Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/njoPIuYF7IOWQYTqM44yQ_YazF4.roa
File: njoPIuYF7IOWQYTqM44yQ_YazF4.roa (raw, json)
Hash identifier: w/qf7CCkBuOoXnnIQv8FJjLMojLEmfstC+goWqjDMDk=
Subject key identifier: 9E:3A:0F:22:E6:05:EC:83:96:41:84:EA:33:8E:32:43:F6:1A:CC:5E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019744CA9B9E3808DACC827385D2511C8999
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/njoPIuYF7IOWQYTqM44yQ_YazF4.roa
Signing time: Fri 06 Jun 2025 10:30:18 +0000
ROA not before: Fri 06 Jun 2025 10:30:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214238
IP address blocks: 5.253.56.0/24 maxlen: 24
5.253.57.0/24 maxlen: 24
5.253.58.0/24 maxlen: 24
37.139.128.0/24 maxlen: 24
45.88.66.0/24 maxlen: 24
45.128.234.0/24 maxlen: 24
45.128.235.0/24 maxlen: 24
85.31.44.0/24 maxlen: 24
85.31.46.0/24 maxlen: 24
85.208.136.0/24 maxlen: 24
87.120.92.0/24 maxlen: 24
87.120.108.0/24 maxlen: 24
87.120.196.0/24 maxlen: 24
87.120.205.0/24 maxlen: 24
87.120.216.0/24 maxlen: 24
87.120.219.0/24 maxlen: 24
87.120.222.0/24 maxlen: 24
87.121.47.0/24 maxlen: 24
87.121.216.0/24 maxlen: 24
91.92.21.0/24 maxlen: 24
93.123.31.0/24 maxlen: 24
94.125.102.0/24 maxlen: 24
94.125.103.0/24 maxlen: 24
94.156.236.0/24 maxlen: 24
109.206.240.0/24 maxlen: 24
109.206.243.0/24 maxlen: 24
171.22.30.0/24 maxlen: 24
185.207.14.0/24 maxlen: 24
185.207.15.0/24 maxlen: 24
185.218.138.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
185.252.179.0/24 maxlen: 24
193.8.184.0/24 maxlen: 24
193.8.186.0/24 maxlen: 24
193.8.187.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
193.47.61.0/24 maxlen: 24
193.148.56.0/24 maxlen: 24
193.148.57.0/24 maxlen: 24
193.148.58.0/24 maxlen: 24
193.148.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 22:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:44:ca:9b:9e:38:08:da:cc:82:73:85:d2:51:1c:89:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 6 10:30:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e3a0f22e605ec83964184ea338e3243f61acc5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:a5:f0:d4:28:8d:45:9b:fc:8f:b3:2e:16:30:
59:c4:1e:c9:b4:79:7b:35:7a:b6:b5:fe:21:81:c5:
e9:eb:8f:85:bf:9f:de:8f:d9:6c:39:3d:67:7d:ba:
60:a1:ec:a5:64:32:e1:9f:e5:03:7b:ba:d3:89:0d:
37:fb:ca:e7:08:c4:dc:e2:58:3d:a8:28:46:f6:51:
5a:b8:8b:67:8c:f9:99:2d:fb:90:91:d8:40:cd:42:
66:91:2a:4e:a2:29:8a:22:be:c5:6c:a0:f1:d9:ed:
9d:a7:36:ea:2e:af:58:a7:4b:ec:09:cd:cf:9f:40:
ae:df:fb:a6:e9:e1:55:82:de:cf:69:3e:fd:49:7b:
1e:dc:56:0f:3d:11:55:54:56:ce:a4:37:10:33:3d:
2c:e9:bd:8c:72:d4:20:88:7d:b4:c0:50:07:7f:40:
f6:0b:2b:6e:44:e7:f6:51:b8:ea:01:9a:07:17:28:
6a:35:ff:5e:e2:bb:43:bb:86:48:7b:31:33:9b:38:
77:fa:f2:95:be:8e:cd:79:f1:5a:af:06:08:d6:7b:
e2:e0:b6:62:74:47:ab:41:fa:a6:cb:6e:c3:49:1b:
6c:d5:fb:08:a0:c1:16:21:85:53:d6:b5:f0:4d:38:
fe:39:f9:62:42:9b:48:88:ec:db:6e:7b:5b:09:f8:
38:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:3A:0F:22:E6:05:EC:83:96:41:84:EA:33:8E:32:43:F6:1A:CC:5E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/njoPIuYF7IOWQYTqM44yQ_YazF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.56.0-5.253.58.255
