Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/Jwty4ekRQohuKl_Th5KmkxZiHOg.roa
File: Jwty4ekRQohuKl_Th5KmkxZiHOg.roa (raw, json)
Hash identifier: dScH0uLqws1bMpYZDfFXsQDKo5JthOPs4D8SQmxY1LQ=
Subject key identifier: 27:0B:72:E1:E9:11:42:88:6E:2A:5F:D3:87:92:A6:93:16:62:1C:E8
Certificate issuer: /CN=9295b1f1dcd8fa6ac1ef788278c489e15eacae70
Certificate serial: 01963EB98FF1E43D7B68CAAF02EF0EDC4C7E
Authority key identifier: 92:95:B1:F1:DC:D8:FA:6A:C1:EF:78:82:78:C4:89:E1:5E:AC:AE:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpWx8dzY-mrB73iCeMSJ4V6srnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/Jwty4ekRQohuKl_Th5KmkxZiHOg.roa
Signing time: Wed 16 Apr 2025 13:11:10 +0000
ROA not before: Wed 16 Apr 2025 13:11:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8560
IP address blocks: 5.250.176.0/20 maxlen: 24
46.16.72.0/21 maxlen: 24
78.137.96.0/21 maxlen: 24
81.173.112.0/22 maxlen: 24
82.165.0.0/16 maxlen: 24
85.184.248.0/22 maxlen: 24
87.106.0.0/16 maxlen: 24
157.97.104.0/21 maxlen: 24
157.97.104.0/24 maxlen: 32
157.97.105.0/24 maxlen: 32
185.48.116.0/22 maxlen: 24
194.126.206.0/24 maxlen: 24
194.164.4.0/22 maxlen: 24
194.164.8.0/22 maxlen: 24
194.164.16.0/20 maxlen: 24
194.164.48.0/20 maxlen: 24
194.164.88.0/21 maxlen: 24
194.164.120.0/21 maxlen: 24
194.164.160.0/20 maxlen: 24
194.164.192.0/20 maxlen: 24
195.20.224.0/19 maxlen: 24
212.132.64.0/18 maxlen: 24
212.227.0.0/16 maxlen: 24
213.165.64.0/19 maxlen: 24
213.244.192.0/24 maxlen: 24
217.72.192.0/20 maxlen: 24
217.154.0.0/21 maxlen: 24
217.154.8.0/22 maxlen: 24
217.154.13.0/24 maxlen: 24
217.154.14.0/23 maxlen: 24
217.154.16.0/21 maxlen: 24
217.154.50.0/23 maxlen: 24
217.154.52.0/22 maxlen: 24
217.154.56.0/21 maxlen: 24
217.154.64.0/21 maxlen: 24
217.154.74.0/23 maxlen: 24
217.154.76.0/22 maxlen: 24
217.154.80.0/21 maxlen: 24
217.154.88.0/23 maxlen: 24
217.154.91.0/24 maxlen: 24
217.154.92.0/22 maxlen: 24
217.154.240.0/22 maxlen: 24
217.160.0.0/16 maxlen: 24
217.160.124.0/23 maxlen: 24
217.160.150.0/23 maxlen: 32
2001:8d8::/32 maxlen: 48
2a02:2478::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/kpWx8dzY-mrB73iCeMSJ4V6srnA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/kpWx8dzY-mrB73iCeMSJ4V6srnA.mft
rsync://rpki.ripe.net/repository/DEFAULT/kpWx8dzY-mrB73iCeMSJ4V6srnA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3e:b9:8f:f1:e4:3d:7b:68:ca:af:02:ef:0e:dc:4c:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9295b1f1dcd8fa6ac1ef788278c489e15eacae70
