Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/qNueyq_ZoTbC4yFoRImera8I8G8.roa
File: qNueyq_ZoTbC4yFoRImera8I8G8.roa (raw, json)
Hash identifier: 0QLi9xBNjhGIdVQu2iU+1fR1OTjQ09YNPx13rOGAPmU=
Subject key identifier: A8:DB:9E:CA:AF:D9:A1:36:C2:E3:21:68:44:89:9E:AD:AF:08:F0:6F
Certificate issuer: /CN=4283696716dbcc360b9a62ef7d84b4d28f958bdd
Certificate serial: 0195A8DA1953F8D51EBE54446B0D1162E192
Authority key identifier: 42:83:69:67:16:DB:CC:36:0B:9A:62:EF:7D:84:B4:D2:8F:95:8B:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QoNpZxbbzDYLmmLvfYS00o-Vi90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/qNueyq_ZoTbC4yFoRImera8I8G8.roa
Signing time: Tue 18 Mar 2025 10:43:40 +0000
ROA not before: Tue 18 Mar 2025 10:43:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29256
IP address blocks: 5.0.0.0/19 maxlen: 19
5.0.32.0/19 maxlen: 19
5.0.32.0/21 maxlen: 21
5.0.40.0/21 maxlen: 21
5.0.48.0/21 maxlen: 21
5.0.56.0/21 maxlen: 21
5.0.64.0/18 maxlen: 18
5.0.128.0/19 maxlen: 19
5.0.128.0/21 maxlen: 21
5.0.136.0/21 maxlen: 21
5.0.144.0/21 maxlen: 21
5.0.152.0/21 maxlen: 21
5.0.160.0/19 maxlen: 19
5.0.160.0/21 maxlen: 21
5.0.168.0/21 maxlen: 21
5.0.176.0/21 maxlen: 21
5.0.184.0/21 maxlen: 21
5.0.192.0/18 maxlen: 18
5.155.0.0/19 maxlen: 19
5.155.0.0/21 maxlen: 21
5.155.8.0/21 maxlen: 21
5.155.16.0/21 maxlen: 21
5.155.24.0/21 maxlen: 21
5.155.32.0/19 maxlen: 19
5.155.64.0/19 maxlen: 19
5.155.96.0/19 maxlen: 19
5.155.128.0/19 maxlen: 19
5.155.128.0/21 maxlen: 21
5.155.136.0/21 maxlen: 21
5.155.144.0/21 maxlen: 21
5.155.152.0/21 maxlen: 21
5.155.160.0/19 maxlen: 19
5.155.160.0/21 maxlen: 21
5.155.168.0/21 maxlen: 21
5.155.176.0/21 maxlen: 21
5.155.184.0/21 maxlen: 21
5.155.192.0/19 maxlen: 19
5.155.224.0/19 maxlen: 19
31.9.0.0/19 maxlen: 19
31.9.32.0/20 maxlen: 20
31.9.48.0/22 maxlen: 22
31.9.56.0/21 maxlen: 21
31.9.64.0/20 maxlen: 20
31.9.80.0/20 maxlen: 20
31.9.96.0/19 maxlen: 19
31.9.128.0/20 maxlen: 20
31.9.144.0/20 maxlen: 20
31.9.160.0/19 maxlen: 19
31.9.192.0/19 maxlen: 19
31.9.224.0/19 maxlen: 19
46.40.128.0/18 maxlen: 18
80.70.120.0/21 maxlen: 21
82.100.128.0/19 maxlen: 19
82.137.192.0/20 maxlen: 20
82.137.208.0/20 maxlen: 20
82.137.224.0/20 maxlen: 20
82.137.240.0/24 maxlen: 24
82.137.242.0/24 maxlen: 24
82.137.243.0/24 maxlen: 24
