Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/VdxEEuOoMeJjzuf1tOIRu5y_cuY.roa
File: VdxEEuOoMeJjzuf1tOIRu5y_cuY.roa (raw, json)
Hash identifier: AIf8SEV2T1VKgT7ROpLNSZ5BKqfUXSKlfSWrsWX9IKQ=
Subject key identifier: 55:DC:44:12:E3:A8:31:E2:63:CE:E7:F5:B4:E2:11:BB:9C:BF:72:E6
Certificate issuer: /CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Certificate serial: 019421B1AC7FEF18877D8DB0E71D02A8C71A
Authority key identifier: 99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/VdxEEuOoMeJjzuf1tOIRu5y_cuY.roa
Signing time: Wed 01 Jan 2025 11:47:59 +0000
ROA not before: Wed 01 Jan 2025 11:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44407
IP address blocks: 37.140.224.0/21 maxlen: 21
45.81.80.0/22 maxlen: 22
45.87.56.0/22 maxlen: 22
45.132.248.0/22 maxlen: 24
45.148.108.0/22 maxlen: 22
45.156.228.0/22 maxlen: 22
46.247.224.0/19 maxlen: 19
79.132.144.0/20 maxlen: 20
80.240.160.0/20 maxlen: 20
85.112.192.0/19 maxlen: 19
86.105.88.0/21 maxlen: 21
86.107.248.0/21 maxlen: 21
89.35.208.0/21 maxlen: 21
89.43.156.0/22 maxlen: 24
93.190.212.0/22 maxlen: 22
185.16.48.0/22 maxlen: 22
185.176.176.0/22 maxlen: 22
185.181.152.0/22 maxlen: 22
185.183.60.0/22 maxlen: 22
185.183.64.0/22 maxlen: 22
185.183.252.0/22 maxlen: 22
185.184.4.0/22 maxlen: 22
185.198.224.0/22 maxlen: 22
185.204.252.0/22 maxlen: 22
185.209.140.0/22 maxlen: 22
185.223.148.0/22 maxlen: 22
185.243.120.0/22 maxlen: 22
194.36.192.0/22 maxlen: 22
195.123.7.0/24 maxlen: 24
195.177.108.0/22 maxlen: 22
217.26.192.0/20 maxlen: 20
2001:4000::/32 maxlen: 32
2a0a:1c80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/mWchgxr7izgwe0n1ue5ikq0eWFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/mWchgxr7izgwe0n1ue5ikq0eWFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:ac:7f:ef:18:87:7d:8d:b0:e7:1d:02:a8:c7:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Validity
Not Before: Jan 1 11:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=55dc4412e3a831e263cee7f5b4e211bb9cbf72e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ce:b8:c5:5e:69:20:b3:a1:15:87:7d:95:92:
6d:f1:1b:44:af:00:9c:52:42:b7:66:bb:a3:7b:0a:
c5:51:c7:01:07:45:27:43:53:5c:f6:47:d2:7a:92:
3a:93:96:f3:0d:29:7a:84:5d:7d:bf:5a:c8:11:9b:
28:31:ab:c5:15:5e:de:32:90:52:da:88:a7:49:76:
95:09:c5:b1:2e:6b:bb:7b:2d:81:b5:ca:24:d6:f5:
cf:d7:d3:44:09:ae:16:bf:2c:69:0c:f3:d7:08:1d:
03:7b:64:74:ef:e9:6c:5b:6a:ba:d9:0a:dd:d2:6f:
2c:2d:d8:79:4f:4f:49:fc:f0:2f:99:87:a7:95:5f:
62:56:18:2d:50:d4:d5:14:37:e3:be:33:c7:e5:7e:
64:53:4e:ef:9a:64:f1:a6:ab:a5:87:22:2a:73:e2:
2f:c4:0e:fc:6d:c3:db:89:0e:4d:9a:25:af:24:91:
94:e6:f6:23:8f:b0:1b:0e:09:60:b0:70:99:0f:0b:
3e:0e:44:76:4c:c7:2d:21:27:1d:78:ca:1d:48:2c:
46:87:81:b0:5e:0a:05:89:bd:d1:e1:c5:68:a2:26:
cc:a6:05:02:9e:69:25:f1:6d:23:93:ac:6f:41:97:
db:38:42:bd:d6:45:ef:c2:2b:ac:03:c7:a1:14:6b:
bc:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:DC:44:12:E3:A8:31:E2:63:CE:E7:F5:B4:E2:11:BB:9C:BF:72:E6
X509v3 Authority Key Identifier:
keyid:99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/VdxEEuOoMeJjzuf1tOIRu5y_cuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/mWchgxr7izgwe0n1ue5ikq0eWFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.224.0/21
