Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/3Jm_Qtqhmbk_KAZk9wH9GGVmUW8.roa
File: 3Jm_Qtqhmbk_KAZk9wH9GGVmUW8.roa (raw, json)
Hash identifier: CNPvISebLi1zPJS1me77sDECyyvna/h/Y7OvrIBGVko=
Subject key identifier: DC:99:BF:42:DA:A1:99:B9:3F:28:06:64:F7:01:FD:18:65:66:51:6F
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 01955BBD3091482567D4D5FB3CAAC1709976
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/3Jm_Qtqhmbk_KAZk9wH9GGVmUW8.roa
Signing time: Mon 03 Mar 2025 11:21:20 +0000
ROA not before: Mon 03 Mar 2025 11:21:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48146
IP address blocks: 5.182.80.0/22 maxlen: 24
45.14.208.0/22 maxlen: 24
45.86.224.0/22 maxlen: 24
45.89.40.0/22 maxlen: 24
45.136.32.0/22 maxlen: 24
81.22.232.0/22 maxlen: 24
92.118.248.0/22 maxlen: 24
94.103.244.0/22 maxlen: 24
151.237.59.0/24 maxlen: 24
151.237.131.0/24 maxlen: 24
185.25.52.0/22 maxlen: 24
185.87.63.0/24 maxlen: 24
185.148.52.0/22 maxlen: 24
185.189.225.0/24 maxlen: 24
185.189.226.0/23 maxlen: 24
185.192.72.0/22 maxlen: 24
185.192.116.0/22 maxlen: 24
185.195.36.0/22 maxlen: 24
185.198.108.0/22 maxlen: 24
185.209.8.0/22 maxlen: 24
185.210.60.0/22 maxlen: 24
185.210.72.0/22 maxlen: 24
185.240.22.0/24 maxlen: 24
185.240.23.0/24 maxlen: 24
185.255.72.0/22 maxlen: 24
188.240.236.0/22 maxlen: 24
193.228.194.0/23 maxlen: 24
193.228.204.0/23 maxlen: 24
194.36.104.0/22 maxlen: 24
194.59.196.0/22 maxlen: 24
194.147.144.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5b:bd:30:91:48:25:67:d4:d5:fb:3c:aa:c1:70:99:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Mar 3 11:21:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc99bf42daa199b93f280664f701fd186566516f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0e:41:ee:c7:a3:cb:ff:56:25:e5:38:63:41:
b3:0e:cd:13:20:6b:d9:91:e9:37:cb:42:8a:9e:e9:
e4:de:ba:cb:7c:a8:5f:2d:7c:bb:82:30:80:81:10:
99:84:7f:9f:63:d7:ed:36:e1:eb:13:7a:12:27:a7:
2a:6f:4d:f4:dc:12:63:ff:00:d1:5e:fe:72:f8:b8:
1c:3a:50:6b:51:41:4c:33:6f:d6:b3:d5:aa:eb:4f:
62:19:90:a9:45:ed:79:28:bc:7c:5a:7e:b6:b0:98:
bc:c5:c2:05:10:4d:85:07:5f:10:d4:13:84:fd:bd:
15:53:00:36:96:dd:73:75:8f:ac:0c:04:54:00:81:
d6:38:8a:10:1a:4a:b6:a4:45:4c:c4:36:96:fc:27:
bc:e2:6d:89:45:92:36:f0:87:02:65:1a:88:a8:d9:
65:71:16:13:bc:f8:e9:c9:45:fa:ad:8e:51:e9:ff:
eb:4a:4a:39:17:53:fb:6b:62:7f:62:84:f9:25:d9:
4f:f9:3c:03:e2:3d:88:91:98:81:60:4d:39:68:7f:
b3:19:93:de:16:e9:43:73:0e:fa:2a:0b:51:65:e5:
3d:37:53:f0:e5:4b:b2:79:fd:de:ea:f2:36:5f:91:
14:81:d2:3a:4a:eb:30:cb:ab:cc:ff:7e:6e:5e:91:
4a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:99:BF:42:DA:A1:99:B9:3F:28:06:64:F7:01:FD:18:65:66:51:6F
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/3Jm_Qtqhmbk_KAZk9wH9GGVmUW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.80.0/22
45.14.208.0/22
45.86.224.0/22
45.89.40.0/22
