Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/jmsbdY8zq4uc1LS8P1WJ2HY6VFo.roa
File: jmsbdY8zq4uc1LS8P1WJ2HY6VFo.roa (raw, json)
Hash identifier: vYszuwVdSbKK9/Vhv+Tyv15hnphcueHVFby7KQKVUiI=
Subject key identifier: 8E:6B:1B:75:8F:33:AB:8B:9C:D4:B4:BC:3F:55:89:D8:76:3A:54:5A
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 0196ED67EEF85055842BBB4F4293EC0C8AFD
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/jmsbdY8zq4uc1LS8P1WJ2HY6VFo.roa
Signing time: Tue 20 May 2025 11:15:33 +0000
ROA not before: Tue 20 May 2025 11:15:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136258
IP address blocks: 46.16.128.0/24 maxlen: 24
46.16.129.0/24 maxlen: 24
46.16.130.0/24 maxlen: 24
46.16.131.0/24 maxlen: 24
109.104.152.0/24 maxlen: 24
109.104.153.0/24 maxlen: 24
109.104.155.0/24 maxlen: 24
147.78.0.0/24 maxlen: 24
147.78.1.0/24 maxlen: 24
147.78.2.0/24 maxlen: 24
147.78.3.0/24 maxlen: 24
185.126.236.0/24 maxlen: 24
185.126.237.0/24 maxlen: 24
185.126.238.0/24 maxlen: 24
185.126.239.0/24 maxlen: 24
185.213.20.0/24 maxlen: 24
185.213.21.0/24 maxlen: 24
185.213.23.0/24 maxlen: 24
2a11:840:1::/48 maxlen: 48
2a11:840:3::/48 maxlen: 48
2a11:840:5::/48 maxlen: 48
2a11:840:6::/48 maxlen: 48
2a11:840:7::/48 maxlen: 48
2a11:840:8::/48 maxlen: 48
2a11:840:10::/48 maxlen: 48
2a11:840:11::/48 maxlen: 48
2a11:840:12::/48 maxlen: 48
2a11:840:13::/48 maxlen: 48
2a11:840:14::/48 maxlen: 48
2a11:840:16::/48 maxlen: 48
2a11:840:17::/48 maxlen: 48
2a11:840:18::/48 maxlen: 48
2a11:840:19::/48 maxlen: 48
2a11:840:20::/48 maxlen: 48
2a11:840:21::/48 maxlen: 48
2a11:840:22::/48 maxlen: 48
2a11:840:23::/48 maxlen: 48
2a11:840:24::/48 maxlen: 48
2a11:840:25::/48 maxlen: 48
2a11:840:26::/48 maxlen: 48
2a11:840:28::/48 maxlen: 48
2a11:840:30::/48 maxlen: 48
2a11:840:33::/48 maxlen: 48
2a11:840:40::/48 maxlen: 48
2a11:840:41::/48 maxlen: 48
2a11:840:47::/48 maxlen: 48
2a11:840:48::/48 maxlen: 48
2a11:840:54::/48 maxlen: 48
2a11:840:57::/48 maxlen: 48
2a11:840:60::/48 maxlen: 48
2a11:840:61::/48 maxlen: 48
2a11:840:62::/48 maxlen: 48
2a11:840:63::/48 maxlen: 48
2a11:840:64::/48 maxlen: 48
2a11:840:65::/48 maxlen: 48
2a11:840:66::/48 maxlen: 48
2a11:840:67::/48 maxlen: 48
2a11:840:68::/48 maxlen: 48
2a11:840:69::/48 maxlen: 48
2a11:840:70::/48 maxlen: 48
2a11:840:71::/48 maxlen: 48