45.81.80.0/22
45.87.56.0/22
45.132.248.0/22
45.148.108.0/22
45.156.228.0/22
46.247.224.0/19
79.132.144.0/20
80.240.160.0/20
85.112.192.0/19
86.105.88.0/21
86.107.248.0/21
89.35.208.0/21
89.43.156.0/22
93.190.212.0/22
185.16.48.0/22
185.176.176.0/22
185.181.152.0/22
185.183.60.0-185.183.67.255
185.183.252.0/22
185.184.4.0/22
185.198.224.0/22
185.204.252.0/22
185.209.140.0/22
185.223.148.0/22
185.243.120.0/22
194.36.192.0/22
195.123.7.0/24
195.177.108.0/22
217.26.192.0/20
IPv6:
2001:4000::/32
2a0a:1c80::/29
Signature Algorithm: sha256WithRSAEncryption
16:57:ec:2a:0c:24:ff:78:e1:85:c2:af:b5:11:9a:20:b1:e7:
50:0f:5f:52:16:4d:d2:1a:43:58:b5:40:93:29:57:9e:b1:18:
f4:91:51:dc:44:a4:6f:5f:5f:1c:4a:28:52:1f:83:ca:3d:f3:
d5:2d:3a:ff:aa:09:51:2d:5a:be:b2:f3:58:f2:7e:f4:34:fd:
8a:39:5a:77:26:79:45:46:16:36:d4:97:96:3a:aa:65:3a:3f:
50:66:61:0d:d4:70:de:eb:d4:64:0b:85:57:46:25:cc:00:a7:
9f:67:90:a9:14:0d:4c:eb:ca:3c:4a:e1:41:99:06:74:c6:9f:
54:c8:3f:49:b2:f8:47:69:3e:70:8e:b3:c6:fc:75:c1:0d:8f:
05:50:fe:eb:fd:a0:e9:93:c8:f9:a0:90:dd:d7:12:5d:ad:0f:
6c:54:8f:c9:54:98:b9:96:e4:2e:7a:4c:e0:e8:43:d1:77:dd:
00:70:2c:ec:b1:64:ff:03:51:4c:86:30:53:b2:94:2a:7e:0a:
73:75:0e:34:e1:68:9c:27:7f:76:77:48:cd:d4:33:79:36:89:
c1:cc:33:ba:36:3a:49:89:01:df:11:8d:07:11:04:28:05:4b:
19:43:d1:10:df:ae:44:22:e4:e4:8e:85:cb:e4:bb:4f:86:44:
9e:28:5a:76
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAZQhsax/7xiHfY2w5x0CqMcaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NjcyMTgzMWFmYjhiMzgzMDdiNDlmNWI5ZWU2MjkyYWQx
ZTU4NTAwHhcNMjUwMTAxMTE0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWRjNDQxMmUzYTgzMWUyNjNjZWU3ZjViNGUyMTFiYjljYmY3MmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAus64xV5pILOhFYd9lZJt8RtErwCc
UkK3ZrujewrFUccBB0UnQ1Nc9kfSepI6k5bzDSl6hF19v1rIEZsoMavFFV7eMpBS
2oinSXaVCcWxLmu7ey2Btcok1vXP19NECa4WvyxpDPPXCB0De2R07+lsW2q62Qrd
0m8sLdh5T09J/PAvmYenlV9iVhgtUNTVFDfjvjPH5X5kU07vmmTxpqulhyIqc+Iv
xA78bcPbiQ5NmiWvJJGU5vYjj7AbDglgsHCZDws+DkR2TMctIScdeModSCxGh4Gw
XgoFib3R4cVooibMpgUCnmkl8W0jk6xvQZfbOEK91kXvwiusA8ehFGu8PwIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFFXcRBLjqDHiY87n9bTiEbucv3LmMB8GA1UdIwQY
MBaAFJlnIYMa+4s4MHtJ9bnuYpKtHlhQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzIt
YjRiZmU0NTZkZGUwLzEvVmR4RUV1T29NZUpqenVmMXRPSVJ1NXlfY3VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzItYjRiZmU0NTZkZGUw
LzEvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DCBwwQCAAEwgbwDBAMl
jOADBAItUVADBAItVzgDBAIthPgDBAItlGwDBAItnOQDBAUu9+ADBARPhJADBARQ
8KADBAVVcMADBANWaVgDBANWa/gDBANZI9ADBAJZK5wDBAJdvtQDBAK5EDADBAK5
sLADBAK5tZgwDAMEArm3PAMEArm3QAMEArm3/AMEArm4BAMEArnG4AMEArnM/AME
ArnRjAMEArnflAMEArnzeAMEAsIkwAMEAMN7BwMEAsOxbAMEBNkawDAUBAIAAjAO
AwUAIAFAAAMFAyoKHIAwDQYJKoZIhvcNAQELBQADggEBABZX7CoMJP944YXCr7UR
miCx51APX1IWTdIaQ1i1QJMpV56xGPSRUdxEpG9fXxxKKFIfg8o989UtOv+qCVEt
Wr6y81jyfvQ0/Yo5WncmeUVGFjbUl5Y6qmU6P1BmYQ3UcN7r1GQLhVdGJcwAp59n
kKkUDUzryjxK4UGZBnTGn1TIP0my+EdpPnCOs8b8dcENjwVQ/uv9oOmTyPmgkN3X
El2tD2xUj8lUmLmW5C56TODoQ9F33QBwLOyxZP8DUUyGMFOylCp+CnN1DjThaJwn
f3Z3SM3UM3k2icHMM7o2OkmJAd8RjQcRBCgFSxlD0RDfrkQi5OSOhcvku0+GRJ4o
WnY=
-----END CERTIFICATE-----
Generated at Wed Apr 16 21:59:42 2025 by rpki-client