82.137.244.0/23 maxlen: 23
82.137.246.0/23 maxlen: 23
82.137.248.0/24 maxlen: 24
82.137.249.0/24 maxlen: 24
82.137.250.0/24 maxlen: 24
82.137.251.0/24 maxlen: 24
82.137.252.0/24 maxlen: 24
82.137.253.0/24 maxlen: 24
82.137.254.0/24 maxlen: 24
82.137.255.0/24 maxlen: 24
91.144.0.0/20 maxlen: 20
91.144.16.0/20 maxlen: 20
91.144.32.0/20 maxlen: 20
91.144.48.0/20 maxlen: 20
94.47.0.0/19 maxlen: 19
94.47.0.0/21 maxlen: 21
94.47.8.0/21 maxlen: 21
94.47.16.0/21 maxlen: 21
94.47.24.0/21 maxlen: 21
94.47.32.0/19 maxlen: 19
94.47.32.0/21 maxlen: 21
94.47.40.0/21 maxlen: 21
94.47.48.0/21 maxlen: 21
94.47.56.0/21 maxlen: 21
94.47.64.0/19 maxlen: 19
94.47.96.0/19 maxlen: 19
94.47.128.0/20 maxlen: 20
94.47.144.0/20 maxlen: 20
94.47.160.0/19 maxlen: 19
94.47.160.0/21 maxlen: 21
94.47.168.0/21 maxlen: 21
94.47.176.0/21 maxlen: 21
94.47.184.0/21 maxlen: 21
94.47.192.0/18 maxlen: 18
178.253.64.0/19 maxlen: 19
178.253.96.0/23 maxlen: 23
178.253.98.0/24 maxlen: 24
178.253.99.0/24 maxlen: 24
178.253.100.0/23 maxlen: 23
178.253.102.0/24 maxlen: 24
178.253.103.0/24 maxlen: 24
178.253.104.0/22 maxlen: 22
178.253.108.0/23 maxlen: 23
178.253.110.0/23 maxlen: 23
178.253.112.0/22 maxlen: 22
185.92.88.0/22 maxlen: 22
185.99.100.0/22 maxlen: 22
185.109.212.0/22 maxlen: 22
188.133.0.0/20 maxlen: 20
188.133.16.0/20 maxlen: 20
188.133.32.0/19 maxlen: 19
188.133.64.0/19 maxlen: 19
188.133.96.0/19 maxlen: 19
193.124.10.0/23 maxlen: 23
193.124.12.0/23 maxlen: 23
193.124.26.0/23 maxlen: 23
193.124.28.0/23 maxlen: 23
193.124.38.0/23 maxlen: 23
193.124.52.0/23 maxlen: 23
193.124.62.0/23 maxlen: 23
193.124.68.0/23 maxlen: 23
193.124.86.0/23 maxlen: 23
193.124.160.0/20 maxlen: 20
193.124.208.0/20 maxlen: 20
194.58.0.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/QoNpZxbbzDYLmmLvfYS00o-Vi90.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/QoNpZxbbzDYLmmLvfYS00o-Vi90.mft
rsync://rpki.ripe.net/repository/DEFAULT/QoNpZxbbzDYLmmLvfYS00o-Vi90.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a8:da:19:53:f8:d5:1e:be:54:44:6b:0d:11:62:e1:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4283696716dbcc360b9a62ef7d84b4d28f958bdd
Validity
Not Before: Mar 18 10:43:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8db9ecaafd9a136c2e3216844899eadaf08f06f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:43:78:95:5e:90:36:d6:b0:09:c8:34:5e:07:
ee:4e:86:c9:5a:62:57:3a:53:1b:d6:1c:c3:85:41:
9c:c1:37:95:33:70:ca:10:6a:d4:70:7c:32:78:02:
92:06:b6:60:31:53:7a:35:7f:05:81:c4:cd:a6:0b:
48:ca:f2:7a:18:18:7c:0a:34:98:08:8d:27:c2:ac:
da:42:c5:3f:a7:1c:92:ae:57:16:85:84:63:7c:0f:
4b:a0:35:4f:33:e2:15:b5:d5:d3:50:ba:08:1c:e4:
68:48:47:3a:38:e4:e6:b8:c6:7a:81:1f:18:12:fc:
57:3a:48:02:ca:70:b4:8c:2a:df:23:dd:4c:94:a5:
be:ac:e4:bc:02:a7:f1:8b:9e:44:8d:c5:76:56:9b:
12:4a:c6:13:00:18:20:3a:82:66:69:38:6a:43:07:
62:1a:6a:c7:14:68:ac:cb:21:b8:36:87:a7:63:b9:
d9:7e:11:9c:5d:00:9f:ac:30:75:ab:8d:fd:91:19:
0c:3d:89:f1:47:31:04:33:1c:c8:36:28:78:a8:ec:
5f:d7:a2:29:8c:a1:fa:18:82:de:a7:9f:82:d2:ad:
69:9a:93:4d:33:c2:30:43:1a:0b:6f:75:00:df:d9:
87:a2:3d:74:54:d2:60:7b:e8:c0:67:bc:1f:04:54:
99:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:DB:9E:CA:AF:D9:A1:36:C2:E3:21:68:44:89:9E:AD:AF:08:F0:6F
X509v3 Authority Key Identifier:
keyid:42:83:69:67:16:DB:CC:36:0B:9A:62:EF:7D:84:B4:D2:8F:95:8B:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QoNpZxbbzDYLmmLvfYS00o-Vi90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/qNueyq_ZoTbC4yFoRImera8I8G8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/QoNpZxbbzDYLmmLvfYS00o-Vi90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.0.0.0/16
5.155.0.0/16
31.9.0.0-31.9.51.255
31.9.56.0-31.9.255.255
46.40.128.0/18
80.70.120.0/21
82.100.128.0/19
82.137.192.0-82.137.240.255
82.137.242.0-82.137.255.255
91.144.0.0/18
94.47.0.0/16
178.253.64.0-178.253.115.255
185.92.88.0/22
185.99.100.0/22
185.109.212.0/22
188.133.0.0/17
193.124.10.0-193.124.13.255
193.124.26.0-193.124.29.255
193.124.38.0/23
193.124.52.0/23
193.124.62.0/23
193.124.68.0/23
193.124.86.0/23
193.124.160.0/20
193.124.208.0/20
194.58.0.0/20
Signature Algorithm: sha256WithRSAEncryption
75:37:83:38:e2:d0:95:b3:56:30:c8:27:5c:fa:f0:ec:48:cb:
e3:fa:94:9a:7f:a1:08:7e:03:99:05:d7:f2:1d:ad:71:25:06:
d7:00:42:ec:da:6e:f4:d0:75:6a:8b:82:11:59:fd:7c:77:aa:
23:6f:e6:1b:ab:c1:a2:a0:f2:68:da:9e:8f:2d:6e:05:ed:cf:
37:1c:09:cc:99:d2:b7:db:4f:3f:17:f8:e6:b6:17:dc:bc:38:
bd:23:a9:ca:ce:46:1e:cd:53:79:b2:ba:e3:a4:ee:a3:6c:bb:
26:62:08:f8:28:b3:32:68:01:f8:8f:1b:b5:1f:a7:16:52:42:
7a:fb:fe:71:f7:2e:8d:a9:92:f9:04:5b:b0:a7:81:24:ef:64:
1f:58:51:66:fd:97:c7:38:8b:b5:10:36:8e:ff:e4:ce:74:74:
7a:f1:41:f7:fa:95:00:3e:89:e3:61:28:46:42:cb:b5:a7:ba:
c9:47:e6:8f:57:68:f1:00:4c:62:73:4f:50:02:13:a4:c0:27:
06:7c:ae:30:c1:a9:8e:b1:66:ec:75:d1:34:4d:90:01:a0:95:
7c:4a:4b:ba:f0:3a:30:06:d6:0e:50:8c:89:65:be:38:3c:09:
06:2c:de:f0:3e:89:7c:8b:3c:1f:ff:a5:c0:6c:f5:3e:17:a1:
f0:4d:c7:ca
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAZWo2hlT+NUevlREaw0RYuGSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyODM2OTY3MTZkYmNjMzYwYjlhNjJlZjdkODRiNGQyOGY5
NThiZGQwHhcNMjUwMzE4MTA0MzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGRiOWVjYWFmZDlhMTM2YzJlMzIxNjg0NDg5OWVhZGFmMDhmMDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0N4lV6QNtawCcg0XgfuTobJWmJX
OlMb1hzDhUGcwTeVM3DKEGrUcHwyeAKSBrZgMVN6NX8FgcTNpgtIyvJ6GBh8CjSY
CI0nwqzaQsU/pxySrlcWhYRjfA9LoDVPM+IVtdXTULoIHORoSEc6OOTmuMZ6gR8Y
EvxXOkgCynC0jCrfI91MlKW+rOS8Aqfxi55EjcV2VpsSSsYTABggOoJmaThqQwdi
GmrHFGisyyG4NoenY7nZfhGcXQCfrDB1q439kRkMPYnxRzEEMxzINih4qOxf16Ip
jKH6GILep5+C0q1pmpNNM8IwQxoLb3UA39mHoj10VNJge+jAZ7wfBFSZcQIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFKjbnsqv2aE2wuMhaESJnq2vCPBvMB8GA1UdIwQY
MBaAFEKDaWcW28w2C5pi732EtNKPlYvdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW9OcFp4YmJ6RFlMbW1MdmZZUzAwby1WaTkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS81NDQyY2UtNDhiYy00MTY0LTkzNTAt
OTI0MGQ5Zjc1YWU2LzEvcU51ZXlxX1pvVGJDNHlGb1JJbWVyYThJOEc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS81NDQyY2UtNDhiYy00MTY0LTkzNTAtOTI0MGQ5Zjc1YWU2
LzEvUW9OcFp4YmJ6RFlMbW1MdmZZUzAwby1WaTkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DCB1QQCAAEwgc4DAwAF
AAMDAAWbMAsDAwAfCQMEAh8JMDALAwQDHwk4AwMBHwgDBAYuKIADBANQRngDBAVS
ZIAwDAMEBlKJwAMEAFKJ8DALAwQBUonyAwMBUogDBAZbkAADAwBeLzAMAwQGsv1A
AwQCsv1wAwQCuVxYAwQCuWNkAwQCuW3UAwQHvIUAMAwDBAHBfAoDBAHBfAwwDAME
AcF8GgMEAcF8HAMEAcF8JgMEAcF8NAMEAcF8PgMEAcF8RAMEAcF8VgMEBMF8oAME
BMF80AMEBMI6ADANBgkqhkiG9w0BAQsFAAOCAQEAdTeDOOLQlbNWMMgnXPrw7EjL
4/qUmn+hCH4DmQXX8h2tcSUG1wBC7Npu9NB1aouCEVn9fHeqI2/mG6vBoqDyaNqe
jy1uBe3PNxwJzJnSt9tPPxf45rYX3Lw4vSOpys5GHs1TebK646Tuo2y7JmII+Ciz
MmgB+I8btR+nFlJCevv+cfcujamS+QRbsKeBJO9kH1hRZv2XxziLtRA2jv/kznR0
evFB9/qVAD6J42EoRkLLtae6yUfmj1do8QBMYnNPUAITpMAnBnyuMMGpjrFm7HXR
NE2QAaCVfEpLuvA6MAbWDlCMiWW+ODwJBize8D6JfIs8H/+lwGz1Pheh8E3Hyg==
-----END CERTIFICATE-----
Generated at Fri Apr 18 16:40:11 2025 by rpki-client