Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/53e496-0097-462a-a989-d67a61d5416d/1/X1Og0Lm3K_LkI3EHNFSVJEed5mw.roa
File: X1Og0Lm3K_LkI3EHNFSVJEed5mw.roa (raw, json)
Hash identifier: +EXRjqdqdJiElvru0d0HFKlKizfdsCCHpZGqFtTKPDw=
Subject key identifier: 5F:53:A0:D0:B9:B7:2B:F2:E4:23:71:07:34:54:95:24:47:9D:E6:6C
Certificate issuer: /CN=f416539e74934d23a0572f6625dbfdb54e820873
Certificate serial: 01951365A25AFED8C2A1350EF543A6B60559
Authority key identifier: F4:16:53:9E:74:93:4D:23:A0:57:2F:66:25:DB:FD:B5:4E:82:08:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9BZTnnSTTSOgVy9mJdv9tU6CCHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/53e496-0097-462a-a989-d67a61d5416d/1/X1Og0Lm3K_LkI3EHNFSVJEed5mw.roa
Signing time: Mon 17 Feb 2025 10:13:02 +0000
ROA not before: Mon 17 Feb 2025 10:13:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47394
IP address blocks: 46.255.144.0/21 maxlen: 21
46.255.144.0/22 maxlen: 22
46.255.144.0/24 maxlen: 24
46.255.145.0/24 maxlen: 24
46.255.146.0/24 maxlen: 24
46.255.147.0/24 maxlen: 24
46.255.148.0/22 maxlen: 22
46.255.148.0/24 maxlen: 24
46.255.149.0/24 maxlen: 24
46.255.150.0/24 maxlen: 24
46.255.151.0/24 maxlen: 24
95.107.128.0/21 maxlen: 21
95.107.129.0/24 maxlen: 24
95.107.132.0/24 maxlen: 24
95.107.135.0/24 maxlen: 24
95.107.136.0/21 maxlen: 21
95.107.136.0/24 maxlen: 24
95.107.141.0/24 maxlen: 24
95.107.144.0/23 maxlen: 23
95.107.144.0/24 maxlen: 24
95.107.145.0/24 maxlen: 24
95.107.146.0/23 maxlen: 23
95.107.150.0/24 maxlen: 24
95.107.156.0/24 maxlen: 24
95.107.157.0/24 maxlen: 24
95.107.159.0/24 maxlen: 24
95.107.160.0/21 maxlen: 21
95.107.160.0/22 maxlen: 22
95.107.160.0/24 maxlen: 24
95.107.162.0/23 maxlen: 23
95.107.162.0/24 maxlen: 24
95.107.164.0/22 maxlen: 22
95.107.164.0/24 maxlen: 24
95.107.165.0/24 maxlen: 24
95.107.166.0/24 maxlen: 24
95.107.167.0/24 maxlen: 24
95.107.168.0/22 maxlen: 22
95.107.168.0/23 maxlen: 23
95.107.170.0/23 maxlen: 23
95.107.172.0/23 maxlen: 23
95.107.174.0/24 maxlen: 24
95.107.176.0/21 maxlen: 21
95.107.176.0/22 maxlen: 22
95.107.177.0/24 maxlen: 24
95.107.180.0/22 maxlen: 22
95.107.182.0/24 maxlen: 24
95.107.184.0/21 maxlen: 21
95.107.184.0/22 maxlen: 22
95.107.188.0/22 maxlen: 22
95.107.188.0/24 maxlen: 24
95.107.192.0/22 maxlen: 22
95.107.192.0/24 maxlen: 24
95.107.193.0/24 maxlen: 24
95.107.194.0/23 maxlen: 23
95.107.194.0/24 maxlen: 24
95.107.195.0/24 maxlen: 24
95.107.196.0/22 maxlen: 22
95.107.196.0/23 maxlen: 23
95.107.196.0/24 maxlen: 24
95.107.198.0/23 maxlen: 23
95.107.200.0/21 maxlen: 21
95.107.200.0/22 maxlen: 22
95.107.200.0/24 maxlen: 24
95.107.201.0/24 maxlen: 24
95.107.202.0/23 maxlen: 23
95.107.204.0/22 maxlen: 22
95.107.208.0/20 maxlen: 20
95.107.208.0/21 maxlen: 21
95.107.208.0/22 maxlen: 22
95.107.208.0/23 maxlen: 23
95.107.209.0/24 maxlen: 24
95.107.212.0/22 maxlen: 22
95.107.212.0/23 maxlen: 23
95.107.212.0/24 maxlen: 24
95.107.216.0/21 maxlen: 21
95.107.216.0/22 maxlen: 22
95.107.216.0/23 maxlen: 23
