Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/x85oANEgAkn_0YKUYgwppicyyeo.roa
File: x85oANEgAkn_0YKUYgwppicyyeo.roa (raw, json)
Hash identifier: m7INaOS7WH2r3b3WZ8y7KAdHgLOJJJkkdRoz20sR7KM=
Subject key identifier: C7:CE:68:00:D1:20:02:49:FF:D1:82:94:62:0C:29:A6:27:32:C9:EA
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0196583107C00486E53FD8D155196C2246FA
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/x85oANEgAkn_0YKUYgwppicyyeo.roa
Signing time: Mon 21 Apr 2025 11:52:10 +0000
ROA not before: Mon 21 Apr 2025 11:52:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.13.189.0/24 maxlen: 24
45.13.190.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.151.3.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
146.19.125.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/24 maxlen: 24
194.242.98.0/24 maxlen: 24
194.242.99.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.211.188.0/24 maxlen: 24
195.211.189.0/24 maxlen: 24
195.211.190.0/24 maxlen: 24
195.211.191.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a01:7120:7::/48 maxlen: 48
2a07:9200::/29 maxlen: 29
2a07:9201::/32 maxlen: 32
2a07:9206::/32 maxlen: 32
2a07:9207::/32 maxlen: 32
2a09:340::/32 maxlen: 32
2a09:342::/32 maxlen: 32
2a09:346::/32 maxlen: 32
2a09:c440::/32 maxlen: 32
2a0c:5d40::/32 maxlen: 32
2a0c:a580::/29 maxlen: 29
2a0c:a580::/32 maxlen: 32
2a0c:a581::/32 maxlen: 32
2a0c:a584::/32 maxlen: 32
2a0c:a586::/32 maxlen: 32
2a10:dfc0::/29 maxlen: 29
2a10:dfc0::/32 maxlen: 32
2a10:fac0::/32 maxlen: 32
2a11:580::/29 maxlen: 29
2a11:580::/32 maxlen: 32
2a11:1600::/32 maxlen: 32
2a11:2a80::/32 maxlen: 32
2a11:3900::/32 maxlen: 32
2a11:d680::/32 maxlen: 32
2a12:9f00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:58:31:07:c0:04:86:e5:3f:d8:d1:55:19:6c:22:46:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Apr 21 11:52:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c7ce6800d1200249ffd18294620c29a62732c9ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:6d:8e:05:55:1c:5f:bb:a2:24:8d:8d:5e:ee:
43:cd:48:7e:f1:f2:ca:2a:37:16:b6:62:d3:8e:5c:
fc:d3:47:4c:71:50:14:8b:94:9c:84:e6:19:55:e2:
df:d7:f2:76:68:1b:7a:0c:bc:ec:78:54:37:d5:f4:
b5:7e:46:92:0c:db:74:83:68:05:d4:2c:e9:9d:40:
57:10:ac:3a:b0:fa:dc:74:26:be:b8:74:85:1f:00:
dc:cf:bf:2e:1c:44:ea:c8:1c:7d:f7:9d:f6:b2:9c:
36:a4:7c:b0:59:ec:bf:84:f2:1a:c7:c0:fc:9e:ad:
30:b5:cc:df:8f:53:84:ed:ec:95:67:a8:db:d7:f2:
18:80:4c:5f:9e:9e:f4:cf:90:b3:c1:d6:c6:2c:9e:
32:4d:8c:f5:81:d4:5c:13:f5:60:5d:cc:c5:aa:41:
ff:d7:51:8a:20:31:5b:6e:31:ef:1c:35:52:d0:93:
5d:6f:3a:3f:c5:38:9f:43:a0:ab:2c:bf:75:c6:31:
0e:39:e2:f1:fd:85:34:b8:68:bb:23:05:bc:d8:ec:
d6:3e:7a:9e:1f:a2:3e:2e:af:3b:da:7c:49:de:99:
23:eb:05:ab:19:22:83:7b:90:0d:a7:4e:04:64:14:
98:16:d0:85:6a:7c:2c:51:96:29:ac:02:65:6f:cd:
73:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:CE:68:00:D1:20:02:49:FF:D1:82:94:62:0C:29:A6:27:32:C9:EA
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/x85oANEgAkn_0YKUYgwppicyyeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/24
