Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/f16nWIMGHgMyxjUwwW5mkdLQMd0.roa
File: f16nWIMGHgMyxjUwwW5mkdLQMd0.roa (raw, json)
Hash identifier: cQ3dVHo/0HhnTC8+m1Zhi31obOzcvLQkbddyUVwk8ag=
Subject key identifier: 7F:5E:A7:58:83:06:1E:03:32:C6:35:30:C1:6E:66:91:D2:D0:31:DD
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0195882FD1628A73C6323A5AC925165C5D0A
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/f16nWIMGHgMyxjUwwW5mkdLQMd0.roa
Signing time: Wed 12 Mar 2025 02:29:49 +0000
ROA not before: Wed 12 Mar 2025 02:29:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25490
IP address blocks: 62.183.0.0/17 maxlen: 17
62.183.0.0/19 maxlen: 19
62.183.32.0/20 maxlen: 20
62.183.48.0/23 maxlen: 23
62.183.50.0/24 maxlen: 24
62.183.52.0/22 maxlen: 22
62.183.56.0/22 maxlen: 22
62.183.60.0/22 maxlen: 22
62.183.64.0/21 maxlen: 21
62.183.64.0/24 maxlen: 24
62.183.72.0/22 maxlen: 22
62.183.88.0/22 maxlen: 22
62.183.92.0/22 maxlen: 22
62.183.96.0/22 maxlen: 22
83.239.0.0/18 maxlen: 18
83.239.0.0/20 maxlen: 20
83.239.16.0/20 maxlen: 20
83.239.32.0/19 maxlen: 19
83.239.32.0/21 maxlen: 21
83.239.40.0/22 maxlen: 22
83.239.48.0/20 maxlen: 20
83.239.64.0/19 maxlen: 19
83.239.96.0/20 maxlen: 20
83.239.200.0/21 maxlen: 24
83.239.224.0/20 maxlen: 20
83.239.240.0/22 maxlen: 22
83.239.244.0/22 maxlen: 22
85.172.0.0/19 maxlen: 19
85.172.32.0/19 maxlen: 19
85.172.64.0/21 maxlen: 21
85.172.72.0/22 maxlen: 22
85.172.79.0/24 maxlen: 24
85.172.82.0/23 maxlen: 23
85.172.84.0/22 maxlen: 22
85.172.96.0/21 maxlen: 21
85.172.104.0/22 maxlen: 22
85.172.108.0/23 maxlen: 23
85.172.160.0/21 maxlen: 21
85.173.4.0/22 maxlen: 22
85.173.144.0/20 maxlen: 23
85.173.150.0/23 maxlen: 23
85.173.152.0/22 maxlen: 22
85.174.128.0/22 maxlen: 22
85.174.132.0/23 maxlen: 23
85.174.134.0/24 maxlen: 24
85.174.136.0/24 maxlen: 24
85.174.143.0/24 maxlen: 24
85.174.190.0/23 maxlen: 23
85.174.224.0/20 maxlen: 20
85.174.240.0/20 maxlen: 20
85.175.0.0/16 maxlen: 23
85.175.0.0/19 maxlen: 19
85.175.32.0/21 maxlen: 21
85.175.46.0/24 maxlen: 24
85.175.62.0/23 maxlen: 23
85.175.65.0/24 maxlen: 24
85.175.66.0/23 maxlen: 23
85.175.71.0/24 maxlen: 24
85.175.72.0/22 maxlen: 22
85.175.82.0/23 maxlen: 23
85.175.91.0/24 maxlen: 24
85.175.96.0/22 maxlen: 22
85.175.100.0/23 maxlen: 23
85.175.152.0/23 maxlen: 23
85.175.170.0/23 maxlen: 23
85.175.194.0/23 maxlen: 24
85.175.196.0/22 maxlen: 24
85.175.200.0/21 maxlen: 24
85.175.216.0/22 maxlen: 22
85.175.226.0/23 maxlen: 23
85.175.236.0/24 maxlen: 24
94.233.144.0/21 maxlen: 21
94.233.160.0/20 maxlen: 20
109.172.72.0/24 maxlen: 24
178.34.0.0/17 maxlen: 17
2a02:8040::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:88:2f:d1:62:8a:73:c6:32:3a:5a:c9:25:16:5c:5d:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Mar 12 02:29:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7f5ea75883061e0332c63530c16e6691d2d031dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:63:82:cb:6c:d6:45:ae:eb:da:3d:90:57:25:
6d:a8:93:89:1f:e3:4a:d8:92:30:6c:55:58:91:17:
b6:e7:aa:ca:49:e5:09:92:41:d5:ba:83:15:c3:ef:
da:06:00:c5:52:4e:cf:14:ff:a5:6d:ad:b9:66:01:
ef:ef:d7:9c:4b:ea:4f:08:8a:59:b4:cc:b3:ce:0e:
52:32:9e:ee:9d:38:20:75:63:92:c1:21:f5:63:34:
95:46:d9:56:f6:7d:56:e0:e0:bf:1a:9e:f0:a6:43:
e8:90:e6:05:72:36:57:c1:28:97:c9:45:78:d5:1f:
f6:3e:c0:a8:be:e8:5d:85:72:c9:f1:37:68:85:4f:
0f:ae:d6:67:39:ed:20:4e:4c:7b:a0:3d:6a:df:d7:
66:2e:5a:09:74:2a:a6:c9:a3:e4:29:fa:58:52:03:
fa:92:ae:c2:20:21:92:cf:a3:06:2d:09:c9:f9:87:
23:3c:88:a7:6a:0f:aa:11:0f:d3:74:67:e1:99:65:
5f:0e:f9:0e:36:2f:d2:19:40:9e:d5:d7:6b:65:1c:
c5:2e:03:92:14:5a:87:85:90:8b:dc:11:44:69:98:
66:b5:1e:7c:90:48:38:41:6a:d3:30:1b:83:cf:f4:
63:c6:9a:d2:57:d2:07:28:0a:ce:e1:bb:d0:75:81:
9d:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:5E:A7:58:83:06:1E:03:32:C6:35:30:C1:6E:66:91:D2:D0:31:DD
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/f16nWIMGHgMyxjUwwW5mkdLQMd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.183.0.0/17
83.239.0.0-83.239.111.255
83.239.200.0/21
83.239.224.0-83.239.247.255
85.172.0.0-85.172.75.255
85.172.79.0/24
85.172.82.0-85.172.87.255
85.172.96.0-85.172.109.255
85.172.160.0/21
85.173.4.0/22
85.173.144.0/20
85.174.128.0-85.174.134.255
85.174.136.0/24
85.174.143.0/24
85.174.190.0/23
85.174.224.0-85.175.255.255
94.233.144.0/21
94.233.160.0/20
109.172.72.0/24
178.34.0.0/17
IPv6:
2a02:8040::/32
Signature Algorithm: sha256WithRSAEncryption
48:17:0a:6c:e8:c6:db:04:4e:1b:e9:76:f3:80:ad:7c:64:37:
09:4e:46:df:43:2e:73:cd:4d:6f:08:6c:81:01:f8:53:94:50:
77:f2:a1:6c:76:7f:33:af:ef:13:6a:d5:da:1a:1e:8c:87:c0:
ed:36:65:a4:e2:85:f5:b5:5e:85:09:68:8e:60:7f:03:2d:b5:
ad:01:66:c0:ea:29:b8:d2:2c:63:c3:71:0c:b9:6d:95:6b:52:
66:49:45:c0:5a:16:20:f0:f7:bd:11:bf:78:33:df:cc:74:cc:
d4:0b:85:ff:58:1b:36:0f:5d:ec:9f:00:1c:00:21:28:19:53:
42:51:1d:b5:ad:f3:8d:fc:b4:04:d0:33:b8:c0:08:3f:31:09:
b3:a4:53:7a:89:5e:9d:d2:08:1d:ef:6d:ea:a4:b8:1d:e8:be:
6d:27:e4:36:6a:31:6f:e1:9c:9c:d6:55:5e:40:d4:32:dc:df:
4b:6a:d8:c4:2b:95:f0:9c:0c:6f:29:1a:c8:57:19:41:91:2b:
23:5c:52:93:3b:0e:34:ef:64:48:c9:4a:22:ed:47:7f:19:76:
83:44:7a:92:ed:36:a4:92:dc:fc:50:ee:cb:c8:00:58:ae:62:
75:ce:f2:13:f1:44:fd:b7:7b:37:10:5b:ce:ca:38:ce:f0:3b:
f6:80:3c:74
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgISAZWIL9FiinPGMjpaySUWXF0KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMzEyMDIyOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjVlYTc1ODgzMDYxZTAzMzJjNjM1MzBjMTZlNjY5MWQyZDAzMWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGOCy2zWRa7r2j2QVyVtqJOJH+NK
2JIwbFVYkRe256rKSeUJkkHVuoMVw+/aBgDFUk7PFP+lba25ZgHv79ecS+pPCIpZ
tMyzzg5SMp7unTggdWOSwSH1YzSVRtlW9n1W4OC/Gp7wpkPokOYFcjZXwSiXyUV4
1R/2PsCovuhdhXLJ8TdohU8PrtZnOe0gTkx7oD1q39dmLloJdCqmyaPkKfpYUgP6
kq7CICGSz6MGLQnJ+YcjPIinag+qEQ/TdGfhmWVfDvkONi/SGUCe1ddrZRzFLgOS
FFqHhZCL3BFEaZhmtR58kEg4QWrTMBuDz/RjxprSV9IHKArO4bvQdYGdWQIDAQAB
o4ICxDCCAsAwHQYDVR0OBBYEFH9ep1iDBh4DMsY1MMFuZpHS0DHdMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvZjE2bldJTUdIZ015eGpVd3dXNW1rZExRTWQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHZBggrBgEFBQcBBwEB/wSByTCBxjCBtAQCAAEwga0DBAc+
twAwCwMDAFPvAwQEU+9gAwQDU+/IMAwDBAVT7+ADBANT7/AwCwMDAlWsAwQCVaxI
AwQAVaxPMAwDBAFVrFIDBANVrFAwDAMEBVWsYAMEAVWsbAMEA1WsoAMEAlWtBAME
BFWtkDAMAwQHVa6AAwQAVa6GAwQAVa6IAwQAVa6PAwQBVa6+MAsDBAVVruADAwRV
oAMEA17pkAMEBF7poAMEAG2sSAMEB7IiADANBAIAAjAHAwUAKgKAQDANBgkqhkiG
9w0BAQsFAAOCAQEASBcKbOjG2wROG+l284CtfGQ3CU5G30Muc81NbwhsgQH4U5RQ
d/KhbHZ/M6/vE2rV2hoejIfA7TZlpOKF9bVehQlojmB/Ay21rQFmwOopuNIsY8Nx
DLltlWtSZklFwFoWIPD3vRG/eDPfzHTM1AuF/1gbNg9d7J8AHAAhKBlTQlEdta3z
jfy0BNAzuMAIPzEJs6RTeolendIIHe9t6qS4Hei+bSfkNmoxb+GcnNZVXkDUMtzf
S2rYxCuV8JwMbykayFcZQZErI1xSkzsONO9kSMlKIu1Hfxl2g0R6ku02pJLc/FDu
y8gAWK5idc7yE/FE/bd7NxBbzso4zvA79oA8dA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:09:02 2025 by rpki-client