Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/1HPdDAhp2D5icqchW6FaN1f6wQk.roa
File: 1HPdDAhp2D5icqchW6FaN1f6wQk.roa (raw, json)
Hash identifier: aBqK8vPirMFUVR5mg8q9qqfP+HEENImw1WU9wmDpmLo=
Subject key identifier: D4:73:DD:0C:08:69:D8:3E:62:72:A7:21:5B:A1:5A:37:57:FA:C1:09
Certificate issuer: /CN=9f26ac9eeb3a2cfa2f6ca3f413efb9cdffe9724e
Certificate serial: 0196ED0C0623522B9C829990238E58D5F610
Authority key identifier: 9F:26:AC:9E:EB:3A:2C:FA:2F:6C:A3:F4:13:EF:B9:CD:FF:E9:72:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nyasnus6LPovbKP0E--5zf_pck4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/1HPdDAhp2D5icqchW6FaN1f6wQk.roa
Signing time: Tue 20 May 2025 09:35:10 +0000
ROA not before: Tue 20 May 2025 09:35:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43915
IP address blocks: 5.181.104.0/22 maxlen: 22
45.66.36.0/22 maxlen: 22
45.80.160.0/22 maxlen: 22
45.130.56.0/22 maxlen: 22
45.143.112.0/22 maxlen: 22
45.152.28.0/22 maxlen: 22
62.169.148.0/23 maxlen: 23
79.135.122.0/23 maxlen: 24
87.117.64.0/22 maxlen: 22
87.117.68.0/23 maxlen: 23
91.239.57.0/24 maxlen: 24
94.154.184.0/22 maxlen: 24
109.224.216.0/22 maxlen: 22
109.224.224.0/22 maxlen: 24
109.224.224.0/23 maxlen: 23
109.224.226.0/23 maxlen: 24
109.224.234.0/23 maxlen: 24
109.224.236.0/22 maxlen: 22
109.224.240.0/23 maxlen: 24
144.178.104.0/23 maxlen: 23
144.178.118.0/23 maxlen: 23
144.178.252.0/23 maxlen: 23
147.189.156.0/22 maxlen: 24
147.189.214.0/24 maxlen: 24
176.116.116.0/22 maxlen: 22
178.248.128.0/21 maxlen: 21
185.23.254.0/23 maxlen: 24
185.147.184.0/22 maxlen: 22
185.161.4.0/22 maxlen: 22
185.231.136.0/21 maxlen: 21
188.214.236.0/22 maxlen: 22
193.35.146.0/23 maxlen: 23
194.105.134.0/23 maxlen: 24
194.145.242.0/23 maxlen: 24
194.146.160.0/22 maxlen: 24
195.184.250.0/23 maxlen: 23
195.206.172.0/22 maxlen: 24
195.242.148.0/23 maxlen: 23
195.244.2.0/23 maxlen: 23
212.59.72.0/21 maxlen: 24
212.108.90.0/23 maxlen: 23
213.225.224.0/22 maxlen: 24
217.14.184.0/21 maxlen: 21
217.20.244.0/22 maxlen: 24
217.171.100.0/22 maxlen: 22
217.171.104.0/22 maxlen: 22
2a07:5940::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/nyasnus6LPovbKP0E--5zf_pck4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/nyasnus6LPovbKP0E--5zf_pck4.mft
rsync://rpki.ripe.net/repository/DEFAULT/nyasnus6LPovbKP0E--5zf_pck4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ed:0c:06:23:52:2b:9c:82:99:90:23:8e:58:d5:f6:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f26ac9eeb3a2cfa2f6ca3f413efb9cdffe9724e
Validity
