Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/Pc2EUIWHtHolnHBST8NkkBublHg.roa
File: Pc2EUIWHtHolnHBST8NkkBublHg.roa (raw, json)
Hash identifier: kiUdXWLazxPlTfW1//CR94yYtQySkuU4W6TmLo2zE+c=
Subject key identifier: 3D:CD:84:50:85:87:B4:7A:25:9C:70:52:4F:C3:64:90:1B:9B:94:78
Certificate issuer: /CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Certificate serial: 0195D4AD1D3C8A944AA723D39C8C04415B5C
Authority key identifier: 09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/Pc2EUIWHtHolnHBST8NkkBublHg.roa
Signing time: Wed 26 Mar 2025 22:57:49 +0000
ROA not before: Wed 26 Mar 2025 22:57:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202053
IP address blocks: 5.22.208.0/22 maxlen: 22
5.22.212.0/22 maxlen: 22
5.22.216.0/22 maxlen: 22
5.22.220.0/22 maxlen: 22
80.69.172.0/22 maxlen: 22
83.136.248.0/21 maxlen: 21
85.9.200.0/21 maxlen: 21
85.9.208.0/21 maxlen: 21
85.9.216.0/22 maxlen: 22
85.9.220.0/22 maxlen: 22
94.237.0.0/24 maxlen: 24
94.237.1.0/24 maxlen: 24
94.237.2.0/23 maxlen: 23
94.237.4.0/22 maxlen: 22
94.237.8.0/21 maxlen: 21
94.237.16.0/21 maxlen: 21
94.237.24.0/21 maxlen: 21
94.237.32.0/21 maxlen: 21
94.237.40.0/21 maxlen: 21
94.237.48.0/20 maxlen: 20
94.237.64.0/20 maxlen: 20
94.237.80.0/20 maxlen: 20
94.237.96.0/21 maxlen: 21
94.237.104.0/22 maxlen: 22
94.237.108.0/22 maxlen: 22
94.237.112.0/21 maxlen: 21
94.237.120.0/22 maxlen: 22
94.237.124.0/23 maxlen: 23
94.237.126.0/24 maxlen: 24
95.111.192.0/21 maxlen: 21
95.111.200.0/22 maxlen: 22
95.111.204.0/22 maxlen: 22
95.111.208.0/22 maxlen: 22
95.111.216.0/21 maxlen: 21
185.20.136.0/22 maxlen: 22
185.26.48.0/22 maxlen: 22
185.70.196.0/22 maxlen: 22
194.62.96.0/22 maxlen: 22
213.163.192.0/20 maxlen: 20
2a04:3540::/32 maxlen: 32
2a04:3541::/32 maxlen: 32
2a04:3541:8000::/34 maxlen: 34
2a04:3542::/32 maxlen: 32
2a04:3542:8000::/34 maxlen: 34
2a04:3543::/32 maxlen: 32
2a04:3544::/32 maxlen: 32
2a04:3544:8000::/34 maxlen: 34
2a04:3545::/32 maxlen: 32
2a04:3546::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/CZofLb97eoSuV7jWdCa35OQg-rU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/CZofLb97eoSuV7jWdCa35OQg-rU.mft
rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d4:ad:1d:3c:8a:94:4a:a7:23:d3:9c:8c:04:41:5b:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Validity
Not Before: Mar 26 22:57:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3dcd84508587b47a259c70524fc364901b9b9478
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ea:e1:f8:e5:3f:b1:78:45:73:8f:0c:11:8f:
06:83:4d:ac:aa:8f:8f:55:db:bc:4a:50:72:7a:f5:
31:d5:3b:1f:83:19:f5:31:f1:79:ca:16:a6:5e:bd:
2c:53:ec:d7:29:86:c6:8b:d8:d5:4a:ea:19:67:dc:
63:b0:f6:a1:73:f3:e8:58:8a:58:45:ca:a0:5d:2e:
9a:8f:c2:55:6a:f9:06:83:5e:a5:f9:42:8e:50:c5:
49:ea:14:c2:bb:5d:8f:8b:5b:29:ca:80:fb:6b:0b:
f8:e1:cb:47:96:2d:b0:fb:96:45:4b:56:09:40:07:
7e:35:0a:ac:f0:4b:a8:37:96:1e:2c:11:b4:d7:d9:
c5:70:e3:b5:43:31:ec:53:1f:58:5c:4b:ea:b3:62:
dc:88:ed:48:75:7d:45:ae:ee:ad:cc:f8:4d:10:4f:
24:db:07:08:4a:2d:f2:c0:25:c8:14:3c:30:44:fa:
93:d4:fe:42:28:1a:f5:55:23:35:56:7b:0c:d0:66:
fd:5c:25:b0:24:20:55:72:65:a8:24:47:cb:e5:8f:
24:19:64:a0:26:d5:03:b9:8a:e7:3b:41:59:0b:75:
43:47:c9:e0:fb:62:59:1b:e0:6e:ba:86:c8:e2:ac:
55:b3:34:a0:fa:42:4e:2d:79:03:bd:49:38:ce:de:
6e:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:CD:84:50:85:87:B4:7A:25:9C:70:52:4F:C3:64:90:1B:9B:94:78
X509v3 Authority Key Identifier:
keyid:09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/Pc2EUIWHtHolnHBST8NkkBublHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/CZofLb97eoSuV7jWdCa35OQg-rU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.208.0/20
80.69.172.0/22
83.136.248.0/21
85.9.200.0-85.9.223.255
94.237.0.0-94.237.126.255
95.111.192.0-95.111.211.255
95.111.216.0/21
185.20.136.0/22
185.26.48.0/22
185.70.196.0/22
194.62.96.0/22
213.163.192.0/20
IPv6:
2a04:3540::-2a04:3546:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
88:4a:e8:bc:7c:95:84:76:78:d5:93:7e:ad:cb:30:74:d0:8a:
59:6e:24:ff:c7:e8:79:ab:42:36:78:71:79:6c:18:03:25:bd:
8f:ae:45:f7:b3:32:8f:14:05:56:1b:51:60:23:bf:86:3d:4a:
89:d4:59:9c:97:a3:fd:c7:02:3a:ca:33:88:fc:43:a0:c0:1e:
4d:93:74:13:33:05:cf:49:74:ca:76:4c:55:f7:52:8c:f9:b9:
89:81:cf:ba:3b:32:dc:ca:99:c0:de:62:5d:ac:c9:88:e4:14:
48:3c:b9:9f:46:68:a9:9c:36:3b:f5:c8:41:da:1b:04:37:3f:
2d:69:95:a6:d5:97:d0:34:10:f9:e2:2d:dc:ed:1d:77:8a:b1:
3c:f6:f1:1a:ec:f6:d1:37:4a:ce:e0:f6:8f:6a:2c:f5:8c:bd:
78:90:72:22:4e:a1:83:03:90:e3:06:10:a9:18:31:43:0e:5d:
a3:27:c1:e9:fa:08:e2:c6:d8:c4:b9:1c:76:e3:f3:e1:b8:23:
61:ae:ee:3c:9a:23:76:2f:11:09:6c:92:c3:4c:d0:3a:a2:43:
47:e8:ed:ec:8a:de:7b:78:d0:65:9c:cd:5f:88:cb:a1:87:6f:
be:9d:e7:7e:8c:a0:d9:28:45:b5:2d:5f:e4:41:52:9c:c4:a5:
30:87:5c:a5
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgISAZXUrR08ipRKpyPTnIwEQVtcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OWExZjJkYmY3YjdhODRhZTU3YjhkNjc0MjZiN2U0ZTQy
MGZhYjUwHhcNMjUwMzI2MjI1NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGNkODQ1MDg1ODdiNDdhMjU5YzcwNTI0ZmMzNjQ5MDFiOWI5NDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOrh+OU/sXhFc48MEY8Gg02sqo+P
Vdu8SlByevUx1Tsfgxn1MfF5yhamXr0sU+zXKYbGi9jVSuoZZ9xjsPahc/PoWIpY
RcqgXS6aj8JVavkGg16l+UKOUMVJ6hTCu12Pi1spyoD7awv44ctHli2w+5ZFS1YJ
QAd+NQqs8EuoN5YeLBG019nFcOO1QzHsUx9YXEvqs2LciO1IdX1Fru6tzPhNEE8k
2wcISi3ywCXIFDwwRPqT1P5CKBr1VSM1VnsM0Gb9XCWwJCBVcmWoJEfL5Y8kGWSg
JtUDuYrnO0FZC3VDR8ng+2JZG+BuuobI4qxVszSg+kJOLXkDvUk4zt5uHwIDAQAB
o4ICfDCCAngwHQYDVR0OBBYEFD3NhFCFh7R6JZxwUk/DZJAbm5R4MB8GA1UdIwQY
MBaAFAmaHy2/e3qErle41nQmt+TkIPq1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAt
OWNkNjhmMjIxZTIxLzEvUGMyRVVJV0h0SG9sbkhCU1Q4TmtrQnVibEhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAtOWNkNjhmMjIxZTIx
LzEvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGRBggrBgEFBQcBBwEB/wSBgTB/MGUEAgABMF8DBAQFFtAD
BAJQRawDBANTiPgwDAMEA1UJyAMEBVUJwDALAwMAXu0DBABe7X4wDAMEBl9vwAME
Al9v0AMEA19v2AMEArkUiAMEArkaMAMEArlGxAMEAsI+YAMEBNWjwDAWBAIAAjAQ
MA4DBQYqBDVAAwUAKgQ1RjANBgkqhkiG9w0BAQsFAAOCAQEAiErovHyVhHZ41ZN+
rcswdNCKWW4k/8foeatCNnhxeWwYAyW9j65F97MyjxQFVhtRYCO/hj1KidRZnJej
/ccCOsoziPxDoMAeTZN0EzMFz0l0ynZMVfdSjPm5iYHPujsy3MqZwN5iXazJiOQU
SDy5n0ZoqZw2O/XIQdobBDc/LWmVptWX0DQQ+eIt3O0dd4qxPPbxGuz20TdKzuD2
j2os9Yy9eJByIk6hgwOQ4wYQqRgxQw5doyfB6foI4sbYxLkcduPz4bgjYa7uPJoj
di8RCWySw0zQOqJDR+jt7Iree3jQZZzNX4jLoYdvvp3nfoyg2ShFtS1f5EFSnMSl
MIdcpQ==
-----END CERTIFICATE-----
Generated at Tue Apr 15 19:54:30 2025 by rpki-client