Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/PSbAgR9oWL_1M-wwCnHY0Z_n_5s.roa
File: PSbAgR9oWL_1M-wwCnHY0Z_n_5s.roa (raw, json)
Hash identifier: UVsiOXoHlbBoR5HA9KIjZeyp4Ya5xZxEFqXfSX00QTE=
Subject key identifier: 3D:26:C0:81:1F:68:58:BF:F5:33:EC:30:0A:71:D8:D1:9F:E7:FF:9B
Certificate issuer: /CN=85d0e763f935c171694f172056eb44209db2e2cd
Certificate serial: 019634CF8E28EA6CD4CC84DBCAAAB2462CEB
Authority key identifier: 85:D0:E7:63:F9:35:C1:71:69:4F:17:20:56:EB:44:20:9D:B2:E2:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/PSbAgR9oWL_1M-wwCnHY0Z_n_5s.roa
Signing time: Mon 14 Apr 2025 14:58:59 +0000
ROA not before: Mon 14 Apr 2025 14:58:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15704
IP address blocks: 31.222.80.0/20 maxlen: 20
31.222.88.0/24 maxlen: 24
31.222.89.0/24 maxlen: 24
31.222.90.0/24 maxlen: 24
66.81.160.0/21 maxlen: 21
66.81.168.0/21 maxlen: 21
66.81.176.0/21 maxlen: 21
66.81.184.0/21 maxlen: 21
67.218.224.0/21 maxlen: 21
67.218.232.0/21 maxlen: 21
67.218.240.0/21 maxlen: 21
67.218.248.0/21 maxlen: 21
77.241.48.0/20 maxlen: 20
78.30.0.0/18 maxlen: 21
81.0.0.0/18 maxlen: 20
82.213.192.0/20 maxlen: 20
82.213.208.0/20 maxlen: 20
82.213.224.0/19 maxlen: 19
83.138.40.0/21 maxlen: 21
84.39.176.0/21 maxlen: 21
85.31.128.0/22 maxlen: 22
85.31.132.0/22 maxlen: 22
85.187.52.0/22 maxlen: 22
85.235.68.0/22 maxlen: 22
85.239.128.0/22 maxlen: 22
85.239.132.0/22 maxlen: 22
85.239.136.0/22 maxlen: 22
85.239.140.0/22 maxlen: 22
87.124.128.0/18 maxlen: 18
87.124.176.0/20 maxlen: 20
89.35.62.0/23 maxlen: 23
89.39.32.0/19 maxlen: 19
89.39.52.0/24 maxlen: 24
91.106.16.0/21 maxlen: 21
91.194.62.0/23 maxlen: 23
91.242.152.0/21 maxlen: 21
93.115.37.0/24 maxlen: 24
93.115.128.0/22 maxlen: 22
93.115.132.0/22 maxlen: 22
93.115.152.0/24 maxlen: 24
93.115.202.0/24 maxlen: 24
93.115.242.0/24 maxlen: 24
93.176.128.0/18 maxlen: 21
93.177.120.0/22 maxlen: 23
94.73.32.0/19 maxlen: 19
119.12.224.0/22 maxlen: 22
119.12.228.0/22 maxlen: 22
119.12.228.0/23 maxlen: 23
119.12.230.0/23 maxlen: 23
119.12.232.0/23 maxlen: 23
119.12.234.0/23 maxlen: 23
119.12.236.0/22 maxlen: 22
119.12.240.0/23 maxlen: 23
119.12.242.0/23 maxlen: 23
119.12.244.0/22 maxlen: 22
119.12.248.0/22 maxlen: 22
119.12.252.0/23 maxlen: 23
119.12.254.0/23 maxlen: 23
137.59.58.0/24 maxlen: 24
170.253.0.0/20 maxlen: 20
170.253.16.0/20 maxlen: 20
170.253.32.0/20 maxlen: 20
170.253.48.0/20 maxlen: 20
176.222.64.0/19 maxlen: 19
176.222.75.0/24 maxlen: 24
176.222.82.0/24 maxlen: 24
178.218.194.0/24 maxlen: 24
181.41.128.0/21 maxlen: 21
185.79.20.0/22 maxlen: 22
185.145.64.0/22 maxlen: 22
185.146.56.0/22 maxlen: 22