45.136.32.0/22
81.22.232.0/22
92.118.248.0/22
94.103.244.0/22
151.237.59.0/24
151.237.131.0/24
185.25.52.0/22
185.87.63.0/24
185.148.52.0/22
185.189.225.0-185.189.227.255
185.192.72.0/22
185.192.116.0/22
185.195.36.0/22
185.198.108.0/22
185.209.8.0/22
185.210.60.0/22
185.210.72.0/22
185.240.22.0/23
185.255.72.0/22
188.240.236.0/22
193.228.194.0/23
193.228.204.0/23
194.36.104.0/22
194.59.196.0/22
194.147.144.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:a0:82:a1:86:39:40:a4:c2:1d:ef:a5:89:b8:22:89:b1:c0:
50:3b:96:9b:c6:96:03:bd:95:81:56:91:99:f4:ee:92:1e:98:
c0:a0:58:d6:9c:22:a4:b8:f8:fd:90:3e:00:73:81:25:8d:2f:
29:7d:63:da:4e:12:5c:b8:8c:f9:1e:8f:3b:36:47:ec:ee:18:
bd:19:ae:2e:62:e9:26:a7:86:5d:6a:57:1a:36:e7:7b:d7:fc:
58:b9:33:e4:f7:5e:2d:d5:80:ee:1a:9d:14:16:17:89:66:fb:
93:d8:1b:5f:63:66:c8:24:c4:dd:cc:44:b3:48:e5:89:43:2a:
e9:ba:7b:be:35:8d:f5:ea:1c:b9:bf:13:f4:ac:c9:3e:e8:96:
d7:4c:d1:16:7d:ed:af:b5:71:d7:ad:9f:44:e5:26:10:8e:e5:
46:29:b3:49:bb:8f:e9:4c:f5:01:e1:27:45:66:d8:68:bd:da:
24:22:36:e5:4e:8a:b4:14:e0:3d:44:5f:3e:d6:90:ed:b0:e1:
44:d0:a7:42:8f:5c:80:9c:02:26:0e:58:41:2c:8d:cc:90:21:
56:0d:61:6a:d7:68:57:6d:3c:4c:da:2d:3f:72:28:7d:04:54:
26:85:bf:c9:f5:9b:bb:b4:8c:63:f5:2e:84:55:a5:65:f6:58:
3b:e7:00:fe
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgISAZVbvTCRSCVn1NX7PKrBcJl2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjUwMzAzMTEyMTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzk5YmY0MmRhYTE5OWI5M2YyODA2NjRmNzAxZmQxODY1NjY1MTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqA5B7sejy/9WJeU4Y0GzDs0TIGvZ
kek3y0KKnunk3rrLfKhfLXy7gjCAgRCZhH+fY9ftNuHrE3oSJ6cqb0303BJj/wDR
Xv5y+LgcOlBrUUFMM2/Ws9Wq609iGZCpRe15KLx8Wn62sJi8xcIFEE2FB18Q1BOE
/b0VUwA2lt1zdY+sDARUAIHWOIoQGkq2pEVMxDaW/Ce84m2JRZI28IcCZRqIqNll
cRYTvPjpyUX6rY5R6f/rSko5F1P7a2J/YoT5JdlP+TwD4j2IkZiBYE05aH+zGZPe
FulDcw76KgtRZeU9N1Pw5Uuyef3e6vI2X5EUgdI6Suswy6vM/35uXpFKhwIDAQAB
o4ICvjCCArowHQYDVR0OBBYEFNyZv0LaoZm5PygGZPcB/RhlZlFvMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvM0ptX1F0cWhtYmtfS0Faazl3SDlHR1ZtVVc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDCBvQQCAAEwgbYDBAIF
tlADBAItDtADBAItVuADBAItWSgDBAItiCADBAJRFugDBAJcdvgDBAJeZ/QDBACX
7TsDBACX7YMDBAK5GTQDBAC5Vz8DBAK5lDQwDAMEALm94QMEArm94AMEArnASAME
ArnAdAMEArnDJAMEArnGbAMEArnRCAMEArnSPAMEArnSSAMEAbnwFgMEArn/SAME
Arzw7AMEAcHkwgMEAcHkzAMEAsIkaAMEAsI7xAMEAsKTkDANBgkqhkiG9w0BAQsF
AAOCAQEAjaCCoYY5QKTCHe+libgiibHAUDuWm8aWA72VgVaRmfTukh6YwKBY1pwi
pLj4/ZA+AHOBJY0vKX1j2k4SXLiM+R6POzZH7O4YvRmuLmLpJqeGXWpXGjbne9f8
WLkz5PdeLdWA7hqdFBYXiWb7k9gbX2NmyCTE3cxEs0jliUMq6bp7vjWN9eocub8T
9KzJPuiW10zRFn3tr7Vx162fROUmEI7lRimzSbuP6Uz1AeEnRWbYaL3aJCI25U6K
tBTgPURfPtaQ7bDhRNCnQo9cgJwCJg5YQSyNzJAhVg1hatdoV208TNotP3IofQRU
JoW/yfWbu7SMY/UuhFWlZfZYO+cA/g==
-----END CERTIFICATE-----
Generated at Wed Apr 16 06:42:15 2025 by rpki-client