Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/11db14-e845-4e4f-a692-a3cbefff7777/1/TOVvXCIC74IHLFRv_ul3iwknpsQ.roa
File: TOVvXCIC74IHLFRv_ul3iwknpsQ.roa (raw, json)
Hash identifier: zJz6AFqjm/jIozAn4oJXfbnU0gPG3STkN62e2ij/+7U=
Subject key identifier: 4C:E5:6F:5C:22:02:EF:82:07:2C:54:6F:FE:E9:77:8B:09:27:A6:C4
Certificate issuer: /CN=0c0f7a04dd7249a5d14b7de0542a4197380006cc
Certificate serial: 0196AEC8B1BA11B4A649BCB4DA83CE874CCA
Authority key identifier: 0C:0F:7A:04:DD:72:49:A5:D1:4B:7D:E0:54:2A:41:97:38:00:06:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DA96BN1ySaXRS33gVCpBlzgABsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/11db14-e845-4e4f-a692-a3cbefff7777/1/TOVvXCIC74IHLFRv_ul3iwknpsQ.roa
Signing time: Thu 08 May 2025 07:25:10 +0000
ROA not before: Thu 08 May 2025 07:25:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21277
IP address blocks: 93.91.192.0/20 maxlen: 20
93.91.192.0/24 maxlen: 24
93.91.193.0/24 maxlen: 24
93.91.195.0/24 maxlen: 24
93.91.196.0/24 maxlen: 24
93.91.197.0/24 maxlen: 24
93.91.200.0/24 maxlen: 24
93.91.201.0/24 maxlen: 24
93.91.204.0/24 maxlen: 24
95.170.192.0/19 maxlen: 19
95.170.192.0/24 maxlen: 24
95.170.193.0/24 maxlen: 24
95.170.194.0/24 maxlen: 24
95.170.196.0/24 maxlen: 24
95.170.199.0/24 maxlen: 24
95.170.200.0/24 maxlen: 24
95.170.201.0/24 maxlen: 24
95.170.202.0/24 maxlen: 24
95.170.203.0/24 maxlen: 24
95.170.204.0/24 maxlen: 24
95.170.205.0/24 maxlen: 24
95.170.206.0/24 maxlen: 24
95.170.207.0/24 maxlen: 24
95.170.208.0/24 maxlen: 24
95.170.214.0/24 maxlen: 24
95.170.215.0/24 maxlen: 24
95.170.216.0/24 maxlen: 24
95.170.217.0/24 maxlen: 24
95.170.218.0/24 maxlen: 24
95.170.219.0/24 maxlen: 24
95.170.220.0/24 maxlen: 24
95.170.221.0/24 maxlen: 24
95.170.222.0/24 maxlen: 24
109.127.64.0/18 maxlen: 18
109.127.64.0/20 maxlen: 20
109.127.64.0/21 maxlen: 21
109.127.72.0/21 maxlen: 21
109.127.80.0/24 maxlen: 24
109.127.82.0/24 maxlen: 24
109.127.86.0/24 maxlen: 24
109.127.88.0/24 maxlen: 24
109.127.89.0/24 maxlen: 24
109.127.90.0/24 maxlen: 24
109.127.91.0/24 maxlen: 24
109.127.93.0/24 maxlen: 24
109.127.94.0/24 maxlen: 24
109.127.95.0/24 maxlen: 24
109.127.107.0/24 maxlen: 24
130.193.128.0/17 maxlen: 17
130.193.128.0/19 maxlen: 19
130.193.131.0/24 maxlen: 24
130.193.132.0/22 maxlen: 22
130.193.144.0/24 maxlen: 24
130.193.145.0/24 maxlen: 24
130.193.146.0/24 maxlen: 24
130.193.147.0/24 maxlen: 24
130.193.148.0/24 maxlen: 24
130.193.149.0/24 maxlen: 24
130.193.150.0/23 maxlen: 23
130.193.150.0/24 maxlen: 24
130.193.151.0/24 maxlen: 24
130.193.152.0/23 maxlen: 23
130.193.154.0/23 maxlen: 23