95.107.218.0/23 maxlen: 23
95.107.220.0/22 maxlen: 22
95.107.220.0/23 maxlen: 23
95.107.222.0/23 maxlen: 23
95.107.224.0/20 maxlen: 20
95.107.224.0/22 maxlen: 22
95.107.228.0/22 maxlen: 22
95.107.228.0/24 maxlen: 24
95.107.232.0/22 maxlen: 22
95.107.234.0/23 maxlen: 23
95.107.236.0/22 maxlen: 22
95.107.238.0/23 maxlen: 23
95.107.240.0/20 maxlen: 20
95.107.240.0/22 maxlen: 22
95.107.244.0/22 maxlen: 22
95.107.248.0/22 maxlen: 22
95.107.248.0/23 maxlen: 23
95.107.248.0/24 maxlen: 24
95.107.252.0/22 maxlen: 22
95.107.254.0/23 maxlen: 23
109.69.164.0/24 maxlen: 24
109.69.165.0/24 maxlen: 24
109.69.166.0/24 maxlen: 24
109.69.167.0/24 maxlen: 24
141.8.200.0/21 maxlen: 21
141.8.200.0/22 maxlen: 22
141.8.204.0/22 maxlen: 22
185.118.148.0/22 maxlen: 22
185.118.148.0/23 maxlen: 23
185.118.150.0/23 maxlen: 23
185.122.228.0/22 maxlen: 22
185.122.228.0/23 maxlen: 23
185.122.228.0/24 maxlen: 24
2a03:8480::/32 maxlen: 32
2a03:8480::/33 maxlen: 33
2a03:8480:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/53e496-0097-462a-a989-d67a61d5416d/1/9BZTnnSTTSOgVy9mJdv9tU6CCHM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/53e496-0097-462a-a989-d67a61d5416d/1/9BZTnnSTTSOgVy9mJdv9tU6CCHM.mft
rsync://rpki.ripe.net/repository/DEFAULT/9BZTnnSTTSOgVy9mJdv9tU6CCHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 16:41:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:13:65:a2:5a:fe:d8:c2:a1:35:0e:f5:43:a6:b6:05:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f416539e74934d23a0572f6625dbfdb54e820873
Validity
Not Before: Feb 17 10:13:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f53a0d0b9b72bf2e423710734549524479de66c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:2b:ca:57:2f:bb:41:2c:53:04:6e:90:1a:28:
05:4e:81:3b:6b:74:1f:0a:40:13:f3:58:1f:77:7d:
9c:e0:6a:5f:00:bd:da:8b:90:43:51:61:37:a3:b7:
f1:eb:30:2e:4a:83:8d:df:c6:a7:18:4b:d3:44:3d:
eb:86:08:82:35:d5:b6:e0:8a:6f:84:b1:05:d6:82:
d9:b5:3b:bf:54:8d:f5:bb:be:cb:82:d3:b4:4f:c5:
79:9b:e2:64:4c:13:a1:b6:bb:a8:fa:91:48:2c:40:
4b:74:cd:9e:3a:fd:d9:a5:57:60:70:76:d6:bd:36:
bd:db:8b:0e:78:0a:8c:3e:f9:12:f9:07:99:ae:5e:
19:0b:dd:c4:0e:15:b7:f5:a3:97:65:7f:de:b8:ba:
5b:82:63:61:68:94:ec:95:d9:e4:79:7a:9e:fa:18:
3b:ae:a4:b2:72:82:27:99:06:8e:ae:54:98:0c:e3:
c9:11:2b:d2:a2:5d:1a:3b:1c:51:73:8e:4e:ea:37:
c1:6b:df:f1:3f:0e:c0:69:b0:47:68:df:48:ee:c1:
79:03:4f:42:d9:b7:e3:70:ff:24:6a:f3:6f:e3:c3:
fc:22:57:6e:06:f2:05:fb:ce:65:83:36:0b:22:93:
6e:05:9b:d4:b1:04:90:f0:0f:1e:92:43:93:a3:8c:
99:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:53:A0:D0:B9:B7:2B:F2:E4:23:71:07:34:54:95:24:47:9D:E6:6C
X509v3 Authority Key Identifier:
keyid:F4:16:53:9E:74:93:4D:23:A0:57:2F:66:25:DB:FD:B5:4E:82:08:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9BZTnnSTTSOgVy9mJdv9tU6CCHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/53e496-0097-462a-a989-d67a61d5416d/1/X1Og0Lm3K_LkI3EHNFSVJEed5mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/53e496-0097-462a-a989-d67a61d5416d/1/9BZTnnSTTSOgVy9mJdv9tU6CCHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.255.144.0/21
