Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/0dbe56-3daa-4a64-925a-fa71ae05dc3f/1/HvGkzNX-LlaIXMSfIk5S1mOC0oY.roa
File: HvGkzNX-LlaIXMSfIk5S1mOC0oY.roa (raw, json)
Hash identifier: cwXFNBAD/M2F0MUB/ov5M8039XefOPt3b2kagm/DMzw=
Subject key identifier: 1E:F1:A4:CC:D5:FE:2E:56:88:5C:C4:9F:22:4E:52:D6:63:82:D2:86
Certificate issuer: /CN=b9e67fcb0bdc6001d8cf7073c649eb9819fc5eb8
Certificate serial: 01951CF12D35BE5CB0A688AC9BF71705C2DE
Authority key identifier: B9:E6:7F:CB:0B:DC:60:01:D8:CF:70:73:C6:49:EB:98:19:FC:5E:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueZ_ywvcYAHYz3BzxknrmBn8Xrg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/0dbe56-3daa-4a64-925a-fa71ae05dc3f/1/HvGkzNX-LlaIXMSfIk5S1mOC0oY.roa
Signing time: Wed 19 Feb 2025 06:42:02 +0000
ROA not before: Wed 19 Feb 2025 06:42:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15547
IP address blocks: 31.31.48.0/20 maxlen: 20
77.242.160.0/20 maxlen: 20
78.155.0.0/19 maxlen: 19
81.13.128.0/17 maxlen: 17
81.88.176.0/20 maxlen: 20
81.88.176.0/21 maxlen: 21
86.111.128.0/20 maxlen: 20
92.62.176.0/20 maxlen: 20
92.240.96.0/19 maxlen: 19
95.215.60.0/22 maxlen: 22
178.157.84.0/22 maxlen: 22
178.237.80.0/20 maxlen: 20
185.17.108.0/22 maxlen: 22
185.17.176.0/22 maxlen: 22
185.44.196.0/22 maxlen: 22
185.50.220.0/22 maxlen: 22
185.55.216.0/22 maxlen: 22
185.84.208.0/22 maxlen: 22
188.239.160.0/20 maxlen: 20
192.162.24.0/22 maxlen: 22
194.12.16.0/20 maxlen: 20
195.162.160.0/22 maxlen: 22
195.162.164.0/23 maxlen: 23
195.162.167.0/24 maxlen: 24
195.162.168.0/21 maxlen: 21
195.162.176.0/20 maxlen: 20
213.221.128.0/19 maxlen: 19
213.230.52.0/22 maxlen: 22
213.230.56.0/21 maxlen: 21
213.238.0.0/19 maxlen: 19
217.79.192.0/20 maxlen: 20
2001:14a8::/32 maxlen: 32
2a02:26a0::/29 maxlen: 29
2a03:4380::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/0dbe56-3daa-4a64-925a-fa71ae05dc3f/1/ueZ_ywvcYAHYz3BzxknrmBn8Xrg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/0dbe56-3daa-4a64-925a-fa71ae05dc3f/1/ueZ_ywvcYAHYz3BzxknrmBn8Xrg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ueZ_ywvcYAHYz3BzxknrmBn8Xrg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1c:f1:2d:35:be:5c:b0:a6:88:ac:9b:f7:17:05:c2:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9e67fcb0bdc6001d8cf7073c649eb9819fc5eb8
Validity
Not Before: Feb 19 06:42:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ef1a4ccd5fe2e56885cc49f224e52d66382d286
