Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/mr-HNjr6kVeCJqK27hiMeoGu7wo.roa
File: mr-HNjr6kVeCJqK27hiMeoGu7wo.roa (raw, json)
Hash identifier: 2cCwRolIlWawdY4pJgJJRXgW9VztAAcC6pZFSIFR/7s=
Subject key identifier: 9A:BF:87:36:3A:FA:91:57:82:26:A2:B6:EE:18:8C:7A:81:AE:EF:0A
Certificate issuer: /CN=01626ffd800eafa336bdf343141f03f7c393c364
Certificate serial: 019427477BE69381DA6CBE8ADD7621C4E8B3
Authority key identifier: 01:62:6F:FD:80:0E:AF:A3:36:BD:F3:43:14:1F:03:F7:C3:93:C3:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/mr-HNjr6kVeCJqK27hiMeoGu7wo.roa
Signing time: Thu 02 Jan 2025 13:49:43 +0000
ROA not before: Thu 02 Jan 2025 13:49:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8315
IP address blocks: 5.100.224.0/21 maxlen: 24
79.99.184.0/21 maxlen: 24
83.98.128.0/18 maxlen: 24
83.98.140.0/24 maxlen: 24
83.98.192.0/21 maxlen: 24
83.98.200.0/22 maxlen: 24
83.98.208.0/20 maxlen: 24
85.92.128.0/20 maxlen: 24
85.92.144.0/22 maxlen: 24
85.158.160.0/21 maxlen: 24
85.222.192.0/21 maxlen: 24
89.18.160.0/22 maxlen: 24
89.18.168.0/21 maxlen: 24
89.18.180.0/22 maxlen: 24
89.30.128.0/18 maxlen: 24
89.30.171.0/24 maxlen: 24
89.30.192.0/19 maxlen: 24
89.30.208.0/20 maxlen: 24
89.30.224.0/21 maxlen: 24
91.200.48.0/23 maxlen: 24
91.200.51.0/24 maxlen: 24
91.216.113.0/24 maxlen: 24
91.216.141.0/24 maxlen: 24
94.198.24.0/21 maxlen: 24
134.0.88.0/21 maxlen: 24
162.248.196.0/22 maxlen: 24
162.251.32.0/21 maxlen: 24
176.62.192.0/21 maxlen: 24
178.251.192.0/21 maxlen: 24
185.12.132.0/22 maxlen: 24
185.30.236.0/22 maxlen: 24
185.38.156.0/22 maxlen: 24
185.74.76.0/24 maxlen: 24
185.74.77.0/24 maxlen: 24
185.77.120.0/22 maxlen: 24
185.113.52.0/22 maxlen: 24
185.113.196.0/22 maxlen: 24
185.113.224.0/22 maxlen: 24
193.34.150.0/23 maxlen: 24
194.105.128.0/23 maxlen: 24
194.165.34.0/24 maxlen: 24
213.171.128.0/19 maxlen: 24
213.171.144.0/20 maxlen: 24
213.189.0.0/21 maxlen: 24
213.189.16.0/20 maxlen: 24
213.214.96.0/19 maxlen: 24
213.247.32.0/19 maxlen: 24
217.195.112.0/20 maxlen: 24
2001:16f8::/32 maxlen: 48
2a00:1bd8::/32 maxlen: 48
2a01:40e0::/32 maxlen: 48
2a02:20b0::/32 maxlen: 48
2a02:20b1::/32 maxlen: 48
2a02:2858::/29 maxlen: 48
2a02:2858:200::/40 maxlen: 48
2a02:2858:300::/40 maxlen: 48
2a02:2858:400::/40 maxlen: 48
2a02:2858:500::/40 maxlen: 48
2a03:5500::/31 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/AWJv_YAOr6M2vfNDFB8D98OTw2Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/AWJv_YAOr6M2vfNDFB8D98OTw2Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 19:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:7b:e6:93:81:da:6c:be:8a:dd:76:21:c4:e8:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01626ffd800eafa336bdf343141f03f7c393c364
