Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/8kG_P5U1QgZvniw5Oi1GdsLmw2M.roa
File: 8kG_P5U1QgZvniw5Oi1GdsLmw2M.roa (raw, json)
Hash identifier: GPSnBYGzps0jMc+UeSW17XdYGcmjkKXhaBp1Vc9PL4M=
Subject key identifier: F2:41:BF:3F:95:35:42:06:6F:9E:2C:39:3A:2D:46:76:C2:E6:C3:63
Certificate issuer: /CN=be550b8eff90cccee9f8d3134b6438996b7d27cd
Certificate serial: 01967ACF55D8DC341FAB5DFB8AD4C7B7A6B4
Authority key identifier: BE:55:0B:8E:FF:90:CC:CE:E9:F8:D3:13:4B:64:38:99:6B:7D:27:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vlULjv-QzM7p-NMTS2Q4mWt9J80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/8kG_P5U1QgZvniw5Oi1GdsLmw2M.roa
Signing time: Mon 28 Apr 2025 05:12:10 +0000
ROA not before: Mon 28 Apr 2025 05:12:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204170
IP address blocks: 5.102.176.0/21 maxlen: 21
5.102.176.0/24 maxlen: 24
5.102.178.0/24 maxlen: 24
5.102.179.0/24 maxlen: 24
5.102.180.0/24 maxlen: 24
5.102.181.0/24 maxlen: 24
5.102.182.0/24 maxlen: 24
5.102.183.0/24 maxlen: 24
78.111.32.0/20 maxlen: 20
78.111.32.0/24 maxlen: 24
78.111.33.0/24 maxlen: 24
78.111.34.0/24 maxlen: 24
78.111.35.0/24 maxlen: 24
78.111.36.0/24 maxlen: 24
78.111.37.0/24 maxlen: 24
78.111.38.0/24 maxlen: 24
78.111.39.0/24 maxlen: 24
78.111.40.0/24 maxlen: 24
78.111.41.0/24 maxlen: 24
78.111.42.0/24 maxlen: 24
78.111.43.0/24 maxlen: 24
78.111.44.0/24 maxlen: 24
78.111.45.0/24 maxlen: 24
78.111.46.0/24 maxlen: 24
78.111.47.0/24 maxlen: 24
84.242.32.0/20 maxlen: 20
84.242.32.0/24 maxlen: 24
84.242.33.0/24 maxlen: 24
84.242.34.0/24 maxlen: 24
84.242.35.0/24 maxlen: 24
84.242.36.0/24 maxlen: 24
84.242.37.0/24 maxlen: 24
84.242.38.0/24 maxlen: 24
84.242.39.0/24 maxlen: 24
84.242.40.0/24 maxlen: 24
84.242.41.0/24 maxlen: 24
84.242.42.0/24 maxlen: 24
84.242.43.0/24 maxlen: 24
84.242.44.0/24 maxlen: 24
84.242.45.0/24 maxlen: 24
84.242.46.0/24 maxlen: 24
84.242.47.0/24 maxlen: 24
94.176.16.0/20 maxlen: 20
94.176.16.0/24 maxlen: 24
94.176.17.0/24 maxlen: 24
94.176.18.0/24 maxlen: 24
94.176.19.0/24 maxlen: 24
94.176.20.0/24 maxlen: 24
94.176.21.0/24 maxlen: 24
94.176.22.0/24 maxlen: 24
94.176.23.0/24 maxlen: 24
94.176.24.0/24 maxlen: 24
94.176.25.0/24 maxlen: 24
94.176.26.0/24 maxlen: 24
94.176.27.0/24 maxlen: 24
94.176.28.0/24 maxlen: 24
94.176.29.0/24 maxlen: 24
94.176.30.0/24 maxlen: 24
94.176.31.0/24 maxlen: 24
