Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/MWa5Dj5_kmbgw0j6IBXQLJfi3UE.roa
File: MWa5Dj5_kmbgw0j6IBXQLJfi3UE.roa (raw, json)
Hash identifier: IKx6KdWK7MMrT+DuoPdaDD+mZCI7VV+oe8XMrptTZ1w=
Subject key identifier: 31:66:B9:0E:3E:7F:92:66:E0:C3:48:FA:20:15:D0:2C:97:E2:DD:41
Certificate issuer: /CN=9e55320077696944b1613c2e8c9c606a1e06eb79
Certificate serial: 019657FCD8328D806BEAE454A3A31E66294B
Authority key identifier: 9E:55:32:00:77:69:69:44:B1:61:3C:2E:8C:9C:60:6A:1E:06:EB:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/MWa5Dj5_kmbgw0j6IBXQLJfi3UE.roa
Signing time: Mon 21 Apr 2025 10:55:10 +0000
ROA not before: Mon 21 Apr 2025 10:55:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206119
IP address blocks: 5.181.19.0/24 maxlen: 24
5.182.244.0/24 maxlen: 24
5.182.245.0/24 maxlen: 24
5.182.246.0/24 maxlen: 24
89.200.216.0/24 maxlen: 24
89.200.217.0/24 maxlen: 24
89.200.218.0/24 maxlen: 24
93.157.189.0/24 maxlen: 24
93.157.191.0/24 maxlen: 24
146.19.12.0/24 maxlen: 24
185.93.52.0/24 maxlen: 24
185.93.53.0/24 maxlen: 24
185.93.54.0/24 maxlen: 24
185.93.55.0/24 maxlen: 24
185.107.132.0/24 maxlen: 24
185.195.253.0/24 maxlen: 24
185.195.254.0/24 maxlen: 24
185.195.255.0/24 maxlen: 24
185.233.245.0/24 maxlen: 24
185.233.246.0/24 maxlen: 24
185.233.247.0/24 maxlen: 24
2a05:f740::/29 maxlen: 29
2a06:af40::/29 maxlen: 29
2a0a:61c0::/29 maxlen: 29
2a0c:f700::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/nlUyAHdpaUSxYTwujJxgah4G63k.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/nlUyAHdpaUSxYTwujJxgah4G63k.mft
rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 01 May 2025 21:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:57:fc:d8:32:8d:80:6b:ea:e4:54:a3:a3:1e:66:29:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e55320077696944b1613c2e8c9c606a1e06eb79
Validity
Not Before: Apr 21 10:55:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3166b90e3e7f9266e0c348fa2015d02c97e2dd41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6f:66:9c:5a:e1:10:b2:22:08:da:ce:8c:f9:
fb:d0:18:49:39:8b:6d:19:e7:e7:90:0a:a0:d7:45:
c5:a8:79:7d:bf:ad:b6:7a:44:5c:c8:b7:f4:ad:44:
67:23:b5:d5:b1:d0:17:14:2f:cd:78:57:9c:68:33:
97:dc:29:4c:6a:ed:19:0a:cc:a8:6e:fd:82:f7:bf:
ff:80:6f:73:e2:25:3a:71:d3:a3:d6:27:e2:26:b5:
65:d8:25:83:4e:9d:e2:8d:a8:f3:b2:09:43:ca:61:
a9:37:a6:66:95:d7:5d:c3:3d:4e:c7:05:71:b0:fc:
25:e8:8c:21:3f:eb:ba:a5:6a:0e:36:1a:cc:c6:14:
c8:8d:f2:29:fe:6d:00:24:39:ca:3e:70:7e:1a:bc:
42:16:67:e1:f3:29:15:2b:60:e0:63:fa:30:a4:a5:
25:3c:4f:70:39:2b:6f:5f:63:e3:c7:2e:68:51:73:
05:10:5b:36:39:7b:67:7a:17:d3:56:5e:62:c7:12:
88:5e:82:0f:ff:43:10:b5:0e:f2:52:68:73:6e:63:
29:d6:f5:d1:07:fd:6c:ee:83:06:75:31:23:8b:19:
41:e7:8d:98:c6:39:47:56:e1:b1:fe:24:37:8e:bd:
a5:d6:17:97:9e:b6:a7:35:d0:e9:a6:e5:67:b0:1d:
54:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:66:B9:0E:3E:7F:92:66:E0:C3:48:FA:20:15:D0:2C:97:E2:DD:41
X509v3 Authority Key Identifier:
keyid:9E:55:32:00:77:69:69:44:B1:61:3C:2E:8C:9C:60:6A:1E:06:EB:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlUyAHdpaUSxYTwujJxgah4G63k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/MWa5Dj5_kmbgw0j6IBXQLJfi3UE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/260b61-a348-4d47-92f6-1e0e8b909e34/1/nlUyAHdpaUSxYTwujJxgah4G63k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.19.0/24
