Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/bDiIn-_UXIGuw3Qo4clxFIKAqAE.roa
File: bDiIn-_UXIGuw3Qo4clxFIKAqAE.roa (raw, json)
Hash identifier: rYwZ+l52WfQynuoiZucorfpRFkeDzJfCrE/NRMJMIic=
Subject key identifier: 6C:38:88:9F:EF:D4:5C:81:AE:C3:74:28:E1:C9:71:14:82:80:A8:01
Certificate issuer: /CN=999df7dc0ed518f1ec69974cf98cecaada1a8680
Certificate serial: 0196E859F04D5015D9F00DB6C13E7B00B585
Authority key identifier: 99:9D:F7:DC:0E:D5:18:F1:EC:69:97:4C:F9:8C:EC:AA:DA:1A:86:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/bDiIn-_UXIGuw3Qo4clxFIKAqAE.roa
Signing time: Mon 19 May 2025 11:42:10 +0000
ROA not before: Mon 19 May 2025 11:42:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6848
IP address blocks: 5.23.128.0/17 maxlen: 17
46.253.160.0/20 maxlen: 20
62.205.64.0/18 maxlen: 18
78.20.0.0/14 maxlen: 14
78.29.192.0/18 maxlen: 18
81.82.0.0/15 maxlen: 15
81.164.0.0/15 maxlen: 15
82.143.64.0/18 maxlen: 18
82.210.64.0/19 maxlen: 19
83.217.128.0/19 maxlen: 19
84.192.0.0/13 maxlen: 13
85.28.64.0/18 maxlen: 18
85.255.192.0/24 maxlen: 24
85.255.193.0/24 maxlen: 24
85.255.194.0/24 maxlen: 24
85.255.195.0/24 maxlen: 24
85.255.197.0/24 maxlen: 24
85.255.198.0/24 maxlen: 24
85.255.199.0/24 maxlen: 24
85.255.200.0/24 maxlen: 24
85.255.201.0/24 maxlen: 24
85.255.202.0/24 maxlen: 24
85.255.203.0/24 maxlen: 24
85.255.204.0/24 maxlen: 24
85.255.205.0/24 maxlen: 24
85.255.206.0/24 maxlen: 24
85.255.207.0/24 maxlen: 24
94.72.64.0/19 maxlen: 19
94.224.0.0/14 maxlen: 14
141.134.0.0/15 maxlen: 15
157.173.128.0/18 maxlen: 18
178.116.0.0/14 maxlen: 14
185.23.244.0/22 maxlen: 22
185.30.52.0/22 maxlen: 22
185.35.52.0/24 maxlen: 24
185.35.53.0/24 maxlen: 24
185.35.54.0/24 maxlen: 24
185.35.55.0/24 maxlen: 24
185.152.57.0/24 maxlen: 24
185.152.58.0/24 maxlen: 24
185.248.40.0/22 maxlen: 22
188.44.64.0/19 maxlen: 19
188.95.146.0/23 maxlen: 23
188.188.0.0/15 maxlen: 15
195.16.0.0/19 maxlen: 19
195.130.128.0/19 maxlen: 19
195.162.192.0/19 maxlen: 19
212.76.224.0/19 maxlen: 19
212.88.224.0/19 maxlen: 19
212.123.0.0/19 maxlen: 19
213.118.0.0/15 maxlen: 15
213.132.128.0/19 maxlen: 19
213.214.32.0/19 maxlen: 19
213.224.0.0/16 maxlen: 16
213.251.64.0/18 maxlen: 18
217.72.224.0/20 maxlen: 20
217.168.120.0/21 maxlen: 21
2a00:1cf8::/32 maxlen: 32
2a01:498::/32 maxlen: 32
2a01:498:200::/40 maxlen: 40
2a01:498:500::/40 maxlen: 40
2a01:498:8500::/40 maxlen: 40
2a02:1800::/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/mZ333A7VGPHsaZdM-YzsqtoahoA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/mZ333A7VGPHsaZdM-YzsqtoahoA.mft
rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 16:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e8:59:f0:4d:50:15:d9:f0:0d:b6:c1:3e:7b:00:b5:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=999df7dc0ed518f1ec69974cf98cecaada1a8680
Validity
Not Before: May 19 11:42:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c38889fefd45c81aec37428e1c971148280a801
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:84:56:a0:a0:69:f5:11:fe:32:36:be:cf:ff:
d1:be:13:2a:7b:9f:cc:90:38:ea:16:97:1e:98:b4:
ef:31:1c:56:e9:83:2f:01:3b:ec:ec:91:80:c2:e2:
57:bf:4f:ab:27:bc:0a:ec:83:43:7a:c2:06:67:44:
e2:21:db:13:6c:bf:9b:db:e0:c9:0b:3e:ba:8a:0b:
3f:42:99:f2:1c:7c:e2:f7:38:52:85:fc:8d:9c:09:
e1:c5:c1:fe:66:a0:0d:33:4f:34:d1:34:50:d6:95:
60:d5:a6:14:63:16:78:bb:ff:2c:5d:dc:c4:66:6e:
21:3b:76:1a:02:da:c4:91:c8:35:1b:3b:f7:7e:de:
e6:7e:5b:fb:1a:48:76:d3:57:3b:0d:fb:a4:39:d3:
14:ff:52:f7:92:6c:50:3a:8e:e0:c4:2a:15:8d:36:
7f:d1:e2:02:64:da:5f:82:f4:0a:51:61:43:64:bf:
39:7a:08:0a:b8:ff:75:f8:4d:cd:7d:06:8e:19:c6:
51:a5:67:66:00:33:9d:21:c9:4b:1e:61:76:58:f3:
82:09:ff:8a:3e:ac:57:07:6c:98:09:a5:b3:18:b1:
e9:37:21:d3:45:e0:2f:44:c5:db:4d:9d:b1:1c:e0:
a9:bc:74:97:0e:0a:f6:f0:12:1f:b0:22:4e:9e:87:
3d:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:38:88:9F:EF:D4:5C:81:AE:C3:74:28:E1:C9:71:14:82:80:A8:01
X509v3 Authority Key Identifier:
keyid:99:9D:F7:DC:0E:D5:18:F1:EC:69:97:4C:F9:8C:EC:AA:DA:1A:86:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/bDiIn-_UXIGuw3Qo4clxFIKAqAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/mZ333A7VGPHsaZdM-YzsqtoahoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.23.128.0/17
46.253.160.0/20
62.205.64.0/18
78.20.0.0/14
78.29.192.0/18
81.82.0.0/15
81.164.0.0/15
82.143.64.0/18
82.210.64.0/19
83.217.128.0/19
84.192.0.0/13
85.28.64.0/18
85.255.192.0/22
85.255.197.0-85.255.207.255
94.72.64.0/19
94.224.0.0/14
141.134.0.0/15
157.173.128.0/18
178.116.0.0/14
185.23.244.0/22
185.30.52.0/22
185.35.52.0/22
185.152.57.0-185.152.58.255
185.248.40.0/22
188.44.64.0/19
188.95.146.0/23
188.188.0.0/15
195.16.0.0/19
195.130.128.0/19
195.162.192.0/19
212.76.224.0/19
212.88.224.0/19
212.123.0.0/19
213.118.0.0/15
213.132.128.0/19
213.214.32.0/19
213.224.0.0/16
213.251.64.0/18
217.72.224.0/20
217.168.120.0/21
IPv6:
2a00:1cf8::/32
2a01:498::/32
2a02:1800::/24
Signature Algorithm: sha256WithRSAEncryption
5f:07:51:d1:cb:fd:e2:66:a6:d5:bf:ac:2c:01:b7:f0:e9:23:
43:93:d2:1f:80:63:8c:af:13:bc:f8:24:26:bc:81:ff:63:c6:
50:94:74:0a:c3:b8:a0:4b:bb:d6:87:d3:27:31:5b:89:bf:93:
92:e6:f1:43:f1:53:93:a7:68:27:a8:46:0e:ac:ff:f4:99:9a:
f0:c6:b7:d6:91:1c:7e:33:e5:2b:15:68:50:f7:2e:62:4c:83:
21:5a:e3:cc:47:ee:8c:e0:71:89:9b:5d:ef:a4:ac:f1:06:9b:
46:a8:69:9f:9a:39:74:40:64:bf:dc:83:25:56:d5:8a:45:fa:
06:7e:e5:f3:79:9f:6e:4f:15:de:b8:89:bc:59:4e:40:c5:d1:
bb:3a:36:c5:42:5e:ba:a5:66:c9:10:7c:6a:67:ba:29:8d:57:
35:80:12:ab:6b:0f:44:76:7d:d0:fd:3d:11:ad:b2:5b:69:ee:
6d:d1:58:2c:ce:87:07:12:50:91:db:f1:be:fb:df:6e:9a:85:
e6:2d:9a:a6:37:bf:be:c2:b0:8f:da:4f:63:d1:17:d1:b3:2d:
79:95:39:ef:6e:57:4c:53:42:4d:28:28:c0:ea:50:37:4a:af:
c8:8c:cb:21:6f:d5:a7:70:b4:15:10:52:d5:b8:a2:36:d7:95:
3c:49:7c:ab
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgISAZboWfBNUBXZ8A22wT57ALWFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5OWRmN2RjMGVkNTE4ZjFlYzY5OTc0Y2Y5OGNlY2FhZGEx
YTg2ODAwHhcNMjUwNTE5MTE0MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzM4ODg5ZmVmZDQ1YzgxYWVjMzc0MjhlMWM5NzExNDgyODBhODAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkoRWoKBp9RH+Mja+z//RvhMqe5/M
kDjqFpcemLTvMRxW6YMvATvs7JGAwuJXv0+rJ7wK7INDesIGZ0TiIdsTbL+b2+DJ
Cz66igs/QpnyHHzi9zhShfyNnAnhxcH+ZqANM0800TRQ1pVg1aYUYxZ4u/8sXdzE
Zm4hO3YaAtrEkcg1Gzv3ft7mflv7Gkh201c7DfukOdMU/1L3kmxQOo7gxCoVjTZ/
0eICZNpfgvQKUWFDZL85eggKuP91+E3NfQaOGcZRpWdmADOdIclLHmF2WPOCCf+K
PqxXB2yYCaWzGLHpNyHTReAvRMXbTZ2xHOCpvHSXDgr28BIfsCJOnoc9jQIDAQAB
o4IDHTCCAxkwHQYDVR0OBBYEFGw4iJ/v1FyBrsN0KOHJcRSCgKgBMB8GA1UdIwQY
MBaAFJmd99wO1Rjx7GmXTPmM7KraGoaAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVozMzNBN1ZHUEhzYVpkTS1ZenNxdG9haG9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iYTg4ZjItMjE1Zi00Zjg5LWEzYWYt
MTM4Yjc4N2RlM2UzLzEvYkRpSW4tX1VYSUd1dzNRbzRjbHhGSUtBcUFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iYTg4ZjItMjE1Zi00Zjg5LWEzYWYtMTM4Yjc4N2RlM2Uz
LzEvbVozMzNBN1ZHUEhzYVpkTS1ZenNxdG9haG9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMQYIKwYBBQUHAQcBAf8EggEgMIIBHDCB/QQCAAEwgfYD
BAcFF4ADBAQu/aADBAY+zUADAwJOFAMEBk4dwAMDAVFSAwMBUaQDBAZSj0ADBAVS
0kADBAVT2YADAwNUwAMEBlUcQAMEAlX/wDAMAwQAVf/FAwQEVf/AAwQFXkhAAwMC
XuADAwGNhgMEBp2tgAMDArJ0AwQCuRf0AwQCuR40AwQCuSM0MAwDBAC5mDkDBAC5
mDoDBAK5+CgDBAW8LEADBAG8X5IDAwG8vAMEBcMQAAMEBcOCgAMEBcOiwAMEBdRM
4AMEBdRY4AMEBdR7AAMDAdV2AwQF1YSAAwQF1dYgAwMA1eADBAbV+0ADBATZSOAD
BAPZqHgwGgQCAAIwFAMFACoAHPgDBQAqAQSYAwQAKgIYMA0GCSqGSIb3DQEBCwUA
A4IBAQBfB1HRy/3iZqbVv6wsAbfw6SNDk9IfgGOMrxO8+CQmvIH/Y8ZQlHQKw7ig
S7vWh9MnMVuJv5OS5vFD8VOTp2gnqEYOrP/0mZrwxrfWkRx+M+UrFWhQ9y5iTIMh
WuPMR+6M4HGJm13vpKzxBptGqGmfmjl0QGS/3IMlVtWKRfoGfuXzeZ9uTxXeuIm8
WU5AxdG7OjbFQl66pWbJEHxqZ7opjVc1gBKraw9Edn3Q/T0RrbJbae5t0VgszocH
ElCR2/G++99umoXmLZqmN7++wrCP2k9j0RfRsy15lTnvbldMU0JNKCjA6lA3Sq/I
jMshb9WncLQVEFLVuKI215U8SXyr
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:25:55 2025 by rpki-client