96.9.128.0/19 maxlen: 19
96.9.128.0/24 maxlen: 24
96.9.129.0/24 maxlen: 24
96.9.130.0/24 maxlen: 24
96.9.131.0/24 maxlen: 24
96.9.132.0/24 maxlen: 24
96.9.133.0/24 maxlen: 24
96.9.134.0/24 maxlen: 24
96.9.135.0/24 maxlen: 24
96.9.136.0/24 maxlen: 24
96.9.137.0/24 maxlen: 24
96.9.138.0/24 maxlen: 24
96.9.139.0/24 maxlen: 24
96.9.140.0/24 maxlen: 24
96.9.141.0/24 maxlen: 24
96.9.142.0/24 maxlen: 24
96.9.143.0/24 maxlen: 24
96.9.144.0/24 maxlen: 24
96.9.146.0/24 maxlen: 24
96.9.147.0/24 maxlen: 24
96.9.148.0/24 maxlen: 24
96.9.149.0/24 maxlen: 24
96.9.150.0/24 maxlen: 24
96.9.151.0/24 maxlen: 24
96.9.152.0/24 maxlen: 24
96.9.153.0/24 maxlen: 24
96.9.154.0/24 maxlen: 24
96.9.155.0/24 maxlen: 24
96.9.156.0/24 maxlen: 24
96.9.157.0/24 maxlen: 24
96.9.158.0/24 maxlen: 24
96.9.159.0/24 maxlen: 24
141.105.168.0/21 maxlen: 21
141.105.168.0/24 maxlen: 24
141.105.169.0/24 maxlen: 24
141.105.170.0/24 maxlen: 24
141.105.171.0/24 maxlen: 24
141.105.172.0/24 maxlen: 24
141.105.173.0/24 maxlen: 24
141.105.174.0/24 maxlen: 24
141.105.175.0/24 maxlen: 24
178.20.16.0/21 maxlen: 21
178.20.16.0/24 maxlen: 24
178.20.17.0/24 maxlen: 24
178.20.18.0/24 maxlen: 24
178.20.19.0/24 maxlen: 24
178.20.20.0/24 maxlen: 24
178.20.21.0/24 maxlen: 24
178.20.22.0/24 maxlen: 24
178.20.23.0/24 maxlen: 24
185.29.140.0/22 maxlen: 22
185.29.140.0/24 maxlen: 24
185.29.141.0/24 maxlen: 24
185.29.142.0/24 maxlen: 24
185.29.143.0/24 maxlen: 24
185.112.104.0/22 maxlen: 22
185.112.104.0/24 maxlen: 24
185.112.105.0/24 maxlen: 24
185.112.106.0/24 maxlen: 24
185.112.107.0/24 maxlen: 24
199.48.224.0/24 maxlen: 24
206.167.33.0/24 maxlen: 24
2a0a:c740:2::/48 maxlen: 48
2a0a:c740:4::/48 maxlen: 48
2a0a:c740:5::/48 maxlen: 48
2a0a:c740:7::/48 maxlen: 48
2a0a:c740:8::/48 maxlen: 48
2a0a:c740:a::/48 maxlen: 48
2a0a:c740:b::/48 maxlen: 48
2a0a:c740:100::/48 maxlen: 48
2a0a:c740:1009::/48 maxlen: 48
2a0a:c740:2000::/48 maxlen: 48
2a0a:c740:2009::/48 maxlen: 48
2a0a:c740:9998::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/vlULjv-QzM7p-NMTS2Q4mWt9J80.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/vlULjv-QzM7p-NMTS2Q4mWt9J80.mft
rsync://rpki.ripe.net/repository/DEFAULT/vlULjv-QzM7p-NMTS2Q4mWt9J80.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 23:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7a:cf:55:d8:dc:34:1f:ab:5d:fb:8a:d4:c7:b7:a6:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be550b8eff90cccee9f8d3134b6438996b7d27cd
