Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/QAnENOV7C6lzH_x8jNRvH6GLqjc.roa
File: QAnENOV7C6lzH_x8jNRvH6GLqjc.roa (raw, json)
Hash identifier: 9SXWdd7rJD88L+XO12WxPTCi0XtVW7lKw0msZqZnedw=
Subject key identifier: 40:09:C4:34:E5:7B:0B:A9:73:1F:FC:7C:8C:D4:6F:1F:A1:8B:AA:37
Certificate issuer: /CN=999df7dc0ed518f1ec69974cf98cecaada1a8680
Certificate serial: 0194AD5834825F49A38D4BF2860514B04A67
Authority key identifier: 99:9D:F7:DC:0E:D5:18:F1:EC:69:97:4C:F9:8C:EC:AA:DA:1A:86:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/QAnENOV7C6lzH_x8jNRvH6GLqjc.roa
Signing time: Tue 28 Jan 2025 14:37:06 +0000
ROA not before: Tue 28 Jan 2025 14:37:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6848
IP address blocks: 5.23.128.0/17 maxlen: 17
46.253.160.0/20 maxlen: 20
62.205.64.0/18 maxlen: 18
78.20.0.0/14 maxlen: 14
78.29.192.0/18 maxlen: 18
81.82.0.0/15 maxlen: 15
81.164.0.0/15 maxlen: 15
82.143.64.0/18 maxlen: 18
82.210.64.0/19 maxlen: 19
83.217.128.0/19 maxlen: 19
84.192.0.0/13 maxlen: 13
85.28.64.0/18 maxlen: 18
85.255.192.0/24 maxlen: 24
85.255.193.0/24 maxlen: 24
85.255.194.0/24 maxlen: 24
85.255.195.0/24 maxlen: 24
85.255.197.0/24 maxlen: 24
85.255.198.0/24 maxlen: 24
85.255.199.0/24 maxlen: 24
85.255.200.0/24 maxlen: 24
85.255.201.0/24 maxlen: 24
85.255.202.0/24 maxlen: 24
85.255.203.0/24 maxlen: 24
85.255.204.0/24 maxlen: 24
85.255.205.0/24 maxlen: 24
85.255.206.0/24 maxlen: 24
85.255.207.0/24 maxlen: 24
94.72.64.0/19 maxlen: 19
94.224.0.0/14 maxlen: 14
141.134.0.0/15 maxlen: 15
157.173.128.0/18 maxlen: 18
178.116.0.0/14 maxlen: 14
185.23.244.0/22 maxlen: 22
185.30.52.0/22 maxlen: 22
185.35.52.0/24 maxlen: 24
185.35.53.0/24 maxlen: 24
185.35.54.0/24 maxlen: 24
185.35.55.0/24 maxlen: 24
185.248.40.0/22 maxlen: 22
188.44.64.0/19 maxlen: 19
188.95.146.0/23 maxlen: 23
188.188.0.0/15 maxlen: 15
195.16.0.0/19 maxlen: 19
195.130.128.0/19 maxlen: 19
195.162.192.0/19 maxlen: 19
212.76.224.0/19 maxlen: 19
212.88.224.0/19 maxlen: 19
212.123.0.0/19 maxlen: 19
213.118.0.0/15 maxlen: 15
213.132.128.0/19 maxlen: 19
213.214.32.0/19 maxlen: 19
213.224.0.0/16 maxlen: 16
213.251.64.0/18 maxlen: 18
217.72.224.0/20 maxlen: 20
217.168.120.0/21 maxlen: 21
2a00:1cf8::/32 maxlen: 32
2a01:498::/32 maxlen: 32
2a01:498:200::/40 maxlen: 40
2a01:498:500::/40 maxlen: 40
2a01:498:8500::/40 maxlen: 40
2a02:1800::/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/mZ333A7VGPHsaZdM-YzsqtoahoA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/mZ333A7VGPHsaZdM-YzsqtoahoA.mft
rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 02:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ad:58:34:82:5f:49:a3:8d:4b:f2:86:05:14:b0:4a:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=999df7dc0ed518f1ec69974cf98cecaada1a8680
Validity
Not Before: Jan 28 14:37:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4009c434e57b0ba9731ffc7c8cd46f1fa18baa37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ab:1e:cc:a9:ff:58:88:fe:67:fa:bc:4e:8b:
13:0f:d7:24:a0:76:05:64:95:79:b2:78:92:49:17:
07:35:eb:0e:48:20:ba:d7:e6:be:a5:bf:9f:ab:18:
f4:04:2f:02:d9:85:29:67:10:a6:68:60:cc:b9:e9:
82:87:33:44:bc:7e:d6:a7:bb:92:1c:df:fb:67:52:
b8:9d:3f:3a:ec:9e:75:e8:bc:19:e2:7c:bf:13:ef:
ec:9e:11:9b:4c:80:9d:2e:f9:d4:95:02:4f:dd:df:
3b:6f:66:f7:aa:dc:a0:79:3c:a7:b2:66:0f:99:11:
9f:e9:4b:f8:3f:43:ca:f3:df:84:28:06:9c:2e:cd:
bd:e0:80:21:ce:9d:d7:85:81:e9:52:3e:d9:13:48:
df:c8:62:8a:ae:ce:21:11:f5:97:d3:c1:c7:4f:a7:
4f:d4:c1:57:81:b5:5e:a7:0f:58:42:4b:9f:c0:7c:
b8:ca:72:57:a2:c2:4e:bc:7d:0e:db:20:85:ee:73:
07:f2:43:af:7f:b9:2c:35:49:32:81:76:f1:6c:2d:
3c:9d:c9:15:d8:72:75:b5:56:10:0d:8e:15:16:59:
b1:54:4e:08:dd:ac:44:d6:61:02:ba:34:18:bf:2a:
b4:90:f8:46:86:f2:c9:9b:6e:4d:a8:b7:79:8b:d3:
f8:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:09:C4:34:E5:7B:0B:A9:73:1F:FC:7C:8C:D4:6F:1F:A1:8B:AA:37
X509v3 Authority Key Identifier:
keyid:99:9D:F7:DC:0E:D5:18:F1:EC:69:97:4C:F9:8C:EC:AA:DA:1A:86:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/QAnENOV7C6lzH_x8jNRvH6GLqjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/mZ333A7VGPHsaZdM-YzsqtoahoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.23.128.0/17
46.253.160.0/20
62.205.64.0/18
78.20.0.0/14
78.29.192.0/18
81.82.0.0/15
81.164.0.0/15
82.143.64.0/18
82.210.64.0/19
83.217.128.0/19
84.192.0.0/13
85.28.64.0/18
85.255.192.0/22
85.255.197.0-85.255.207.255
94.72.64.0/19
94.224.0.0/14
141.134.0.0/15
157.173.128.0/18
178.116.0.0/14
185.23.244.0/22
185.30.52.0/22
185.35.52.0/22
185.248.40.0/22
188.44.64.0/19
188.95.146.0/23
188.188.0.0/15
195.16.0.0/19
195.130.128.0/19
195.162.192.0/19
212.76.224.0/19
212.88.224.0/19
212.123.0.0/19
213.118.0.0/15
213.132.128.0/19
213.214.32.0/19
213.224.0.0/16
213.251.64.0/18
217.72.224.0/20
217.168.120.0/21
IPv6:
2a00:1cf8::/32
2a01:498::/32
2a02:1800::/24
Signature Algorithm: sha256WithRSAEncryption
be:42:94:b0:e4:01:79:52:69:46:1e:4d:c8:1e:52:52:90:fe:
96:b8:06:fc:6f:77:a7:d1:a7:78:fd:39:39:eb:bd:5f:c6:aa:
01:57:ba:a3:db:0b:79:fa:cf:24:c8:ce:b8:2e:06:34:29:f3:
f0:bc:87:2a:0e:e6:e5:77:43:92:05:07:d8:b2:d8:f5:56:12:
33:72:04:9d:f6:fe:61:d9:fc:41:8c:88:40:a9:58:9e:28:20:
