Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/XXKuildCsFJXdNyCwBMrowurkY0.roa
File: XXKuildCsFJXdNyCwBMrowurkY0.roa (raw, json)
Hash identifier: NXW1f3EG3KW4h6xADEdnRgY4ZNLFSP48OU6WesEP2Jo=
Subject key identifier: 5D:72:AE:8A:57:42:B0:52:57:74:DC:82:C0:13:2B:A3:0B:AB:91:8D
Certificate issuer: /CN=a4f8436003d37602026b65531755ca8fcd31bed2
Certificate serial: 0196166BE5A7AE44620A6380583C8C79A86A
Authority key identifier: A4:F8:43:60:03:D3:76:02:02:6B:65:53:17:55:CA:8F:CD:31:BE:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pPhDYAPTdgICa2VTF1XKj80xvtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/XXKuildCsFJXdNyCwBMrowurkY0.roa
Signing time: Tue 08 Apr 2025 17:21:31 +0000
ROA not before: Tue 08 Apr 2025 17:21:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31027
IP address blocks: 5.56.144.0/20 maxlen: 20
5.83.24.0/21 maxlen: 21
5.179.80.0/20 maxlen: 20
37.49.128.0/20 maxlen: 20
46.32.156.0/22 maxlen: 22
62.12.32.0/20 maxlen: 20
62.12.48.0/21 maxlen: 21
62.116.192.0/19 maxlen: 19
77.233.224.0/19 maxlen: 19
78.111.160.0/20 maxlen: 20
78.153.160.0/19 maxlen: 19
80.88.128.0/20 maxlen: 20
80.243.112.0/20 maxlen: 20
82.192.160.0/19 maxlen: 19
83.136.88.0/21 maxlen: 21
83.151.128.0/18 maxlen: 18
87.116.0.0/18 maxlen: 18
88.212.64.0/18 maxlen: 18
89.221.160.0/20 maxlen: 20
91.143.112.0/20 maxlen: 20
92.62.192.0/20 maxlen: 20
93.176.64.0/18 maxlen: 18
94.18.0.0/16 maxlen: 16
109.202.128.0/19 maxlen: 19
130.185.128.0/20 maxlen: 20
176.222.232.0/21 maxlen: 21
185.20.240.0/22 maxlen: 22
185.67.128.0/22 maxlen: 22
188.120.64.0/19 maxlen: 19
188.120.80.0/21 maxlen: 21
193.105.116.0/24 maxlen: 24
193.105.149.0/24 maxlen: 24
194.182.96.0/21 maxlen: 21
195.93.176.0/23 maxlen: 23
195.93.182.0/23 maxlen: 23
195.140.132.0/22 maxlen: 22
212.60.96.0/19 maxlen: 19
212.60.120.0/21 maxlen: 21
212.98.96.0/24 maxlen: 24
217.74.208.0/20 maxlen: 20
217.116.208.0/20 maxlen: 20
217.195.176.0/20 maxlen: 20
217.195.178.0/24 maxlen: 24
2a01:4f0::/32 maxlen: 32
2a02:188::/29 maxlen: 29
2a02:460::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/pPhDYAPTdgICa2VTF1XKj80xvtI.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/pPhDYAPTdgICa2VTF1XKj80xvtI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pPhDYAPTdgICa2VTF1XKj80xvtI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:16:6b:e5:a7:ae:44:62:0a:63:80:58:3c:8c:79:a8:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4f8436003d37602026b65531755ca8fcd31bed2
Validity