Validity
Not Before: Apr 28 05:12:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f241bf3f953542066f9e2c393a2d4676c2e6c363
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:2b:29:89:2c:74:8b:57:45:23:a9:7a:0c:4c:
1c:4b:2b:38:1d:19:bb:00:c6:27:dc:2c:dd:da:a6:
36:d1:7f:13:73:2d:68:b7:90:ef:34:fc:7a:34:fe:
7b:e5:44:c0:f2:7c:ca:8a:26:f9:c1:f5:95:f2:5e:
06:1a:c1:5f:b5:d1:8a:2e:d7:37:bc:64:ae:d9:87:
9b:50:a8:c2:e2:50:97:2d:06:3f:2f:da:19:d5:9e:
98:91:20:61:71:6c:05:34:0b:54:ef:04:76:64:2f:
a4:cf:e1:a2:32:2a:86:60:64:56:c6:64:03:ac:7e:
27:a9:07:6a:16:e8:4c:11:99:03:fa:7c:db:a9:15:
31:bb:ad:ac:f4:db:b8:9e:44:3b:24:99:45:50:2e:
1c:88:f5:6a:bf:90:d7:60:19:e4:1e:f5:85:ac:03:
be:22:d3:c0:f9:51:4f:b6:b0:b6:ac:bc:e7:4d:36:
82:4d:b8:4b:6c:a6:ec:cf:84:0d:b8:9e:f3:8f:fb:
25:81:e9:2c:41:4a:90:65:13:63:23:d6:8e:cd:7a:
d5:a6:55:2e:5f:d1:18:32:df:37:e8:06:92:33:e9:
51:34:cf:22:3f:c0:6d:6d:9b:8e:23:19:e8:e5:9f:
88:2e:31:ea:b9:f3:ee:07:89:86:2e:20:06:91:46:
a5:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:41:BF:3F:95:35:42:06:6F:9E:2C:39:3A:2D:46:76:C2:E6:C3:63
X509v3 Authority Key Identifier:
keyid:BE:55:0B:8E:FF:90:CC:CE:E9:F8:D3:13:4B:64:38:99:6B:7D:27:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vlULjv-QzM7p-NMTS2Q4mWt9J80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/8kG_P5U1QgZvniw5Oi1GdsLmw2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/vlULjv-QzM7p-NMTS2Q4mWt9J80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.176.0/21
78.111.32.0/20
84.242.32.0/20
94.176.16.0/20
96.9.128.0/19
141.105.168.0/21
178.20.16.0/21
185.29.140.0/22
185.112.104.0/22
199.48.224.0/24
206.167.33.0/24
IPv6:
2a0a:c740:2::/48
2a0a:c740:4::/47
2a0a:c740:7::-2a0a:c740:8:ffff:ffff:ffff:ffff:ffff
2a0a:c740:a::/47
2a0a:c740:100::/48
2a0a:c740:1009::/48
2a0a:c740:2000::/48
2a0a:c740:2009::/48
2a0a:c740:9998::/48
Signature Algorithm: sha256WithRSAEncryption
3f:72:e9:f4:4f:4c:b3:7f:67:2e:d3:bf:f2:ee:8b:cb:1d:6b:
11:7b:cc:35:14:f1:ec:a9:db:7d:45:92:13:bd:d9:1d:16:b0:
46:15:57:c1:b0:bf:fc:96:a3:63:d4:50:cf:ef:f1:2f:24:39:
d4:1e:3c:1d:19:78:82:89:d8:be:6e:08:34:8e:f6:0b:0e:fc:
24:18:7b:c4:5b:34:fb:f8:9d:dd:3a:b4:04:6c:5f:ba:54:4a:
d5:bd:4f:e5:59:38:05:55:00:d5:0e:24:ff:2b:09:18:ed:5f:
b1:00:cd:b6:73:49:41:f6:0e:ba:3a:d5:07:23:2a:21:68:79:
90:e6:d6:5f:4c:e6:16:05:1e:fb:ca:42:94:5e:e3:cd:23:76:
7f:92:c8:9e:63:e2:af:e3:52:8e:91:a3:1e:35:2c:c2:45:24:
56:73:55:c4:1a:21:78:4f:74:18:11:53:69:8c:e7:75:ca:a1:
f0:2f:28:4a:e0:82:8f:06:01:02:28:89:af:e4:3a:e3:81:e1:
72:5a:48:b0:65:b6:62:74:49:51:94:ba:69:9a:7a:4c:aa:dc:
b4:71:81:28:d6:13:e5:54:de:98:ae:e5:13:aa:fe:1f:80:ce:
40:e6:64:c2:cb:83:22:da:07:70:c5:ff:6c:cc:4b:17:ea:b5:
63:9d:8e:d6
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAZZ6z1XY3DQfq137itTHt6a0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNTUwYjhlZmY5MGNjY2VlOWY4ZDMxMzRiNjQzODk5NmI3
ZDI3Y2QwHhcNMjUwNDI4MDUxMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjQxYmYzZjk1MzU0MjA2NmY5ZTJjMzkzYTJkNDY3NmMyZTZjMzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4SspiSx0i1dFI6l6DEwcSys4HRm7
AMYn3Czd2qY20X8Tcy1ot5DvNPx6NP575UTA8nzKiib5wfWV8l4GGsFftdGKLtc3
vGSu2YebUKjC4lCXLQY/L9oZ1Z6YkSBhcWwFNAtU7wR2ZC+kz+GiMiqGYGRWxmQD
rH4nqQdqFuhMEZkD+nzbqRUxu62s9Nu4nkQ7JJlFUC4ciPVqv5DXYBnkHvWFrAO+
ItPA+VFPtrC2rLznTTaCTbhLbKbsz4QNuJ7zj/slgeksQUqQZRNjI9aOzXrVplUu
X9EYMt836AaSM+lRNM8iP8BtbZuOIxno5Z+ILjHqufPuB4mGLiAGkUal5QIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFPJBvz+VNUIGb54sOTotRnbC5sNjMB8GA1UdIwQY
MBaAFL5VC47/kMzO6fjTE0tkOJlrfSfNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmxVTGp2LVF6TTdwLU5NVFMyUTRtV3Q5SjgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8zNDBkY2QtM2FlZS00MDEyLTkyMzMt
YzE1NTMyYmFmZjdkLzEvOGtHX1A1VTFRZ1p2bml3NU9pMUdkc0xtdzJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8zNDBkY2QtM2FlZS00MDEyLTkyMzMtYzE1NTMyYmFmZjdk
LzEvdmxVTGp2LVF6TTdwLU5NVFMyUTRtV3Q5SjgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjBIBAIAATBCAwQDBWaw
AwQETm8gAwQEVPIgAwQEXrAQAwQFYAmAAwQDjWmoAwQDshQQAwQCuR2MAwQCuXBo
AwQAxzDgAwQAzqchMGIEAgACMFwDBwAqCsdAAAIDBwEqCsdAAAQwEgMHACoKx0AA
BwMHACoKx0AACAMHASoKx0AACgMHACoKx0ABAAMHACoKx0AQCQMHACoKx0AgAAMH
ACoKx0AgCQMHACoKx0CZmDANBgkqhkiG9w0BAQsFAAOCAQEAP3Lp9E9Ms39nLtO/
8u6Lyx1rEXvMNRTx7KnbfUWSE73ZHRawRhVXwbC//JajY9RQz+/xLyQ51B48HRl4
gonYvm4INI72Cw78JBh7xFs0+/id3Tq0BGxfulRK1b1P5Vk4BVUA1Q4k/ysJGO1f
sQDNtnNJQfYOujrVByMqIWh5kObWX0zmFgUe+8pClF7jzSN2f5LInmPir+NSjpGj
HjUswkUkVnNVxBoheE90GBFTaYzndcqh8C8oSuCCjwYBAiiJr+Q644HhclpIsGW2
YnRJUZS6aZp6TKrctHGBKNYT5VTemK7lE6r+H4DOQOZkwsuDItoHcMX/bMxLF+q1
Y52O1g==
-----END CERTIFICATE-----
Generated at Tue Apr 29 09:34:07 2025 by rpki-client