Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/l8zjw_dQH-5IvDX9HiKIRUpeGKI.roa
File: l8zjw_dQH-5IvDX9HiKIRUpeGKI.roa (raw, json)
Hash identifier: +s8gDZx10WhNyZs9vlnsxeBJZaCG2xbon0ENNsnrO4w=
Subject key identifier: 97:CC:E3:C3:F7:50:1F:EE:48:BC:35:FD:1E:22:88:45:4A:5E:18:A2
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 0195DD35438187B8C5D7C34B7E95F4430681
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/l8zjw_dQH-5IvDX9HiKIRUpeGKI.roa
Signing time: Fri 28 Mar 2025 14:43:30 +0000
ROA not before: Fri 28 Mar 2025 14:43:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198193
IP address blocks: 5.61.208.0/23 maxlen: 23
5.181.96.0/23 maxlen: 23
5.187.35.0/24 maxlen: 24
5.187.36.0/23 maxlen: 23
31.214.155.0/24 maxlen: 24
37.252.98.0/24 maxlen: 24
37.252.100.0/24 maxlen: 24
37.252.101.0/24 maxlen: 24
46.251.250.0/24 maxlen: 24
46.253.139.0/24 maxlen: 24
84.247.19.0/24 maxlen: 24
89.32.64.0/24 maxlen: 24
89.32.65.0/24 maxlen: 24
89.32.66.0/24 maxlen: 24
89.32.67.0/24 maxlen: 24
158.255.239.0/24 maxlen: 24
162.33.200.0/22 maxlen: 22
162.33.204.0/22 maxlen: 22
162.33.204.0/24 maxlen: 24
162.33.205.0/24 maxlen: 24
162.33.206.0/24 maxlen: 24
162.33.207.0/24 maxlen: 24
185.66.172.0/24 maxlen: 24
185.66.174.0/24 maxlen: 24
185.75.22.0/23 maxlen: 23
185.86.208.0/23 maxlen: 23
185.88.200.0/23 maxlen: 23
185.88.202.0/23 maxlen: 23
185.193.241.0/24 maxlen: 24
185.206.121.0/24 maxlen: 24
185.212.114.0/24 maxlen: 24
185.225.8.0/24 maxlen: 24
217.61.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.mft
rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:dd:35:43:81:87:b8:c5:d7:c3:4b:7e:95:f4:43:06:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Mar 28 14:43:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97cce3c3f7501fee48bc35fd1e2288454a5e18a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:63:52:8c:1a:ff:32:1c:c3:3c:0c:1e:27:c1:
11:e9:a8:d7:49:6d:c2:f0:1f:b2:a1:46:d0:d2:20:
48:6c:23:56:a5:f8:9e:2b:31:50:2e:66:b8:b4:23:
d9:7d:36:5e:3f:c5:84:7d:be:7b:ce:b5:c5:04:89:
54:8f:27:57:d2:02:2f:26:92:61:1b:5c:e5:ec:df:
cc:d1:64:ad:20:4e:8b:04:52:e2:76:29:15:63:ec:
78:5f:9b:c9:95:f1:6d:09:5e:4d:b1:55:44:35:f9:
99:d9:89:7e:41:4e:26:e3:ea:dd:a0:45:01:d7:76:
61:fb:08:25:b8:ad:0f:8e:a9:5c:e3:2f:7f:b0:13:
77:44:08:44:b8:7b:92:19:97:1a:ff:a8:1c:eb:08:
d9:d2:5b:dc:4e:53:97:f6:b9:83:13:3f:07:5b:ef:
23:35:64:1a:fd:b7:c7:ce:f5:d3:87:a3:e1:97:5d:
c8:60:9f:ac:d7:94:7a:bb:2e:76:b6:bb:f9:57:c4:
38:a5:7f:58:7e:b2:e9:2e:65:09:d9:6d:c0:68:65:
26:68:50:56:2a:c0:b6:2c:d1:76:1e:48:bf:82:e8:
fc:a3:48:52:fd:9c:17:0e:c6:75:8d:0d:ae:53:1c:
b0:23:89:f0:49:e9:5e:6c:1e:2f:4f:95:23:74:c2:
05:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:CC:E3:C3:F7:50:1F:EE:48:BC:35:FD:1E:22:88:45:4A:5E:18:A2
