Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/2A4W358cAC90tPY4WAcl8VxvlfY.roa
File: 2A4W358cAC90tPY4WAcl8VxvlfY.roa (raw, json)
Hash identifier: a/2RcOOfXyLd5n4ofK0ddL5uKMNvkkPX4n9+fhFvuyY=
Subject key identifier: D8:0E:16:DF:9F:1C:00:2F:74:B4:F6:38:58:07:25:F1:5C:6F:95:F6
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 01958021978B9B5DCA77504FC3D4580E780E
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/2A4W358cAC90tPY4WAcl8VxvlfY.roa
Signing time: Mon 10 Mar 2025 12:57:19 +0000
ROA not before: Mon 10 Mar 2025 12:57:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200740
IP address blocks: 45.9.72.0/24 maxlen: 24
45.138.73.0/24 maxlen: 24
46.17.105.0/24 maxlen: 24
80.76.32.0/23 maxlen: 23
80.76.34.0/23 maxlen: 23
91.217.76.0/24 maxlen: 24
92.118.8.0/23 maxlen: 23
94.142.136.0/23 maxlen: 23
94.142.136.0/24 maxlen: 24
94.142.137.0/24 maxlen: 24
95.214.9.0/24 maxlen: 24
95.214.10.0/23 maxlen: 23
95.214.10.0/24 maxlen: 24
95.214.11.0/24 maxlen: 24
185.40.7.0/24 maxlen: 24
185.58.204.0/24 maxlen: 24
185.94.164.0/23 maxlen: 23
185.94.164.0/24 maxlen: 24
185.94.165.0/24 maxlen: 24
185.102.136.0/24 maxlen: 24
185.103.252.0/23 maxlen: 23
185.103.252.0/24 maxlen: 24
185.103.253.0/24 maxlen: 24
185.103.254.0/23 maxlen: 23
185.103.254.0/24 maxlen: 24
185.103.255.0/24 maxlen: 24
185.114.72.0/23 maxlen: 23
185.114.72.0/24 maxlen: 24
185.114.73.0/24 maxlen: 24
185.117.116.0/24 maxlen: 24
185.117.119.0/24 maxlen: 24
185.200.190.0/24 maxlen: 24
185.232.170.0/23 maxlen: 23
185.233.80.0/23 maxlen: 23
185.233.82.0/24 maxlen: 24
185.233.202.0/23 maxlen: 23
185.252.144.0/24 maxlen: 24
193.124.182.0/24 maxlen: 24
193.124.183.0/24 maxlen: 24
193.124.188.0/23 maxlen: 23
193.124.190.0/24 maxlen: 24
193.239.160.0/23 maxlen: 23
193.239.166.0/23 maxlen: 23
194.36.178.0/23 maxlen: 23
2a04:5200:68::/48 maxlen: 48
2a04:5201:2::/48 maxlen: 48
2a04:5201:4::/48 maxlen: 48
2a04:5201:6::/48 maxlen: 48
2a04:5201:7::/48 maxlen: 48
2a04:5201:9::/48 maxlen: 48
2a04:5201:10::/48 maxlen: 48
2a04:5201:8018::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 05:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:80:21:97:8b:9b:5d:ca:77:50:4f:c3:d4:58:0e:78:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Mar 10 12:57:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d80e16df9f1c002f74b4f638580725f15c6f95f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:03:4f:fc:7d:e1:e7:99:a5:c5:ef:2b:2f:e8:
06:2b:53:11:bc:0d:71:8b:d9:bd:87:55:9b:de:d2:
83:94:85:84:a0:30:f6:d1:19:56:75:83:86:82:3f:
6b:d5:d3:6c:80:eb:2a:dc:ff:a3:bb:f5:7a:7c:ca:
a7:5c:4c:ad:13:f4:71:79:2c:c6:4c:71:97:7a:1f:
95:1d:05:72:70:ec:2f:59:6d:4f:2b:99:75:6d:04:
42:f3:8e:db:b4:97:81:a9:9b:91:a4:4b:8c:07:4e:
df:b8:e0:f3:72:37:7e:e7:28:f0:98:33:bb:c4:da:
bc:67:01:b2:54:86:e2:26:14:1b:50:81:cc:a3:00:
eb:b9:a4:fb:aa:b2:ea:13:39:83:d8:fc:48:90:65:
3e:62:69:c7:60:bf:65:a0:4e:1f:f5:2e:13:7e:c8:
af:8c:44:a5:18:65:b7:aa:ef:ee:99:3f:9b:ce:37:
bc:28:b1:d9:1c:06:05:ce:23:d0:75:f6:dc:6b:bf:
55:d0:b4:2f:dd:9b:12:d6:36:c8:0e:b5:a4:9f:bb:
cd:af:c9:27:33:13:18:f7:69:ba:68:a7:fe:f7:fd:
fc:1f:31:d1:2b:52:82:c2:af:c9:28:e7:53:35:f9:
93:8a:fb:ee:cb:27:3e:1d:e1:0d:55:a8:a7:77:b0:
09:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:0E:16:DF:9F:1C:00:2F:74:B4:F6:38:58:07:25:F1:5C:6F:95:F6