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a5:2f:15:54:86:d0:36:d4:49:0f:cb:8b:f6:
1c:c6:77:33:aa:4b:b4:5b:15:92:ab:1c:81:d5:81:
f6:3a:2b:9f:e5:74:ea:ce:59:56:1b:8c:58:43:c5:
99:fa:4b:43:10:0e:82:a1:ff:23:1c:2f:23:37:8a:
6e:54:0a:a6:64:bc:15:96:4a:38:76:8b:1b:0d:46:
de:4d:53:92:5b:b0:d9:08:ac:f2:dd:2b:90:06:6e:
51:cb:7e:3f:2b:86:2d:9b:fd:46:c8:2c:53:ee:46:
a3:42:ea:16:5a:7e:2a:ff:d2:e0:81:15:88:a8:d3:
33:ae:76:73:d7:b8:65:17:99:06:27:25:ad:c2:89:
03:07:b9:e3:8c:00:a1:28:5d:46:09:66:e2:28:76:
c8:2d:ec:c6:b9:fc:3a:21:d3:52:75:47:e5:79:cb:
af:bd:9c:1e:33:98:98:6e:e5:e1:bb:f1:2c:c1:d9:
08:6d:48:73:cc:6b:73:44:64:de:52:5d:58:38:45:
22:fb:93:94:2b:ce:77:d6:36:6d:1e:95:51:78:46:
9b:b5:ee:a4:f0:0e:01:a1:cf:c0:53:c0:69:e5:71:
fc:43:b7:3e:f9:9e:f7:b0:2e:3d:e8:0b:1d:14:83:
60:f5:9b:21:c0:58:8d:a9:26:af:42:fa:2b:9a:1a:
2a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:F1:A4:CC:D5:FE:2E:56:88:5C:C4:9F:22:4E:52:D6:63:82:D2:86
X509v3 Authority Key Identifier:
keyid:B9:E6:7F:CB:0B:DC:60:01:D8:CF:70:73:C6:49:EB:98:19:FC:5E:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueZ_ywvcYAHYz3BzxknrmBn8Xrg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/0dbe56-3daa-4a64-925a-fa71ae05dc3f/1/HvGkzNX-LlaIXMSfIk5S1mOC0oY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/0dbe56-3daa-4a64-925a-fa71ae05dc3f/1/ueZ_ywvcYAHYz3BzxknrmBn8Xrg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.31.48.0/20
77.242.160.0/20
78.155.0.0/19
81.13.128.0/17
81.88.176.0/20
86.111.128.0/20
92.62.176.0/20
92.240.96.0/19
95.215.60.0/22
178.157.84.0/22
178.237.80.0/20
185.17.108.0/22
185.17.176.0/22
185.44.196.0/22
185.50.220.0/22
185.55.216.0/22
185.84.208.0/22
188.239.160.0/20
192.162.24.0/22
194.12.16.0/20
195.162.160.0-195.162.165.255
195.162.167.0-195.162.191.255
213.221.128.0/19
213.230.52.0-213.230.63.255
213.238.0.0/19
217.79.192.0/20
IPv6:
2001:14a8::/32
2a02:26a0::/29
2a03:4380::/32
Signature Algorithm: sha256WithRSAEncryption
52:32:2c:b4:d9:c7:a7:d4:df:4f:aa:aa:bc:91:92:bc:83:0f:
0a:6f:e5:96:23:da:eb:6f:80:44:2f:70:b0:c8:28:5a:82:ea:
d1:fa:67:94:99:1d:0d:43:6c:41:eb:29:d7:22:7b:ce:7d:22:
5b:af:9c:27:71:2a:96:18:b2:c9:fd:40:b6:c5:bf:3a:db:f3:
19:3f:45:2d:84:cf:57:48:fc:7f:0b:69:a4:53:21:a3:90:b1:
4d:e1:a8:d5:e5:a4:56:95:49:b4:6c:65:ba:e7:ab:a7:2d:11:
d6:ac:cb:b0:2a:4d:82:1b:31:6f:c9:99:a0:a3:2e:fa:ac:59:
2d:4d:e4:60:90:87:8a:eb:ee:bc:50:72:fa:3e:a3:86:87:03:
95:a9:76:5c:02:85:a3:24:20:86:6f:56:7e:78:4d:21:1b:06:
ba:e6:4e:18:bc:8f:49:f6:0a:97:dd:c7:9d:28:2b:37:e5:a5:
35:68:c2:63:7d:40:fb:a3:b6:5c:78:f4:e3:a8:ff:a3:09:18:
ff:44:3f:83:39:f3:85:52:5c:83:4e:f2:b4:03:f0:60:22:b5:
c0:7e:ce:7d:de:f9:62:e9:2d:78:7d:f9:91:f7:1a:62:cd:a5:
28:41:e9:89:35:db:fd:38:3b:76:4f:a9:80:7a:df:83:2c:80:
fa:98:02:ad
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgISAZUc8S01vlywpoism/cXBcLeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZTY3ZmNiMGJkYzYwMDFkOGNmNzA3M2M2NDllYjk4MTlm
YzVlYjgwHhcNMjUwMjE5MDY0MjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWYxYTRjY2Q1ZmUyZTU2ODg1Y2M0OWYyMjRlNTJkNjYzODJkMjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKUvFVSG0DbUSQ/Li/Ycxnczqku0
WxWSqxyB1YH2Oiuf5XTqzllWG4xYQ8WZ+ktDEA6Cof8jHC8jN4puVAqmZLwVlko4
dosbDUbeTVOSW7DZCKzy3SuQBm5Ry34/K4Ytm/1GyCxT7kajQuoWWn4q/9LggRWI
qNMzrnZz17hlF5kGJyWtwokDB7njjAChKF1GCWbiKHbILezGufw6IdNSdUflecuv
vZweM5iYbuXhu/EswdkIbUhzzGtzRGTeUl1YOEUi+5OUK8531jZtHpVReEabte6k
8A4Boc/AU8Bp5XH8Q7c++Z73sC496AsdFINg9ZshwFiNqSavQvormhoq4QIDAQAB
o4IC2TCCAtUwHQYDVR0OBBYEFB7xpMzV/i5WiFzEnyJOUtZjgtKGMB8GA1UdIwQY
MBaAFLnmf8sL3GAB2M9wc8ZJ65gZ/F64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVaX3l3dmNZQUhZejNCenhrbnJtQm44WHJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC8wZGJlNTYtM2RhYS00YTY0LTkyNWEt
ZmE3MWFlMDVkYzNmLzEvSHZHa3pOWC1MbGFJWE1TZklrNVMxbU9DMG9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC8wZGJlNTYtM2RhYS00YTY0LTkyNWEtZmE3MWFlMDVkYzNm
LzEvdWVaX3l3dmNZQUhZejNCenhrbnJtQm44WHJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHuBggrBgEFBQcBBwEB/wSB3jCB2zCBuwQCAAEwgbQDBAQf
HzADBARN8qADBAVOmwADBAdRDYADBARRWLADBARWb4ADBARcPrADBAVc8GADBAJf
1zwDBAKynVQDBASy7VADBAK5EWwDBAK5EbADBAK5LMQDBAK5MtwDBAK5N9gDBAK5
VNADBAS876ADBALAohgDBATCDBAwDAMEBcOioAMEAcOipDAMAwQAw6KnAwQGw6KA
AwQF1d2AMAwDBALV5jQDBAbV5gADBAXV7gADBATZT8AwGwQCAAIwFQMFACABFKgD
BQMqAiagAwUAKgNDgDANBgkqhkiG9w0BAQsFAAOCAQEAUjIstNnHp9TfT6qqvJGS
vIMPCm/lliPa62+ARC9wsMgoWoLq0fpnlJkdDUNsQesp1yJ7zn0iW6+cJ3Eqlhiy
yf1AtsW/OtvzGT9FLYTPV0j8fwtppFMho5CxTeGo1eWkVpVJtGxluuerpy0R1qzL
sCpNghsxb8mZoKMu+qxZLU3kYJCHiuvuvFBy+j6jhocDlal2XAKFoyQghm9WfnhN
IRsGuuZOGLyPSfYKl93HnSgrN+WlNWjCY31A+6O2XHj046j/owkY/0Q/gznzhVJc
g07ytAPwYCK1wH7Ofd75YukteH35kfcaYs2lKEHpiTXb/Tg7dk+pgHrfgyyA+pgC
rQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:03:30 2025 by rpki-client