5.182.244.0-5.182.246.255
89.200.216.0-89.200.218.255
93.157.189.0/24
93.157.191.0/24
146.19.12.0/24
185.93.52.0/22
185.107.132.0/24
185.195.253.0-185.195.255.255
185.233.245.0-185.233.247.255
IPv6:
2a05:f740::/29
2a06:af40::/29
2a0a:61c0::/29
2a0c:f700::/29
Signature Algorithm: sha256WithRSAEncryption
bd:bc:ef:23:ed:93:d4:7b:b2:35:d4:66:58:16:3e:07:8a:4a:
83:fb:9c:ae:9d:ad:f2:0e:92:88:94:45:b0:cb:44:d8:d2:92:
b7:53:6f:65:f0:14:51:4c:e9:e6:f8:a6:c9:b0:c9:29:a2:c1:
ea:83:87:f8:9f:3e:c7:a4:d9:41:e6:43:66:3a:81:4e:d6:df:
2b:cb:60:db:75:82:8f:f2:14:71:92:fc:e6:e8:9a:0c:f2:b0:
7a:72:59:25:aa:b1:55:2e:18:2f:9b:93:2d:55:cb:ce:f4:b9:
78:e9:2e:99:c7:0f:7a:72:49:f5:b3:0e:74:13:36:1e:36:a5:
50:0a:98:4b:73:80:01:60:72:d3:e3:4e:d1:51:cc:e8:91:58:
73:3e:37:dc:81:2c:2e:a0:19:4c:9c:9b:0c:ec:52:02:09:71:
35:5d:91:7e:74:e8:a1:3b:3f:66:2c:f5:1a:ef:67:25:29:ec:
ef:dd:4a:39:3f:3b:f6:25:ae:93:a3:9b:28:8f:9f:2e:d5:4c:
06:0e:42:40:0d:71:00:d8:db:d3:da:4c:ea:20:aa:4c:73:c0:
86:e8:ef:00:3c:08:f9:03:4d:86:00:b0:24:2b:21:86:c3:15:
2b:a4:c6:f6:25:48:37:0b:a1:5f:44:da:c4:2d:d8:ec:2a:a1:
43:f3:e4:1c
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZZX/NgyjYBr6uRUo6MeZilLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNTUzMjAwNzc2OTY5NDRiMTYxM2MyZThjOWM2MDZhMWUw
NmViNzkwHhcNMjUwNDIxMTA1NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTY2YjkwZTNlN2Y5MjY2ZTBjMzQ4ZmEyMDE1ZDAyYzk3ZTJkZDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu29mnFrhELIiCNrOjPn70BhJOYtt
GefnkAqg10XFqHl9v622ekRcyLf0rURnI7XVsdAXFC/NeFecaDOX3ClMau0ZCsyo
bv2C97//gG9z4iU6cdOj1ifiJrVl2CWDTp3ijajzsglDymGpN6Zmldddwz1OxwVx
sPwl6IwhP+u6pWoONhrMxhTIjfIp/m0AJDnKPnB+GrxCFmfh8ykVK2DgY/owpKUl
PE9wOStvX2Pjxy5oUXMFEFs2OXtnehfTVl5ixxKIXoIP/0MQtQ7yUmhzbmMp1vXR
B/1s7oMGdTEjixlB542YxjlHVuGx/iQ3jr2l1heXnranNdDppuVnsB1URwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFDFmuQ4+f5Jm4MNI+iAV0CyX4t1BMB8GA1UdIwQY
MBaAFJ5VMgB3aWlEsWE8LoycYGoeBut5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmxVeUFIZHBhVVN4WVR3dWpKeGdhaDRHNjNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8yNjBiNjEtYTM0OC00ZDQ3LTkyZjYt
MWUwZThiOTA5ZTM0LzEvTVdhNURqNV9rbWJndzBqNklCWFFMSmZpM1VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8yNjBiNjEtYTM0OC00ZDQ3LTkyZjYtMWUwZThiOTA5ZTM0
LzEvbmxVeUFIZHBhVVN4WVR3dWpKeGdhaDRHNjNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzBhBAIAATBbAwQABbUT
MAwDBAIFtvQDBAAFtvYwDAMEA1nI2AMEAFnI2gMEAF2dvQMEAF2dvwMEAJITDAME
ArldNAMEALlrhDALAwQAucP9AwMCucAwDAMEALnp9QMEA7np8DAiBAIAAjAcAwUD
KgX3QAMFAyoGr0ADBQMqCmHAAwUDKgz3ADANBgkqhkiG9w0BAQsFAAOCAQEAvbzv
I+2T1HuyNdRmWBY+B4pKg/ucrp2t8g6SiJRFsMtE2NKSt1NvZfAUUUzp5vimybDJ
KaLB6oOH+J8+x6TZQeZDZjqBTtbfK8tg23WCj/IUcZL85uiaDPKwenJZJaqxVS4Y
L5uTLVXLzvS5eOkumccPenJJ9bMOdBM2HjalUAqYS3OAAWBy0+NO0VHM6JFYcz43
3IEsLqAZTJybDOxSAglxNV2RfnTooTs/Ziz1Gu9nJSns791KOT879iWuk6ObKI+f
LtVMBg5CQA1xANjb09pM6iCqTHPAhujvADwI+QNNhgCwJCshhsMVK6TG9iVINwuh
X0TaxC3Y7CqhQ/PkHA==
-----END CERTIFICATE-----
Generated at Thu May 1 06:54:06 2025 by rpki-client