Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/_DNrryWCgWKP2B_OnYVQbiBMRwY.roa
File: _DNrryWCgWKP2B_OnYVQbiBMRwY.roa (raw, json)
Hash identifier: SyM98wt/pvnu413D9r97uqo6EyM1MAqEkVNREsKfI+Y=
Subject key identifier: FC:33:6B:AF:25:82:81:62:8F:D8:1F:CE:9D:85:50:6E:20:4C:47:06
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 019716437F239B48B0E0F3FA79A8715AFAF4
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/_DNrryWCgWKP2B_OnYVQbiBMRwY.roa
Signing time: Wed 28 May 2025 09:40:11 +0000
ROA not before: Wed 28 May 2025 09:40:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58061
IP address blocks: 2.56.112.0/24 maxlen: 24
2.56.113.0/24 maxlen: 24
5.183.128.0/24 maxlen: 24
31.222.248.0/24 maxlen: 24
45.132.48.0/24 maxlen: 24
45.157.136.0/24 maxlen: 24
62.68.83.0/24 maxlen: 24
62.68.86.0/24 maxlen: 24
62.68.87.0/24 maxlen: 24
62.204.36.0/24 maxlen: 24
62.204.57.0/24 maxlen: 24
62.233.35.0/24 maxlen: 24
62.233.45.0/24 maxlen: 24
62.233.49.0/24 maxlen: 24
62.233.56.0/24 maxlen: 24
62.233.60.0/24 maxlen: 24
80.68.145.0/24 maxlen: 24
80.68.158.0/24 maxlen: 24
80.91.209.0/24 maxlen: 24
80.91.210.0/24 maxlen: 24
91.213.117.0/24 maxlen: 24
91.226.247.0/24 maxlen: 24
91.242.225.0/24 maxlen: 24
91.242.236.0/24 maxlen: 24
93.177.104.0/24 maxlen: 24
93.177.105.0/24 maxlen: 24
93.177.107.0/24 maxlen: 24
94.143.226.0/24 maxlen: 24
94.158.191.0/24 maxlen: 24
130.193.79.0/24 maxlen: 24
130.255.169.0/24 maxlen: 24
146.19.108.0/24 maxlen: 24
146.19.137.0/24 maxlen: 24
146.19.148.0/24 maxlen: 24
146.19.150.0/24 maxlen: 24
146.19.152.0/24 maxlen: 24
146.19.185.0/24 maxlen: 24
146.19.187.0/24 maxlen: 24
146.19.190.0/24 maxlen: 24
146.19.194.0/24 maxlen: 24
176.56.37.0/24 maxlen: 24
176.56.38.0/24 maxlen: 24
178.211.140.0/24 maxlen: 24
185.122.206.0/24 maxlen: 24
185.155.101.0/24 maxlen: 24
185.198.153.0/24 maxlen: 24
185.218.1.0/24 maxlen: 24
185.232.47.0/24 maxlen: 24
193.3.22.0/24 maxlen: 24
193.141.53.0/24 maxlen: 24
193.239.209.0/24 maxlen: 24
194.26.216.0/24 maxlen: 24
194.26.221.0/24 maxlen: 24
194.32.243.0/24 maxlen: 24
195.64.106.0/24 maxlen: 24
195.64.109.0/24 maxlen: 24
195.64.110.0/24 maxlen: 24
195.64.112.0/24 maxlen: 24
195.64.114.0/24 maxlen: 24
195.64.117.0/24 maxlen: 24
195.93.249.0/24 maxlen: 24
195.96.136.0/24 maxlen: 24
195.96.146.0/24 maxlen: 24
195.96.148.0/24 maxlen: 24
195.96.155.0/24 maxlen: 24
195.96.157.0/24 maxlen: 24
212.18.96.0/24 maxlen: 24
212.18.103.0/24 maxlen: 24
212.52.5.0/24 maxlen: 24
217.114.32.0/24 maxlen: 24
