Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/eX57DAYzjK578YKxJkCf0OK9W4A.roa
File: eX57DAYzjK578YKxJkCf0OK9W4A.roa (raw, json)
Hash identifier: ldANaPWs5JENnKDeDG5GmKUKpHfLYf6vZxBfvEDoy/I=
Subject key identifier: 79:7E:7B:0C:06:33:8C:AE:7B:F1:82:B1:26:40:9F:D0:E2:BD:5B:80
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 0195CDEE70E6A3FBA6634C03A12F7B8DE76A
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/eX57DAYzjK578YKxJkCf0OK9W4A.roa
Signing time: Tue 25 Mar 2025 15:31:50 +0000
ROA not before: Tue 25 Mar 2025 15:31:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31083
IP address blocks: 5.104.175.0/24 maxlen: 24
77.76.14.0/24 maxlen: 24
78.128.1.0/24 maxlen: 24
78.128.6.0/24 maxlen: 24
78.128.7.0/24 maxlen: 24
78.128.8.0/24 maxlen: 24
78.128.9.0/24 maxlen: 24
78.128.42.0/24 maxlen: 24
78.128.43.0/24 maxlen: 24
78.128.60.0/24 maxlen: 24
78.128.62.0/24 maxlen: 24
78.128.76.0/24 maxlen: 24
78.128.77.0/24 maxlen: 24
78.128.78.0/24 maxlen: 24
78.128.80.0/24 maxlen: 24
78.128.81.0/24 maxlen: 24
78.128.118.0/24 maxlen: 24
78.128.126.0/24 maxlen: 24
78.142.6.0/24 maxlen: 24
78.142.32.0/24 maxlen: 24
78.142.47.0/24 maxlen: 24
78.142.51.0/24 maxlen: 24
78.142.56.0/24 maxlen: 24
78.142.57.0/24 maxlen: 24
78.142.58.0/24 maxlen: 24
78.142.59.0/24 maxlen: 24
78.142.62.0/24 maxlen: 24
78.142.63.0/24 maxlen: 24
79.124.4.0/24 maxlen: 24
79.124.5.0/24 maxlen: 24
79.124.6.0/24 maxlen: 24
79.124.13.0/24 maxlen: 24
79.124.14.0/24 maxlen: 24
79.124.16.0/24 maxlen: 24
79.124.17.0/24 maxlen: 24
79.124.22.0/24 maxlen: 24
79.124.31.0/24 maxlen: 24
79.124.44.0/24 maxlen: 24
79.124.52.0/24 maxlen: 24
79.124.55.0/24 maxlen: 24
79.124.63.0/24 maxlen: 24
79.124.64.0/24 maxlen: 24
79.124.65.0/24 maxlen: 24
79.124.66.0/24 maxlen: 24
79.124.67.0/24 maxlen: 24
79.124.75.0/24 maxlen: 24
79.124.76.0/24 maxlen: 24
79.124.84.0/24 maxlen: 24
79.124.90.0/24 maxlen: 24
82.118.229.0/24 maxlen: 24
82.118.243.0/24 maxlen: 24
83.222.185.0/24 maxlen: 24
91.148.148.0/24 maxlen: 24
91.148.168.0/24 maxlen: 24
94.72.136.0/22 maxlen: 24
130.185.225.0/24 maxlen: 24
130.185.232.0/24 maxlen: 24
178.132.86.0/24 maxlen: 24
178.132.87.0/24 maxlen: 24
185.197.152.0/22 maxlen: 24
185.232.156.0/23 maxlen: 24
217.174.146.0/23 maxlen: 24
217.174.148.0/23 maxlen: 24
217.174.151.0/24 maxlen: 24
217.174.152.0/23 maxlen: 24
217.174.155.0/24 maxlen: 24
