Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/P1ooM0tRadnnfs7yPA4JyGHOu90.roa
File: P1ooM0tRadnnfs7yPA4JyGHOu90.roa (raw, json)
Hash identifier: qt3kTikonByn5yyGAReXdJ6ZcgQBVF+qY0HIxFsZ/us=
Subject key identifier: 3F:5A:28:33:4B:51:69:D9:E7:7E:CE:F2:3C:0E:09:C8:61:CE:BB:DD
Certificate issuer: /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial: 019720D849652B4986953B8131065BC6D661
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/P1ooM0tRadnnfs7yPA4JyGHOu90.roa
Signing time: Fri 30 May 2025 10:58:54 +0000
ROA not before: Fri 30 May 2025 10:58:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210976
IP address blocks: 78.40.216.0/24 maxlen: 24
85.193.92.0/24 maxlen: 24
85.193.93.0/24 maxlen: 24
85.193.95.0/24 maxlen: 24
87.249.50.0/24 maxlen: 24
89.191.228.0/24 maxlen: 24
90.156.228.0/24 maxlen: 24
90.156.231.0/24 maxlen: 24
94.228.122.0/24 maxlen: 24
176.57.212.0/24 maxlen: 24
176.57.221.0/24 maxlen: 24
185.104.112.0/24 maxlen: 24
185.104.115.0/24 maxlen: 24
185.247.16.0/24 maxlen: 24
185.247.18.0/24 maxlen: 24
185.247.19.0/24 maxlen: 24
188.225.14.0/24 maxlen: 24
188.225.60.0/24 maxlen: 24
194.35.116.0/24 maxlen: 24
194.35.117.0/24 maxlen: 24
194.35.118.0/24 maxlen: 24
194.35.119.0/24 maxlen: 24
217.25.91.0/24 maxlen: 24
217.25.95.0/24 maxlen: 24
217.151.229.0/24 maxlen: 24
217.151.231.0/24 maxlen: 24
2a03:6f02::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.mft
rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 01:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:20:d8:49:65:2b:49:86:95:3b:81:31:06:5b:c6:d6:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Validity
Not Before: May 30 10:58:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f5a28334b5169d9e77ecef23c0e09c861cebbdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c8:1f:1a:db:23:48:e8:f9:0d:2d:82:32:f3:
95:c2:e5:87:81:b5:b4:bf:a9:9c:d4:90:50:2c:6f:
5c:1e:b9:00:2d:66:89:74:00:77:9e:e9:80:43:f6:
4e:da:b2:2a:99:e6:f7:9a:d0:0d:0e:11:cf:aa:d3:
d2:b1:12:19:b9:14:6c:ea:b0:71:54:c4:45:6f:90:
ca:cc:a4:d2:d1:f2:0a:7a:61:1b:56:1f:ee:fa:30:
af:1c:c5:97:f0:83:f8:44:c2:ea:e7:64:c7:f1:7e:
c6:cd:73:a4:8c:05:69:54:58:ea:e9:d9:85:eb:29:
4d:75:e7:ec:77:b4:05:21:92:d5:70:87:29:6e:cf:
57:38:b5:b7:fc:66:0c:98:0c:f2:dc:32:9b:33:70:
12:82:32:dc:79:b8:34:08:2e:10:e4:07:da:41:9f:
8f:41:7b:ae:b7:53:0a:6f:5b:a8:46:24:ee:2f:1f:
f0:07:15:b2:37:d7:e7:00:22:9b:5f:b1:e4:b8:10:
ab:95:b1:cf:61:f8:a0:e7:d2:da:cb:a2:53:ec:f7:
6e:ae:3a:d4:86:93:15:6f:f8:1a:e1:a7:f0:f1:27:
ef:db:20:20:3b:40:30:90:9a:53:b1:d5:99:7a:4d:
82:d9:6c:7a:e6:24:75:61:a5:91:17:2b:3d:fd:99:
7d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:5A:28:33:4B:51:69:D9:E7:7E:CE:F2:3C:0E:09:C8:61:CE:BB:DD
X509v3 Authority Key Identifier:
keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/P1ooM0tRadnnfs7yPA4JyGHOu90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.216.0/24
85.193.92.0/23