37.139.128.0/24
45.88.66.0/24
45.128.234.0/23
85.31.44.0/24
85.31.46.0/24
85.208.136.0/24
87.120.92.0/24
87.120.108.0/24
87.120.196.0/24
87.120.205.0/24
87.120.216.0/24
87.120.219.0/24
87.120.222.0/24
87.121.47.0/24
87.121.216.0/24
91.92.21.0/24
93.123.31.0/24
94.125.102.0/23
94.156.236.0/24
109.206.240.0/24
109.206.243.0/24
171.22.30.0/24
185.207.14.0/23
185.218.138.0/24
185.246.221.0/24
185.252.179.0/24
193.8.184.0/24
193.8.186.0/23
193.47.60.0/23
193.148.56.0/22
Signature Algorithm: sha256WithRSAEncryption
36:81:30:0e:2d:c1:96:86:58:8e:6a:6e:a5:53:40:44:1e:be:
67:06:6b:52:09:59:5a:f6:d6:f7:06:5a:44:06:cb:91:54:74:
49:8d:91:87:dd:96:e9:e6:ff:8b:76:9a:a0:eb:94:71:48:ab:
f2:09:86:48:fe:91:fa:f7:cd:03:2d:7b:21:b3:ef:6d:66:7f:
d3:db:98:47:05:b7:1d:5c:58:13:96:26:2a:01:40:63:ba:bf:
80:6c:3c:75:82:cb:db:d6:0e:4a:57:cd:78:c5:ed:18:20:06:
49:b4:27:2d:be:a1:2e:06:e1:74:62:43:e3:6e:9e:7b:43:06:
9c:53:cd:d0:b1:aa:2c:47:ed:0e:3d:12:a9:2e:a7:d5:e8:99:
3d:12:5a:08:25:29:2e:5d:54:18:4c:71:a9:3b:88:28:00:aa:
a5:75:24:73:ba:25:28:5e:7b:b6:d7:54:71:0f:d9:2c:22:fd:
fc:3c:e3:87:56:b7:c5:53:43:7f:8e:68:57:a4:e7:9f:11:25:
92:63:c4:81:96:f2:6e:5c:53:58:cf:33:fb:f5:cc:ac:b1:bf:
33:f3:9e:1c:44:aa:d2:8c:52:84:a9:bc:ee:af:07:2f:05:c5:
8a:f2:53:23:3d:93:41:8a:7a:b7:8b:9b:3c:bc:c6:69:48:0c:
8a:22:f0:25
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAZdEypueOAjazIJzhdJRHImZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNjA2MTAzMDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTNhMGYyMmU2MDVlYzgzOTY0MTg0ZWEzMzhlMzI0M2Y2MWFjYzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzqXw1CiNRZv8j7MuFjBZxB7JtHl7
NXq2tf4hgcXp64+Fv5/ej9lsOT1nfbpgoeylZDLhn+UDe7rTiQ03+8rnCMTc4lg9
qChG9lFauItnjPmZLfuQkdhAzUJmkSpOoimKIr7FbKDx2e2dpzbqLq9Yp0vsCc3P
n0Cu3/um6eFVgt7PaT79SXse3FYPPRFVVFbOpDcQMz0s6b2MctQgiH20wFAHf0D2
CytuROf2UbjqAZoHFyhqNf9e4rtDu4ZIezEzmzh3+vKVvo7NefFarwYI1nvi4LZi
dEerQfqmy27DSRts1fsIoMEWIYVT1rXwTTj+OfliQptIiOzbbntbCfg4vwIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFJ46DyLmBeyDlkGE6jOOMkP2GsxeMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbmpvUEl1WUY3SU9XUVlUcU00NHlRX1lhekY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCByQQCAAEwgcIwDAME
AwX9OAMEAAX9OgMEACWLgAMEAC1YQgMEAS2A6gMEAFUfLAMEAFUfLgMEAFXQiAME
AFd4XAMEAFd4bAMEAFd4xAMEAFd4zQMEAFd42AMEAFd42wMEAFd43gMEAFd5LwME
AFd52AMEAFtcFQMEAF17HwMEAV59ZgMEAF6c7AMEAG3O8AMEAG3O8wMEAKsWHgME
AbnPDgMEALnaigMEALn23QMEALn8swMEAMEIuAMEAcEIugMEAcEvPAMEAsGUODAN
BgkqhkiG9w0BAQsFAAOCAQEANoEwDi3BloZYjmpupVNARB6+ZwZrUglZWvbW9wZa
RAbLkVR0SY2Rh92W6eb/i3aaoOuUcUir8gmGSP6R+vfNAy17IbPvbWZ/09uYRwW3
HVxYE5YmKgFAY7q/gGw8dYLL29YOSlfNeMXtGCAGSbQnLb6hLgbhdGJD426ee0MG
nFPN0LGqLEftDj0SqS6n1eiZPRJaCCUpLl1UGExxqTuIKACqpXUkc7olKF57ttdU
cQ/ZLCL9/Dzjh1a3xVNDf45oV6TnnxElkmPEgZbyblxTWM8z+/XMrLG/M/OeHESq
0oxShKm87q8HLwXFivJTIz2TQYp6t4ubPLzGaUgMiiLwJQ==
-----END CERTIFICATE-----
Generated at Sun Jun 15 07:08:24 2025 by rpki-client