185.153.164.0/23 maxlen: 23
185.153.166.0/23 maxlen: 23
185.176.4.0/22 maxlen: 22
185.197.240.0/22 maxlen: 22
185.227.212.0/23 maxlen: 23
185.227.214.0/23 maxlen: 23
185.228.152.0/22 maxlen: 22
185.252.12.0/22 maxlen: 22
188.65.88.0/21 maxlen: 21
188.208.219.0/24 maxlen: 24
188.212.23.0/24 maxlen: 24
193.17.66.0/24 maxlen: 24
193.53.160.0/22 maxlen: 22
193.177.208.0/22 maxlen: 22
195.160.224.0/22 maxlen: 22
206.204.128.0/23 maxlen: 23
206.204.130.0/23 maxlen: 23
206.204.132.0/23 maxlen: 23
206.204.134.0/24 maxlen: 24
206.204.135.0/24 maxlen: 24
206.204.136.0/23 maxlen: 23
206.204.138.0/23 maxlen: 23
206.204.140.0/22 maxlen: 22
206.204.150.0/23 maxlen: 23
206.204.152.0/22 maxlen: 22
206.204.156.0/22 maxlen: 22
207.188.128.0/21 maxlen: 21
207.188.136.0/21 maxlen: 21
207.188.144.0/21 maxlen: 21
207.188.152.0/21 maxlen: 21
207.188.160.0/21 maxlen: 21
207.188.168.0/21 maxlen: 21
207.188.176.0/21 maxlen: 21
207.188.184.0/21 maxlen: 21
212.7.32.0/20 maxlen: 20
212.7.63.0/24 maxlen: 24
212.14.96.0/19 maxlen: 23
212.14.96.0/22 maxlen: 22
212.14.100.0/22 maxlen: 22
212.14.104.0/23 maxlen: 23
212.14.108.0/22 maxlen: 22
212.14.118.0/23 maxlen: 23
212.166.66.0/24 maxlen: 24
212.166.67.0/24 maxlen: 24
212.166.68.0/24 maxlen: 24
212.166.69.0/24 maxlen: 24
212.166.70.0/24 maxlen: 24
212.166.71.0/24 maxlen: 24
212.166.74.0/24 maxlen: 24
212.166.76.0/24 maxlen: 24
212.230.0.0/15 maxlen: 15
212.230.22.0/24 maxlen: 24
212.230.136.0/24 maxlen: 24
212.230.156.0/24 maxlen: 24
212.230.157.0/24 maxlen: 24
212.230.159.0/24 maxlen: 24
212.230.178.0/24 maxlen: 24
212.230.233.0/24 maxlen: 24
212.231.112.0/21 maxlen: 21
212.231.120.0/22 maxlen: 22
212.231.124.0/22 maxlen: 22
213.94.0.0/18 maxlen: 23
213.94.0.0/21 maxlen: 21
213.94.16.0/22 maxlen: 22
213.94.40.0/22 maxlen: 22
213.177.192.0/19 maxlen: 21
213.177.208.0/21 maxlen: 21
217.113.240.0/20 maxlen: 22
2a00:d100::/29 maxlen: 37
2a01:8480::/32 maxlen: 32
2a01:8480:2001::/48 maxlen: 48
2a01:8480:2002::/48 maxlen: 48
2a01:8480:2003::/48 maxlen: 48
2a01:8480:2004::/48 maxlen: 48
2a01:8480:2008::/47 maxlen: 47
2a01:8480:200a::/47 maxlen: 47
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.mft
rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 11:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:34:cf:8e:28:ea:6c:d4:cc:84:db:ca:aa:b2:46:2c:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85d0e763f935c171694f172056eb44209db2e2cd
Validity
Not Before: Apr 14 14:58:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d26c0811f6858bff533ec300a71d8d19fe7ff9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:46:24:34:3c:c8:06:1d:f6:d9:ac:04:a0:6c:
bd:bd:a5:40:ca:e1:92:65:6d:60:e9:dc:a3:9f:b5:
04:9d:df:3d:62:cd:4e:66:bd:c0:19:b3:c5:38:0c:
f4:7c:1d:3a:3c:82:11:94:ae:46:c6:68:0c:7d:31:
77:d3:aa:31:0d:6b:96:18:5b:94:7b:66:45:03:85:
f6:dd:ee:32:d2:a1:d9:d1:8e:7b:74:9c:e9:0a:3f:
a8:81:39:20:58:3b:a2:f7:07:ba:21:35:87:c3:54:
56:52:02:09:51:e0:d1:7c:b9:08:72:43:75:7f:d6:
a0:d1:c4:2a:8f:b6:3d:92:fd:70:c4:64:fd:77:da:
43:fa:4e:0d:b9:90:52:2e:f2:6a:ea:8d:78:82:41:
01:aa:75:46:e5:87:d3:b7:06:99:9c:4f:7a:08:2b:
57:81:ca:43:54:0b:2d:8f:4c:ba:61:64:06:3a:9d:
68:74:ac:5a:28:49:38:97:18:40:52:82:8d:bb:2f:
22:e0:fc:0a:15:10:c0:a5:6f:0c:03:a4:e6:15:4a:
26:a6:e0:ae:8e:f5:bd:ca:7f:c2:fa:96:8e:82:6e:
d8:a7:c1:17:9a:b1:33:52:30:d6:b9:8c:6d:16:9c:
13:f4:8d:05:5f:7d:3b:f7:00:39:65:87:e2:a8:d5:
5f:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:26:C0:81:1F:68:58:BF:F5:33:EC:30:0A:71:D8:D1:9F:E7:FF:9B
X509v3 Authority Key Identifier:
keyid:85:D0:E7:63:F9:35:C1:71:69:4F:17:20:56:EB:44:20:9D:B2:E2:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/PSbAgR9oWL_1M-wwCnHY0Z_n_5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.80.0/20
66.81.160.0/19
67.218.224.0/19
77.241.48.0/20
78.30.0.0/18
81.0.0.0/18
82.213.192.0/18
83.138.40.0/21
84.39.176.0/21
85.31.128.0/21
85.187.52.0/22
85.235.68.0/22
85.239.128.0/20
87.124.128.0/18
89.35.62.0/23
89.39.32.0/19
91.106.16.0/21
91.194.62.0/23
91.242.152.0/21
93.115.37.0/24
93.115.128.0/21
93.115.152.0/24
93.115.202.0/24
93.115.242.0/24
93.176.128.0/18
93.177.120.0/22
94.73.32.0/19
119.12.224.0/19
137.59.58.0/24
170.253.0.0/18
176.222.64.0/19
178.218.194.0/24
181.41.128.0/21
185.79.20.0/22
185.145.64.0/22
185.146.56.0/22
185.153.164.0/22
185.176.4.0/22
185.197.240.0/22
185.227.212.0/22
185.228.152.0/22
185.252.12.0/22
188.65.88.0/21
188.208.219.0/24
188.212.23.0/24
193.17.66.0/24
193.53.160.0/22
193.177.208.0/22
195.160.224.0/22
206.204.128.0/20
206.204.150.0-206.204.159.255
207.188.128.0/18
212.7.32.0/20
212.7.63.0/24
212.14.96.0/19
212.166.66.0-212.166.71.255
212.166.74.0/24
212.166.76.0/24
212.230.0.0/15
213.94.0.0/18
213.177.192.0/19
217.113.240.0/20
IPv6:
2a00:d100::/29
2a01:8480::/32
Signature Algorithm: sha256WithRSAEncryption
45:c5:b2:71:fd:7d:fa:7f:b6:fa:7d:76:73:0c:d5:6d:b1:9b:
3b:aa:67:a7:65:fb:fb:41:61:de:2e:6e:97:37:86:32:72:64:
6a:c6:e8:8b:6e:8a:c1:9b:80:f7:1f:d0:67:ce:8e:bb:b2:23:
69:31:a6:9c:33:de:3a:e2:57:e3:e0:05:44:50:af:7f:d3:a5:
8c:a4:4a:ab:64:86:17:ef:ae:84:1b:35:70:8d:59:d2:bd:6f:
52:af:de:4d:de:86:47:b0:82:b2:ca:85:c3:16:ad:17:33:95:
ea:b4:b7:eb:ba:32:9a:92:c2:bd:c7:68:9a:07:11:b8:db:c0:
44:f2:7d:4e:e9:21:a6:c8:15:90:16:45:b1:0c:95:5a:83:c4:
