Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/l9F2BKLRzJdwd0fdRPbEtVrxZ_w.roa
File: l9F2BKLRzJdwd0fdRPbEtVrxZ_w.roa (raw, json)
Hash identifier: sQ1Z2qgiFPzai3M2nTZDaES/HRhMJZ1SRAb6A8g+cZw=
Subject key identifier: 97:D1:76:04:A2:D1:CC:97:70:77:47:DD:44:F6:C4:B5:5A:F1:67:FC
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0195F7B4B4694B21D53BF0F0B16AEE4BDB72
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/l9F2BKLRzJdwd0fdRPbEtVrxZ_w.roa
Signing time: Wed 02 Apr 2025 18:12:49 +0000
ROA not before: Wed 02 Apr 2025 18:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15723
IP address blocks: 5.178.4.0/22 maxlen: 22
5.178.4.0/24 maxlen: 24
5.178.5.0/24 maxlen: 24
5.178.6.0/24 maxlen: 24
5.178.7.0/24 maxlen: 24
5.178.9.0/24 maxlen: 24
5.178.10.0/24 maxlen: 24
5.178.11.0/24 maxlen: 24
5.178.12.0/24 maxlen: 24
5.178.13.0/24 maxlen: 24
5.178.14.0/24 maxlen: 24
5.178.15.0/24 maxlen: 24
46.23.100.0/22 maxlen: 22
46.23.100.0/24 maxlen: 24
46.23.101.0/24 maxlen: 24
46.23.102.0/24 maxlen: 24
46.23.103.0/24 maxlen: 24
62.217.128.0/19 maxlen: 19
62.217.128.0/24 maxlen: 24
62.217.129.0/24 maxlen: 24
62.217.130.0/24 maxlen: 24
62.217.131.0/24 maxlen: 24
62.217.132.0/24 maxlen: 24
62.217.133.0/24 maxlen: 24
62.217.134.0/24 maxlen: 24
62.217.135.0/24 maxlen: 24
62.217.136.0/24 maxlen: 24
62.217.137.0/24 maxlen: 24
62.217.138.0/24 maxlen: 24
62.217.139.0/24 maxlen: 24
62.217.140.0/24 maxlen: 24
62.217.141.0/24 maxlen: 24
62.217.142.0/24 maxlen: 24
62.217.143.0/24 maxlen: 24
62.217.144.0/24 maxlen: 24
62.217.145.0/24 maxlen: 24
62.217.146.0/24 maxlen: 24
62.217.147.0/24 maxlen: 24
62.217.148.0/24 maxlen: 24
62.217.149.0/24 maxlen: 24
62.217.150.0/24 maxlen: 24
62.217.151.0/24 maxlen: 24
62.217.152.0/24 maxlen: 24
62.217.153.0/24 maxlen: 24
62.217.154.0/24 maxlen: 24
62.217.155.0/24 maxlen: 24
62.217.156.0/24 maxlen: 24
62.217.157.0/24 maxlen: 24
62.217.158.0/24 maxlen: 24
62.217.159.0/24 maxlen: 24
88.151.199.0/24 maxlen: 24
109.205.208.0/24 maxlen: 24
185.81.217.0/24 maxlen: 24
188.64.8.0/22 maxlen: 22
188.64.8.0/24 maxlen: 24
188.64.9.0/24 maxlen: 24
188.64.10.0/24 maxlen: 24
188.64.11.0/24 maxlen: 24
188.64.12.0/22 maxlen: 22
188.64.12.0/24 maxlen: 24
188.64.13.0/24 maxlen: 24
188.64.14.0/24 maxlen: 24
188.64.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.mft
rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f7:b4:b4:69:4b:21:d5:3b:f0:f0:b1:6a:ee:4b:db:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Apr 2 18:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97d17604a2d1cc97707747dd44f6c4b55af167fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:84:9e:df:0f:dc:c4:61:00:b7:a8:f5:a0:2b:
bd:f9:f7:b4:f5:4a:bf:9a:9a:80:b0:a4:fa:55:e5:
8e:fc:ba:ba:58:06:33:2e:c7:55:ae:74:1d:78:95:
30:a0:55:a0:55:4d:34:ec:82:8c:18:d5:0f:10:f5:
ca:f8:cf:d0:27:00:75:c3:af:c6:ae:67:c4:82:2c:
22:6e:45:25:a5:b4:55:85:db:79:4a:3e:70:7d:8f:
1c:ab:1f:d9:89:e2:1f:b4:3b:43:09:89:27:e8:9b:
69:c2:22:d4:47:24:7a:7e:53:08:52:2f:02:d1:a8:
06:fb:ba:19:5f:7c:46:50:21:6d:8d:94:7f:0c:91:
1e:54:a9:b1:bc:f4:ae:3a:6e:24:4e:e9:49:83:c2:
84:78:aa:ce:4f:52:aa:45:f0:34:a8:f7:53:8d:1a:
a8:96:df:9a:47:04:2f:5c:7f:07:d0:ea:cb:d2:58:
86:07:9d:c0:60:16:e3:70:fc:07:f5:03:74:8e:ca:
bb:5d:02:fe:23:fc:a5:14:4e:99:46:b0:81:be:b7:
5d:af:b1:35:b7:27:31:2c:cf:e2:d2:8b:0c:a8:fb:
35:0b:79:e3:12:c5:d4:bc:b4:be:27:55:9a:71:dd:
3c:42:06:b4:95:00:64:1e:5c:92:0b:07:f9:18:7f:
5a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:D1:76:04:A2:D1:CC:97:70:77:47:DD:44:F6:C4:B5:5A:F1:67:FC
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/l9F2BKLRzJdwd0fdRPbEtVrxZ_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.4.0/22
5.178.9.0-5.178.15.255
46.23.100.0/22
62.217.128.0/19
88.151.199.0/24
109.205.208.0/24
185.81.217.0/24
188.64.8.0/21
Signature Algorithm: sha256WithRSAEncryption
0b:11:4a:99:57:74:6c:69:47:3a:6a:30:9b:4d:3d:a5:63:df:
e2:37:b9:73:ea:1c:b7:8b:70:ce:b5:5b:fc:67:8b:1f:ed:94:
48:ac:e6:3c:6d:b2:b2:0b:50:93:19:3c:72:0a:ff:f6:33:0a:
a4:df:6a:78:03:c9:56:ee:b1:55:6c:42:50:e9:74:f3:35:50:
e5:f7:ab:79:f2:7e:77:07:f5:1c:fd:e4:06:eb:35:09:e5:48:
e3:b1:d2:8f:5d:6b:be:b3:9c:0d:12:18:82:f9:30:10:2a:73:
49:a4:9b:8c:26:6a:7c:fb:0c:1e:87:b5:d9:68:32:78:85:ce:
4d:4f:c2:ba:77:49:0f:57:33:77:74:e2:06:5f:03:a9:16:33:
70:5b:a4:9a:01:ad:a9:b8:83:77:4a:ed:e5:5a:53:28:0c:d5:
ae:3d:db:c7:26:e8:b4:47:eb:64:9b:7c:98:f0:fa:c5:a2:13:
ec:70:e6:3b:f8:52:df:6b:9f:31:f7:4f:3b:e4:17:b2:ac:f6:
f8:9a:a5:78:fa:b9:c5:8c:30:c8:10:1d:7a:2a:c3:07:4f:5e:
a2:2a:66:f7:73:97:01:cd:85:f5:94:05:1a:7f:eb:6d:af:99:
bc:b5:30:0c:08:44:c7:22:7e:98:81:8f:86:cd:50:af:11:ff:
63:de:36:fa
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZX3tLRpSyHVO/DwsWruS9tyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjUwNDAyMTgxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2QxNzYwNGEyZDFjYzk3NzA3NzQ3ZGQ0NGY2YzRiNTVhZjE2N2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4Se3w/cxGEAt6j1oCu9+fe09Uq/
mpqAsKT6VeWO/Lq6WAYzLsdVrnQdeJUwoFWgVU007IKMGNUPEPXK+M/QJwB1w6/G
rmfEgiwibkUlpbRVhdt5Sj5wfY8cqx/ZieIftDtDCYkn6JtpwiLURyR6flMIUi8C
0agG+7oZX3xGUCFtjZR/DJEeVKmxvPSuOm4kTulJg8KEeKrOT1KqRfA0qPdTjRqo
lt+aRwQvXH8H0OrL0liGB53AYBbjcPwH9QN0jsq7XQL+I/ylFE6ZRrCBvrddr7E1
tycxLM/i0osMqPs1C3njEsXUvLS+J1Wacd08Qga0lQBkHlySCwf5GH9awwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFJfRdgSi0cyXcHdH3UT2xLVa8Wf8MB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvbDlGMkJLTFJ6SmR3ZDBmZFJQYkV0VnJ4Wl93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQCBbIEMAwD
BAAFsgkDBAQFsgADBAIuF2QDBAU+2YADBABYl8cDBABtzdADBAC5UdkDBAO8QAgw
DQYJKoZIhvcNAQELBQADggEBAAsRSplXdGxpRzpqMJtNPaVj3+I3uXPqHLeLcM61
W/xnix/tlEis5jxtsrILUJMZPHIK//YzCqTfangDyVbusVVsQlDpdPM1UOX3q3ny
fncH9Rz95AbrNQnlSOOx0o9da76znA0SGIL5MBAqc0mkm4wmanz7DB6HtdloMniF
zk1Pwrp3SQ9XM3d04gZfA6kWM3BbpJoBram4g3dK7eVaUygM1a4928cm6LRH62Sb
fJjw+sWiE+xw5jv4Ut9rnzH3TzvkF7Ks9viapXj6ucWMMMgQHXoqwwdPXqIqZvdz
lwHNhfWUBRp/622vmby1MAwIRMcifpiBj4bNUK8R/2PeNvo=
-----END CERTIFICATE-----
Generated at Tue Apr 22 10:28:07 2025 by rpki-client