Validity
Not Before: Apr 16 13:11:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=270b72e1e91142886e2a5fd38792a69316621ce8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:80:be:7a:e6:37:ff:ca:d3:e5:9a:31:0d:f3:
12:0d:1a:2e:a6:35:d0:ea:e2:99:5e:94:67:cd:1f:
dd:ab:e6:63:b8:7c:cd:9a:51:99:81:00:93:87:66:
3c:cf:0f:dd:c8:2a:39:5b:08:1e:87:34:52:1d:88:
3d:44:80:e1:81:aa:c2:8f:6a:fd:63:52:87:7b:c6:
b6:03:a5:22:bb:7d:93:ac:bf:72:31:e7:e9:67:f4:
cb:01:ea:04:cf:e4:ac:99:fc:51:41:b7:f6:33:94:
95:16:57:cf:6c:25:05:40:81:08:9e:ea:02:a2:b5:
8b:0a:a4:2f:b3:9f:1b:fa:c0:0f:1a:61:c7:a5:fc:
ba:4c:45:d6:3e:7f:ef:e6:9c:3c:51:c1:eb:03:70:
fe:f5:b4:0f:dd:94:92:a7:89:65:17:c9:36:db:ed:
de:db:21:8b:2f:76:d7:0a:a4:51:65:ab:ae:fc:5c:
36:49:35:e2:36:91:2f:cf:21:93:f1:45:e2:8e:a3:
a3:9c:e7:ec:bb:d8:d7:46:c1:60:6a:3f:8b:f5:c2:
54:6e:e7:fd:f0:38:1e:61:aa:45:fd:ba:75:75:eb:
f8:54:d6:a8:5c:00:87:d9:c2:dd:f1:2a:e7:e1:51:
c6:51:eb:0f:fd:fa:b6:a6:4f:cf:e2:f7:1a:06:90:
d3:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:0B:72:E1:E9:11:42:88:6E:2A:5F:D3:87:92:A6:93:16:62:1C:E8
X509v3 Authority Key Identifier:
keyid:92:95:B1:F1:DC:D8:FA:6A:C1:EF:78:82:78:C4:89:E1:5E:AC:AE:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpWx8dzY-mrB73iCeMSJ4V6srnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/Jwty4ekRQohuKl_Th5KmkxZiHOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/kpWx8dzY-mrB73iCeMSJ4V6srnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.250.176.0/20
46.16.72.0/21
78.137.96.0/21
81.173.112.0/22
82.165.0.0/16
85.184.248.0/22
87.106.0.0/16
157.97.104.0/21
185.48.116.0/22
194.126.206.0/24
194.164.4.0-194.164.11.255
194.164.16.0/20
194.164.48.0/20
194.164.88.0/21
194.164.120.0/21
194.164.160.0/20
194.164.192.0/20
195.20.224.0/19
212.132.64.0/18
212.227.0.0/16
213.165.64.0/19
213.244.192.0/24
217.72.192.0/20
217.154.0.0-217.154.11.255
217.154.13.0-217.154.23.255
217.154.50.0-217.154.71.255
217.154.74.0-217.154.89.255
217.154.91.0-217.154.95.255
217.154.240.0/22
217.160.0.0/16
IPv6:
2001:8d8::/32
2a02:2478::/29
Signature Algorithm: sha256WithRSAEncryption
0e:2b:47:a3:e7:e0:68:5d:ce:71:b5:8f:b0:67:60:10:9a:f3:
45:af:39:5e:16:6e:65:da:71:68:a3:c2:c3:6c:bd:6f:e1:3e:
e9:7e:cb:1e:0a:0d:7a:f0:c7:74:77:7b:c7:79:b3:d5:11:6b:
69:a1:b7:be:0e:e6:ec:98:3f:69:c2:99:f4:80:d8:50:05:08:
2c:5a:fc:04:6c:4a:10:2a:1c:e5:9e:09:69:8e:c1:a0:3f:dc:
ae:c0:18:b6:8f:67:bd:8e:71:ec:f4:2a:1f:d1:07:ba:a1:46:
e6:db:85:33:39:2a:a8:2a:12:59:26:84:ba:7a:2e:da:f2:4d:
d3:41:85:45:99:5a:f3:37:e8:6e:dd:9b:69:4e:18:73:34:27:
a7:86:64:73:62:bf:f9:c1:0a:33:5d:03:a7:11:71:09:e2:15:
36:2e:36:98:67:1a:e1:b0:c9:48:b5:4f:ab:53:6a:d4:00:e3:
91:2f:7a:02:c9:ff:96:22:4b:d8:b1:ad:eb:a2:74:36:e3:c0:
02:a3:b1:93:09:1b:15:08:59:19:68:5d:2e:8b:55:cf:18:fb:
09:84:0b:6d:a1:54:6a:12:0a:51:a2:6b:85:0c:ca:49:0b:25:
c8:f1:30:a9:a9:58:2a:e4:a6:6f:59:de:d4:10:f1:28:b0:92:
5c:7a:21:18
-----BEGIN CERTIFICATE-----
MIIF8zCCBNugAwIBAgISAZY+uY/x5D17aMqvAu8O3Ex+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTViMWYxZGNkOGZhNmFjMWVmNzg4Mjc4YzQ4OWUxNWVh
Y2FlNzAwHhcNMjUwNDE2MTMxMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzBiNzJlMWU5MTE0Mjg4NmUyYTVmZDM4NzkyYTY5MzE2NjIxY2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA44C+euY3/8rT5ZoxDfMSDRoupjXQ
6uKZXpRnzR/dq+ZjuHzNmlGZgQCTh2Y8zw/dyCo5WwgehzRSHYg9RIDhgarCj2r9
Y1KHe8a2A6Uiu32TrL9yMefpZ/TLAeoEz+SsmfxRQbf2M5SVFlfPbCUFQIEInuoC
orWLCqQvs58b+sAPGmHHpfy6TEXWPn/v5pw8UcHrA3D+9bQP3ZSSp4llF8k22+3e
2yGLL3bXCqRRZauu/Fw2STXiNpEvzyGT8UXijqOjnOfsu9jXRsFgaj+L9cJUbuf9
8DgeYapF/bp1dev4VNaoXACH2cLd8Srn4VHGUesP/fq2pk/P4vcaBpDTYQIDAQAB
o4IC/zCCAvswHQYDVR0OBBYEFCcLcuHpEUKIbipf04eSppMWYhzoMB8GA1UdIwQY
MBaAFJKVsfHc2Ppqwe94gnjEieFerK5wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BXeDhkelktbXJCNzNpQ2VNU0o0VjZzcm5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZmJjMmUtZmQ4OC00ZGYyLWFhZTMt
OWViNDBjYzVmNjhiLzEvSnd0eTRla1JRb2h1S2xfVGg1S21reFppSE9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZmJjMmUtZmQ4OC00ZGYyLWFhZTMtOWViNDBjYzVmNjhi
LzEva3BXeDhkelktbXJCNzNpQ2VNU0o0VjZzcm5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBEwYIKwYBBQUHAQcBAf8EggECMIH/MIHmBAIAATCB3wME
BAX6sAMEAy4QSAMEA06JYAMEAlGtcAMDAFKlAwQCVbj4AwMAV2oDBAOdYWgDBAK5
MHQDBADCfs4wDAMEAsKkBAMEAsKkCAMEBMKkEAMEBMKkMAMEA8KkWAMEA8KkeAME
BMKkoAMEBMKkwAMEBcMU4AMEBtSEQAMDANTjAwQF1aVAAwQA1fTAAwQE2UjAMAsD
AwHZmgMEAtmaCDAMAwQA2ZoNAwQD2ZoQMAwDBAHZmjIDBAPZmkAwDAMEAdmaSgME
AdmaWDAMAwQA2ZpbAwQF2ZpAAwQC2ZrwAwMA2aAwFAQCAAIwDgMFACABCNgDBQMq
AiR4MA0GCSqGSIb3DQEBCwUAA4IBAQAOK0ej5+BoXc5xtY+wZ2AQmvNFrzleFm5l
2nFoo8LDbL1v4T7pfsseCg168Md0d3vHebPVEWtpobe+DubsmD9pwpn0gNhQBQgs
WvwEbEoQKhzlnglpjsGgP9yuwBi2j2e9jnHs9Cof0Qe6oUbm24UzOSqoKhJZJoS6
ei7a8k3TQYVFmVrzN+hu3ZtpThhzNCenhmRzYr/5wQozXQOnEXEJ4hU2LjaYZxrh
sMlItU+rU2rUAOORL3oCyf+WIkvYsa3ronQ248ACo7GTCRsVCFkZaF0ui1XPGPsJ
hAttoVRqEgpRomuFDMpJCyXI8TCpqVgq5KZvWd7UEPEosJJceiEY
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:18:09 2025 by rpki-client