130.193.160.0/20 maxlen: 20
130.193.160.0/24 maxlen: 24
130.193.161.0/24 maxlen: 24
130.193.165.0/24 maxlen: 24
130.193.166.0/24 maxlen: 24
130.193.176.0/20 maxlen: 20
130.193.176.0/21 maxlen: 21
130.193.184.0/21 maxlen: 21
130.193.192.0/20 maxlen: 20
130.193.208.0/20 maxlen: 20
130.193.224.0/20 maxlen: 20
130.193.240.0/20 maxlen: 20
2a04:a040::/29 maxlen: 29
2a04:a040::/32 maxlen: 32
2a04:a041::/32 maxlen: 32
2a04:a042::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/11db14-e845-4e4f-a692-a3cbefff7777/1/DA96BN1ySaXRS33gVCpBlzgABsw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/11db14-e845-4e4f-a692-a3cbefff7777/1/DA96BN1ySaXRS33gVCpBlzgABsw.mft
rsync://rpki.ripe.net/repository/DEFAULT/DA96BN1ySaXRS33gVCpBlzgABsw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 20:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ae:c8:b1:ba:11:b4:a6:49:bc:b4:da:83:ce:87:4c:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c0f7a04dd7249a5d14b7de0542a4197380006cc
Validity
Not Before: May 8 07:25:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ce56f5c2202ef82072c546ffee9778b0927a6c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:21:89:76:43:c3:ee:0d:87:59:16:ab:5e:01:
be:cb:d5:cb:af:3c:c1:dd:e5:1a:fb:b0:55:ea:b7:
97:99:02:06:55:d0:dd:69:b5:bc:1d:1c:4e:c6:6a:
e4:c3:a8:9a:44:e4:f6:0f:8e:38:0a:94:0d:b0:48:
40:c3:1f:ae:b2:75:5d:af:4e:9c:53:59:86:5d:30:
59:50:b4:db:72:0e:ec:91:12:f2:27:91:3b:97:60:
c9:d8:90:35:83:46:e1:f3:e0:41:0e:34:7e:84:f0:
18:32:16:4f:e8:d1:a8:0a:6d:ec:37:5a:ab:02:73:
71:31:1c:a6:9d:45:6d:87:e0:71:e0:5e:bd:fd:8c:
db:81:b5:65:f2:6f:5e:75:17:60:07:57:b4:93:e3:
ef:4a:6a:2d:70:52:7c:67:e1:40:ed:c6:fd:bb:1d:
73:92:a9:27:62:41:bd:83:bb:4f:d1:72:87:95:ef:
5f:a6:6a:51:a2:0b:46:55:a9:5f:1b:95:b7:67:88:
76:f8:17:d1:09:22:b5:b8:c3:23:a5:6b:90:41:82:
d3:94:b0:af:cd:fd:34:e0:c9:a1:08:1d:63:d5:4e:
7a:15:89:40:af:88:af:c0:e7:11:ef:5b:28:b1:8a:
d9:b7:3a:d0:e6:06:1d:8d:5a:c8:29:91:fa:62:45:
6e:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:E5:6F:5C:22:02:EF:82:07:2C:54:6F:FE:E9:77:8B:09:27:A6:C4
X509v3 Authority Key Identifier:
keyid:0C:0F:7A:04:DD:72:49:A5:D1:4B:7D:E0:54:2A:41:97:38:00:06:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DA96BN1ySaXRS33gVCpBlzgABsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/11db14-e845-4e4f-a692-a3cbefff7777/1/TOVvXCIC74IHLFRv_ul3iwknpsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/11db14-e845-4e4f-a692-a3cbefff7777/1/DA96BN1ySaXRS33gVCpBlzgABsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.91.192.0/20
95.170.192.0/19
109.127.64.0/18
130.193.128.0/17
IPv6:
2a04:a040::/29
Signature Algorithm: sha256WithRSAEncryption
67:d6:ce:7c:80:37:38:81:5b:49:3c:4b:b5:43:ec:b2:98:f9:
a6:b0:b9:2f:54:00:ff:33:d6:b2:be:41:05:e9:78:39:83:69:
aa:59:cb:de:70:d0:fe:86:9b:3c:fd:fc:ad:09:8c:6f:a8:4a:
1d:ee:53:bf:e4:d8:6d:f5:0e:57:6c:99:2e:30:4b:20:00:a7:
cc:ec:65:a2:2d:f6:24:ca:f9:f1:f8:aa:35:6d:07:f3:5a:85:
5b:22:b7:18:90:1c:73:e5:d9:86:f8:d7:97:e6:e3:f9:1d:cb:
2d:52:1f:31:93:6f:89:60:a7:75:7c:06:29:62:a7:3a:e6:44:
f7:2b:70:84:ec:5e:0e:b7:5d:b5:b7:f4:38:6c:de:44:16:23:
c5:6d:83:3c:1b:c6:65:2e:28:15:df:1f:1a:db:70:f2:1e:fe:
79:d2:ae:b6:e0:4e:00:a2:d1:d9:c9:b4:6f:65:ce:a3:01:e9:
01:3b:ea:01:0c:2f:8e:74:33:5f:78:20:63:18:40:46:02:bb:
28:12:d7:12:b8:18:37:f3:5b:7b:87:77:77:3d:11:76:07:2f:
e2:bb:2c:c6:c3:8f:09:fe:63:04:cf:3e:5a:4f:f2:08:d7:2e:
8b:37:90:f4:f1:1f:81:97:20:5a:61:4f:7f:15:ea:16:d8:14:
24:49:94:a0
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZauyLG6EbSmSby02oPOh0zKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMGY3YTA0ZGQ3MjQ5YTVkMTRiN2RlMDU0MmE0MTk3Mzgw
MDA2Y2MwHhcNMjUwNTA4MDcyNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2U1NmY1YzIyMDJlZjgyMDcyYzU0NmZmZWU5Nzc4YjA5MjdhNmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSGJdkPD7g2HWRarXgG+y9XLrzzB
3eUa+7BV6reXmQIGVdDdabW8HRxOxmrkw6iaROT2D444CpQNsEhAwx+usnVdr06c
U1mGXTBZULTbcg7skRLyJ5E7l2DJ2JA1g0bh8+BBDjR+hPAYMhZP6NGoCm3sN1qr
AnNxMRymnUVth+Bx4F69/YzbgbVl8m9edRdgB1e0k+PvSmotcFJ8Z+FA7cb9ux1z
kqknYkG9g7tP0XKHle9fpmpRogtGValfG5W3Z4h2+BfRCSK1uMMjpWuQQYLTlLCv
zf004MmhCB1j1U56FYlAr4ivwOcR71sosYrZtzrQ5gYdjVrIKZH6YkVuNQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFEzlb1wiAu+CByxUb/7pd4sJJ6bEMB8GA1UdIwQY
MBaAFAwPegTdckml0Ut94FQqQZc4AAbMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREE5NkJOMXlTYVhSUzMzZ1ZDcEJsemdBQnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8xMWRiMTQtZTg0NS00ZTRmLWE2OTIt
YTNjYmVmZmY3Nzc3LzEvVE9WdlhDSUM3NElITEZSdl91bDNpd2tucHNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8xMWRiMTQtZTg0NS00ZTRmLWE2OTItYTNjYmVmZmY3Nzc3
LzEvREE5NkJOMXlTYVhSUzMzZ1ZDcEJsemdBQnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEXVvAAwQF
X6rAAwQGbX9AAwQHgsGAMA0EAgACMAcDBQMqBKBAMA0GCSqGSIb3DQEBCwUAA4IB
AQBn1s58gDc4gVtJPEu1Q+yymPmmsLkvVAD/M9ayvkEF6Xg5g2mqWcvecND+hps8
/fytCYxvqEod7lO/5Nht9Q5XbJkuMEsgAKfM7GWiLfYkyvnx+Ko1bQfzWoVbIrcY
kBxz5dmG+NeX5uP5HcstUh8xk2+JYKd1fAYpYqc65kT3K3CE7F4Ot121t/Q4bN5E
FiPFbYM8G8ZlLigV3x8a23DyHv550q624E4AotHZybRvZc6jAekBO+oBDC+OdDNf
eCBjGEBGArsoEtcSuBg381t7h3d3PRF2By/iuyzGw48J/mMEzz5aT/II1y6LN5D0
8R+BlyBaYU9/FeoW2BQkSZSg
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:06:36 2025 by rpki-client