2a11:840:72::/48 maxlen: 48
2a11:840:73::/48 maxlen: 48
2a11:840:73:1b::/64 maxlen: 64
2a11:840:74::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.mft
rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ed:67:ee:f8:50:55:84:2b:bb:4f:42:93:ec:0c:8a:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: May 20 11:15:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e6b1b758f33ab8b9cd4b4bc3f5589d8763a545a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:54:d6:0e:44:e1:b6:fc:f9:eb:cb:c5:b3:68:
e2:f2:5e:46:b9:45:09:9a:27:22:4a:86:22:58:ec:
e3:fe:ec:bb:2c:4a:be:b9:6e:39:e8:ee:f7:14:d3:
9c:c6:e6:70:15:53:3b:20:54:23:1a:77:7e:a2:e2:
cb:3d:dc:8a:ea:c2:91:36:e8:e3:50:b7:40:6c:82:
c6:c3:1f:66:79:20:27:d7:e5:f9:56:1d:1d:78:5f:
d6:7e:c0:c8:d9:db:4f:bc:2b:d5:3c:e2:b7:fa:32:
46:f9:fa:a5:ba:fe:9d:9f:13:07:a3:8e:c6:ab:75:
ad:30:46:95:9d:2c:ec:49:3d:da:b8:68:12:b6:22:
0f:78:77:fe:b6:82:de:2f:ce:de:ad:db:f2:2a:28:
52:5a:b9:ff:23:e0:fe:66:93:2d:38:16:c9:28:a8:
c8:ff:54:23:bb:0d:3a:32:ce:24:35:2d:bd:ec:a3:
33:38:c9:10:d3:51:c5:38:ff:62:83:0c:5e:ed:85:
64:cb:2b:25:cd:b4:32:a4:69:0b:d1:80:e0:ef:99:
72:47:52:f5:5b:97:a7:3e:19:bb:e1:f1:be:55:37:
52:f1:70:16:5c:3d:cd:68:eb:f5:fb:84:db:5d:82:
a8:65:2f:0b:b7:b0:47:9d:28:fb:07:97:ae:11:15:
6c:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:6B:1B:75:8F:33:AB:8B:9C:D4:B4:BC:3F:55:89:D8:76:3A:54:5A
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/jmsbdY8zq4uc1LS8P1WJ2HY6VFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.128.0/22
109.104.152.0/23
109.104.155.0/24
147.78.0.0/22
185.126.236.0/22
185.213.20.0/23
185.213.23.0/24
IPv6:
2a11:840:1::/48
2a11:840:3::/48
2a11:840:5::-2a11:840:8:ffff:ffff:ffff:ffff:ffff
2a11:840:10::-2a11:840:14:ffff:ffff:ffff:ffff:ffff
2a11:840:16::-2a11:840:19:ffff:ffff:ffff:ffff:ffff
2a11:840:20::-2a11:840:26:ffff:ffff:ffff:ffff:ffff
2a11:840:28::/48
2a11:840:30::/48
2a11:840:33::/48
2a11:840:40::/47
2a11:840:47::-2a11:840:48:ffff:ffff:ffff:ffff:ffff
2a11:840:54::/48
2a11:840:57::/48
2a11:840:60::-2a11:840:69:ffff:ffff:ffff:ffff:ffff
2a11:840:70::-2a11:840:74:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1e:ee:59:50:f5:e7:2a:5b:8d:f8:ee:b7:d7:27:b3:8b:d3:ef:
e7:2b:a0:41:2a:78:d1:fc:29:a0:8c:8c:89:82:15:e9:d1:16:
f0:f0:1a:36:8f:90:24:0d:28:4b:dc:8d:dc:6d:ad:64:34:07:
1f:65:cb:8a:82:e4:18:4a:52:a4:1c:2b:4e:96:f3:42:ea:eb:
71:c4:8a:2e:e3:cf:20:be:20:c7:e7:e2:01:57:2d:86:7c:f3:
8d:7a:89:7c:c6:26:2a:3f:58:33:e1:c0:3a:a2:dd:ba:ac:a4:
4d:82:15:ba:7e:e4:89:e3:07:02:c5:f1:f1:4c:81:4a:87:7b:
aa:2e:cc:59:7b:cf:83:9a:ff:a3:90:cb:9d:1b:1d:e0:f9:cb:
1b:e3:b0:e4:4e:78:86:85:08:ec:2a:9c:bd:36:7e:03:62:48:
b2:a3:6c:3f:6c:4f:a0:66:ba:08:26:1e:9d:71:58:33:c3:57:
6c:dc:f3:56:3b:ba:26:30:8f:df:5f:2d:92:1b:9d:a4:a0:39:
ef:95:24:9b:57:85:47:38:05:ef:9c:0b:24:b7:44:81:bd:ac:
85:ee:f6:39:b6:bd:fb:51:a1:2c:b5:83:64:f7:ee:82:fa:35:
cf:37:d6:4a:09:1f:86:5d:79:8c:55:c3:01:49:3b:9f:d7:1c:
ff:d9:31:a3
-----BEGIN CERTIFICATE-----
MIIGBTCCBO2gAwIBAgISAZbtZ+74UFWEK7tPQpPsDIr9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjUwNTIwMTExNTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTZiMWI3NThmMzNhYjhiOWNkNGI0YmMzZjU1ODlkODc2M2E1NDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolTWDkThtvz568vFs2ji8l5GuUUJ
miciSoYiWOzj/uy7LEq+uW456O73FNOcxuZwFVM7IFQjGnd+ouLLPdyK6sKRNujj
ULdAbILGwx9meSAn1+X5Vh0deF/WfsDI2dtPvCvVPOK3+jJG+fqluv6dnxMHo47G
q3WtMEaVnSzsST3auGgStiIPeHf+toLeL87erdvyKihSWrn/I+D+ZpMtOBbJKKjI
/1Qjuw06Ms4kNS297KMzOMkQ01HFOP9igwxe7YVkyyslzbQypGkL0YDg75lyR1L1
W5enPhm74fG+VTdS8XAWXD3NaOv1+4TbXYKoZS8Lt7BHnSj7B5euERVs5QIDAQAB
o4IDETCCAw0wHQYDVR0OBBYEFI5rG3WPM6uLnNS0vD9Vidh2OlRaMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvam1zYmRZOHpxNHVjMUxTOFAxV0oySFk2VkZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJQYIKwYBBQUHAQcBAf8EggEUMIIBEDAwBAIAATAqAwQC
LhCAAwQBbWiYAwQAbWibAwQCk04AAwQCuX7sAwQBudUUAwQAudUXMIHbBAIAAjCB
1AMHACoRCEAAAQMHACoRCEAAAzASAwcAKhEIQAAFAwcAKhEIQAAIMBIDBwQqEQhA
ABADBwAqEQhAABQwEgMHASoRCEAAFgMHASoRCEAAGDASAwcFKhEIQAAgAwcAKhEI
QAAmAwcAKhEIQAAoAwcAKhEIQAAwAwcAKhEIQAAzAwcBKhEIQABAMBIDBwAqEQhA
AEcDBwAqEQhAAEgDBwAqEQhAAFQDBwAqEQhAAFcwEgMHBSoRCEAAYAMHASoRCEAA
aDASAwcEKhEIQABwAwcAKhEIQAB0MA0GCSqGSIb3DQEBCwUAA4IBAQAe7llQ9ecq
W4347rfXJ7OL0+/nK6BBKnjR/CmgjIyJghXp0Rbw8Bo2j5AkDShL3I3cba1kNAcf
ZcuKguQYSlKkHCtOlvNC6utxxIou488gviDH5+IBVy2GfPONeol8xiYqP1gz4cA6
ot26rKRNghW6fuSJ4wcCxfHxTIFKh3uqLsxZe8+Dmv+jkMudGx3g+csb47DkTniG
hQjsKpy9Nn4DYkiyo2w/bE+gZroIJh6dcVgzw1ds3PNWO7omMI/fXy2SG52koDnv
lSSbV4VHOAXvnAskt0SBvayF7vY5tr37UaEstYNk9+6C+jXPN9ZKCR+GXXmMVcMB
STuf1xz/2TGj
-----END CERTIFICATE-----
Generated at Fri Jun 6 15:56:49 2025 by rpki-client