95.107.128.0-95.107.147.255
95.107.150.0/24
95.107.156.0/23
95.107.159.0-95.107.174.255
95.107.176.0-95.107.255.255
109.69.164.0/22
141.8.200.0/21
185.118.148.0/22
185.122.228.0/22
IPv6:
2a03:8480::/32
Signature Algorithm: sha256WithRSAEncryption
23:a5:5d:fc:98:5d:07:bb:99:81:6c:3f:a4:c4:a3:8d:c8:22:
64:82:f0:c0:c8:bd:c8:9d:fb:c4:44:0a:6a:1d:9a:fd:95:cd:
3e:00:7b:d1:b3:2f:d7:02:f0:9b:f7:fa:bf:7b:aa:6f:85:0e:
37:9e:48:3e:ea:eb:88:b6:59:80:44:39:95:bd:31:30:40:1d:
0b:fc:df:67:3b:29:ef:1b:7a:a0:79:ac:50:9d:f8:df:95:6b:
46:4b:60:e1:72:1d:27:a3:9a:d8:29:50:41:2a:3f:d7:c3:6e:
8c:5c:6c:9b:32:26:73:a8:d7:47:af:6a:79:d2:5a:4f:58:5e:
c7:5a:e0:10:94:2f:b2:62:54:49:df:a0:e1:9b:1b:02:30:52:
ee:b3:26:4e:c0:f3:11:5e:23:72:f9:1a:d2:2d:f7:0e:14:7a:
fd:be:cb:4d:85:bf:c0:6d:5a:a1:fa:c0:37:da:04:a1:74:7c:
02:46:54:77:e7:08:88:f4:cd:d3:1d:12:98:8f:98:49:68:e2:
62:0d:0f:ba:9c:53:d5:95:bd:4f:b4:16:f3:19:20:02:fc:92:
0e:3f:b6:b1:36:56:83:11:56:94:30:c8:7e:41:4e:74:d6:14:
bd:05:67:70:7f:93:00:27:1d:3d:a3:ea:64:d6:2b:1d:38:9a:
f5:6d:27:77
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZUTZaJa/tjCoTUO9UOmtgVZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0MTY1MzllNzQ5MzRkMjNhMDU3MmY2NjI1ZGJmZGI1NGU4
MjA4NzMwHhcNMjUwMjE3MTAxMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjUzYTBkMGI5YjcyYmYyZTQyMzcxMDczNDU0OTUyNDQ3OWRlNjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSvKVy+7QSxTBG6QGigFToE7a3Qf
CkAT81gfd32c4GpfAL3ai5BDUWE3o7fx6zAuSoON38anGEvTRD3rhgiCNdW24Ipv
hLEF1oLZtTu/VI31u77LgtO0T8V5m+JkTBOhtruo+pFILEBLdM2eOv3ZpVdgcHbW
vTa924sOeAqMPvkS+QeZrl4ZC93EDhW39aOXZX/euLpbgmNhaJTsldnkeXqe+hg7
rqSycoInmQaOrlSYDOPJESvSol0aOxxRc45O6jfBa9/xPw7AabBHaN9I7sF5A09C
2bfjcP8kavNv48P8IlduBvIF+85lgzYLIpNuBZvUsQSQ8A8ekkOTo4yZdwIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFF9ToNC5tyvy5CNxBzRUlSRHneZsMB8GA1UdIwQY
MBaAFPQWU550k00joFcvZiXb/bVOgghzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUJaVG5uU1RUU09nVnk5bUpkdjl0VTZDQ0hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy81M2U0OTYtMDA5Ny00NjJhLWE5ODkt
ZDY3YTYxZDU0MTZkLzEvWDFPZzBMbTNLX0xrSTNFSE5GU1ZKRWVkNW13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy81M2U0OTYtMDA5Ny00NjJhLWE5ODktZDY3YTYxZDU0MTZk
LzEvOUJaVG5uU1RUU09nVnk5bUpkdjl0VTZDQ0hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBZBAIAATBTAwQDLv+QMAwD
BAdfa4ADBAJfa5ADBABfa5YDBAFfa5wwDAMEAF9rnwMEAF9rrjALAwQEX2uwAwMC
X2gDBAJtRaQDBAONCMgDBAK5dpQDBAK5euQwDQQCAAIwBwMFACoDhIAwDQYJKoZI
hvcNAQELBQADggEBACOlXfyYXQe7mYFsP6TEo43IImSC8MDIvcid+8RECmodmv2V
zT4Ae9GzL9cC8Jv3+r97qm+FDjeeSD7q64i2WYBEOZW9MTBAHQv832c7Ke8beqB5
rFCd+N+Va0ZLYOFyHSejmtgpUEEqP9fDboxcbJsyJnOo10evannSWk9YXsda4BCU
L7JiVEnfoOGbGwIwUu6zJk7A8xFeI3L5GtIt9w4Uev2+y02Fv8BtWqH6wDfaBKF0
fAJGVHfnCIj0zdMdEpiPmElo4mIND7qcU9WVvU+0FvMZIAL8kg4/trE2VoMRVpQw
yH5BTnTWFL0FZ3B/kwAnHT2j6mTWKx04mvVtJ3c=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:15:35 2025 by rpki-client