Validity
Not Before: Jan 2 13:49:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9abf87363afa91578226a2b6ee188c7a81aeef0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:65:2b:56:e2:48:fb:61:ac:fe:85:a1:23:c3:
56:61:5d:99:e5:5b:f3:2f:01:ba:3d:0d:33:5d:35:
a7:e2:d7:2f:bc:30:39:41:4c:f5:21:cc:ef:a2:93:
4b:d1:42:fa:08:db:77:59:09:12:7e:a3:01:25:0a:
f1:f9:48:6f:5c:11:4d:d2:4e:c7:34:a9:32:88:aa:
9a:db:25:7e:5f:8e:6f:e0:8d:24:82:c1:28:62:e8:
c1:05:ef:8c:b8:e7:ad:5e:ee:87:85:e8:62:56:a1:
e7:88:2e:42:a8:2f:ce:d5:76:2e:4e:b9:93:49:db:
0a:31:21:b8:50:a3:21:42:62:f3:07:33:0d:b8:af:
fd:8b:60:6b:81:04:59:46:ab:7a:c0:4b:32:f5:c1:
9c:a3:7d:9c:2a:8a:99:08:57:bd:55:05:07:5e:07:
fe:3b:5c:67:d7:76:5b:66:fc:1c:f2:9e:77:11:78:
c3:1b:6c:58:ca:d2:ae:8b:0f:af:4e:72:15:ff:46:
06:10:50:2d:f3:37:78:27:d9:ef:2d:cb:ff:17:4d:
73:06:2b:a7:50:2c:46:b9:a1:0a:cc:07:68:c0:66:
f4:30:57:ae:bd:49:b0:cc:82:54:74:2b:a0:a8:b2:
ae:65:44:a9:4e:d7:b9:7f:8c:51:a3:f8:6c:8a:c6:
fa:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:BF:87:36:3A:FA:91:57:82:26:A2:B6:EE:18:8C:7A:81:AE:EF:0A
X509v3 Authority Key Identifier:
keyid:01:62:6F:FD:80:0E:AF:A3:36:BD:F3:43:14:1F:03:F7:C3:93:C3:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/mr-HNjr6kVeCJqK27hiMeoGu7wo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/AWJv_YAOr6M2vfNDFB8D98OTw2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.100.224.0/21
79.99.184.0/21
83.98.128.0-83.98.203.255
83.98.208.0/20
85.92.128.0-85.92.147.255
85.158.160.0/21
85.222.192.0/21
89.18.160.0/22
89.18.168.0/21
89.18.180.0/22
89.30.128.0-89.30.231.255
91.200.48.0/23
91.200.51.0/24
91.216.113.0/24
91.216.141.0/24
94.198.24.0/21
134.0.88.0/21
162.248.196.0/22
162.251.32.0/21
176.62.192.0/21
178.251.192.0/21
185.12.132.0/22
185.30.236.0/22
185.38.156.0/22
185.74.76.0/23
185.77.120.0/22
185.113.52.0/22
185.113.196.0/22
185.113.224.0/22
193.34.150.0/23
194.105.128.0/23
194.165.34.0/24
213.171.128.0/19
213.189.0.0/21
213.189.16.0/20
213.214.96.0/19
213.247.32.0/19
217.195.112.0/20
IPv6:
2001:16f8::/32
2a00:1bd8::/32
2a01:40e0::/32
2a02:20b0::/31
2a02:2858::/29
2a03:5500::/31
Signature Algorithm: sha256WithRSAEncryption
15:c9:b8:98:de:19:c4:95:88:65:08:e1:58:b0:af:e0:48:99:
ea:32:dd:bf:3a:8d:b1:74:52:1d:56:58:0b:6a:9f:3a:b6:e0:
bf:dc:f2:c1:15:0c:ce:37:93:fa:a6:d7:c0:ff:3c:12:09:dd:
85:83:a3:11:f9:45:f4:18:49:ba:44:2a:6b:f3:1b:b0:27:10:
a4:7b:76:ec:70:0b:61:d8:0f:28:4b:5d:9e:6a:3e:73:c5:59:
da:3b:57:d3:ff:a8:57:35:95:6a:b3:cb:c6:2a:29:5d:34:5d:
af:95:85:2d:6c:2c:0f:9d:35:c1:a5:24:2d:91:00:b5:73:61:
65:9d:a0:5a:5f:7f:e3:b3:e9:e5:db:7b:f3:dc:4a:73:7e:24:
0e:7d:28:c6:48:b9:ca:04:dc:03:7d:4e:82:bc:33:7d:16:ab:
a5:78:46:96:e8:99:3e:a3:34:b2:a9:97:f1:c7:d1:3e:e9:1f:
a6:d5:c3:f1:1d:5a:fb:1c:c7:89:06:49:00:3f:f3:d0:d6:4a:
0e:9d:44:09:1d:da:0d:db:e7:b0:bf:42:38:ef:aa:6f:2b:25:
8a:c6:40:da:67:6b:4e:1a:d8:75:9d:77:25:57:09:41:cc:89:
92:e0:83:80:94:fc:5e:35:ca:4f:66:de:46:d5:f7:4a:39:18:
df:92:8c:84
-----BEGIN CERTIFICATE-----
MIIGLjCCBRagAwIBAgISAZQnR3vmk4HabL6K3XYhxOizMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNjI2ZmZkODAwZWFmYTMzNmJkZjM0MzE0MWYwM2Y3YzM5
M2MzNjQwHhcNMjUwMTAyMTM0OTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWJmODczNjNhZmE5MTU3ODIyNmEyYjZlZTE4OGM3YTgxYWVlZjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGUrVuJI+2Gs/oWhI8NWYV2Z5Vvz
LwG6PQ0zXTWn4tcvvDA5QUz1IczvopNL0UL6CNt3WQkSfqMBJQrx+UhvXBFN0k7H
NKkyiKqa2yV+X45v4I0kgsEoYujBBe+MuOetXu6HhehiVqHniC5CqC/O1XYuTrmT
SdsKMSG4UKMhQmLzBzMNuK/9i2BrgQRZRqt6wEsy9cGco32cKoqZCFe9VQUHXgf+
O1xn13ZbZvwc8p53EXjDG2xYytKuiw+vTnIV/0YGEFAt8zd4J9nvLcv/F01zBiun
UCxGuaEKzAdowGb0MFeuvUmwzIJUdCugqLKuZUSpTte5f4xRo/hsisb6xwIDAQAB
o4IDOjCCAzYwHQYDVR0OBBYEFJq/hzY6+pFXgiaitu4YjHqBru8KMB8GA1UdIwQY
MBaAFAFib/2ADq+jNr3zQxQfA/fDk8NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVdKdl9ZQU9yNk0ydmZOREZCOEQ5OE9UdzJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jNGU1YTAtODIxOS00ZmY5LTgyODct
MWY0YmVhMjNlNGM3LzEvbXItSE5qcjZrVmVDSnFLMjdoaU1lb0d1N3dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jNGU1YTAtODIxOS00ZmY5LTgyODctMWY0YmVhMjNlNGM3
LzEvQVdKdl9ZQU9yNk0ydmZOREZCOEQ5OE9UdzJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBTgYIKwYBBQUHAQcBAf8EggE9MIIBOTCCAQMEAgABMIH8
AwQDBWTgAwQDT2O4MAwDBAdTYoADBAJTYsgDBARTYtAwDAMEB1VcgAMEAlVckAME
A1WeoAMEA1XewAMEAlkSoAMEA1kSqAMEAlkStDAMAwQHWR6AAwQDWR7gAwQBW8gw
AwQAW8gzAwQAW9hxAwQAW9iNAwQDXsYYAwQDhgBYAwQCovjEAwQDovsgAwQDsD7A
AwQDsvvAAwQCuQyEAwQCuR7sAwQCuSacAwQBuUpMAwQCuU14AwQCuXE0AwQCuXHE
AwQCuXHgAwQBwSKWAwQBwmmAAwQAwqUiAwQF1auAAwQD1b0AAwQE1b0QAwQF1dZg
AwQF1fcgAwQE2cNwMDAEAgACMCoDBQAgARb4AwUAKgAb2AMFACoBQOADBQEqAiCw
AwUDKgIoWAMFASoDVQAwDQYJKoZIhvcNAQELBQADggEBABXJuJjeGcSViGUI4Viw
r+BImeoy3b86jbF0Uh1WWAtqnzq24L/c8sEVDM43k/qm18D/PBIJ3YWDoxH5RfQY
SbpEKmvzG7AnEKR7duxwC2HYDyhLXZ5qPnPFWdo7V9P/qFc1lWqzy8YqKV00Xa+V
hS1sLA+dNcGlJC2RALVzYWWdoFpff+Oz6eXbe/PcSnN+JA59KMZIucoE3AN9ToK8
M30Wq6V4RpbomT6jNLKpl/HH0T7pH6bVw/EdWvscx4kGSQA/89DWSg6dRAkd2g3b
57C/Qjjvqm8rJYrGQNpna04a2HWddyVXCUHMiZLgg4CU/F41yk9m3kbV90o5GN+S
jIQ=
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:16:33 2025 by rpki-client