Not Before: May 20 09:35:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d473dd0c0869d83e6272a7215ba15a3757fac109
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:34:fe:ee:9a:52:d0:ec:6e:cc:83:f6:f2:5c:
62:2c:a3:96:34:f5:09:ca:d5:1f:9f:28:9f:6c:57:
39:57:1c:09:e5:76:f8:db:64:e1:53:5e:e9:bd:4c:
7b:46:95:64:8f:49:87:0b:c4:67:ed:6e:2f:60:b9:
27:ca:7e:ba:d5:95:82:50:d5:22:96:2a:29:49:86:
7b:ad:7a:31:65:e1:d1:a2:77:89:fb:cb:43:64:58:
ec:cb:64:08:2a:a7:12:f1:f6:e0:01:8d:86:d6:5e:
bf:54:77:48:d1:6e:54:ab:8e:c7:38:c2:6b:cd:d9:
d7:da:e5:94:5b:69:29:8d:34:c1:13:6c:d6:49:64:
36:28:42:c0:ad:b9:ae:26:5a:e2:fc:d9:4c:da:52:
bc:8f:54:18:3f:c5:71:9f:a9:38:bc:3e:5a:74:7d:
34:45:a3:57:9c:6d:93:fb:e8:72:ca:bb:07:f0:f5:
5a:8c:28:c7:06:54:35:64:07:00:0e:44:f6:00:18:
ad:1a:d9:71:d1:6d:74:62:e1:f0:72:b4:aa:88:87:
d9:0a:0d:00:1a:cc:8b:2a:31:41:ac:34:d4:dc:b3:
89:86:80:76:b1:9b:22:9c:63:eb:4f:30:d7:3f:e9:
53:f5:13:f1:e6:dd:8c:21:fc:43:30:e0:44:66:4d:
63:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:73:DD:0C:08:69:D8:3E:62:72:A7:21:5B:A1:5A:37:57:FA:C1:09
X509v3 Authority Key Identifier:
keyid:9F:26:AC:9E:EB:3A:2C:FA:2F:6C:A3:F4:13:EF:B9:CD:FF:E9:72:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nyasnus6LPovbKP0E--5zf_pck4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/1HPdDAhp2D5icqchW6FaN1f6wQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dc318b-9240-4775-a4ab-7d4266cf822a/1/nyasnus6LPovbKP0E--5zf_pck4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.104.0/22
45.66.36.0/22
45.80.160.0/22
45.130.56.0/22
45.143.112.0/22
45.152.28.0/22
62.169.148.0/23
79.135.122.0/23
87.117.64.0-87.117.69.255
91.239.57.0/24
94.154.184.0/22
109.224.216.0/22
109.224.224.0/22
109.224.234.0-109.224.241.255
144.178.104.0/23
144.178.118.0/23
144.178.252.0/23
147.189.156.0/22
147.189.214.0/24
176.116.116.0/22
178.248.128.0/21
185.23.254.0/23
185.147.184.0/22
185.161.4.0/22
185.231.136.0/21
188.214.236.0/22
193.35.146.0/23
194.105.134.0/23
194.145.242.0/23
194.146.160.0/22
195.184.250.0/23
195.206.172.0/22
195.242.148.0/23
195.244.2.0/23
212.59.72.0/21
212.108.90.0/23
213.225.224.0/22
217.14.184.0/21
217.20.244.0/22
217.171.100.0-217.171.107.255
IPv6:
2a07:5940::/32
Signature Algorithm: sha256WithRSAEncryption
68:e9:ab:f6:da:75:c2:d3:0f:1b:9e:38:6b:c1:9f:ea:31:6a:
d8:d3:0b:18:98:b3:39:10:12:d3:12:1b:d1:44:72:d2:26:da:
3a:d4:f5:eb:ec:87:65:05:bb:97:50:ec:bc:e8:3c:2d:1d:da:
7d:ea:d9:23:19:a7:e4:9c:16:c2:47:54:8c:09:b5:5c:f9:f6:
11:10:66:3e:05:41:a6:4f:36:d7:67:a5:ea:97:3f:cc:80:b6:
ac:1f:f6:0e:b9:41:52:fa:d4:66:c9:46:41:d7:15:b0:ab:bd:
