Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/t-WCD6ZRKnaQOZPiLAm9eqKNeKo.roa
File: t-WCD6ZRKnaQOZPiLAm9eqKNeKo.roa (raw, json)
Hash identifier: cbwcPIyKUDhe0N9rldSP8P550Y3KRX8Xt749WufOZtc=
Subject key identifier: B7:E5:82:0F:A6:51:2A:76:90:39:93:E2:2C:09:BD:7A:A2:8D:78:AA
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 019633EC8244D0511C0734051156CBB3DBAC
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/t-WCD6ZRKnaQOZPiLAm9eqKNeKo.roa
Signing time: Mon 14 Apr 2025 10:50:59 +0000
ROA not before: Mon 14 Apr 2025 10:50:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
5.182.48.0/24 maxlen: 24
45.81.20.0/22 maxlen: 24
45.140.220.0/22 maxlen: 24
77.83.240.0/22 maxlen: 24
77.83.243.0/24 maxlen: 24
78.108.217.0/24 maxlen: 24
83.143.116.0/22 maxlen: 24
83.143.116.0/24 maxlen: 24
85.202.160.0/22 maxlen: 24
89.190.156.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
185.185.40.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
185.227.68.0/22 maxlen: 24
185.227.71.0/24 maxlen: 24
185.234.72.0/22 maxlen: 24
185.242.224.0/22 maxlen: 24
185.242.225.0/24 maxlen: 24
193.31.30.0/24 maxlen: 24
193.34.76.0/22 maxlen: 24
193.34.77.0/24 maxlen: 24
193.221.192.0/22 maxlen: 24
194.50.16.0/22 maxlen: 24
194.56.224.0/22 maxlen: 24
212.107.12.0/22 maxlen: 24
212.107.14.0/24 maxlen: 24
2a0b:b82::/44 maxlen: 44
2a0b:b84::/32 maxlen: 32
2a0b:b85::/32 maxlen: 32
2a0b:b86::/40 maxlen: 48
2a0b:b86:100::/40 maxlen: 48
2a0b:b86:fff0::/44 maxlen: 44
2a0b:b87:ff12::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b87:ffc0::/44 maxlen: 44
2a0b:b87:ffd2::/48 maxlen: 48
2a0b:b87:ffda::/48 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0b:b87:fff0::/44 maxlen: 44
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:7080:10::/48 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:7080:20::/48 maxlen: 48
2a0b:7080:30::/44 maxlen: 48
2a0b:7086:fff0::/44 maxlen: 44
2a0b:7087:fff0::/44 maxlen: 44
2a0d:77c0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 10:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:33:ec:82:44:d0:51:1c:07:34:05:11:56:cb:b3:db:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Apr 14 10:50:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b7e5820fa6512a76903993e22c09bd7aa28d78aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c5:91:d7:7e:91:6c:91:77:43:8f:c2:57:86:
63:1f:70:21:b7:39:64:eb:5b:5d:8e:89:2b:6c:1b:
74:d0:5e:96:a5:e5:74:63:79:3c:00:7a:33:a5:74:
1f:35:fc:73:26:f8:be:92:cf:c3:eb:e6:1a:1e:b9:
20:ff:1a:80:f1:d1:80:ab:cd:4d:13:6d:73:68:49:
72:e8:f5:f4:5c:83:3f:8c:92:28:96:7d:a3:32:e6:
ee:1b:7f:ec:80:10:16:87:2d:fa:28:f0:e8:cb:bf:
73:a1:bd:d2:f4:23:8a:13:b8:5c:fb:b6:70:c0:2f:
73:4a:4b:9b:cc:26:51:fa:fa:47:19:c7:47:14:10:
89:48:5e:bc:31:53:04:ef:8a:5f:55:a2:87:70:c0:
d2:28:46:11:f4:cd:eb:a6:9f:6d:51:c4:fe:10:36:
b7:ba:a1:70:27:25:cf:cd:b4:86:aa:a8:28:f1:f0:
91:0e:9a:f0:89:85:e1:62:5c:4e:68:33:76:b9:27:
22:b3:b9:00:4c:1d:ad:ce:8d:8a:c8:0a:7a:4d:8d:
59:76:d6:9f:6a:66:b3:2f:48:ac:db:a0:c0:6e:43:
08:b4:52:49:41:25:6f:a7:bc:f6:1b:4f:be:ab:c7:
e2:bc:b3:df:1b:d6:25:d5:6e:75:35:47:28:bf:93:
e2:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:E5:82:0F:A6:51:2A:76:90:39:93:E2:2C:09:BD:7A:A2:8D:78:AA
