Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/Zqhawmvx23zJzUEL4tKSqxl0sF0.roa
File: Zqhawmvx23zJzUEL4tKSqxl0sF0.roa (raw, json)
Hash identifier: eSAhW4RnAw7ADORjlu0cqCQYDrohrcWD+tFP2jcz56I=
Subject key identifier: 66:A8:5A:C2:6B:F1:DB:7C:C9:CD:41:0B:E2:D2:92:AB:19:74:B0:5D
Certificate issuer: /CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
Certificate serial: 01966806137E233F44D2D203A7AD1AE38BD5
Authority key identifier: F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/Zqhawmvx23zJzUEL4tKSqxl0sF0.roa
Signing time: Thu 24 Apr 2025 13:39:10 +0000
ROA not before: Thu 24 Apr 2025 13:39:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202448
IP address blocks: 2.56.212.0/24 maxlen: 24
2.56.213.0/24 maxlen: 24
2.56.214.0/24 maxlen: 24
2.56.215.0/24 maxlen: 24
31.14.238.0/24 maxlen: 24
31.222.229.0/24 maxlen: 24
45.137.148.0/24 maxlen: 32
45.137.149.0/24 maxlen: 24
45.137.150.0/24 maxlen: 24
45.137.151.0/24 maxlen: 24
45.153.184.0/24 maxlen: 24
45.153.185.0/24 maxlen: 24
45.153.186.0/24 maxlen: 24
45.153.187.0/24 maxlen: 24
62.3.32.0/24 maxlen: 24
84.238.132.0/24 maxlen: 24
86.105.252.0/24 maxlen: 24
86.106.181.0/24 maxlen: 24
86.107.197.0/24 maxlen: 24
89.38.128.0/24 maxlen: 24
89.38.129.0/24 maxlen: 24
89.38.130.0/24 maxlen: 24
89.38.131.0/24 maxlen: 24
89.38.135.0/24 maxlen: 32
89.43.33.0/24 maxlen: 24
91.227.40.0/24 maxlen: 24
91.227.41.0/24 maxlen: 24
91.250.248.0/24 maxlen: 32
91.250.249.0/24 maxlen: 32
93.114.128.0/24 maxlen: 24
93.114.133.0/24 maxlen: 24
93.115.16.0/24 maxlen: 24
93.115.17.0/24 maxlen: 24
93.115.18.0/24 maxlen: 24
93.115.19.0/24 maxlen: 24
93.115.20.0/24 maxlen: 24
93.115.21.0/24 maxlen: 24
93.115.22.0/24 maxlen: 24
93.115.23.0/24 maxlen: 24
94.176.182.0/24 maxlen: 24
94.231.205.0/24 maxlen: 24
95.169.192.0/24 maxlen: 24
95.169.201.0/24 maxlen: 24
95.169.204.0/24 maxlen: 24
95.169.205.0/24 maxlen: 24
178.157.82.0/24 maxlen: 24
178.157.90.0/24 maxlen: 24
178.157.91.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
185.96.163.0/24 maxlen: 24
185.170.212.0/24 maxlen: 24
185.170.213.0/24 maxlen: 24
185.170.214.0/24 maxlen: 24
185.170.215.0/24 maxlen: 24
185.177.73.0/24 maxlen: 24
185.234.52.0/24 maxlen: 32
185.243.214.0/24 maxlen: 32
185.243.215.0/24 maxlen: 24
188.212.124.0/24 maxlen: 24
188.212.125.0/24 maxlen: 24
193.201.15.0/24 maxlen: 24
194.26.213.0/24 maxlen: 24
194.32.76.0/24 maxlen: 24
194.32.77.0/24 maxlen: 24
194.32.78.0/24 maxlen: 24
194.32.79.0/24 maxlen: 24
194.63.145.0/24 maxlen: 24
194.99.20.0/24 maxlen: 24
194.99.21.0/24 maxlen: 24
194.99.22.0/24 maxlen: 24
194.99.23.0/24 maxlen: 24
2a05:8280::/32 maxlen: 32