85.193.95.0/24
87.249.50.0/24
89.191.228.0/24
90.156.228.0/24
90.156.231.0/24
94.228.122.0/24
176.57.212.0/24
176.57.221.0/24
185.104.112.0/24
185.104.115.0/24
185.247.16.0/24
185.247.18.0/23
188.225.14.0/24
188.225.60.0/24
194.35.116.0/22
217.25.91.0/24
217.25.95.0/24
217.151.229.0/24
217.151.231.0/24
IPv6:
2a03:6f02::/64
Signature Algorithm: sha256WithRSAEncryption
48:1e:f6:c4:be:bd:b4:ba:00:b6:c0:a3:32:1f:a8:38:93:70:
9e:66:df:3f:14:f8:2c:50:e9:20:9c:c7:88:b6:30:2d:ba:8a:
01:ee:2f:5c:a4:10:81:52:82:94:21:f2:5e:9a:bb:6d:fb:30:
ff:94:2e:ec:7f:c9:5b:7e:2b:ad:57:8f:0a:76:06:0d:80:b8:
9b:40:84:24:60:4b:20:a0:5f:45:39:52:3b:d0:e7:74:ea:a5:
e6:bb:e7:27:64:ff:6b:02:b9:93:d9:2d:29:cf:58:1f:d8:84:
bc:77:e7:3c:7c:a6:5a:52:11:2e:2b:5b:c8:82:e8:f0:cb:40:
a5:17:cf:f5:84:48:e6:8e:97:b9:19:50:8c:01:5a:dc:dc:48:
f0:c6:a4:fe:8d:41:78:4c:0d:16:d8:4d:f8:fe:cf:e4:ac:c9:
6d:2c:b8:59:e7:fb:51:0b:f5:d5:70:3b:8d:27:93:11:62:29:
bf:29:17:a8:68:7b:ec:49:9f:d8:d9:55:df:d2:79:47:5b:d7:
8f:22:ae:96:93:c7:60:4b:0e:55:59:1d:0d:5f:13:13:28:7b:
76:01:66:ec:0f:a2:c7:4d:cc:ec:76:fc:94:6f:52:b6:c4:66:
b6:30:52:75:81:20:c6:d4:d0:4b:e7:4f:b1:73:39:2c:74:fb:
60:40:43:d2
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAZcg2EllK0mGlTuBMQZbxtZhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNjBiMmIxYzgyOWQ4ODkzNmIxYWRhZWVjOTdmZGQxYjQw
ZDQxZTUwHhcNMjUwNTMwMTA1ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjVhMjgzMzRiNTE2OWQ5ZTc3ZWNlZjIzYzBlMDljODYxY2ViYmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocgfGtsjSOj5DS2CMvOVwuWHgbW0
v6mc1JBQLG9cHrkALWaJdAB3numAQ/ZO2rIqmeb3mtANDhHPqtPSsRIZuRRs6rBx
VMRFb5DKzKTS0fIKemEbVh/u+jCvHMWX8IP4RMLq52TH8X7GzXOkjAVpVFjq6dmF
6ylNdefsd7QFIZLVcIcpbs9XOLW3/GYMmAzy3DKbM3ASgjLcebg0CC4Q5AfaQZ+P
QXuut1MKb1uoRiTuLx/wBxWyN9fnACKbX7HkuBCrlbHPYfig59Lay6JT7PdurjrU
hpMVb/ga4afw8Sfv2yAgO0AwkJpTsdWZek2C2Wx65iR1YaWRFys9/Zl9VQIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFD9aKDNLUWnZ537O8jwOCchhzrvdMB8GA1UdIwQY
MBaAFCFgsrHIKdiJNrGtruyX/dG0DUHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEt
M2RmN2ZhZjM1MzVkLzEvUDFvb00wdFJhZG5uZnM3eVBBNEp5R0hPdTkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEtM2RmN2ZhZjM1MzVk
LzEvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBhAQCAAEwfgMEAE4o
2AMEAVXBXAMEAFXBXwMEAFf5MgMEAFm/5AMEAFqc5AMEAFqc5wMEAF7kegMEALA5
1AMEALA53QMEALlocAMEALlocwMEALn3EAMEAbn3EgMEALzhDgMEALzhPAMEAsIj
dAMEANkZWwMEANkZXwMEANmX5QMEANmX5zARBAIAAjALAwkAKgNvAgAAAAAwDQYJ
KoZIhvcNAQELBQADggEBAEge9sS+vbS6ALbAozIfqDiTcJ5m3z8U+CxQ6SCcx4i2
MC26igHuL1ykEIFSgpQh8l6au237MP+ULux/yVt+K61Xjwp2Bg2AuJtAhCRgSyCg
X0U5UjvQ53Tqpea75ydk/2sCuZPZLSnPWB/YhLx35zx8plpSES4rW8iC6PDLQKUX
z/WESOaOl7kZUIwBWtzcSPDGpP6NQXhMDRbYTfj+z+SsyW0suFnn+1EL9dVwO40n
kxFiKb8pF6hoe+xJn9jZVd/SeUdb148irpaTx2BLDlVZHQ1fExMoe3YBZuwPosdN
zOx2/JRvUrbEZrYwUnWBIMbU0EvnT7FzOSx0+2BAQ9I=
-----END CERTIFICATE-----
Generated at Sun Jun 8 11:18:22 2025 by rpki-client