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/t-WCD6ZRKnaQOZPiLAm9eqKNeKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
5.182.48.0/24
45.81.20.0/22
45.140.220.0/22
77.83.240.0/22
78.108.217.0/24
83.143.116.0/22
85.202.160.0/22
89.190.156.0/22
178.218.144.0/22
185.185.40.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.30.0/24
193.34.76.0/22
193.221.192.0/22
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::-2a0b:b86:1ff:ffff:ffff:ffff:ffff:ffff
2a0b:b86:fff0::/44
2a0b:b87:ff12::/48
2a0b:b87:ffb4::/48
2a0b:b87:ffc0::/44
2a0b:b87:ffd2::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0b:7086:fff0::/44
2a0b:7087:fff0::/44
2a0d:77c0::/29
Signature Algorithm: sha256WithRSAEncryption
8b:f1:b1:66:52:58:44:1f:26:ad:e5:21:79:f9:2f:40:39:23:
f0:f1:0e:84:c6:ac:34:7d:6f:f6:3f:65:dd:e8:02:42:b7:f4:
61:5c:a7:2d:04:0a:80:f6:6c:8a:ac:ac:ee:b6:ee:0c:a2:cd:
0b:32:80:f7:cd:9a:25:d9:4d:2e:2a:74:32:10:5c:f5:3b:4c:
f6:4b:38:94:85:79:8a:e4:e6:63:58:b2:9f:d0:6a:36:13:b9:
09:45:ec:72:74:bf:6d:bb:d6:bb:74:c0:5c:9a:df:13:42:f0:
37:85:11:a6:b7:4e:16:84:b4:51:65:84:48:0c:6b:07:64:f8:
57:9f:77:f5:5f:76:aa:c4:e7:cb:01:b1:19:ed:50:6d:29:f5:
96:5b:5b:fc:3a:59:87:05:37:20:80:0c:d2:0b:6a:63:ba:7f:
8f:2b:e2:5b:8c:3d:0f:b9:48:0f:7c:3f:38:d9:9a:69:61:d8:
1f:0d:e3:a1:d4:6a:39:7a:ef:92:63:ad:12:84:3b:5f:5d:b9:
d0:49:c2:06:3e:c4:d4:6e:6e:ce:8f:bf:e1:17:44:84:13:21:
e1:fc:1a:c8:1e:ae:7f:f6:96:3e:cb:72:df:d5:63:3f:cb:b1:
56:f6:8b:38:45:4e:9a:be:cd:5b:e7:59:59:9e:39:8d:ee:45:
bd:fe:d1:66
-----BEGIN CERTIFICATE-----
MIIGFTCCBP2gAwIBAgISAZYz7IJE0FEcBzQFEVbLs9usMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUwNDE0MTA1MDU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2U1ODIwZmE2NTEyYTc2OTAzOTkzZTIyYzA5YmQ3YWEyOGQ3OGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8WR136RbJF3Q4/CV4ZjH3Ahtzlk
61tdjokrbBt00F6WpeV0Y3k8AHozpXQfNfxzJvi+ks/D6+YaHrkg/xqA8dGAq81N
E21zaEly6PX0XIM/jJIoln2jMubuG3/sgBAWhy36KPDoy79zob3S9COKE7hc+7Zw
wC9zSkubzCZR+vpHGcdHFBCJSF68MVME74pfVaKHcMDSKEYR9M3rpp9tUcT+EDa3
uqFwJyXPzbSGqqgo8fCRDprwiYXhYlxOaDN2uScis7kATB2tzo2KyAp6TY1Zdtaf
amazL0is26DAbkMItFJJQSVvp7z2G0++q8fivLPfG9Yl1W51NUcov5PiQwIDAQAB
o4IDITCCAx0wHQYDVR0OBBYEFLflgg+mUSp2kDmT4iwJvXqijXiqMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvdC1XQ0Q2WlJLbmFRT1pQaUxBbTllcUtOZUtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNQYIKwYBBQUHAQcBAf8EggEkMIIBIDCBhAQCAAEwfgME
AgI4pAMEAAW2MAMEAi1RFAMEAi2M3AMEAk1T8AMEAE5s2QMEAlOPdAMEAlXKoAME
Alm+nAMEArLakAMEArm5KAMEArm6QAMEArnjRAMEArnqSAMEArny4AMEAMEfHgME
AsEiTAMEAsHdwAMEAsIyEAMEAsI44AMEAtRrDDCBlgQCAAIwgY8DBwQqCwuCAAAw
DwMFAioLC4QDBgEqCwuGAAMHBCoLC4b/8AMHACoLC4f/EgMHACoLC4f/tAMHBCoL
C4f/wAMHACoLC4f/0gMHACoLC4f/2gMHACoLC4f/7AMHBCoLC4f/8DASAwcEKgtw
gAAQAwcGKgtwgAAAAwcEKgtwhv/wAwcEKgtwh//wAwUDKg13wDANBgkqhkiG9w0B
AQsFAAOCAQEAi/GxZlJYRB8mreUhefkvQDkj8PEOhMasNH1v9j9l3egCQrf0YVyn
LQQKgPZsiqys7rbuDKLNCzKA982aJdlNLip0MhBc9TtM9ks4lIV5iuTmY1iyn9Bq
NhO5CUXscnS/bbvWu3TAXJrfE0LwN4URprdOFoS0UWWESAxrB2T4V5939V92qsTn
ywGxGe1QbSn1lltb/DpZhwU3IIAM0gtqY7p/jyviW4w9D7lID3w/ONmaaWHYHw3j
odRqOXrvkmOtEoQ7X1250EnCBj7E1G5uzo+/4RdEhBMh4fwayB6uf/aWPsty39Vj
P8uxVvaLOEVOmr7NW+dZWZ45je5Fvf7RZg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:51:25 2025 by rpki-client