26:a9:6b:ea:86:ca:9e:0d:b9:82:06:23:0a:3c:a3:a3:94:51:
3f:bd:f9:c9:bf:26:91:6a:a4:65:f8:8c:66:ee:d9:7b:21:ad:
7f:63:b2:9b:29:88:67:94:1a:ee:0e:a6:4c:83:51:e3:1d:66:
47:d8:d5:59:a3:5f:6d:38:f9:3f:af:bf:d9:06:78:8c:b8:85:
b4:83:15:a4:d0:d8:32:43:0a:4c:24:b1:69:88:91:26:50:cc:
4d:32:b4:08:ac:b7:25:4e:67:0e:a4:ed:2e:33:0c:fa:5c:d1:
c1:8c:45:32:71:13:87:ce:39:1e:86:71:71:98:1c:ea:2e:f9:
e2:20:3e:d8:8d:b9:6a:c3:2d:6a:6c:e2:68:9b:83:2d:5c:34:
dd:5f:e4:90:25:1a:bf:75:a0:e2:28:01:ee:d2:39:6c:c4:16:
4f:fc:1e:32
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgISAZStWDSCX0mjjUvyhgUUsEpnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5OWRmN2RjMGVkNTE4ZjFlYzY5OTc0Y2Y5OGNlY2FhZGEx
YTg2ODAwHhcNMjUwMTI4MTQzNzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDA5YzQzNGU1N2IwYmE5NzMxZmZjN2M4Y2Q0NmYxZmExOGJhYTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKsezKn/WIj+Z/q8TosTD9ckoHYF
ZJV5sniSSRcHNesOSCC61+a+pb+fqxj0BC8C2YUpZxCmaGDMuemChzNEvH7Wp7uS
HN/7Z1K4nT867J516LwZ4ny/E+/snhGbTICdLvnUlQJP3d87b2b3qtygeTynsmYP
mRGf6Uv4P0PK89+EKAacLs294IAhzp3XhYHpUj7ZE0jfyGKKrs4hEfWX08HHT6dP
1MFXgbVepw9YQkufwHy4ynJXosJOvH0O2yCF7nMH8kOvf7ksNUkygXbxbC08nckV
2HJ1tVYQDY4VFlmxVE4I3axE1mECujQYvyq0kPhGhvLJm25NqLd5i9P4DwIDAQAB
o4IDDzCCAwswHQYDVR0OBBYEFEAJxDTlewupcx/8fIzUbx+hi6o3MB8GA1UdIwQY
MBaAFJmd99wO1Rjx7GmXTPmM7KraGoaAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVozMzNBN1ZHUEhzYVpkTS1ZenNxdG9haG9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iYTg4ZjItMjE1Zi00Zjg5LWEzYWYt
MTM4Yjc4N2RlM2UzLzEvUUFuRU5PVjdDNmx6SF94OGpOUnZINkdMcWpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iYTg4ZjItMjE1Zi00Zjg5LWEzYWYtMTM4Yjc4N2RlM2Uz
LzEvbVozMzNBN1ZHUEhzYVpkTS1ZenNxdG9haG9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIwYIKwYBBQUHAQcBAf8EggESMIIBDjCB7wQCAAEwgegD
BAcFF4ADBAQu/aADBAY+zUADAwJOFAMEBk4dwAMDAVFSAwMBUaQDBAZSj0ADBAVS
0kADBAVT2YADAwNUwAMEBlUcQAMEAlX/wDAMAwQAVf/FAwQEVf/AAwQFXkhAAwMC
XuADAwGNhgMEBp2tgAMDArJ0AwQCuRf0AwQCuR40AwQCuSM0AwQCufgoAwQFvCxA
AwQBvF+SAwMBvLwDBAXDEAADBAXDgoADBAXDosADBAXUTOADBAXUWOADBAXUewAD
AwHVdgMEBdWEgAMEBdXWIAMDANXgAwQG1ftAAwQE2UjgAwQD2ah4MBoEAgACMBQD
BQAqABz4AwUAKgEEmAMEACoCGDANBgkqhkiG9w0BAQsFAAOCAQEAvkKUsOQBeVJp
Rh5NyB5SUpD+lrgG/G93p9GneP05Oeu9X8aqAVe6o9sLefrPJMjOuC4GNCnz8LyH
Kg7m5XdDkgUH2LLY9VYSM3IEnfb+Ydn8QYyIQKlYniggJqlr6obKng25ggYjCjyj
o5RRP735yb8mkWqkZfiMZu7ZeyGtf2OymymIZ5Qa7g6mTINR4x1mR9jVWaNfbTj5
P6+/2QZ4jLiFtIMVpNDYMkMKTCSxaYiRJlDMTTK0CKy3JU5nDqTtLjMM+lzRwYxF
MnETh845HoZxcZgc6i754iA+2I25asMtamziaJuDLVw03V/kkCUav3Wg4igB7tI5
bMQWT/weMg==
-----END CERTIFICATE-----
Generated at Tue Apr 15 09:53:27 2025 by rpki-client