Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/vl8z0fJ93mux_hVRb0HrFtxHuso.roa
File: vl8z0fJ93mux_hVRb0HrFtxHuso.roa (raw, json)
Hash identifier: YCSlfbSjHKbytBmOWw5s8k4pRSFPTpdFSHQ9ATfrYKY=
Subject key identifier: BE:5F:33:D1:F2:7D:DE:6B:B1:FE:15:51:6F:41:EB:16:DC:47:BA:CA
Certificate issuer: /CN=d79785de62dcf9e7930babd7b1d39c5853d1944f
Certificate serial: 0194258F6AB31AF4E698CAC006E22E49FAD5
Authority key identifier: D7:97:85:DE:62:DC:F9:E7:93:0B:AB:D7:B1:D3:9C:58:53:D1:94:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/15eF3mLc-eeTC6vXsdOcWFPRlE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/vl8z0fJ93mux_hVRb0HrFtxHuso.roa
Signing time: Thu 02 Jan 2025 05:49:03 +0000
ROA not before: Thu 02 Jan 2025 05:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43996
IP address blocks: 5.57.16.0/21 maxlen: 21
5.57.16.0/22 maxlen: 22
5.57.16.0/24 maxlen: 24
5.57.17.0/24 maxlen: 24
5.57.18.0/24 maxlen: 24
5.57.19.0/24 maxlen: 24
5.57.22.0/24 maxlen: 24
5.57.23.0/24 maxlen: 24
37.10.0.0/24 maxlen: 24
37.10.4.0/22 maxlen: 22
37.10.4.0/24 maxlen: 24
37.10.5.0/24 maxlen: 24
37.10.6.0/24 maxlen: 24
37.10.7.0/24 maxlen: 24
37.10.24.0/23 maxlen: 23
37.10.24.0/24 maxlen: 24
37.10.25.0/24 maxlen: 24
37.10.26.0/24 maxlen: 24
37.10.27.0/24 maxlen: 24
37.10.28.0/24 maxlen: 24
37.10.32.0/24 maxlen: 24
37.10.33.0/24 maxlen: 24
37.10.34.0/24 maxlen: 24
37.10.35.0/24 maxlen: 24
37.10.36.0/24 maxlen: 24
37.10.37.0/24 maxlen: 24
37.10.38.0/24 maxlen: 24
37.10.56.0/23 maxlen: 23
37.10.56.0/24 maxlen: 24
37.10.57.0/24 maxlen: 24
37.10.58.0/24 maxlen: 24
37.10.60.0/23 maxlen: 23
37.10.60.0/24 maxlen: 24
37.10.61.0/24 maxlen: 24
37.10.63.0/24 maxlen: 24
91.195.236.0/24 maxlen: 24
91.195.237.0/24 maxlen: 24
91.206.232.0/23 maxlen: 23
91.206.232.0/24 maxlen: 24
91.206.233.0/24 maxlen: 24
185.28.220.0/23 maxlen: 23
185.28.220.0/24 maxlen: 24
185.28.221.0/24 maxlen: 24
185.28.222.0/24 maxlen: 24
185.28.223.0/24 maxlen: 24
2a01:5040::/36 maxlen: 36
2a01:5040::/48 maxlen: 48
2a01:5040:20::/48 maxlen: 48
2a01:5040:40::/48 maxlen: 48
2a01:5040:1000::/36 maxlen: 36
2a01:5040:1000::/48 maxlen: 48
2a01:5040:1020::/48 maxlen: 48
2a01:5040:2000::/36 maxlen: 36
2a01:5040:2000::/48 maxlen: 48
2a01:5040:2020::/48 maxlen: 48
2a01:5040:6000::/36 maxlen: 36
2a01:5040:a000::/36 maxlen: 36
2a01:5040:a000::/48 maxlen: 48
2a01:5040:a100::/48 maxlen: 48
2a01:5041:2::/48 maxlen: 48
2a01:5041:5::/48 maxlen: 48
2a01:5041:9::/48 maxlen: 48
2a01:5041:d::/48 maxlen: 48
2a01:5041:13::/48 maxlen: 48
2a01:5041:100::/40 maxlen: 40
2a01:5041:200::/40 maxlen: 40
2a01:5041:2001::/48 maxlen: 48
2a01:5041:2002::/48 maxlen: 48
2a01:5041:2005::/48 maxlen: 48
2a01:5041:2009::/48 maxlen: 48
2a01:5041:200d::/48 maxlen: 48
2a01:5041:2013::/48 maxlen: 48
