Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/ST0wFE-QlPu616IjcTiKIB5ATn8.roa
File: ST0wFE-QlPu616IjcTiKIB5ATn8.roa (raw, json)
Hash identifier: rKb9WquNrde87DmYVxhuTHBVapJBp5dtOCarDwOXMvU=
Subject key identifier: 49:3D:30:14:4F:90:94:FB:BA:D7:A2:23:71:38:8A:20:1E:40:4E:7F
Certificate issuer: /CN=dba12207af4d186c44da2533c0b8f1fd1f55d8db
Certificate serial: 019517F67B45ACC7B2D49B043BD6D43B1F86
Authority key identifier: DB:A1:22:07:AF:4D:18:6C:44:DA:25:33:C0:B8:F1:FD:1F:55:D8:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/26EiB69NGGxE2iUzwLjx_R9V2Ns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/ST0wFE-QlPu616IjcTiKIB5ATn8.roa
Signing time: Tue 18 Feb 2025 07:29:44 +0000
ROA not before: Tue 18 Feb 2025 07:29:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41960
IP address blocks: 2.56.216.0/22 maxlen: 24
5.183.132.0/22 maxlen: 24
37.148.184.0/21 maxlen: 24
45.10.124.0/22 maxlen: 24
45.95.252.0/22 maxlen: 24
45.140.156.0/22 maxlen: 24
45.151.116.0/22 maxlen: 24
77.73.224.0/21 maxlen: 24
85.184.8.0/21 maxlen: 24
91.211.160.0/22 maxlen: 24
93.188.64.0/22 maxlen: 24
171.22.176.0/22 maxlen: 24
185.116.12.0/22 maxlen: 24
185.234.152.0/23 maxlen: 24
185.234.154.0/24 maxlen: 24
185.239.168.0/23 maxlen: 24
185.239.170.0/24 maxlen: 24
185.249.136.0/22 maxlen: 24
185.251.152.0/22 maxlen: 24
185.253.48.0/22 maxlen: 24
193.105.183.0/24 maxlen: 24
194.61.84.0/24 maxlen: 24
194.61.86.0/24 maxlen: 24
195.184.86.0/23 maxlen: 24
195.184.90.0/23 maxlen: 24
195.238.86.0/23 maxlen: 24
212.19.192.0/19 maxlen: 24
212.26.192.0/19 maxlen: 24
212.57.48.0/20 maxlen: 24
213.156.0.0/20 maxlen: 24
213.173.56.0/22 maxlen: 24
217.8.96.0/20 maxlen: 24
2001:6e0::/32 maxlen: 48
2a02:690::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/26EiB69NGGxE2iUzwLjx_R9V2Ns.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/26EiB69NGGxE2iUzwLjx_R9V2Ns.mft
rsync://rpki.ripe.net/repository/DEFAULT/26EiB69NGGxE2iUzwLjx_R9V2Ns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:17:f6:7b:45:ac:c7:b2:d4:9b:04:3b:d6:d4:3b:1f:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dba12207af4d186c44da2533c0b8f1fd1f55d8db
Validity
Not Before: Feb 18 07:29:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=493d30144f9094fbbad7a22371388a201e404e7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:95:bf:e3:94:f7:8a:0b:2e:74:d0:18:80:5b:
25:c2:c5:e6:a5:af:cb:3c:c9:da:f6:fc:fb:8e:45:
1c:70:c3:45:a5:16:e4:dd:0a:fa:b3:95:43:8a:69:
4f:aa:69:d6:93:52:19:6a:83:be:c6:71:bf:e7:d9:
61:6b:fa:eb:ec:71:b2:79:b8:c3:e0:f3:78:84:dc:
9c:e2:14:2c:80:1e:3e:75:cf:03:1d:61:b8:cf:f0:
3e:cd:5d:ab:a7:c6:d3:ba:a9:90:75:3f:17:e1:74:
7e:dd:94:6d:82:0c:55:a8:25:0e:8f:a7:74:3e:10:
ec:ee:5a:09:e5:95:d4:55:f0:ec:8a:e5:1e:94:01:
11:07:60:9c:af:1b:35:af:08:dc:99:95:f5:b4:67:
d2:ff:35:04:ac:1e:4b:fd:18:52:88:fb:dc:2e:7e:
3b:ef:0f:23:cc:85:91:b6:43:ed:25:8e:f1:5a:f4:
ab:00:9d:9f:02:e7:3c:98:c7:8f:a8:22:a4:31:02:
30:73:06:0d:5e:39:e6:14:db:e6:58:28:6d:cf:bf:
d7:e0:db:5f:65:26:40:f8:af:a9:06:d2:1e:9c:31:
7e:a8:b8:09:a0:f0:39:91:13:14:77:20:28:f8:f2:
de:6d:48:ec:1f:08:a7:0f:97:66:41:94:1a:32:35:
4c:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:3D:30:14:4F:90:94:FB:BA:D7:A2:23:71:38:8A:20:1E:40:4E:7F
X509v3 Authority Key Identifier:
keyid:DB:A1:22:07:AF:4D:18:6C:44:DA:25:33:C0:B8:F1:FD:1F:55:D8:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/26EiB69NGGxE2iUzwLjx_R9V2Ns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/ST0wFE-QlPu616IjcTiKIB5ATn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/c8010e-3289-4a36-a2b8-12b2bc58053a/1/26EiB69NGGxE2iUzwLjx_R9V2Ns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.216.0/22
5.183.132.0/22
37.148.184.0/21
45.10.124.0/22
45.95.252.0/22
45.140.156.0/22
45.151.116.0/22
77.73.224.0/21
85.184.8.0/21
91.211.160.0/22
93.188.64.0/22
171.22.176.0/22
185.116.12.0/22
185.234.152.0-185.234.154.255
185.239.168.0-185.239.170.255
185.249.136.0/22
185.251.152.0/22
185.253.48.0/22
193.105.183.0/24
194.61.84.0/24
194.61.86.0/24
195.184.86.0/23
195.184.90.0/23
195.238.86.0/23
212.19.192.0/19
212.26.192.0/19
212.57.48.0/20
213.156.0.0/20
213.173.56.0/22
217.8.96.0/20
IPv6:
2001:6e0::/32
2a02:690::/29
Signature Algorithm: sha256WithRSAEncryption
24:c6:c4:b3:64:29:ae:e6:f0:53:ad:dd:ff:e9:80:46:07:ec:
a3:a3:80:54:9b:04:9c:cb:96:03:43:b1:5f:0a:0c:64:a5:74:
41:a6:5d:9a:50:fc:47:3f:55:a4:a6:6a:5a:d2:84:1a:c9:02:
b9:68:2e:9b:a1:52:a6:b8:a6:86:4a:11:1d:05:58:d8:1d:d5:
4f:ad:5d:ab:1d:7d:77:4e:0e:73:92:41:1e:c9:ab:f0:a4:9c:
4a:82:b3:00:bb:92:5a:f6:42:c4:35:f3:b5:4a:c4:47:e2:f9:
80:38:2a:2c:76:fa:5d:f7:b4:ce:c2:ed:e1:f8:53:18:cf:1b:
6e:c3:2e:18:8d:bb:6e:07:16:38:bb:7e:0d:6b:ca:e8:d6:be:
72:7e:21:74:b1:7b:71:69:88:b5:aa:95:64:5b:2a:31:82:df:
2f:25:c4:f1:a5:7c:21:d0:7b:53:be:ed:f1:1b:6a:6e:02:02:
e1:f4:ea:bd:36:6e:ac:51:6a:a8:5b:a9:af:8d:09:5c:b1:04:
47:97:66:88:a8:73:34:20:ac:44:24:82:35:0a:a5:40:7a:98:
a5:86:fd:14:4e:2a:b6:b7:75:77:b2:2d:d5:a0:8e:8a:39:af:
c1:3f:22:2c:5c:bf:8f:36:29:3d:85:4f:8e:e6:06:94:76:6e:
ea:36:12:2b
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAZUX9ntFrMey1JsEO9bUOx+GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYTEyMjA3YWY0ZDE4NmM0NGRhMjUzM2MwYjhmMWZkMWY1
NWQ4ZGIwHhcNMjUwMjE4MDcyOTQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTNkMzAxNDRmOTA5NGZiYmFkN2EyMjM3MTM4OGEyMDFlNDA0ZTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpW/45T3igsudNAYgFslwsXmpa/L
PMna9vz7jkUccMNFpRbk3Qr6s5VDimlPqmnWk1IZaoO+xnG/59lha/rr7HGyebjD
4PN4hNyc4hQsgB4+dc8DHWG4z/A+zV2rp8bTuqmQdT8X4XR+3ZRtggxVqCUOj6d0
PhDs7loJ5ZXUVfDsiuUelAERB2Ccrxs1rwjcmZX1tGfS/zUErB5L/RhSiPvcLn47
7w8jzIWRtkPtJY7xWvSrAJ2fAuc8mMePqCKkMQIwcwYNXjnmFNvmWChtz7/X4Ntf
ZSZA+K+pBtIenDF+qLgJoPA5kRMUdyAo+PLebUjsHwinD5dmQZQaMjVMgQIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFEk9MBRPkJT7uteiI3E4iiAeQE5/MB8GA1UdIwQY
MBaAFNuhIgevTRhsRNolM8C48f0fVdjbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjZFaUI2OU5HR3hFMmlVendManhfUjlWMk5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9jODAxMGUtMzI4OS00YTM2LWEyYjgt
MTJiMmJjNTgwNTNhLzEvU1Qwd0ZFLVFsUHU2MTZJamNUaUtJQjVBVG44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9jODAxMGUtMzI4OS00YTM2LWEyYjgtMTJiMmJjNTgwNTNh
LzEvMjZFaUI2OU5HR3hFMmlVendManhfUjlWMk5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH3BggrBgEFBQcBBwEB/wSB5zCB5DCBywQCAAEwgcQDBAIC
ONgDBAIFt4QDBAMllLgDBAItCnwDBAItX/wDBAItjJwDBAItl3QDBANNSeADBANV
uAgDBAJb06ADBAJdvEADBAKrFrADBAK5dAwwDAMEA7nqmAMEALnqmjAMAwQDue+o
AwQAue+qAwQCufmIAwQCufuYAwQCuf0wAwQAwWm3AwQAwj1UAwQAwj1WAwQBw7hW
AwQBw7haAwQBw+5WAwQF1BPAAwQF1BrAAwQE1DkwAwQE1ZwAAwQC1a04AwQE2Qhg
MBQEAgACMA4DBQAgAQbgAwUDKgIGkDANBgkqhkiG9w0BAQsFAAOCAQEAJMbEs2Qp
rubwU63d/+mARgfso6OAVJsEnMuWA0OxXwoMZKV0QaZdmlD8Rz9VpKZqWtKEGskC
uWgum6FSprimhkoRHQVY2B3VT61dqx19d04Oc5JBHsmr8KScSoKzALuSWvZCxDXz
tUrER+L5gDgqLHb6Xfe0zsLt4fhTGM8bbsMuGI27bgcWOLt+DWvK6Na+cn4hdLF7
cWmItaqVZFsqMYLfLyXE8aV8IdB7U77t8RtqbgIC4fTqvTZurFFqqFupr40JXLEE
R5dmiKhzNCCsRCSCNQqlQHqYpYb9FE4qtrd1d7It1aCOijmvwT8iLFy/jzYpPYVP
juYGlHZu6jYSKw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:42:36 2025 by rpki-client