2a09:cd40::/32 maxlen: 32
2a09:cd41::/32 maxlen: 32
2a09:cd42::/32 maxlen: 32
2a09:cd43::/32 maxlen: 32
2a09:cd44::/32 maxlen: 32
2a09:cd45::/32 maxlen: 32
2a09:cd46::/32 maxlen: 32
2a0c:b9c0::/32 maxlen: 32
2a0c:b9c1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.mft
rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:68:06:13:7e:23:3f:44:d2:d2:03:a7:ad:1a:e3:8b:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
Validity
Not Before: Apr 24 13:39:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=66a85ac26bf1db7cc9cd410be2d292ab1974b05d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b0:49:75:42:1e:27:aa:15:20:b4:f3:96:e3:
e3:a8:8d:f2:a5:60:72:8d:36:d7:2a:68:23:14:10:
a4:26:35:ff:1a:76:13:b1:57:9f:99:1e:13:04:19:
bd:58:ae:1f:5f:0f:90:cc:4b:4d:d1:ed:64:0f:6c:
e2:7f:a5:0c:9a:1b:7a:ef:42:b0:37:8c:72:3d:b1:
d6:25:28:11:aa:fe:8d:29:1e:33:77:a3:07:7f:fc:
72:2b:19:ec:3d:5f:ef:0b:ff:d9:7e:16:d9:7d:fa:
eb:f9:8c:25:45:c2:0d:15:92:8f:ea:69:ad:97:31:
6f:77:fb:ba:d0:f8:48:bf:cd:98:62:0c:31:bb:a7:
32:e7:06:a4:f9:6c:62:c7:55:e7:53:37:27:b0:bf:
da:ce:8f:61:b0:9e:04:99:b8:d7:13:40:de:f2:49:
7b:eb:2e:c0:d3:24:d4:ed:8c:6e:dd:f0:64:1b:00:
b7:05:1b:95:a4:3f:63:f7:77:0e:94:c3:96:20:73:
40:0f:ae:04:82:8f:00:da:4f:b1:4c:57:39:d1:73:
33:17:8c:b1:c7:fd:74:97:d7:b4:6d:11:eb:ae:30:
cc:4b:e4:fd:90:54:91:c1:35:6d:ae:f3:df:42:16:
92:b7:9e:ab:91:16:a0:8c:32:5c:93:02:68:09:f3:
28:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:A8:5A:C2:6B:F1:DB:7C:C9:CD:41:0B:E2:D2:92:AB:19:74:B0:5D
X509v3 Authority Key Identifier:
keyid:F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/Zqhawmvx23zJzUEL4tKSqxl0sF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.212.0/22
31.14.238.0/24
31.222.229.0/24
45.137.148.0/22
45.153.184.0/22
62.3.32.0/24
84.238.132.0/24
86.105.252.0/24
86.106.181.0/24
86.107.197.0/24
89.38.128.0/22
89.38.135.0/24
89.43.33.0/24
91.227.40.0/23
91.250.248.0/23
93.114.128.0/24
93.114.133.0/24
93.115.16.0/21
94.176.182.0/24
94.231.205.0/24
95.169.192.0/24
95.169.201.0/24
95.169.204.0/23
178.157.82.0/24
178.157.90.0/23
178.215.237.0/24
185.96.163.0/24
185.170.212.0/22
185.177.73.0/24
185.234.52.0/24
185.243.214.0/23
188.212.124.0/23
193.201.15.0/24
194.26.213.0/24
194.32.76.0/22
194.63.145.0/24
194.99.20.0/22
IPv6:
2a05:8280::/32
2a09:cd40::-2a09:cd46:ffff:ffff:ffff:ffff:ffff:ffff
2a0c:b9c0::/31
Signature Algorithm: sha256WithRSAEncryption
99:79:90:5a:e0:97:e3:ae:57:5c:63:0a:e8:6a:c7:40:e6:ed:
a9:c2:ec:73:d2:65:86:fa:2d:83:91:d5:3f:13:20:52:fb:7e:
e4:bf:be:b6:ba:30:77:7e:be:ef:04:ab:7e:8a:75:9d:8e:a5:
51:01:70:a1:20:0c:60:bd:54:cd:32:b4:5e:9d:c8:b0:e7:2b:
cb:fa:dd:9b:59:9b:50:1f:04:98:9e:63:00:8c:bd:db:b7:b0:
77:b4:db:65:d5:fa:84:33:9a:d5:e0:4b:68:b7:ef:5c:c6:1a:
b5:9f:74:1d:00:cf:d5:dd:90:7a:99:3d:be:55:68:34:67:f4:
a7:aa:2d:3e:f6:35:0e:bd:f1:0d:ae:93:f3:2d:f9:bc:31:00:
5f:c1:bc:ce:1a:09:f5:8a:b7:a5:db:64:13:76:31:95:03:0f:
45:46:b0:ee:a3:e1:ba:60:5e:cf:90:f6:69:89:e9:4e:bd:d7:
8b:d4:bb:e4:56:60:34:ac:94:e9:78:e2:ba:4d:d0:2a:d2:fa:
f0:08:d6:dc:64:59:d0:9f:a5:69:0c:e3:e5:70:e0:bf:1e:fe:
66:7c:81:d5:39:c6:78:1d:77:23:64:55:d2:8a:44:22:11:c8:
40:0d:3c:33:9e:f6:a7:40:f3:67:09:48:8f:fc:b6:87:70:a0:
58:8d:da:73
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgISAZZoBhN+Iz9E0tIDp60a44vVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0M2JmOTA4MDhhZTdlY2EwNjNmNzQ2YThmMWQ4ODg2NTcz
NGM4YTMwHhcNMjUwNDI0MTMzOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmE4NWFjMjZiZjFkYjdjYzljZDQxMGJlMmQyOTJhYjE5NzRiMDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbBJdUIeJ6oVILTzluPjqI3ypWBy
jTbXKmgjFBCkJjX/GnYTsVefmR4TBBm9WK4fXw+QzEtN0e1kD2zif6UMmht670Kw
N4xyPbHWJSgRqv6NKR4zd6MHf/xyKxnsPV/vC//ZfhbZffrr+YwlRcINFZKP6mmt
lzFvd/u60PhIv82YYgwxu6cy5wak+Wxix1XnUzcnsL/azo9hsJ4EmbjXE0De8kl7
6y7A0yTU7Yxu3fBkGwC3BRuVpD9j93cOlMOWIHNAD64Ego8A2k+xTFc50XMzF4yx
x/10l9e0bRHrrjDMS+T9kFSRwTVtrvPfQhaSt56rkRagjDJckwJoCfMo+QIDAQAB
o4IDDzCCAwswHQYDVR0OBBYEFGaoWsJr8dt8yc1BC+LSkqsZdLBdMB8GA1UdIwQY
MBaAFPQ7+QgIrn7KBj90ao8diIZXNMijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUR2NUNBaXVmc29HUDNScWp4MklobGMweUtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hOGQ5NDMtZjA4Mi00YjE4LWI4NDAt
Mzg5MTk1YzRmMDdiLzEvWnFoYXdtdngyM3pKelVFTDR0S1NxeGwwc0YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hOGQ5NDMtZjA4Mi00YjE4LWI4NDAtMzg5MTk1YzRmMDdi
LzEvOUR2NUNBaXVmc29HUDNScWp4MklobGMweUtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIwYIKwYBBQUHAQcBAf8EggESMIIBDjCB5QQCAAEwgd4D
BAICONQDBAAfDu4DBAAf3uUDBAItiZQDBAItmbgDBAA+AyADBABU7oQDBABWafwD
BABWarUDBABWa8UDBAJZJoADBABZJocDBABZKyEDBAFb4ygDBAFb+vgDBABdcoAD
BABdcoUDBANdcxADBABesLYDBABe580DBABfqcADBABfqckDBAFfqcwDBACynVID
BAGynVoDBACy1+0DBAC5YKMDBAK5qtQDBAC5sUkDBAC56jQDBAG589YDBAG81HwD
BADByQ8DBADCGtUDBALCIEwDBADCP5EDBALCYxQwJAQCAAIwHgMFACoFgoAwDgMF
BioJzUADBQAqCc1GAwUBKgy5wDANBgkqhkiG9w0BAQsFAAOCAQEAmXmQWuCX465X
XGMK6GrHQObtqcLsc9Jlhvotg5HVPxMgUvt+5L++trowd36+7wSrfop1nY6lUQFw
oSAMYL1UzTK0Xp3IsOcry/rdm1mbUB8EmJ5jAIy927ewd7TbZdX6hDOa1eBLaLfv
XMYatZ90HQDP1d2Qepk9vlVoNGf0p6otPvY1Dr3xDa6T8y35vDEAX8G8zhoJ9Yq3
pdtkE3YxlQMPRUaw7qPhumBez5D2aYnpTr3Xi9S75FZgNKyU6Xjiuk3QKtL68AjW
3GRZ0J+laQzj5XDgvx7+ZnyB1TnGeB13I2RV0opEIhHIQA08M572p0DzZwlIj/y2
h3CgWI3acw==
-----END CERTIFICATE-----
Generated at Mon Apr 28 01:38:50 2025 by rpki-client