Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/pYhg1n_DxPby2Wa8o54wKMCV-TY.roa
File: pYhg1n_DxPby2Wa8o54wKMCV-TY.roa (raw, json)
Hash identifier: jyg5bkFKPwfKRdHY+XAYFgW1xWFYhzO9CuP3U/F9zhE=
Subject key identifier: A5:88:60:D6:7F:C3:C4:F6:F2:D9:66:BC:A3:9E:30:28:C0:95:F9:36
Certificate issuer: /CN=71949b47df313cbab9452da98fcc637608a909bd
Certificate serial: 01973A4E46B08E2CF864A4BB23D6C301E7DB
Authority key identifier: 71:94:9B:47:DF:31:3C:BA:B9:45:2D:A9:8F:CC:63:76:08:A9:09:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cZSbR98xPLq5RS2pj8xjdgipCb0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/pYhg1n_DxPby2Wa8o54wKMCV-TY.roa
Signing time: Wed 04 Jun 2025 09:38:17 +0000
ROA not before: Wed 04 Jun 2025 09:38:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13097
IP address blocks: 46.229.80.0/20 maxlen: 20
46.229.80.0/24 maxlen: 24
46.229.81.0/24 maxlen: 24
46.229.82.0/24 maxlen: 24
46.229.83.0/24 maxlen: 24
46.229.84.0/24 maxlen: 24
46.229.85.0/24 maxlen: 24
46.229.86.0/24 maxlen: 24
46.229.87.0/24 maxlen: 24
46.229.88.0/24 maxlen: 24
46.229.89.0/24 maxlen: 24
46.229.90.0/24 maxlen: 24
46.229.91.0/24 maxlen: 24
46.229.92.0/24 maxlen: 24
46.229.93.0/24 maxlen: 24
46.229.94.0/24 maxlen: 24
46.229.95.0/24 maxlen: 24
80.70.116.0/22 maxlen: 22
80.70.116.0/24 maxlen: 24
80.70.117.0/24 maxlen: 24
80.70.118.0/24 maxlen: 24
80.70.119.0/24 maxlen: 24
82.163.32.0/22 maxlen: 24
84.234.100.0/22 maxlen: 22
84.234.100.0/24 maxlen: 24
84.234.101.0/24 maxlen: 24
84.234.102.0/24 maxlen: 24
84.234.103.0/24 maxlen: 24
89.189.32.0/20 maxlen: 20
89.189.32.0/24 maxlen: 24
89.189.33.0/24 maxlen: 24
89.189.34.0/24 maxlen: 24
89.189.35.0/24 maxlen: 24
89.189.36.0/24 maxlen: 24
89.189.37.0/24 maxlen: 24
89.189.38.0/24 maxlen: 24
89.189.39.0/24 maxlen: 24
89.189.40.0/24 maxlen: 24
89.189.41.0/24 maxlen: 24
89.189.42.0/24 maxlen: 24
89.189.43.0/24 maxlen: 24
89.189.44.0/24 maxlen: 24
89.189.45.0/24 maxlen: 24
89.189.46.0/24 maxlen: 24
89.189.47.0/24 maxlen: 24
89.189.56.0/21 maxlen: 21
89.189.56.0/24 maxlen: 24
89.189.57.0/24 maxlen: 24
89.189.58.0/24 maxlen: 24
89.189.59.0/24 maxlen: 24
89.189.60.0/24 maxlen: 24
89.189.61.0/24 maxlen: 24
89.189.62.0/24 maxlen: 24
89.189.63.0/24 maxlen: 24
185.138.36.0/22 maxlen: 22
185.138.36.0/23 maxlen: 23
185.138.36.0/24 maxlen: 24
185.138.37.0/24 maxlen: 24
185.138.38.0/23 maxlen: 23
185.138.38.0/24 maxlen: 24
185.138.39.0/24 maxlen: 24
185.178.12.0/22 maxlen: 22
185.178.12.0/24 maxlen: 24
185.178.13.0/24 maxlen: 24
185.178.14.0/24 maxlen: 24
185.178.15.0/24 maxlen: 24
213.178.192.0/20 maxlen: 20