2a01:5042::/32 maxlen: 32
2a01:5042:100::/40 maxlen: 40
2a01:5042:200::/40 maxlen: 40
2a01:5042:202::/48 maxlen: 48
2a01:5043::/32 maxlen: 32
2a01:5043:2000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/15eF3mLc-eeTC6vXsdOcWFPRlE8.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/15eF3mLc-eeTC6vXsdOcWFPRlE8.mft
rsync://rpki.ripe.net/repository/DEFAULT/15eF3mLc-eeTC6vXsdOcWFPRlE8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:6a:b3:1a:f4:e6:98:ca:c0:06:e2:2e:49:fa:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d79785de62dcf9e7930babd7b1d39c5853d1944f
Validity
Not Before: Jan 2 05:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be5f33d1f27dde6bb1fe15516f41eb16dc47baca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:06:59:ee:89:12:c1:f0:8a:98:bb:a0:1c:e2:
b9:fc:e9:67:49:26:e8:fd:dd:a9:12:e2:5c:4b:84:
7e:9d:ab:df:01:17:5d:3c:23:53:30:33:a5:55:f7:
ad:29:ed:b8:3f:8a:83:68:d7:20:a7:22:4f:1b:f6:
ee:14:21:73:2c:e9:1c:94:2e:54:64:fb:8f:c7:ce:
5f:a1:1e:8d:0a:9e:30:13:da:7f:b7:e0:6a:e1:f5:
b3:e9:b4:43:d3:85:e8:3b:6d:69:8c:96:51:94:fd:
5f:0d:21:f3:c7:01:14:99:02:24:90:5c:a4:c5:35:
9e:11:ec:73:e1:ff:7c:1b:bb:5e:70:62:01:94:ad:
29:76:c4:03:3a:a6:4d:7e:66:6c:f4:06:1b:c9:4e:
9c:26:b1:30:63:3f:9c:2b:02:cf:74:7c:f1:d8:9f:
8c:0e:1f:8c:13:21:55:c5:b9:35:9d:8a:d5:d3:6e:
3f:de:82:40:c8:3a:ed:80:f2:7d:2c:90:ab:e5:f3:
7c:0e:af:e3:da:53:8b:58:45:63:5e:67:7e:31:f7:
8b:40:53:05:b7:3e:db:bd:32:3c:b0:7f:c1:e1:87:
8f:c0:3c:9c:67:98:6b:73:90:5f:4a:95:f3:c2:15:
bb:ba:e5:07:de:ed:11:bf:9f:3f:41:25:23:e7:2c:
3a:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:5F:33:D1:F2:7D:DE:6B:B1:FE:15:51:6F:41:EB:16:DC:47:BA:CA
X509v3 Authority Key Identifier:
keyid:D7:97:85:DE:62:DC:F9:E7:93:0B:AB:D7:B1:D3:9C:58:53:D1:94:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/15eF3mLc-eeTC6vXsdOcWFPRlE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/vl8z0fJ93mux_hVRb0HrFtxHuso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/15eF3mLc-eeTC6vXsdOcWFPRlE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.16.0/21
37.10.0.0/24
37.10.4.0/22
37.10.24.0-37.10.28.255
37.10.32.0-37.10.38.255
37.10.56.0-37.10.58.255
37.10.60.0/23
37.10.63.0/24
91.195.236.0/23
91.206.232.0/23
185.28.220.0/22
IPv6:
2a01:5040::-2a01:5040:2fff:ffff:ffff:ffff:ffff:ffff
2a01:5040:6000::/36
2a01:5040:a000::/36
2a01:5041:2::/48
2a01:5041:5::/48
2a01:5041:9::/48
2a01:5041:d::/48
2a01:5041:13::/48
2a01:5041:100::-2a01:5041:2ff:ffff:ffff:ffff:ffff:ffff
2a01:5041:2001::-2a01:5041:2002:ffff:ffff:ffff:ffff:ffff
2a01:5041:2005::/48
2a01:5041:2009::/48
2a01:5041:200d::/48
2a01:5041:2013::/48
2a01:5042::/31
Signature Algorithm: sha256WithRSAEncryption
8e:1b:87:68:36:7b:0f:c2:06:e0:4d:d8:44:a0:7a:96:62:9c:
2a:1e:d3:64:c6:dd:85:64:9d:b2:e0:2d:97:b7:ef:b7:9b:33:
7d:fd:60:9d:c8:40:71:ce:0c:83:93:75:e4:23:f8:32:a9:fe:
ab:c3:46:ad:e8:b7:9c:6b:30:3d:9b:96:7d:cd:83:36:5a:2d:
16:8c:18:02:ba:94:1e:92:8d:9f:9a:91:57:dd:e0:3d:ef:0d:
a1:08:d0:3b:d4:2c:67:a0:91:3d:34:95:60:6a:c1:52:b0:8a:
ff:93:92:eb:f4:4d:2b:be:11:03:d8:82:59:d9:3f:e6:a4:c6:
be:66:7f:6d:bf:56:ad:97:88:0d:2f:d2:8f:7e:b8:83:ad:bd:
25:8c:06:77:18:33:0c:d5:2a:61:bb:c0:6f:ae:b9:d9:ea:19:
ab:18:5f:28:b9:70:a8:f2:7d:5b:ad:03:67:47:99:1e:6d:83:
5e:06:42:d4:dd:6a:7d:21:96:e1:9a:40:28:fa:94:1c:f0:ea:
ad:07:37:25:08:9a:3c:3a:40:ac:e6:f6:6b:f0:4b:85:da:76:
b9:a1:53:4c:0d:23:1f:70:17:ff:31:fe:d9:05:55:ed:07:2e:
f3:8d:1c:ec:d4:a8:b8:5a:c1:e4:4e:29:60:a5:ea:07:72:e9:
e5:c8:f3:b8
-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgISAZQlj2qzGvTmmMrABuIuSfrVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OTc4NWRlNjJkY2Y5ZTc5MzBiYWJkN2IxZDM5YzU4NTNk
MTk0NGYwHhcNMjUwMTAyMDU0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTVmMzNkMWYyN2RkZTZiYjFmZTE1NTE2ZjQxZWIxNmRjNDdiYWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0gZZ7okSwfCKmLugHOK5/OlnSSbo
/d2pEuJcS4R+navfARddPCNTMDOlVfetKe24P4qDaNcgpyJPG/buFCFzLOkclC5U
ZPuPx85foR6NCp4wE9p/t+Bq4fWz6bRD04XoO21pjJZRlP1fDSHzxwEUmQIkkFyk
xTWeEexz4f98G7tecGIBlK0pdsQDOqZNfmZs9AYbyU6cJrEwYz+cKwLPdHzx2J+M
Dh+MEyFVxbk1nYrV024/3oJAyDrtgPJ9LJCr5fN8Dq/j2lOLWEVjXmd+MfeLQFMF
tz7bvTI8sH/B4YePwDycZ5hrc5BfSpXzwhW7uuUH3u0Rv58/QSUj5yw66QIDAQAB
o4IDDDCCAwgwHQYDVR0OBBYEFL5fM9Hyfd5rsf4VUW9B6xbcR7rKMB8GA1UdIwQY
MBaAFNeXhd5i3Pnnkwur17HTnFhT0ZRPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTVlRjNtTGMtZWVUQzZ2WHNkT2NXRlBSbEU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi83Zjk3MjgtOTU1OS00MjYzLWJjZmEt
NzU4NTVkYjcxNTFmLzEvdmw4ejBmSjkzbXV4X2hWUmIwSHJGdHhIdXNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi83Zjk3MjgtOTU1OS00MjYzLWJjZmEtNzU4NTVkYjcxNTFm
LzEvMTVlRjNtTGMtZWVUQzZ2WHNkT2NXRlBSbEU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIAYIKwYBBQUHAQcBAf8EggEPMIIBCzBgBAIAATBaAwQD
BTkQAwQAJQoAAwQCJQoEMAwDBAMlChgDBAAlChwwDAMEBSUKIAMEACUKJjAMAwQD
JQo4AwQAJQo6AwQBJQo8AwQAJQo/AwQBW8PsAwQBW87oAwQCuRzcMIGmBAIAAjCB
nzAPAwUGKgFQQAMGBCoBUEAgAwYEKgFQQGADBgQqAVBAoAMHACoBUEEAAgMHACoB
UEEABQMHACoBUEEACQMHACoBUEEADQMHACoBUEEAEzAQAwYAKgFQQQEDBgAqAVBB
AjASAwcAKgFQQSABAwcAKgFQQSACAwcAKgFQQSAFAwcAKgFQQSAJAwcAKgFQQSAN
AwcAKgFQQSATAwUBKgFQQjANBgkqhkiG9w0BAQsFAAOCAQEAjhuHaDZ7D8IG4E3Y
RKB6lmKcKh7TZMbdhWSdsuAtl7fvt5szff1gnchAcc4Mg5N15CP4Mqn+q8NGrei3
nGswPZuWfc2DNlotFowYArqUHpKNn5qRV93gPe8NoQjQO9QsZ6CRPTSVYGrBUrCK
/5OS6/RNK74RA9iCWdk/5qTGvmZ/bb9WrZeIDS/Sj364g629JYwGdxgzDNUqYbvA
b6652eoZqxhfKLlwqPJ9W60DZ0eZHm2DXgZC1N1qfSGW4ZpAKPqUHPDqrQc3JQia
PDpArOb2a/BLhdp2uaFTTA0jH3AX/zH+2QVV7Qcu840c7NSouFrB5E4pYKXqB3Lp
5cjzuA==
-----END CERTIFICATE-----
Generated at Sun Apr 13 14:21:10 2025 by rpki-client