217.174.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:cd:ee:70:e6:a3:fb:a6:63:4c:03:a1:2f:7b:8d:e7:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Mar 25 15:31:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=797e7b0c06338cae7bf182b126409fd0e2bd5b80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e3:68:f0:e4:11:19:c9:02:e7:a5:f5:ca:53:
c0:8c:47:b1:e9:a2:92:f5:83:f1:c4:53:ad:51:da:
f9:80:8a:f2:46:a2:29:11:55:db:ee:57:08:37:f0:
32:2c:f1:73:68:16:a4:62:70:80:2c:f0:c1:98:77:
1c:4d:b3:8e:86:03:19:10:56:6c:b7:b7:3a:79:bd:
bc:0d:97:08:93:e7:d4:5f:63:46:37:bf:db:89:82:
b0:2d:1a:bd:10:a9:a0:44:fc:fa:b2:7f:5e:21:b7:
41:3e:04:fe:25:25:21:48:e0:92:5d:54:d4:2a:69:
f7:25:0b:58:e3:cd:be:e1:94:1f:25:55:c5:45:aa:
0d:2e:56:22:bc:1a:5c:5f:f7:3f:08:9b:41:68:e9:
26:f8:9c:d7:82:57:f1:2f:2d:1d:39:76:32:34:32:
03:c7:03:a6:e6:92:10:fb:a5:a4:6b:d6:a8:71:39:
ca:38:5e:00:08:88:8d:96:c6:9d:9e:44:ec:bb:c2:
c0:a4:ff:90:d9:bf:2a:19:6d:64:1e:50:97:f1:fc:
e9:5e:32:6c:5a:e7:89:ee:7a:3a:f0:26:62:79:8a:
31:7b:87:0c:92:ed:c0:f1:40:84:1c:0f:28:42:3c:
b5:ab:2b:92:e7:45:b4:97:60:e4:3d:d1:a0:89:f8:
f1:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:7E:7B:0C:06:33:8C:AE:7B:F1:82:B1:26:40:9F:D0:E2:BD:5B:80
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/eX57DAYzjK578YKxJkCf0OK9W4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.175.0/24
77.76.14.0/24
78.128.1.0/24
78.128.6.0-78.128.9.255
78.128.42.0/23
78.128.60.0/24
78.128.62.0/24
78.128.76.0-78.128.78.255
78.128.80.0/23
78.128.118.0/24
78.128.126.0/24
78.142.6.0/24
78.142.32.0/24
78.142.47.0/24
78.142.51.0/24
78.142.56.0/22
78.142.62.0/23
79.124.4.0-79.124.6.255
79.124.13.0-79.124.14.255
79.124.16.0/23
79.124.22.0/24
79.124.31.0/24
79.124.44.0/24
79.124.52.0/24
79.124.55.0/24
79.124.63.0-79.124.67.255
79.124.75.0-79.124.76.255
79.124.84.0/24
79.124.90.0/24
82.118.229.0/24
82.118.243.0/24
83.222.185.0/24
91.148.148.0/24
91.148.168.0/24
94.72.136.0/22
130.185.225.0/24
130.185.232.0/24
178.132.86.0/23
185.197.152.0/22
185.232.156.0/23
217.174.146.0-217.174.149.255
217.174.151.0-217.174.153.255
217.174.155.0-217.174.156.255
Signature Algorithm: sha256WithRSAEncryption
b3:5d:8a:5b:76:a4:b2:ff:fc:b7:b6:ca:c2:af:c9:e6:77:03:
21:bb:07:73:da:27:da:d2:3e:cb:3e:a8:d3:5f:e8:29:07:0c:
ab:ea:ba:65:8b:66:f4:3f:10:a0:30:c8:f7:90:71:dd:af:d2:
a8:90:88:07:8e:1f:ce:fc:37:d8:ed:d5:8a:b5:96:bf:f6:17:
9c:32:1e:53:9d:c8:e8:4c:eb:b8:40:af:b9:17:37:38:7f:97:
fa:ad:57:99:ca:bd:62:79:2d:56:cd:4e:43:c4:be:42:5a:43:
55:73:20:c0:40:e9:67:c3:1d:4a:1e:7f:9d:6b:96:9b:c8:22:
c6:7f:90:e4:7e:a8:a1:51:26:88:35:f9:fe:88:20:c5:e3:e7:
3a:2d:f9:46:a5:ae:0a:91:ad:27:73:3e:ba:f0:c4:b5:d7:89:
9b:9c:f4:99:56:ed:7f:17:39:12:7f:48:d2:1c:27:b4:64:4e:
ba:8f:29:a3:75:f2:dc:ae:a4:a2:ef:a4:43:a6:69:a0:36:58:
b0:ae:46:86:4c:c6:16:d3:d8:6b:97:cd:4c:4b:6c:59:3b:f9:
59:0f:fe:71:48:b5:03:96:f8:a0:30:77:2e:84:65:0d:72:9b:
7d:ae:ba:28:e3:d9:d1:17:11:6d:6d:8b:d2:5f:fe:2e:59:54:
64:e4:8d:b9
-----BEGIN CERTIFICATE-----
MIIGSzCCBTOgAwIBAgISAZXN7nDmo/umY0wDoS97jedqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwMzI1MTUzMTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTdlN2IwYzA2MzM4Y2FlN2JmMTgyYjEyNjQwOWZkMGUyYmQ1YjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+No8OQRGckC56X1ylPAjEex6aKS
9YPxxFOtUdr5gIryRqIpEVXb7lcIN/AyLPFzaBakYnCALPDBmHccTbOOhgMZEFZs
t7c6eb28DZcIk+fUX2NGN7/biYKwLRq9EKmgRPz6sn9eIbdBPgT+JSUhSOCSXVTU
Kmn3JQtY482+4ZQfJVXFRaoNLlYivBpcX/c/CJtBaOkm+JzXglfxLy0dOXYyNDID
xwOm5pIQ+6Wka9aocTnKOF4ACIiNlsadnkTsu8LApP+Q2b8qGW1kHlCX8fzpXjJs
WueJ7no68CZieYoxe4cMku3A8UCEHA8oQjy1qyuS50W0l2DkPdGgifjxvQIDAQAB
o4IDVzCCA1MwHQYDVR0OBBYEFHl+ewwGM4yue/GCsSZAn9DivVuAMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvZVg1N0RBWXpqSzU3OFlLeEprQ2YwT0s5VzRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBawYIKwYBBQUHAQcBAf8EggFaMIIBVjCCAVIEAgABMIIB
SgMEAAVorwMEAE1MDgMEAE6AATAMAwQBToAGAwQBToAIAwQBToAqAwQAToA8AwQA
ToA+MAwDBAJOgEwDBABOgE4DBAFOgFADBABOgHYDBABOgH4DBABOjgYDBABOjiAD
BABOji8DBABOjjMDBAJOjjgDBAFOjj4wDAMEAk98BAMEAE98BjAMAwQAT3wNAwQA
T3wOAwQBT3wQAwQAT3wWAwQAT3wfAwQAT3wsAwQAT3w0AwQAT3w3MAwDBABPfD8D
BAJPfEAwDAMEAE98SwMEAE98TAMEAE98VAMEAE98WgMEAFJ25QMEAFJ28wMEAFPe
uQMEAFuUlAMEAFuUqAMEAl5IiAMEAIK54QMEAIK56AMEAbKEVgMEArnFmAMEAbno
nDAMAwQB2a6SAwQB2a6UMAwDBADZrpcDBAHZrpgwDAMEANmumwMEANmunDANBgkq
hkiG9w0BAQsFAAOCAQEAs12KW3aksv/8t7bKwq/J5ncDIbsHc9on2tI+yz6o01/o
KQcMq+q6ZYtm9D8QoDDI95Bx3a/SqJCIB44fzvw32O3VirWWv/YXnDIeU53I6Ezr
uECvuRc3OH+X+q1Xmcq9YnktVs1OQ8S+QlpDVXMgwEDpZ8MdSh5/nWuWm8gixn+Q
5H6ooVEmiDX5/oggxePnOi35RqWuCpGtJ3M+uvDEtdeJm5z0mVbtfxc5En9I0hwn
tGROuo8po3Xy3K6kou+kQ6ZpoDZYsK5GhkzGFtPYa5fNTEtsWTv5WQ/+cUi1A5b4
oDB3LoRlDXKbfa66KOPZ0RcRbW2L0l/+LllUZOSNuQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:36:34 2025 by rpki-client