Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/Rq5qhuZJL_f0RiemcCNo1CeBLZg.roa
File: Rq5qhuZJL_f0RiemcCNo1CeBLZg.roa (raw, json)
Hash identifier: QjHh1mk02MSSyzdrymnZqYJyNlwN9P8BOUPtrzzXBu0=
Subject key identifier: 46:AE:6A:86:E6:49:2F:F7:F4:46:27:A6:70:23:68:D4:27:81:2D:98
Certificate issuer: /CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
Certificate serial: 019717046A8F16522E2F8C81D5C446F98CDF
Authority key identifier: F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/Rq5qhuZJL_f0RiemcCNo1CeBLZg.roa
Signing time: Wed 28 May 2025 13:10:54 +0000
ROA not before: Wed 28 May 2025 13:10:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202448
IP address blocks: 2.56.212.0/24 maxlen: 24
2.56.213.0/24 maxlen: 24
2.56.214.0/24 maxlen: 24
2.56.215.0/24 maxlen: 24
31.14.238.0/24 maxlen: 24
31.222.229.0/24 maxlen: 24
45.137.148.0/24 maxlen: 32
45.137.149.0/24 maxlen: 24
45.137.150.0/24 maxlen: 24
45.137.151.0/24 maxlen: 24
45.153.184.0/24 maxlen: 24
45.153.185.0/24 maxlen: 24
45.153.186.0/24 maxlen: 24
45.153.187.0/24 maxlen: 24
62.3.32.0/24 maxlen: 24
84.238.132.0/24 maxlen: 24
86.105.252.0/24 maxlen: 24
86.106.181.0/24 maxlen: 24
86.107.197.0/24 maxlen: 24
89.38.128.0/24 maxlen: 24
89.38.129.0/24 maxlen: 24
89.38.130.0/24 maxlen: 24
89.38.131.0/24 maxlen: 24
89.38.135.0/24 maxlen: 32
89.43.33.0/24 maxlen: 24
91.227.40.0/24 maxlen: 24
91.227.41.0/24 maxlen: 24
91.236.195.0/24 maxlen: 24
91.250.248.0/24 maxlen: 32
91.250.249.0/24 maxlen: 32
93.114.128.0/24 maxlen: 24
93.114.133.0/24 maxlen: 24
93.115.16.0/24 maxlen: 24
93.115.17.0/24 maxlen: 24
93.115.18.0/24 maxlen: 24
93.115.19.0/24 maxlen: 24
93.115.20.0/24 maxlen: 24
93.115.21.0/24 maxlen: 24
93.115.22.0/24 maxlen: 24
93.115.23.0/24 maxlen: 24
94.176.182.0/24 maxlen: 24
94.231.205.0/24 maxlen: 24
95.169.192.0/24 maxlen: 24
95.169.201.0/24 maxlen: 24
95.169.204.0/24 maxlen: 24
95.169.205.0/24 maxlen: 24
178.157.82.0/24 maxlen: 24
178.157.90.0/24 maxlen: 24
178.157.91.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
185.96.163.0/24 maxlen: 24
185.170.212.0/24 maxlen: 24
185.170.213.0/24 maxlen: 24
185.170.214.0/24 maxlen: 24
185.170.215.0/24 maxlen: 24
185.177.73.0/24 maxlen: 24
185.234.52.0/24 maxlen: 32
185.243.214.0/24 maxlen: 32
185.243.215.0/24 maxlen: 24
188.212.124.0/24 maxlen: 24
188.212.125.0/24 maxlen: 24
193.201.15.0/24 maxlen: 24
194.26.213.0/24 maxlen: 24
194.32.76.0/24 maxlen: 24
194.32.77.0/24 maxlen: 24
194.32.78.0/24 maxlen: 24
194.32.79.0/24 maxlen: 24
194.63.145.0/24 maxlen: 24
194.99.20.0/24 maxlen: 24
194.99.21.0/24 maxlen: 24
194.99.22.0/24 maxlen: 24
194.99.23.0/24 maxlen: 24
195.14.9.0/24 maxlen: 24
2a05:8280::/32 maxlen: 32
