Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/B-IjjR9tvyjopcA-sdYLHSmRZwI.roa
File: B-IjjR9tvyjopcA-sdYLHSmRZwI.roa (raw, json)
Hash identifier: c2r6B4PS5EL7VowbuTt5EAkwtbWLcnpUd26TEegjNtU=
Subject key identifier: 07:E2:23:8D:1F:6D:BF:28:E8:A5:C0:3E:B1:D6:0B:1D:29:91:67:02
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0196369EFAB96A328409DB9BCCA3EBFF9F77
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/B-IjjR9tvyjopcA-sdYLHSmRZwI.roa
Signing time: Mon 14 Apr 2025 23:25:10 +0000
ROA not before: Mon 14 Apr 2025 23:25:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52116
IP address blocks: 77.105.6.0/24 maxlen: 24
77.105.11.0/24 maxlen: 24
77.105.31.0/24 maxlen: 24
77.105.61.0/24 maxlen: 24
79.175.91.0/24 maxlen: 24
79.175.93.0/24 maxlen: 24
79.175.103.0/24 maxlen: 24
79.175.115.0/24 maxlen: 24
79.175.116.0/24 maxlen: 24
79.175.118.0/24 maxlen: 24
80.74.173.0/24 maxlen: 24
81.18.49.0/24 maxlen: 24
81.18.50.0/24 maxlen: 24
81.18.52.0/23 maxlen: 23
81.18.55.0/24 maxlen: 24
81.18.61.0/24 maxlen: 24
93.186.64.0/24 maxlen: 24
93.186.67.0/24 maxlen: 24
93.186.71.0/24 maxlen: 24
93.186.72.0/24 maxlen: 24
109.121.60.0/24 maxlen: 24
178.253.207.0/24 maxlen: 24
178.253.210.0/24 maxlen: 24
178.253.213.0/24 maxlen: 24
178.253.214.0/24 maxlen: 24
178.253.219.0/24 maxlen: 24
178.253.236.0/24 maxlen: 24
178.253.240.0/24 maxlen: 24
185.47.88.0/24 maxlen: 24
185.47.89.0/24 maxlen: 24
185.47.90.0/24 maxlen: 24
188.255.130.0/24 maxlen: 24
188.255.140.0/24 maxlen: 24
188.255.185.0/24 maxlen: 24
188.255.190.0/24 maxlen: 24
188.255.208.0/24 maxlen: 24
188.255.213.0/24 maxlen: 24
188.255.219.0/24 maxlen: 24
188.255.226.0/24 maxlen: 24
188.255.238.0/24 maxlen: 24
188.255.244.0/23 maxlen: 23
188.255.246.0/24 maxlen: 24
188.255.247.0/24 maxlen: 24
188.255.250.0/23 maxlen: 23
188.255.252.0/24 maxlen: 24
188.255.254.0/24 maxlen: 24
188.255.255.0/24 maxlen: 24
212.69.6.0/24 maxlen: 24
212.69.7.0/24 maxlen: 24
212.69.12.0/24 maxlen: 24
212.69.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 07:29:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:36:9e:fa:b9:6a:32:84:09:db:9b:cc:a3:eb:ff:9f:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Apr 14 23:25:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07e2238d1f6dbf28e8a5c03eb1d60b1d29916702
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:fe:78:77:17:d7:40:0d:8e:e2:65:b5:7f:cd:
6f:5b:6b:83:7f:d9:bf:b9:cf:75:5f:64:0f:7f:96:
80:87:59:5c:a3:91:24:da:5f:2f:75:a7:58:8b:cb:
69:c7:82:a0:d3:3a:f0:e2:5e:97:12:fb:78:5d:01:
95:a9:aa:10:bf:cd:58:49:8a:cd:b2:f2:eb:21:35:
8a:c5:f7:f5:88:a4:9a:3c:56:6d:24:59:c9:01:0e:
3b:9a:70:5b:f0:df:80:fa:53:1a:29:a2:d2:d5:07:
3a:53:73:31:29:99:ff:b5:08:59:8c:b4:5a:aa:3a:
c4:8d:b9:25:20:5e:41:52:30:67:86:c3:82:54:80:
06:e8:5f:b8:6f:09:67:b9:95:cb:11:2f:09:27:86:
58:09:8d:34:f4:c3:47:88:f6:e4:8b:c6:49:3a:7a:
a2:30:ee:fd:ef:91:73:e0:e3:b6:aa:cd:12:02:ef:
57:72:99:c2:f0:a6:ca:67:ca:95:4b:64:d7:b9:cb:
9c:15:e4:8f:f8:7e:33:12:03:e2:76:f3:7a:56:a4:
f8:16:37:6d:59:20:8d:78:1a:83:d3:b7:d3:94:a5:
89:dd:4b:28:87:2f:b1:de:0a:a4:f9:f0:e0:a1:33:
f2:d3:1a:9d:ab:25:61:dc:d7:b0:16:eb:e7:8e:93:
5b:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:E2:23:8D:1F:6D:BF:28:E8:A5:C0:3E:B1:D6:0B:1D:29:91:67:02
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/B-IjjR9tvyjopcA-sdYLHSmRZwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.6.0/24
