi
KHQp0jfRzXdSxbYUY0RODyeO8f2XF7WcXQcKuyITaLwaMvSC7tlTdb6oaAOnjdPK
zyd9jYFvov7o9AHE2WBHxU80bedaKBNkw7CR4SaULeLe5GiYMwQNsKqO6DB2ZqyT
p5V/OBLDAT6vKVhPd6mE6IJW9L1x42/khBQsa/kmRqbKpyRbGr1RQT+H61Sv41Om
cBIHvrDXeXSY6DmztZRP/JSHxRwzDQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 16:53:24 2025 by rpki-client