b0:a7:a4:6d:ca:3e:51:e6:bc:59:13:dd:05:f3:05:81:de:45:
36:3d:65:d9:73:25:38:b3:93:5b:4b:22:25:22:d5:a0:be:67:
13:65:50:66:cf:64:d2:fa:c6:59:49:1c:ad:e1:1e:9d:12:0b:
05:76:c7:ab:c8:9c:99:99:53:06:f4:0b:79:6b:1a:f6:0a:b9:
47:96:51:21:4f:41:b9:d1:6f:1d:bc:43:78:b0:a8:9b:5f:be:
d9:32:2e:7c:da:cb:bc:da:15:0d:11:c6:5b:a9:65:8f:ac:b5:
74:a1:fc:58
-----BEGIN CERTIFICATE-----
MIIGmjCCBYKgAwIBAgISAZY0z44o6mzUzITbyqqyRizrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZDBlNzYzZjkzNWMxNzE2OTRmMTcyMDU2ZWI0NDIwOWRi
MmUyY2QwHhcNMjUwNDE0MTQ1ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDI2YzA4MTFmNjg1OGJmZjUzM2VjMzAwYTcxZDhkMTlmZTdmZjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkYkNDzIBh322awEoGy9vaVAyuGS
ZW1g6dyjn7UEnd89Ys1OZr3AGbPFOAz0fB06PIIRlK5GxmgMfTF306oxDWuWGFuU
e2ZFA4X23e4y0qHZ0Y57dJzpCj+ogTkgWDui9we6ITWHw1RWUgIJUeDRfLkIckN1
f9ag0cQqj7Y9kv1wxGT9d9pD+k4NuZBSLvJq6o14gkEBqnVG5YfTtwaZnE96CCtX
gcpDVAstj0y6YWQGOp1odKxaKEk4lxhAUoKNuy8i4PwKFRDApW8MA6TmFUompuCu
jvW9yn/C+paOgm7Yp8EXmrEzUjDWuYxtFpwT9I0FX3079wA5ZYfiqNVftwIDAQAB
o4IDpjCCA6IwHQYDVR0OBBYEFD0mwIEfaFi/9TPsMApx2NGf5/+bMB8GA1UdIwQY
MBaAFIXQ52P5NcFxaU8XIFbrRCCdsuLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGREbllfazF3WEZwVHhjZ1Z1dEVJSjJ5NHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83NDY0MTAtMDI2Yi00NWM5LTgxY2Qt
ZjEyODM1ZjAyNDdiLzEvUFNiQWdSOW9XTF8xTS13d0NuSFkwWl9uXzVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83NDY0MTAtMDI2Yi00NWM5LTgxY2QtZjEyODM1ZjAyNDdi
LzEvaGREbllfazF3WEZwVHhjZ1Z1dEVJSjJ5NHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBugYIKwYBBQUHAQcBAf8EggGpMIIBpTCCAYsEAgABMIIB
gwMEBB/eUAMEBUJRoAMEBUPa4AMEBE3xMAMEBk4eAAMEBlEAAAMEBlLVwAMEA1OK
KAMEA1QnsAMEA1UfgAMEAlW7NAMEAlXrRAMEBFXvgAMEBld8gAMEAVkjPgMEBVkn
IAMEA1tqEAMEAVvCPgMEA1vymAMEAF1zJQMEA11zgAMEAF1zmAMEAF1zygMEAF1z
8gMEBl2wgAMEAl2xeAMEBV5JIAMEBXcM4AMEAIk7OgMEBqr9AAMEBbDeQAMEALLa
wgMEA7UpgAMEArlPFAMEArmRQAMEArmSOAMEArmZpAMEArmwBAMEArnF8AMEArnj
1AMEArnkmAMEArn8DAMEA7xBWAMEALzQ2wMEALzUFwMEAMERQgMEAsE1oAMEAsGx
0AMEAsOg4AMEBM7MgDAMAwQBzsyWAwQFzsyAAwQGz7yAAwQE1AcgAwQA1Ac/AwQF
1A5gMAwDBAHUpkIDBAPUpkADBADUpkoDBADUpkwDAwHU5gMEBtVeAAMEBdWxwAME
BNlx8DAUBAIAAjAOAwUDKgDRAAMFACoBhIAwDQYJKoZIhvcNAQELBQADggEBAEXF
snH9ffp/tvp9dnMM1W2xmzuqZ6dl+/tBYd4ubpc3hjJyZGrG6ItuisGbgPcf0GfO
jruyI2kxppwz3jriV+PgBURQr3/TpYykSqtkhhfvroQbNXCNWdK9b1Kv3k3ehkew
grLKhcMWrRczleq0t+u6MpqSwr3HaJoHEbjbwETyfU7pIabIFZAWRbEMlVqDxLCn
pG3KPlHmvFkT3QXzBYHeRTY9ZdlzJTizk1tLIiUi1aC+ZxNlUGbPZNL6xllJHK3h
Hp0SCwV2x6vInJmZUwb0C3lrGvYKuUeWUSFPQbnRbx28Q3iwqJtfvtkyLnzay7za
FQ0RxlupZY+stXSh/Fg=
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:13:42 2025 by rpki-client