Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/qfvkeVV0y4MYey-tvY_ef7wx-wY.roa
File: qfvkeVV0y4MYey-tvY_ef7wx-wY.roa (raw, json)
Hash identifier: vszu6nR/oFbgkiJpXSyUxF5kf03wjhbHFgMzPvnqwuM=
Subject key identifier: A9:FB:E4:79:55:74:CB:83:18:7B:2F:AD:BD:8F:DE:7F:BC:31:FB:06
Certificate issuer: /CN=b3c51b0c063cfc16943fc9a47e2c805990f6eaae
Certificate serial: 01953D9488697FA7A0302BB8415D1E55ABBA
Authority key identifier: B3:C5:1B:0C:06:3C:FC:16:94:3F:C9:A4:7E:2C:80:59:90:F6:EA:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s8UbDAY8_BaUP8mkfiyAWZD26q4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/qfvkeVV0y4MYey-tvY_ef7wx-wY.roa
Signing time: Tue 25 Feb 2025 14:48:19 +0000
ROA not before: Tue 25 Feb 2025 14:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199081
IP address blocks: 5.172.192.0/20 maxlen: 20
5.172.192.0/22 maxlen: 22
5.172.192.0/24 maxlen: 24
5.172.193.0/24 maxlen: 24
5.172.194.0/24 maxlen: 24
5.172.195.0/24 maxlen: 24
5.172.196.0/22 maxlen: 22
5.172.196.0/24 maxlen: 24
5.172.197.0/24 maxlen: 24
5.172.198.0/24 maxlen: 24
5.172.199.0/24 maxlen: 24
5.172.200.0/22 maxlen: 22
5.172.201.0/24 maxlen: 24
5.172.202.0/24 maxlen: 24
5.172.203.0/24 maxlen: 24
5.172.204.0/22 maxlen: 22
5.172.204.0/24 maxlen: 24
5.172.205.0/24 maxlen: 24
5.172.206.0/24 maxlen: 24
45.66.185.0/24 maxlen: 24
45.66.186.0/24 maxlen: 24
45.66.187.0/24 maxlen: 24
91.193.60.0/22 maxlen: 22
91.193.60.0/24 maxlen: 24
91.193.61.0/24 maxlen: 24
91.193.62.0/24 maxlen: 24
91.193.63.0/24 maxlen: 24
109.68.144.0/21 maxlen: 21
109.68.144.0/24 maxlen: 24
109.68.145.0/24 maxlen: 24
109.68.147.0/24 maxlen: 24
109.68.149.0/24 maxlen: 24
109.68.150.0/24 maxlen: 24
178.21.168.0/21 maxlen: 21
178.21.168.0/22 maxlen: 22
178.21.168.0/24 maxlen: 24
178.21.169.0/24 maxlen: 24
178.21.170.0/24 maxlen: 24
178.21.171.0/24 maxlen: 24
178.21.172.0/22 maxlen: 22
178.21.172.0/24 maxlen: 24
178.21.173.0/24 maxlen: 24
178.21.174.0/24 maxlen: 24
178.21.175.0/24 maxlen: 24
185.70.76.0/22 maxlen: 22
185.70.76.0/24 maxlen: 24
185.70.77.0/24 maxlen: 24
185.70.78.0/23 maxlen: 23
185.70.78.0/24 maxlen: 24
185.70.79.0/24 maxlen: 24
185.88.23.0/24 maxlen: 24
185.118.125.0/24 maxlen: 24
185.168.36.0/22 maxlen: 22
185.168.38.0/23 maxlen: 23
185.168.38.0/24 maxlen: 24
185.168.39.0/24 maxlen: 24
185.205.96.0/22 maxlen: 22
185.205.96.0/24 maxlen: 24
185.205.97.0/24 maxlen: 24
185.205.98.0/24 maxlen: 24
185.205.99.0/24 maxlen: 24
195.35.92.0/22 maxlen: 22