5.181.87.0/24
45.9.29.0/24
45.13.189.0-45.13.190.255
45.88.136.0/24
45.94.171.0/24
45.132.180.0/24
45.132.182.0/23
45.151.3.0/24
77.83.37.0/24
146.19.125.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/24
194.242.98.0/23
195.62.24.0/24
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a09:340::/32
2a09:342::/32
2a09:346::/32
2a09:c440::/32
2a0c:5d40::/32
2a0c:a580::/29
2a10:dfc0::/29
2a10:fac0::/32
2a11:580::/29
2a11:1600::/32
2a11:2a80::/32
2a11:3900::/32
2a11:d680::/32
2a12:9f00::/32
Signature Algorithm: sha256WithRSAEncryption
50:e0:64:fb:14:a8:b0:d1:8c:7d:8c:01:b3:63:10:31:7c:ed:
02:36:8b:77:b0:79:0b:12:8d:09:5a:ba:3d:c2:04:2d:ba:f5:
f2:19:f4:ac:9a:a4:5d:0a:4e:38:31:b1:38:d5:af:71:53:3f:
41:d8:1f:af:f1:de:6a:26:d4:01:13:d5:e2:4a:a6:ff:2e:1f:
e2:78:53:13:27:65:a7:df:96:e4:18:1e:99:c8:3e:1d:86:ee:
40:ed:ad:28:16:d3:d3:9e:e5:c4:bc:85:b4:97:b9:d1:84:86:
47:9b:64:c9:be:3b:54:80:26:af:1d:62:25:dd:b3:dd:8a:fe:
79:47:10:a9:7d:75:41:86:4a:ff:a3:31:d8:f4:3f:b7:35:23:
76:27:5b:b2:f7:50:f2:3f:bb:8e:31:02:59:63:0d:da:d6:33:
4b:13:d2:58:f9:21:d4:7e:4f:b0:04:ba:f8:c4:e4:27:65:86:
ca:5f:c2:30:7d:db:0a:33:79:07:7e:73:33:83:76:d9:28:99:
c3:25:93:79:b7:c6:b0:65:2f:93:e6:b9:11:01:b8:60:85:13:
d5:8a:0d:01:33:52:65:5d:cd:a4:bb:a9:4d:ee:3d:66:fb:4a:
3b:fb:18:a3:da:3c:ff:ff:83:4c:b8:08:5c:fb:6d:8e:a6:d1:
32:76:17:01
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgISAZZYMQfABIblP9jRVRlsIkb6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjUwNDIxMTE1MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2NlNjgwMGQxMjAwMjQ5ZmZkMTgyOTQ2MjBjMjlhNjI3MzJjOWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzm2OBVUcX7uiJI2NXu5DzUh+8fLK
KjcWtmLTjlz800dMcVAUi5SchOYZVeLf1/J2aBt6DLzseFQ31fS1fkaSDNt0g2gF
1CzpnUBXEKw6sPrcdCa+uHSFHwDcz78uHETqyBx99532spw2pHywWey/hPIax8D8
nq0wtczfj1OE7eyVZ6jb1/IYgExfnp70z5CzwdbGLJ4yTYz1gdRcE/VgXczFqkH/
11GKIDFbbjHvHDVS0JNdbzo/xTifQ6CrLL91xjEOOeLx/YU0uGi7IwW82OzWPnqe
H6I+Lq872nxJ3pkj6wWrGSKDe5ANp04EZBSYFtCFanwsUZYprAJlb81zpQIDAQAB
o4IDDzCCAwswHQYDVR0OBBYEFMfOaADRIAJJ/9GClGIMKaYnMsnqMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEveDg1b0FORWdBa25fMFlLVVlnd3BwaWN5eWVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIwYIKwYBBQUHAQcBAf8EggESMIIBDjCBkwQCAAEwgYwD
BAAFtVQDBAAFtVcDBAAtCR0wDAMEAC0NvQMEAC0NvgMEAC1YiAMEAC1eqwMEAC2E
tAMEAS2EtgMEAC2XAwMEAE1TJQMEAJITfQMEAbkr+AMEALkr+wMEAbnIPgMEAMEe
8AMEAcEe8gMEAME5KwMEAMLyYAMEAcLyYgMEAMM+GAMEAsOxXAMEAsPTvDB2BAIA
AjBwAwUAKgFxIAMFAyoHkgADBQAqCQNAAwUAKgkDQgMFACoJA0YDBQAqCcRAAwUA
KgxdQAMFAyoMpYADBQMqEN/AAwUAKhD6wAMFAyoRBYADBQAqERYAAwUAKhEqgAMF
ACoROQADBQAqEdaAAwUAKhKfADANBgkqhkiG9w0BAQsFAAOCAQEAUOBk+xSosNGM
fYwBs2MQMXztAjaLd7B5CxKNCVq6PcIELbr18hn0rJqkXQpOODGxONWvcVM/Qdgf
r/HeaibUARPV4kqm/y4f4nhTEydlp9+W5Bgemcg+HYbuQO2tKBbT057lxLyFtJe5
0YSGR5tkyb47VIAmrx1iJd2z3Yr+eUcQqX11QYZK/6Mx2PQ/tzUjdidbsvdQ8j+7
jjECWWMN2tYzSxPSWPkh1H5PsAS6+MTkJ2WGyl/CMH3bCjN5B35zM4N22SiZwyWT
ebfGsGUvk+a5EQG4YIUT1YoNATNSZV3NpLupTe49ZvtKO/sYo9o8//+DTLgIXPtt
jqbRMnYXAQ==
-----END CERTIFICATE-----
Generated at Sun Apr 27 09:27:31 2025 by rpki-client