213.178.192.0/24 maxlen: 24
213.178.193.0/24 maxlen: 24
213.178.194.0/24 maxlen: 24
213.178.195.0/24 maxlen: 24
213.178.196.0/24 maxlen: 24
213.178.197.0/24 maxlen: 24
213.178.198.0/24 maxlen: 24
213.178.199.0/24 maxlen: 24
213.178.200.0/24 maxlen: 24
213.178.201.0/24 maxlen: 24
213.178.202.0/24 maxlen: 24
213.178.203.0/24 maxlen: 24
213.178.204.0/24 maxlen: 24
213.178.205.0/24 maxlen: 24
213.178.206.0/24 maxlen: 24
213.178.207.0/24 maxlen: 24
2a01:7540::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/cZSbR98xPLq5RS2pj8xjdgipCb0.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/cZSbR98xPLq5RS2pj8xjdgipCb0.mft
rsync://rpki.ripe.net/repository/DEFAULT/cZSbR98xPLq5RS2pj8xjdgipCb0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3a:4e:46:b0:8e:2c:f8:64:a4:bb:23:d6:c3:01:e7:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71949b47df313cbab9452da98fcc637608a909bd
Validity
Not Before: Jun 4 09:38:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a58860d67fc3c4f6f2d966bca39e3028c095f936
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:30:77:a1:5a:8a:af:90:2a:65:6d:f2:de:b9:
76:f4:f9:00:4d:e0:85:c3:97:37:ce:99:c6:38:5a:
b1:54:2b:c0:93:f9:5f:1c:b6:ac:ee:ff:15:bb:dd:
c5:52:40:24:0d:4f:34:50:c3:e8:5a:49:73:f7:12:
06:23:62:57:2e:c0:85:7e:d4:25:1c:1c:18:7f:20:
b1:70:7e:65:ea:8f:d3:a2:da:eb:f2:7d:51:5d:98:
6b:ad:95:72:6d:ee:81:4e:b7:72:99:bc:3d:b5:1a:
ea:f2:9c:80:86:f0:4e:3d:04:8d:6c:0a:a6:1e:89:
e2:4e:7e:65:37:a5:13:f8:4c:b0:03:ec:22:86:32:
5a:2e:03:25:2b:c3:ae:a1:62:46:dc:44:42:d1:e5:
bb:d5:65:7a:7f:1f:a0:7c:3e:d6:88:28:5a:63:ce:
16:37:48:19:d6:ea:d0:f4:ff:ac:4a:a7:4f:84:ac:
0d:40:83:43:d8:68:67:90:5a:3d:e6:78:fd:85:06:
63:b9:3a:ed:b5:6d:ac:51:af:f6:f8:7c:86:57:6d:
2e:e8:c3:78:84:6c:6b:f2:06:30:d4:17:57:3c:18:
d2:5b:31:62:80:b5:60:92:3b:d1:a9:94:af:71:5b:
6a:3c:83:e3:5f:b5:53:f8:56:31:17:f4:41:59:53:
f1:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:88:60:D6:7F:C3:C4:F6:F2:D9:66:BC:A3:9E:30:28:C0:95:F9:36
X509v3 Authority Key Identifier:
keyid:71:94:9B:47:DF:31:3C:BA:B9:45:2D:A9:8F:CC:63:76:08:A9:09:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cZSbR98xPLq5RS2pj8xjdgipCb0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/pYhg1n_DxPby2Wa8o54wKMCV-TY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/cZSbR98xPLq5RS2pj8xjdgipCb0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.80.0/20
80.70.116.0/22
82.163.32.0/22
84.234.100.0/22
89.189.32.0/20
89.189.56.0/21
185.138.36.0/22
185.178.12.0/22
213.178.192.0/20
IPv6:
2a01:7540::/32
Signature Algorithm: sha256WithRSAEncryption