2a02:4fc0::/32 maxlen: 32
2a02:4fc0:4000::/48 maxlen: 48
2a02:4fc0:4001::/48 maxlen: 48
2a02:4fc0:4100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/s8UbDAY8_BaUP8mkfiyAWZD26q4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/s8UbDAY8_BaUP8mkfiyAWZD26q4.mft
rsync://rpki.ripe.net/repository/DEFAULT/s8UbDAY8_BaUP8mkfiyAWZD26q4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 10:02:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3d:94:88:69:7f:a7:a0:30:2b:b8:41:5d:1e:55:ab:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3c51b0c063cfc16943fc9a47e2c805990f6eaae
Validity
Not Before: Feb 25 14:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a9fbe4795574cb83187b2fadbd8fde7fbc31fb06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:31:7e:88:7a:1a:d6:60:ca:5f:34:99:a4:4f:
d5:44:ed:c2:e3:a9:ec:9d:f2:c7:59:6a:2b:c1:fb:
69:a1:de:17:85:cc:25:e8:42:3f:27:c2:d4:ac:83:
ad:35:86:15:04:80:25:54:81:64:d4:54:ad:62:64:
09:f9:35:80:fd:f1:8a:c9:7d:86:e8:e9:66:fc:3f:
d1:fe:e8:4d:93:cd:66:6c:e4:e1:29:04:e7:80:4a:
59:b9:83:a7:10:5b:18:c0:bd:7a:1d:b2:b9:66:08:
3d:40:e6:ba:8e:3c:75:e0:f8:a8:b0:5c:15:42:69:
e9:49:8d:15:3a:ba:ff:94:cc:35:2b:db:cc:75:ab:
40:dc:a9:58:ba:8d:76:05:7c:1c:c8:0b:c6:be:7f:
12:cc:54:d9:d6:b7:02:ee:56:07:88:d1:2f:e7:d9:
d2:c5:5f:b6:13:43:98:a7:94:f2:1b:1e:88:16:e6:
83:40:13:75:cc:20:f9:86:d4:c3:3e:2f:3b:53:98:
e8:52:13:f2:d0:66:da:8a:1d:5e:3b:60:09:35:eb:
0f:dd:45:b0:b5:ca:ac:32:95:be:2f:0f:41:6c:15:
d1:f3:5d:8b:87:21:bf:62:5f:02:21:c3:92:e6:6b:
84:9c:78:41:c2:c7:44:15:25:cb:68:cf:d8:d1:7e:
a6:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:FB:E4:79:55:74:CB:83:18:7B:2F:AD:BD:8F:DE:7F:BC:31:FB:06
X509v3 Authority Key Identifier:
keyid:B3:C5:1B:0C:06:3C:FC:16:94:3F:C9:A4:7E:2C:80:59:90:F6:EA:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s8UbDAY8_BaUP8mkfiyAWZD26q4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/qfvkeVV0y4MYey-tvY_ef7wx-wY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/s8UbDAY8_BaUP8mkfiyAWZD26q4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.192.0/20
45.66.185.0-45.66.187.255
91.193.60.0/22
109.68.144.0/21
178.21.168.0/21
185.70.76.0/22
185.88.23.0/24
185.118.125.0/24
185.168.36.0/22
185.205.96.0/22
195.35.92.0/22
IPv6:
2a02:4fc0::/32
Signature Algorithm: sha256WithRSAEncryption
06:d9:53:24:e1:5f:03:f9:2f:e7:0b:b1:3c:b6:cd:b4:07:39:
18:54:6f:b0:59:a6:1c:6c:cc:d2:e0:4e:1c:c9:71:2b:46:8e:
b0:3d:e4:1a:8e:a2:78:46:c8:61:82:01:92:27:b9:cf:e0:46:
79:93:ad:e9:a8:7c:30:1f:14:82:7b:bd:5b:d6:0e:53:38:17:
07:20:c8:fc:51:71:13:52:3c:a3:e0:4f:39:2f:3c:ce:7e:16:
59:45:e9:d5:72:f1:c2:22:32:15:26:ca:6a:87:0c:fc:6d:9b:
40:8f:35:59:43:ec:bf:d1:e4:05:5d:d1:d0:fd:86:e6:7c:26:
5a:9b:64:8e:38:0e:b9:f5:f6:c2:e1:f8:e8:04:5c:a4:a3:d7:
83:94:3f:1b:8f:22:52:01:d1:7a:8d:a0:f6:5e:94:4a:52:d4:
df:95:b4:af:5e:02:90:9a:62:87:f3:99:92:66:16:c8:10:ff:
b4:cc:ff:63:e7:89:e4:4f:11:24:6e:50:41:8b:2a:ff:34:ea:
2c:e8:cc:74:66:75:61:7d:b4:25:6b:5e:80:6d:17:97:1b:11:
53:6b:37:88:cc:b1:3b:34:e7:b1:25:75:69:a0:4b:39:c5:41:
18:fe:a2:f6:47:08:c1:68:4b:15:72:ca:bc:8f:29:56:b8:24:
12:de:ef:94
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAZU9lIhpf6egMCu4QV0eVau6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYzUxYjBjMDYzY2ZjMTY5NDNmYzlhNDdlMmM4MDU5OTBm
NmVhYWUwHhcNMjUwMjI1MTQ0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWZiZTQ3OTU1NzRjYjgzMTg3YjJmYWRiZDhmZGU3ZmJjMzFmYjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjF+iHoa1mDKXzSZpE/VRO3C46ns
nfLHWWorwftpod4Xhcwl6EI/J8LUrIOtNYYVBIAlVIFk1FStYmQJ+TWA/fGKyX2G
6Olm/D/R/uhNk81mbOThKQTngEpZuYOnEFsYwL16HbK5Zgg9QOa6jjx14PiosFwV
QmnpSY0VOrr/lMw1K9vMdatA3KlYuo12BXwcyAvGvn8SzFTZ1rcC7lYHiNEv59nS
xV+2E0OYp5TyGx6IFuaDQBN1zCD5htTDPi87U5joUhPy0Gbaih1eO2AJNesP3UWw
tcqsMpW+Lw9BbBXR812LhyG/Yl8CIcOS5muEnHhBwsdEFSXLaM/Y0X6mAQIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFKn75HlVdMuDGHsvrb2P3n+8MfsGMB8GA1UdIwQY
MBaAFLPFGwwGPPwWlD/JpH4sgFmQ9uquMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczhVYkRBWThfQmFVUDhta2ZpeUFXWkQyNnE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi81ODc3OTItYmFlOS00MTgzLWE0YjEt
ZmY1ZjFhZDY5MjY2LzEvcWZ2a2VWVjB5NE1ZZXktdHZZX2VmN3d4LXdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi81ODc3OTItYmFlOS00MTgzLWE0YjEtZmY1ZjFhZDY5MjY2
LzEvczhVYkRBWThfQmFVUDhta2ZpeUFXWkQyNnE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwQEBazAMAwD
BAAtQrkDBAItQrgDBAJbwTwDBANtRJADBAOyFagDBAK5RkwDBAC5WBcDBAC5dn0D
BAK5qCQDBAK5zWADBALDI1wwDQQCAAIwBwMFACoCT8AwDQYJKoZIhvcNAQELBQAD
ggEBAAbZUyThXwP5L+cLsTy2zbQHORhUb7BZphxszNLgThzJcStGjrA95BqOonhG
yGGCAZInuc/gRnmTremofDAfFIJ7vVvWDlM4FwcgyPxRcRNSPKPgTzkvPM5+FllF
6dVy8cIiMhUmymqHDPxtm0CPNVlD7L/R5AVd0dD9huZ8JlqbZI44Drn19sLh+OgE
XKSj14OUPxuPIlIB0XqNoPZelEpS1N+VtK9eApCaYofzmZJmFsgQ/7TM/2PnieRP
ESRuUEGLKv806izozHRmdWF9tCVrXoBtF5cbEVNrN4jMsTs057EldWmgSznFQRj+
ovZHCMFoSxVyyryPKVa4JBLe75Q=
-----END CERTIFICATE-----
Generated at Sun Apr 13 20:45:29 2025 by rpki-client