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/l8zjw_dQH-5IvDX9HiKIRUpeGKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.208.0/23
5.181.96.0/23
5.187.35.0-5.187.37.255
31.214.155.0/24
37.252.98.0/24
37.252.100.0/23
46.251.250.0/24
46.253.139.0/24
84.247.19.0/24
89.32.64.0/22
158.255.239.0/24
162.33.200.0/21
185.66.172.0/24
185.66.174.0/24
185.75.22.0/23
185.86.208.0/23
185.88.200.0/22
185.193.241.0/24
185.206.121.0/24
185.212.114.0/24
185.225.8.0/24
217.61.240.0/24
Signature Algorithm: sha256WithRSAEncryption
64:64:ab:47:25:7d:b1:73:f0:f4:e4:1f:5a:a1:32:6a:c8:cb:
d7:1e:51:84:c0:ae:57:ee:00:8a:b9:c4:03:17:08:87:02:b9:
2c:05:cd:c1:92:cd:0c:55:8c:6b:c2:a8:17:5c:bd:86:d2:2b:
a1:e1:ad:9b:b2:9a:4b:a2:a3:53:df:d0:11:08:99:1d:1d:73:
0c:7e:a0:d5:89:ef:51:9f:4c:f0:25:27:b8:cc:43:46:3c:bb:
1f:b1:b6:21:19:d9:cb:d3:1b:8b:d1:f2:47:32:20:9f:d3:a4:
3b:b2:d4:ba:51:05:3b:c0:71:f1:e6:87:a7:f2:66:83:ec:c5:
1f:36:6f:0f:38:98:a3:67:62:f6:9f:f1:f1:1b:9c:9f:9f:11:
a8:24:a7:be:e2:e6:c3:d4:ab:5b:ef:e2:f8:2f:98:33:a7:be:
58:4c:72:53:25:a3:9c:4b:be:69:bb:f7:2f:00:d1:0a:f8:d9:
81:be:d2:ec:80:66:3c:e1:81:6f:4a:3a:a2:60:5b:03:8d:89:
9a:a8:25:fc:3b:36:25:d4:ce:5f:80:a1:dd:1b:ce:2c:20:b1:
ea:81:62:9b:3d:35:d0:47:82:e1:7e:4c:d3:dd:b1:e8:61:0b:
49:dc:a4:81:94:f5:86:41:27:d9:1d:27:a8:4f:ef:e1:17:e3:
37:6d:a9:59
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZXdNUOBh7jF18NLfpX0QwaBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjUwMzI4MTQ0MzMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2NjZTNjM2Y3NTAxZmVlNDhiYzM1ZmQxZTIyODg0NTRhNWUxOGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWNSjBr/MhzDPAweJ8ER6ajXSW3C
8B+yoUbQ0iBIbCNWpfieKzFQLma4tCPZfTZeP8WEfb57zrXFBIlUjydX0gIvJpJh
G1zl7N/M0WStIE6LBFLidikVY+x4X5vJlfFtCV5NsVVENfmZ2Yl+QU4m4+rdoEUB
13Zh+wgluK0Pjqlc4y9/sBN3RAhEuHuSGZca/6gc6wjZ0lvcTlOX9rmDEz8HW+8j
NWQa/bfHzvXTh6Phl13IYJ+s15R6uy52trv5V8Q4pX9YfrLpLmUJ2W3AaGUmaFBW
KsC2LNF2Hki/guj8o0hS/ZwXDsZ1jQ2uUxywI4nwSelebB4vT5UjdMIFtQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFJfM48P3UB/uSLw1/R4iiEVKXhiiMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvbDh6andfZFFILTVJdkRYOUhpS0lSVXBlR0tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBAEF
PdADBAEFtWAwDAMEAAW7IwMEAQW7JAMEAB/WmwMEACX8YgMEASX8ZAMEAC77+gME
AC79iwMEAFT3EwMEAlkgQAMEAJ7/7wMEA6IhyAMEALlCrAMEALlCrgMEAblLFgME
AblW0AMEArlYyAMEALnB8QMEALnOeQMEALnUcgMEALnhCAMEANk98DANBgkqhkiG
9w0BAQsFAAOCAQEAZGSrRyV9sXPw9OQfWqEyasjL1x5RhMCuV+4AirnEAxcIhwK5
LAXNwZLNDFWMa8KoF1y9htIroeGtm7KaS6KjU9/QEQiZHR1zDH6g1YnvUZ9M8CUn
uMxDRjy7H7G2IRnZy9Mbi9HyRzIgn9OkO7LUulEFO8Bx8eaHp/Jmg+zFHzZvDziY
o2di9p/x8Rucn58RqCSnvuLmw9SrW+/i+C+YM6e+WExyUyWjnEu+abv3LwDRCvjZ
gb7S7IBmPOGBb0o6omBbA42Jmqgl/Ds2JdTOX4Ch3RvOLCCx6oFimz010EeC4X5M
092x6GELSdykgZT1hkEn2R0nqE/v4RfjN22pWQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:05:18 2025 by rpki-client