33:d8:38:34:43:ba:e7:6f:b9:5e:26:c7:1f:36:df:dd:75:f2:
de:bd:19:1d:8f:ac:04:05:49:71:fb:8d:b4:44:19:9d:6b:9f:
9e:09:b9:65:e9:80:c9:65:8b:f3:f1:8f:bf:fb:fa:e3:b9:21:
20:97:58:dd:71:e9:e3:84:8c:44:11:f9:7e:6a:31:5a:6b:2d:
bb:d7:41:97:7e:23:6f:29:b6:fc:b2:55:cc:c8:6c:d4:55:84:
78:7d:05:0f:f9:a0:44:ac:50:20:83:f9:f8:b6:8d:49:68:93:
0c:c8:b1:56:7c:04:01:0e:02:bc:75:70:9e:1e:b4:b0:3d:4c:
e4:d9:d0:08:82:da:7a:16:e1:b0:b7:da:19:bf:0d:61:62:27:
59:41:5d:e3:75:cb:05:4f:03:1a:f5:61:1c:df:c1:99:e7:14:
e6:43:26:75:91:d6:dc:94:d1:f2:1d:47:e0:ac:be:f9:ae:7d:
db:6b:41:8f:ab:45:e0:10:3f:6e:25:d9:9e:48:61:63:e1:a8:
66:d0:cc:f9:88:2e:44:8e:27:5e:99:88:b8:dd:2a:bc:5b:80:
cb:af:96:81:96:5d:f0:b7:82:f6:ef:9f:32:7e:54:95:28:f4:
3c:36:47:92:53:e2:6a:aa:aa:be:ec:48:fc:17:43:20:e5:10:
06:6c:fb:79
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZc6Tkawjiz4ZKS7I9bDAefbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxOTQ5YjQ3ZGYzMTNjYmFiOTQ1MmRhOThmY2M2Mzc2MDhh
OTA5YmQwHhcNMjUwNjA0MDkzODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTg4NjBkNjdmYzNjNGY2ZjJkOTY2YmNhMzllMzAyOGMwOTVmOTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzB3oVqKr5AqZW3y3rl29PkATeCF
w5c3zpnGOFqxVCvAk/lfHLas7v8Vu93FUkAkDU80UMPoWklz9xIGI2JXLsCFftQl
HBwYfyCxcH5l6o/Totrr8n1RXZhrrZVybe6BTrdymbw9tRrq8pyAhvBOPQSNbAqm
HoniTn5lN6UT+EywA+wihjJaLgMlK8OuoWJG3ERC0eW71WV6fx+gfD7WiChaY84W
N0gZ1urQ9P+sSqdPhKwNQIND2GhnkFo95nj9hQZjuTrttW2sUa/2+HyGV20u6MN4
hGxr8gYw1BdXPBjSWzFigLVgkjvRqZSvcVtqPIPjX7VT+FYxF/RBWVPxRQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFKWIYNZ/w8T28tlmvKOeMCjAlfk2MB8GA1UdIwQY
MBaAFHGUm0ffMTy6uUUtqY/MY3YIqQm9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1pTYlI5OHhQTHE1UlMycGo4eGpkZ2lwQ2IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iMzNhNzgtYTUxZS00NmU0LTg2NDgt
MDA2NmY1NDFmYWVhLzEvcFloZzFuX0R4UGJ5MldhOG81NHdLTUNWLVRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iMzNhNzgtYTUxZS00NmU0LTg2NDgtMDA2NmY1NDFmYWVh
LzEvY1pTYlI5OHhQTHE1UlMycGo4eGpkZ2lwQ2IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQELuVQAwQC
UEZ0AwQCUqMgAwQCVOpkAwQEWb0gAwQDWb04AwQCuYokAwQCubIMAwQE1bLAMA0E
AgACMAcDBQAqAXVAMA0GCSqGSIb3DQEBCwUAA4IBAQAz2Dg0Q7rnb7leJscfNt/d
dfLevRkdj6wEBUlx+420RBmda5+eCbll6YDJZYvz8Y+/+/rjuSEgl1jdcenjhIxE
Efl+ajFaay2710GXfiNvKbb8slXMyGzUVYR4fQUP+aBErFAgg/n4to1JaJMMyLFW
fAQBDgK8dXCeHrSwPUzk2dAIgtp6FuGwt9oZvw1hYidZQV3jdcsFTwMa9WEc38GZ
5xTmQyZ1kdbclNHyHUfgrL75rn3ba0GPq0XgED9uJdmeSGFj4ahm0Mz5iC5Ejide
mYi43Sq8W4DLr5aBll3wt4L2758yflSVKPQ8NkeSU+Jqqqq+7Ej8F0Mg5RAGbPt5
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:51:15 2025 by rpki-client