77.105.11.0/24
77.105.31.0/24
77.105.61.0/24
79.175.91.0/24
79.175.93.0/24
79.175.103.0/24
79.175.115.0-79.175.116.255
79.175.118.0/24
80.74.173.0/24
81.18.49.0-81.18.50.255
81.18.52.0/23
81.18.55.0/24
81.18.61.0/24
93.186.64.0/24
93.186.67.0/24
93.186.71.0-93.186.72.255
109.121.60.0/24
178.253.207.0/24
178.253.210.0/24
178.253.213.0-178.253.214.255
178.253.219.0/24
178.253.236.0/24
178.253.240.0/24
185.47.88.0-185.47.90.255
188.255.130.0/24
188.255.140.0/24
188.255.185.0/24
188.255.190.0/24
188.255.208.0/24
188.255.213.0/24
188.255.219.0/24
188.255.226.0/24
188.255.238.0/24
188.255.244.0/22
188.255.250.0-188.255.252.255
188.255.254.0/23
212.69.6.0/23
212.69.12.0/24
212.69.18.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:42:91:ae:b9:03:78:11:79:2b:e3:e5:23:aa:c8:85:dd:48:
17:ad:f5:25:dc:5e:f2:af:6b:c2:06:c4:c8:27:c9:f4:6b:e6:
00:c9:23:29:76:5f:e1:75:ae:6c:df:e1:e7:8a:58:4a:1c:c0:
61:6d:ef:46:22:23:7a:6c:92:1e:d2:1e:38:8b:73:32:7d:7c:
a6:87:cb:72:25:ab:40:4f:00:03:16:45:57:b5:5f:ee:17:02:
44:4e:bd:0b:fe:ca:7e:7b:67:0e:d5:c2:d7:98:06:b5:d0:8f:
86:95:64:06:f9:4a:75:22:51:b9:a7:cf:0c:05:12:e5:ce:10:
0d:34:40:24:79:89:fb:20:be:30:a2:73:21:e8:1c:d1:5e:35:
bc:3b:5a:62:4c:9f:d5:f2:57:a5:e3:17:4c:cb:f9:49:ad:6e:
26:a8:eb:c7:f7:94:5d:f4:4f:df:b1:33:c5:f5:2b:9d:97:83:
a9:dd:17:73:00:e8:82:00:f4:30:95:c8:3a:0a:73:99:a5:0a:
78:2a:d5:55:b5:d2:77:30:7b:cf:5a:86:48:90:d0:fb:53:af:
4d:39:f0:20:01:79:67:5c:45:22:ab:ef:02:78:29:56:2e:1f:
be:4b:a8:99:19:81:2e:92:39:46:c3:6a:8b:c8:11:66:5c:19:
7b:42:fa:ea
-----BEGIN CERTIFICATE-----
MIIGITCCBQmgAwIBAgISAZY2nvq5ajKECdubzKPr/593MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjUwNDE0MjMyNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2UyMjM4ZDFmNmRiZjI4ZThhNWMwM2ViMWQ2MGIxZDI5OTE2NzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtv54dxfXQA2O4mW1f81vW2uDf9m/
uc91X2QPf5aAh1lco5Ek2l8vdadYi8tpx4Kg0zrw4l6XEvt4XQGVqaoQv81YSYrN
svLrITWKxff1iKSaPFZtJFnJAQ47mnBb8N+A+lMaKaLS1Qc6U3MxKZn/tQhZjLRa
qjrEjbklIF5BUjBnhsOCVIAG6F+4bwlnuZXLES8JJ4ZYCY009MNHiPbki8ZJOnqi
MO7975Fz4OO2qs0SAu9XcpnC8KbKZ8qVS2TXucucFeSP+H4zEgPidvN6VqT4Fjdt
WSCNeBqD07fTlKWJ3Usohy+x3gqk+fDgoTPy0xqdqyVh3NewFuvnjpNbWwIDAQAB
o4IDLTCCAykwHQYDVR0OBBYEFAfiI40fbb8o6KXAPrHWCx0pkWcCMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvQi1JampSOXR2eWpvcGNBLXNkWUxIU21SWndJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQQYIKwYBBQUHAQcBAf8EggEwMIIBLDCCASgEAgABMIIB
IAMEAE1pBgMEAE1pCwMEAE1pHwMEAE1pPQMEAE+vWwMEAE+vXQMEAE+vZzAMAwQA
T69zAwQAT690AwQAT692AwQAUEqtMAwDBABREjEDBABREjIDBAFREjQDBABREjcD
BABREj0DBABdukADBABdukMwDAMEAF26RwMEAF26SAMEAG15PAMEALL9zwMEALL9
0jAMAwQAsv3VAwQAsv3WAwQAsv3bAwQAsv3sAwQAsv3wMAwDBAO5L1gDBAC5L1oD
BAC8/4IDBAC8/4wDBAC8/7kDBAC8/74DBAC8/9ADBAC8/9UDBAC8/9sDBAC8/+ID
BAC8/+4DBAK8//QwDAMEAbz/+gMEALz//AMEAbz//gMEAdRFBgMEANRFDAMEANRF
EjANBgkqhkiG9w0BAQsFAAOCAQEAf0KRrrkDeBF5K+PlI6rIhd1IF631Jdxe8q9r
wgbEyCfJ9GvmAMkjKXZf4XWubN/h54pYShzAYW3vRiIjemySHtIeOItzMn18pofL
ciWrQE8AAxZFV7Vf7hcCRE69C/7KfntnDtXC15gGtdCPhpVkBvlKdSJRuafPDAUS
5c4QDTRAJHmJ+yC+MKJzIegc0V41vDtaYkyf1fJXpeMXTMv5Sa1uJqjrx/eUXfRP
37EzxfUrnZeDqd0XcwDoggD0MJXIOgpzmaUKeCrVVbXSdzB7z1qGSJDQ+1OvTTnw
IAF5Z1xFIqvvAngpVi4fvkuomRmBLpI5RsNqi8gRZlwZe0L66g==
-----END CERTIFICATE-----
Generated at Sun Apr 27 17:57:54 2025 by rpki-client