217.119.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 16:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:16:43:7f:23:9b:48:b0:e0:f3:fa:79:a8:71:5a:fa:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: May 28 09:40:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fc336baf258281628fd81fce9d85506e204c4706
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:17:ed:cb:ee:ab:6f:af:ab:00:0b:e1:ad:52:
5a:ec:54:fc:0d:c5:eb:69:b0:b5:02:5b:e5:b1:45:
01:db:59:e5:d7:77:2a:38:c0:e9:35:6f:40:7e:4e:
c8:d7:1d:bd:a5:e8:e2:8e:0d:9e:55:32:9f:23:cc:
b4:80:4b:57:d0:46:0c:10:6a:a0:79:e5:8e:6b:3b:
9e:7e:e9:fb:f5:4c:50:58:ee:01:9c:02:af:75:b1:
6f:4c:29:92:88:75:80:41:32:bb:76:62:a7:4c:d3:
50:f1:c1:88:43:18:d9:f2:1f:7f:9d:2e:da:1e:53:
43:60:68:99:c2:08:4b:e4:75:17:6f:7c:60:09:e0:
78:8e:ee:46:37:5a:6e:cc:f5:9b:16:d8:3c:d6:75:
e8:41:6c:9b:87:5f:c8:bf:32:e1:e8:80:d5:ee:6f:
2c:b7:25:6e:ab:dd:4f:c9:e8:2f:ad:4b:f3:15:1c:
a3:f0:c9:df:ce:3e:e2:e3:8d:32:e0:fc:6b:b4:b7:
92:53:d7:4f:45:1e:9e:01:84:99:8b:b1:aa:10:18:
3a:18:ba:73:2d:81:82:0d:8f:d3:37:5c:b9:8c:07:
2f:ee:cf:f1:bc:1b:5f:d0:fe:60:3a:1e:97:21:4f:
ed:f9:c5:d3:2d:0f:c9:08:68:20:d9:1a:cb:53:db:
ed:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:33:6B:AF:25:82:81:62:8F:D8:1F:CE:9D:85:50:6E:20:4C:47:06
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/_DNrryWCgWKP2B_OnYVQbiBMRwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.112.0/23
5.183.128.0/24
31.222.248.0/24
45.132.48.0/24
45.157.136.0/24
62.68.83.0/24
62.68.86.0/23
62.204.36.0/24
62.204.57.0/24
62.233.35.0/24
62.233.45.0/24
62.233.49.0/24
62.233.56.0/24
62.233.60.0/24
80.68.145.0/24
80.68.158.0/24
80.91.209.0-80.91.210.255
91.213.117.0/24
91.226.247.0/24
91.242.225.0/24
91.242.236.0/24
93.177.104.0/23
93.177.107.0/24
94.143.226.0/24
94.158.191.0/24
130.193.79.0/24
130.255.169.0/24
146.19.108.0/24
146.19.137.0/24
146.19.148.0/24
146.19.150.0/24
146.19.152.0/24
146.19.185.0/24
146.19.187.0/24
146.19.190.0/24
146.19.194.0/24
176.56.37.0-176.56.38.255
178.211.140.0/24
185.122.206.0/24
185.155.101.0/24
185.198.153.0/24
185.218.1.0/24
185.232.47.0/24
193.3.22.0/24
193.141.53.0/24
193.239.209.0/24
194.26.216.0/24
194.26.221.0/24
194.32.243.0/24
195.64.106.0/24
195.64.109.0-195.64.110.255
195.64.112.0/24
195.64.114.0/24
195.64.117.0/24
195.93.249.0/24
195.96.136.0/24
195.96.146.0/24
195.96.148.0/24
195.96.155.0/24
195.96.157.0/24
212.18.96.0/24
212.18.103.0/24
212.52.5.0/24
217.114.32.0/24
217.119.130.0/24
Signature Algorithm: sha256WithRSAEncryption
53:a7:c9:17:8d:c5:ed:bb:8a:f6:51:3e:03:e5:ff:8d:38:d0:
05:8d:49:8c:0c:50:2d:14:c0:13:20:39:b8:43:9e:d1:0e:6d:
81:db:6d:a9:75:a4:9f:9a:1c:87:e3:a7:92:e2:e2:74:f5:33:
b1:9b:a3:93:43:d0:17:04:60:be:7d:b8:71:2b:1f:cc:4a:82:
36:0d:b0:ae:95:48:91:68:a6:40:59:33:c3:b4:3b:74:ca:9e:
a0:bf:20:02:55:eb:2b:dc:27:30:5d:be:ab:d4:d6:8c:8d:14:
e3:6e:71:5b:34:4d:53:d1:ca:13:4a:24:c0:10:e2:e1:13:8f:
1e:87:7a:94:87:8c:ea:56:c9:44:5b:88:91:ed:de:e6:52:90:
2c:d0:2a:12:64:6f:5f:0d:75:80:29:d6:01:7e:7b:cd:7a:9b:
65:70:f1:e5:6a:54:d2:e9:7d:05:4d:7f:ae:3d:64:11:f0:1e:
a6:db:f9:f5:c3:ca:da:4f:a6:c3:4f:89:ae:5b:3d:b5:78:a1:
0a:4c:e0:d0:78:43:cd:a1:aa:ac:7a:80:09:ea:b4:82:00:ee:
08:e2:d0:3f:52:9e:7b:b6:d8:f8:03:4d:34:75:35:c8:d9:5c:
aa:2e:da:df:da:02:15:bf:31:12:90:c3:82:a3:6a:e5:c4:a3:
7c:f6:4d:a4
-----BEGIN CERTIFICATE-----
MIIGnzCCBYegAwIBAgISAZcWQ38jm0iw4PP6eahxWvr0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjUwNTI4MDk0MDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzMzNmJhZjI1ODI4MTYyOGZkODFmY2U5ZDg1NTA2ZTIwNGM0NzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohfty+6rb6+rAAvhrVJa7FT8DcXr
abC1AlvlsUUB21nl13cqOMDpNW9Afk7I1x29pejijg2eVTKfI8y0gEtX0EYMEGqg
eeWOazuefun79UxQWO4BnAKvdbFvTCmSiHWAQTK7dmKnTNNQ8cGIQxjZ8h9/nS7a
HlNDYGiZwghL5HUXb3xgCeB4ju5GN1puzPWbFtg81nXoQWybh1/IvzLh6IDV7m8s
tyVuq91PyegvrUvzFRyj8Mnfzj7i440y4PxrtLeSU9dPRR6eAYSZi7GqEBg6GLpz
LYGCDY/TN1y5jAcv7s/xvBtf0P5gOh6XIU/t+cXTLQ/JCGgg2RrLU9vtVQIDAQAB
o4IDqzCCA6cwHQYDVR0OBBYEFPwza68lgoFij9gfzp2FUG4gTEcGMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvX0ROcnJ5V0NnV0tQMkJfT25ZVlFiaUJNUndZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBvwYIKwYBBQUHAQcBAf8EggGuMIIBqjCCAaYEAgABMIIB
ngMEAQI4cAMEAAW3gAMEAB/e+AMEAC2EMAMEAC2diAMEAD5EUwMEAT5EVgMEAD7M
JAMEAD7MOQMEAD7pIwMEAD7pLQMEAD7pMQMEAD7pOAMEAD7pPAMEAFBEkQMEAFBE
njAMAwQAUFvRAwQAUFvSAwQAW9V1AwQAW+L3AwQAW/LhAwQAW/LsAwQBXbFoAwQA
XbFrAwQAXo/iAwQAXp6/AwQAgsFPAwQAgv+pAwQAkhNsAwQAkhOJAwQAkhOUAwQA
khOWAwQAkhOYAwQAkhO5AwQAkhO7AwQAkhO+AwQAkhPCMAwDBACwOCUDBACwOCYD
BACy04wDBAC5es4DBAC5m2UDBAC5xpkDBAC52gEDBAC56C8DBADBAxYDBADBjTUD
BADB79EDBADCGtgDBADCGt0DBADCIPMDBADDQGowDAMEAMNAbQMEAMNAbgMEAMNA
cAMEAMNAcgMEAMNAdQMEAMNd+QMEAMNgiAMEAMNgkgMEAMNglAMEAMNgmwMEAMNg
nQMEANQSYAMEANQSZwMEANQ0BQMEANlyIAMEANl3gjANBgkqhkiG9w0BAQsFAAOC
AQEAU6fJF43F7buK9lE+A+X/jTjQBY1JjAxQLRTAEyA5uEOe0Q5tgdttqXWkn5oc
h+OnkuLidPUzsZujk0PQFwRgvn24cSsfzEqCNg2wrpVIkWimQFkzw7Q7dMqeoL8g
AlXrK9wnMF2+q9TWjI0U425xWzRNU9HKE0okwBDi4ROPHod6lIeM6lbJRFuIke3e
5lKQLNAqEmRvXw11gCnWAX57zXqbZXDx5WpU0ul9BU1/rj1kEfAeptv59cPK2k+m
w0+Jrls9tXihCkzg0HhDzaGqrHqACeq0ggDuCOLQP1Kee7bY+ANNNHU1yNlcqi7a
39oCFb8xEpDDgqNq5cSjfPZNpA==
-----END CERTIFICATE-----
Generated at Sun Jun 15 01:08:40 2025 by rpki-client