2a09:cd40::/32 maxlen: 32
2a09:cd41::/32 maxlen: 32
2a09:cd42::/32 maxlen: 32
2a09:cd43::/32 maxlen: 32
2a09:cd44::/32 maxlen: 32
2a09:cd45::/32 maxlen: 32
2a09:cd46::/32 maxlen: 32
2a0c:b9c0::/32 maxlen: 32
2a0c:b9c1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.mft
rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Jun 2025 04:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:17:04:6a:8f:16:52:2e:2f:8c:81:d5:c4:46:f9:8c:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
Validity
Not Before: May 28 13:10:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=46ae6a86e6492ff7f44627a6702368d427812d98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e9:95:7c:28:a8:3a:28:2f:34:6e:d2:14:ca:
29:d5:23:4b:90:ac:02:23:f2:4a:5b:71:89:ee:09:
7f:96:c6:9e:ca:12:5c:dd:1e:4a:5f:2b:ae:18:d7:
91:16:20:bb:0f:25:6c:e3:8c:90:6c:32:97:09:85:
67:15:dc:56:9d:ce:21:ef:d9:63:c3:27:f3:95:a1:
72:af:8b:f0:e1:57:62:ca:4b:79:ba:30:a3:9c:c3:
57:0f:b6:48:69:4f:0a:b0:75:8a:d2:b8:6e:a6:64:
54:48:2f:0d:66:6d:30:ca:7c:fd:e0:c9:fd:d4:f2:
03:79:09:4b:25:36:02:15:51:c1:c3:9d:00:54:f6:
ac:0f:f2:34:97:07:54:1e:ec:9f:8d:9e:51:2b:87:
ae:f2:20:d4:f7:ef:25:ab:9c:ab:a9:25:52:13:f5:
48:6e:d7:94:78:38:28:a4:f2:da:64:1b:55:d4:7d:
45:b5:4d:34:42:0e:d4:1a:6c:db:d5:a8:4b:db:6d:
39:4f:e0:0e:17:6d:2f:cc:71:0d:4b:46:55:d0:54:
91:89:03:84:2f:22:52:c1:3d:2e:3a:e5:1e:cd:b2:
b7:0e:cd:23:d4:c8:29:b3:7c:4f:b3:ac:35:bf:3f:
fb:ed:50:b3:83:2c:65:0b:dc:28:1c:b7:90:ce:8b:
bd:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:AE:6A:86:E6:49:2F:F7:F4:46:27:A6:70:23:68:D4:27:81:2D:98
X509v3 Authority Key Identifier:
keyid:F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/Rq5qhuZJL_f0RiemcCNo1CeBLZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.212.0/22
31.14.238.0/24
31.222.229.0/24
45.137.148.0/22
45.153.184.0/22
62.3.32.0/24
84.238.132.0/24
86.105.252.0/24
86.106.181.0/24
86.107.197.0/24
89.38.128.0/22
89.38.135.0/24
89.43.33.0/24
91.227.40.0/23
91.236.195.0/24
91.250.248.0/23
93.114.128.0/24
93.114.133.0/24
93.115.16.0/21
94.176.182.0/24
94.231.205.0/24
95.169.192.0/24
95.169.201.0/24
95.169.204.0/23
178.157.82.0/24
178.157.90.0/23
178.215.237.0/24
185.96.163.0/24
185.170.212.0/22
185.177.73.0/24
185.234.52.0/24
185.243.214.0/23
188.212.124.0/23
193.201.15.0/24
194.26.213.0/24
194.32.76.0/22
194.63.145.0/24
194.99.20.0/22
195.14.9.0/24
IPv6:
2a05:8280::/32
2a09:cd40::-2a09:cd46:ffff:ffff:ffff:ffff:ffff:ffff
2a0c:b9c0::/31
Signature Algorithm: sha256WithRSAEncryption
7c:ef:aa:c6:16:a8:17:b9:77:bd:bc:80:9d:b6:d3:92:d8:3f:
34:32:27:7f:35:68:07:1a:88:be:67:73:d4:df:54:97:6e:0e:
d1:26:e0:37:34:3e:f6:97:18:80:b3:d7:c1:74:f0:2a:90:63:
e6:c5:7e:66:59:de:da:8a:83:1b:88:92:b5:89:c2:a1:04:af:
54:d7:f6:c9:d8:04:f8:65:c9:d3:fd:e1:89:cd:00:ba:83:73:
2a:a2:11:6d:c6:be:99:d1:fc:f8:6e:79:8f:99:ba:03:36:ca:
47:8d:35:fd:0b:b2:b3:aa:a3:13:22:d5:60:43:31:cd:01:d8:
a6:86:3d:a1:1d:53:07:4f:e3:a4:ce:ac:a7:05:8c:c7:42:25:
b6:b6:8e:7f:a7:96:8a:92:b8:52:da:72:ab:b1:dd:85:67:6e:
ac:14:fd:5b:6b:6e:02:5a:cf:48:94:51:f0:6d:92:01:84:f1:
80:4b:8f:a3:7b:13:29:91:9a:3a:8e:fc:c0:7a:f2:ac:a1:4e:
a4:d9:5b:37:28:92:ca:90:42:d6:1e:ad:d4:4c:2d:0e:97:6b:
a0:bc:1f:8b:21:c9:2d:56:bd:a5:d6:53:ff:68:be:cf:d4:e7:
a3:58:9f:77:a6:fe:68:7a:cc:2f:72:d9:98:be:36:ab:f0:a0:
a3:77:19:17
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAZcXBGqPFlIuL4yB1cRG+YzfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0M2JmOTA4MDhhZTdlY2EwNjNmNzQ2YThmMWQ4ODg2NTcz
NGM4YTMwHhcNMjUwNTI4MTMxMDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmFlNmE4NmU2NDkyZmY3ZjQ0NjI3YTY3MDIzNjhkNDI3ODEyZDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsumVfCioOigvNG7SFMop1SNLkKwC
I/JKW3GJ7gl/lsaeyhJc3R5KXyuuGNeRFiC7DyVs44yQbDKXCYVnFdxWnc4h79lj
wyfzlaFyr4vw4Vdiykt5ujCjnMNXD7ZIaU8KsHWK0rhupmRUSC8NZm0wynz94Mn9
1PIDeQlLJTYCFVHBw50AVPasD/I0lwdUHuyfjZ5RK4eu8iDU9+8lq5yrqSVSE/VI
bteUeDgopPLaZBtV1H1FtU00Qg7UGmzb1ahL2205T+AOF20vzHENS0ZV0FSRiQOE
LyJSwT0uOuUezbK3Ds0j1Mgps3xPs6w1vz/77VCzgyxlC9woHLeQzou9dQIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFEauaobmSS/39EYnpnAjaNQngS2YMB8GA1UdIwQY
MBaAFPQ7+QgIrn7KBj90ao8diIZXNMijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUR2NUNBaXVmc29HUDNScWp4MklobGMweUtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hOGQ5NDMtZjA4Mi00YjE4LWI4NDAt
Mzg5MTk1YzRmMDdiLzEvUnE1cWh1WkpMX2YwUmllbWNDTm8xQ2VCTFpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hOGQ5NDMtZjA4Mi00YjE4LWI4NDAtMzg5MTk1YzRmMDdi
LzEvOUR2NUNBaXVmc29HUDNScWp4MklobGMweUtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCB8QQCAAEwgeoD
BAICONQDBAAfDu4DBAAf3uUDBAItiZQDBAItmbgDBAA+AyADBABU7oQDBABWafwD
BABWarUDBABWa8UDBAJZJoADBABZJocDBABZKyEDBAFb4ygDBABb7MMDBAFb+vgD
BABdcoADBABdcoUDBANdcxADBABesLYDBABe580DBABfqcADBABfqckDBAFfqcwD
BACynVIDBAGynVoDBACy1+0DBAC5YKMDBAK5qtQDBAC5sUkDBAC56jQDBAG589YD
BAG81HwDBADByQ8DBADCGtUDBALCIEwDBADCP5EDBALCYxQDBADDDgkwJAQCAAIw
HgMFACoFgoAwDgMFBioJzUADBQAqCc1GAwUBKgy5wDANBgkqhkiG9w0BAQsFAAOC
AQEAfO+qxhaoF7l3vbyAnbbTktg/NDInfzVoBxqIvmdz1N9Ul24O0SbgNzQ+9pcY
gLPXwXTwKpBj5sV+Zlne2oqDG4iStYnCoQSvVNf2ydgE+GXJ0/3hic0AuoNzKqIR
bca+mdH8+G55j5m6AzbKR401/Quys6qjEyLVYEMxzQHYpoY9oR1TB0/jpM6spwWM
x0IltraOf6eWipK4Utpyq7HdhWdurBT9W2tuAlrPSJRR8G2SAYTxgEuPo3sTKZGa
Oo78wHryrKFOpNlbNyiSypBC1h6t1EwtDpdroLwfiyHJLVa9pdZT/2i+z9Tno1if
d6b+aHrML3LZmL42q/Cgo3cZFw==
-----END CERTIFICATE-----
Generated at Wed Jun 18 12:13:51 2025 by rpki-client