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/2A4W358cAC90tPY4WAcl8VxvlfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.72.0/24
45.138.73.0/24
46.17.105.0/24
80.76.32.0/22
91.217.76.0/24
92.118.8.0/23
94.142.136.0/23
95.214.9.0-95.214.11.255
185.40.7.0/24
185.58.204.0/24
185.94.164.0/23
185.102.136.0/24
185.103.252.0/22
185.114.72.0/23
185.117.116.0/24
185.117.119.0/24
185.200.190.0/24
185.232.170.0/23
185.233.80.0-185.233.82.255
185.233.202.0/23
185.252.144.0/24
193.124.182.0/23
193.124.188.0-193.124.190.255
193.239.160.0/23
193.239.166.0/23
194.36.178.0/23
IPv6:
2a04:5200:68::/48
2a04:5201:2::/48
2a04:5201:4::/48
2a04:5201:6::/47
2a04:5201:9::/48
2a04:5201:10::/48
2a04:5201:8018::/48
Signature Algorithm: sha256WithRSAEncryption
b0:bf:f6:15:7a:8a:3a:e9:30:df:53:c2:cc:ca:35:28:7b:e9:
ee:9e:26:77:ab:0a:74:cb:60:f4:0e:f1:61:8c:6a:9b:1e:01:
c8:85:f9:7c:65:e0:0c:66:83:0e:2d:90:d3:4a:07:99:ea:76:
92:b4:d4:92:6a:e0:35:9a:89:79:b7:35:58:24:e9:05:6c:cb:
3f:4d:38:2f:00:70:0e:42:08:10:38:52:f7:92:b1:7c:02:64:
36:fa:54:08:25:d0:9d:ec:6d:13:63:12:2a:0c:fe:8d:e4:ad:
d4:f1:ba:52:87:11:db:4e:c4:67:cd:50:a5:a3:10:43:0e:5f:
fa:ba:49:07:08:b2:99:ad:33:69:8f:5a:68:11:23:87:89:c2:
fd:74:00:3a:42:a2:8e:ca:ac:33:45:f5:ec:06:c0:4a:8b:4a:
bb:6c:e9:6b:17:dc:1c:b0:28:37:7b:d1:45:39:ef:71:8d:90:
b6:45:d5:94:e4:63:6c:f1:0d:83:17:ae:e6:b5:14:a6:81:33:
7d:bc:61:d0:44:6e:0d:5f:d6:5f:d5:ed:b5:18:0d:01:a7:ac:
30:44:41:a3:39:be:28:8d:fc:12:3f:94:53:ac:d0:d2:dd:5f:
90:33:f4:b4:b4:0a:f2:63:bb:46:35:7e:84:f1:80:8c:14:97:
c7:50:69:86
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgISAZWAIZeLm13Kd1BPw9RYDngOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwMzEwMTI1NzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODBlMTZkZjlmMWMwMDJmNzRiNGY2Mzg1ODA3MjVmMTVjNmY5NWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQNP/H3h55mlxe8rL+gGK1MRvA1x
i9m9h1Wb3tKDlIWEoDD20RlWdYOGgj9r1dNsgOsq3P+ju/V6fMqnXEytE/RxeSzG
THGXeh+VHQVycOwvWW1PK5l1bQRC847btJeBqZuRpEuMB07fuODzcjd+5yjwmDO7
xNq8ZwGyVIbiJhQbUIHMowDruaT7qrLqEzmD2PxIkGU+YmnHYL9loE4f9S4Tfsiv
jESlGGW3qu/umT+bzje8KLHZHAYFziPQdfbca79V0LQv3ZsS1jbIDrWkn7vNr8kn
MxMY92m6aKf+9/38HzHRK1KCwq/JKOdTNfmTivvuyyc+HeENVaind7AJEwIDAQAB
o4IDBjCCAwIwHQYDVR0OBBYEFNgOFt+fHAAvdLT2OFgHJfFcb5X2MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvMkE0VzM1OGNBQzkwdFBZNFdBY2w4Vnh2bGZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGgYIKwYBBQUHAQcBAf8EggEJMIIBBTCBuwQCAAEwgbQD
BAAtCUgDBAAtikkDBAAuEWkDBAJQTCADBABb2UwDBAFcdggDBAFejogwDAMEAF/W
CQMEAl/WCAMEALkoBwMEALk6zAMEAblepAMEALlmiAMEArln/AMEAblySAMEALl1
dAMEALl1dwMEALnIvgMEAbnoqjAMAwQEuelQAwQAuelSAwQBuenKAwQAufyQAwQB
wXy2MAwDBALBfLwDBADBfL4DBAHB76ADBAHB76YDBAHCJLIwRQQCAAIwPwMHACoE
UgAAaAMHACoEUgEAAgMHACoEUgEABAMHASoEUgEABgMHACoEUgEACQMHACoEUgEA
EAMHACoEUgGAGDANBgkqhkiG9w0BAQsFAAOCAQEAsL/2FXqKOukw31PCzMo1KHvp
7p4md6sKdMtg9A7xYYxqmx4ByIX5fGXgDGaDDi2Q00oHmep2krTUkmrgNZqJebc1
WCTpBWzLP004LwBwDkIIEDhS95KxfAJkNvpUCCXQnextE2MSKgz+jeSt1PG6UocR
207EZ81QpaMQQw5f+rpJBwiyma0zaY9aaBEjh4nC/XQAOkKijsqsM0X17AbASotK
u2zpaxfcHLAoN3vRRTnvcY2QtkXVlORjbPENgxeu5rUUpoEzfbxh0ERuDV/WX9Xt
tRgNAaesMERBozm+KI38Ej+UU6zQ0t1fkDP0tLQK8mO7RjV+hPGAjBSXx1Bphg==
-----END CERTIFICATE-----
Generated at Thu Apr 10 11:40:29 2025 by rpki-client