Not Before: Apr 8 17:21:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d72ae8a5742b0525774dc82c0132ba30bab918d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e0:fd:ba:2d:12:6d:34:ad:4e:39:11:bc:29:
15:d1:08:a2:25:36:13:5b:d9:b1:85:0e:7d:27:f2:
03:9b:05:7e:4f:19:c4:c3:22:3b:98:44:55:3e:fa:
13:dc:2e:ad:ef:23:79:43:97:d3:d3:9b:e3:b0:4e:
88:63:38:3f:db:59:92:8c:40:df:16:52:80:33:7f:
87:29:a4:c0:f3:2f:12:84:61:52:9d:7b:5c:ef:18:
35:c0:26:8d:97:79:ca:75:30:d3:dc:58:f9:92:15:
d2:c3:86:64:17:b3:72:f2:50:02:5f:ab:fb:4f:d0:
3f:47:d1:a9:c5:49:e7:aa:b8:e8:de:80:8e:2e:b0:
c4:53:cb:22:8e:e9:ae:e9:08:b6:e7:fa:b2:93:fd:
85:f0:b6:96:19:79:6c:59:f9:4b:a1:6a:3b:98:1f:
9a:86:c9:a9:b6:29:6b:47:12:59:c4:b5:87:5d:e7:
56:ff:02:a8:ca:f4:3d:cd:a9:0c:bb:4d:2e:b6:e2:
7a:2d:12:0c:17:69:09:f2:26:6c:dd:71:1e:e8:54:
0e:82:9c:ed:a3:31:3a:76:cb:24:82:79:fb:70:83:
59:f4:31:58:d0:0d:85:1a:a9:e8:37:de:81:80:91:
5f:44:5c:73:1e:2b:da:6d:8d:71:e9:f8:71:94:17:
53:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:72:AE:8A:57:42:B0:52:57:74:DC:82:C0:13:2B:A3:0B:AB:91:8D
X509v3 Authority Key Identifier:
keyid:A4:F8:43:60:03:D3:76:02:02:6B:65:53:17:55:CA:8F:CD:31:BE:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pPhDYAPTdgICa2VTF1XKj80xvtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/XXKuildCsFJXdNyCwBMrowurkY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/pPhDYAPTdgICa2VTF1XKj80xvtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.144.0/20
5.83.24.0/21
5.179.80.0/20
37.49.128.0/20
46.32.156.0/22
62.12.32.0-62.12.55.255
62.116.192.0/19
77.233.224.0/19
78.111.160.0/20
78.153.160.0/19
80.88.128.0/20
80.243.112.0/20
82.192.160.0/19
83.136.88.0/21
83.151.128.0/18
87.116.0.0/18
88.212.64.0/18
89.221.160.0/20
91.143.112.0/20
92.62.192.0/20
93.176.64.0/18
94.18.0.0/16
109.202.128.0/19
130.185.128.0/20
176.222.232.0/21
185.20.240.0/22
185.67.128.0/22
188.120.64.0/19
193.105.116.0/24
193.105.149.0/24
194.182.96.0/21
195.93.176.0/23
195.93.182.0/23
195.140.132.0/22
212.60.96.0/19
212.98.96.0/24
217.74.208.0/20
217.116.208.0/20
217.195.176.0/20
IPv6:
2a01:4f0::/32
2a02:188::/29
2a02:460::/32
Signature Algorithm: sha256WithRSAEncryption
3f:07:c2:a8:6d:93:f9:2f:f1:ad:73:fd:67:33:36:66:f4:81:
31:45:75:a3:b8:1e:77:35:6c:36:d9:84:87:34:e8:29:be:c5:
ea:72:7c:17:15:91:bc:15:29:0a:6d:81:64:56:a5:5e:25:46:
f1:01:88:01:eb:18:8d:c6:89:8a:78:cf:a6:de:d3:3e:ef:a1:
91:be:87:33:a9:95:1e:85:20:b2:f2:6a:5e:8f:b3:d3:4a:fb:
d4:27:ec:15:3c:b2:3f:9f:12:ec:ba:77:d5:bf:ca:5f:1c:13:
41:7f:04:ce:44:26:3c:fe:17:db:b1:e0:e2:31:33:38:b6:8a:
43:12:15:b1:27:64:2e:b6:af:f1:0a:8a:97:86:81:44:e4:50:
b0:65:e9:53:85:1a:e4:c6:79:bf:9d:6b:7f:dd:df:e4:b3:aa:
f5:81:3a:e5:fe:95:4d:63:11:08:68:f6:26:9c:af:f3:18:96:
1a:9a:d2:99:9f:e6:7b:25:c3:df:22:d2:75:e1:92:1c:88:b3:
05:52:96:ae:e2:aa:33:05:23:e2:bd:6c:6d:de:82:43:69:45:
d2:87:56:0a:5f:0a:09:be:4b:2c:ca:bd:44:d5:35:e8:8c:19:
98:dd:9a:13:ff:53:35:ae:39:40:c1:0b:6e:74:67:b3:d9:b5:
59:ea:9e:f3
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgISAZYWa+WnrkRiCmOAWDyMeahqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0Zjg0MzYwMDNkMzc2MDIwMjZiNjU1MzE3NTVjYThmY2Qz
MWJlZDIwHhcNMjUwNDA4MTcyMTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDcyYWU4YTU3NDJiMDUyNTc3NGRjODJjMDEzMmJhMzBiYWI5MThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtuD9ui0SbTStTjkRvCkV0QiiJTYT
W9mxhQ59J/IDmwV+TxnEwyI7mERVPvoT3C6t7yN5Q5fT05vjsE6IYzg/21mSjEDf
FlKAM3+HKaTA8y8ShGFSnXtc7xg1wCaNl3nKdTDT3Fj5khXSw4ZkF7Ny8lACX6v7
T9A/R9GpxUnnqrjo3oCOLrDEU8sijumu6Qi25/qyk/2F8LaWGXlsWflLoWo7mB+a
hsmptilrRxJZxLWHXedW/wKoyvQ9zakMu00utuJ6LRIMF2kJ8iZs3XEe6FQOgpzt
ozE6dsskgnn7cINZ9DFY0A2FGqnoN96BgJFfRFxzHivabY1x6fhxlBdTowIDAQAB
o4IDGTCCAxUwHQYDVR0OBBYEFF1yropXQrBSV3TcgsATK6MLq5GNMB8GA1UdIwQY
MBaAFKT4Q2AD03YCAmtlUxdVyo/NMb7SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFBoRFlBUFRkZ0lDYTJWVEYxWEtqODB4dnRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS81MTU2MDgtNTAxMi00YTQwLWIzMjQt
MjdiZjgzY2RlZDZiLzEvWFhLdWlsZENzRkpYZE55Q3dCTXJvd3Vya1kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS81MTU2MDgtNTAxMi00YTQwLWIzMjQtMjdiZjgzY2RlZDZi
LzEvcFBoRFlBUFRkZ0lDYTJWVEYxWEtqODB4dnRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLQYIKwYBBQUHAQcBAf8EggEcMIIBGDCB+AQCAAEwgfED
BAQFOJADBAMFUxgDBAQFs1ADBAQlMYADBAIuIJwwDAMEBT4MIAMEAz4MMAMEBT50
wAMEBU3p4AMEBE5voAMEBU6ZoAMEBFBYgAMEBFDzcAMEBVLAoAMEA1OIWAMEBlOX
gAMEBld0AAMEBljUQAMEBFndoAMEBFuPcAMEBFw+wAMEBl2wQAMDAF4SAwQFbcqA
AwQEgrmAAwQDsN7oAwQCuRTwAwQCuUOAAwQFvHhAAwQAwWl0AwQAwWmVAwQDwrZg
AwQBw12wAwQBw122AwQCw4yEAwQF1DxgAwQA1GJgAwQE2UrQAwQE2XTQAwQE2cOw
MBsEAgACMBUDBQAqAQTwAwUDKgIBiAMFACoCBGAwDQYJKoZIhvcNAQELBQADggEB
AD8Hwqhtk/kv8a1z/WczNmb0gTFFdaO4Hnc1bDbZhIc06Cm+xepyfBcVkbwVKQpt
gWRWpV4lRvEBiAHrGI3GiYp4z6be0z7voZG+hzOplR6FILLyal6Ps9NK+9Qn7BU8
sj+fEuy6d9W/yl8cE0F/BM5EJjz+F9ux4OIxMzi2ikMSFbEnZC62r/EKipeGgUTk
ULBl6VOFGuTGeb+da3/d3+SzqvWBOuX+lU1jEQho9iacr/MYlhqa0pmf5nslw98i
0nXhkhyIswVSlq7iqjMFI+K9bG3egkNpRdKHVgpfCgm+SyzKvUTVNeiMGZjdmhP/
UzWuOUDBC250Z7PZtVnqnvM=
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:46:47 2025 by rpki-client