51:83:2a:f6:f4:7f:c1:ea:9b:b1:72:ff:98:0e:e2:5e:77:8f:
db:57:af:d1:97:7c:fe:6a:fb:fe:d8:12:c3:19:5a:f1:8f:76:
3f:01:4b:c3:b2:f8:f1:a6:90:95:df:5f:39:ab:a4:66:c4:62:
c4:42:3a:54:b7:84:71:a5:99:2a:83:83:71:64:af:34:a0:cb:
13:e9:9b:a7:b8:c3:93:e7:08:af:b1:96:38:ef:65:bc:c9:5c:
e7:a5:b3:ec:da:47:cc:b5:28:b3:5e:41:01:37:37:d0:40:f2:
f8:77:b0:a3:a8:02:8b:3a:98:24:76:5c:27:5e:5e:d0:b4:b2:
9f:ee:47:51:a7:2b:50:28:97:05:48:2d:fe:c7:e5:54:6e:7b:
8c:70:8f:a6
-----BEGIN CERTIFICATE-----
MIIGGDCCBQCgAwIBAgISAZbtDAYjUiucgpmQI45Y1fYQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMjZhYzllZWIzYTJjZmEyZjZjYTNmNDEzZWZiOWNkZmZl
OTcyNGUwHhcNMjUwNTIwMDkzNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDczZGQwYzA4NjlkODNlNjI3MmE3MjE1YmExNWEzNzU3ZmFjMTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjT+7ppS0OxuzIP28lxiLKOWNPUJ
ytUfnyifbFc5VxwJ5Xb422ThU17pvUx7RpVkj0mHC8Rn7W4vYLknyn661ZWCUNUi
liopSYZ7rXoxZeHRoneJ+8tDZFjsy2QIKqcS8fbgAY2G1l6/VHdI0W5Uq47HOMJr
zdnX2uWUW2kpjTTBE2zWSWQ2KELArbmuJlri/NlM2lK8j1QYP8Vxn6k4vD5adH00
RaNXnG2T++hyyrsH8PVajCjHBlQ1ZAcADkT2ABitGtlx0W10YuHwcrSqiIfZCg0A
GsyLKjFBrDTU3LOJhoB2sZsinGPrTzDXP+lT9RPx5t2MIfxDMOBEZk1j3wIDAQAB
o4IDJDCCAyAwHQYDVR0OBBYEFNRz3QwIadg+YnKnIVuhWjdX+sEJMB8GA1UdIwQY
MBaAFJ8mrJ7rOiz6L2yj9BPvuc3/6XJOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnlhc251czZMUG92YktQMEUtLTV6Zl9wY2s0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kYzMxOGItOTI0MC00Nzc1LWE0YWIt
N2Q0MjY2Y2Y4MjJhLzEvMUhQZERBaHAyRDVpY3FjaFc2RmFOMWY2d1FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kYzMxOGItOTI0MC00Nzc1LWE0YWItN2Q0MjY2Y2Y4MjJh
LzEvbnlhc251czZMUG92YktQMEUtLTV6Zl9wY2s0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOAYIKwYBBQUHAQcBAf8EggEnMIIBIzCCARAEAgABMIIB
CAMEAgW1aAMEAi1CJAMEAi1QoAMEAi2COAMEAi2PcAMEAi2YHAMEAT6plAMEAU+H
ejAMAwQGV3VAAwQBV3VEAwQAW+85AwQCXpq4AwQCbeDYAwQCbeDgMAwDBAFt4OoD
BAFt4PADBAGQsmgDBAGQsnYDBAGQsvwDBAKTvZwDBACTvdYDBAKwdHQDBAOy+IAD
BAG5F/4DBAK5k7gDBAK5oQQDBAO554gDBAK81uwDBAHBI5IDBAHCaYYDBAHCkfID
BALCkqADBAHDuPoDBALDzqwDBAHD8pQDBAHD9AIDBAPUO0gDBAHUbFoDBALV4eAD
BAPZDrgDBALZFPQwDAMEAtmrZAMEAtmraDANBAIAAjAHAwUAKgdZQDANBgkqhkiG
9w0BAQsFAAOCAQEAaOmr9tp1wtMPG544a8Gf6jFq2NMLGJizORAS0xIb0URy0iba
OtT16+yHZQW7l1DsvOg8LR3aferZIxmn5JwWwkdUjAm1XPn2ERBmPgVBpk8212el
6pc/zIC2rB/2DrlBUvrUZslGQdcVsKu9UYMq9vR/weqbsXL/mA7iXneP21ev0Zd8
/mr7/tgSwxla8Y92PwFLw7L48aaQld9fOaukZsRixEI6VLeEcaWZKoODcWSvNKDL
E+mbp7jDk+cIr7GWOO9lvMlc56Wz7NpHzLUos15BATc30EDy+Hewo6gCizqYJHZc
J15e0LSyn+5HUacrUCiXBUgt/sflVG57jHCPpg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:42:36 2025 by rpki-client