Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/cwQffYg0kiYjH-1rNcYLA94-ef0.roa
File: cwQffYg0kiYjH-1rNcYLA94-ef0.roa (raw, json)
Hash identifier: Kweid10quhXZ8y9/SE/PMiXEL+CcUKUXoutq1WDQ6Zk=
Subject key identifier: 73:04:1F:7D:88:34:92:26:23:1F:ED:6B:35:C6:0B:03:DE:3E:79:FD
Certificate issuer: /CN=505127723ea0cfd0724713b291734caa353e20ea
Certificate serial: 01963587940BBCCFC25DCFEBD50FF7B2F6FC
Authority key identifier: 50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/cwQffYg0kiYjH-1rNcYLA94-ef0.roa
Signing time: Mon 14 Apr 2025 18:19:59 +0000
ROA not before: Mon 14 Apr 2025 18:19:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 46261
IP address blocks: 5.44.255.0/24 maxlen: 24
59.152.124.0/22 maxlen: 24
61.14.224.0/22 maxlen: 24
62.106.64.0/24 maxlen: 24
79.110.176.0/21 maxlen: 24
79.110.181.0/24 maxlen: 24
85.8.148.0/22 maxlen: 24
85.202.172.0/22 maxlen: 24
85.202.173.0/24 maxlen: 24
91.132.84.0/22 maxlen: 24
91.132.84.0/23 maxlen: 23
91.132.86.0/24 maxlen: 24
91.132.87.0/24 maxlen: 24
103.203.40.0/22 maxlen: 24
103.205.84.0/22 maxlen: 24
103.207.160.0/22 maxlen: 24
103.207.163.0/24 maxlen: 24
121.46.124.0/22 maxlen: 24
160.238.96.0/22 maxlen: 24
185.105.10.0/24 maxlen: 24
185.118.132.0/22 maxlen: 24
185.118.135.0/24 maxlen: 24
185.145.44.0/22 maxlen: 24
185.147.156.0/22 maxlen: 24
185.147.158.0/24 maxlen: 24
185.157.232.0/22 maxlen: 24
185.158.136.0/22 maxlen: 24
185.176.88.0/22 maxlen: 24
185.176.90.0/24 maxlen: 24
185.190.56.0/22 maxlen: 24
185.196.24.0/23 maxlen: 24
185.196.26.0/23 maxlen: 24
185.202.44.0/23 maxlen: 24
185.202.46.0/23 maxlen: 24
185.206.20.0/23 maxlen: 24
185.206.20.0/24 maxlen: 24
185.206.22.0/23 maxlen: 24
185.209.128.0/23 maxlen: 24
185.209.128.0/24 maxlen: 24
185.209.130.0/23 maxlen: 24
185.213.16.0/23 maxlen: 24
185.213.18.0/23 maxlen: 24
185.214.140.0/22 maxlen: 24
185.214.142.0/23 maxlen: 24
185.214.240.0/23 maxlen: 24
185.214.240.0/24 maxlen: 24
185.214.242.0/23 maxlen: 24
185.219.20.0/22 maxlen: 24
185.219.23.0/24 maxlen: 24
185.225.12.0/23 maxlen: 24
185.225.14.0/23 maxlen: 24
185.227.252.0/23 maxlen: 24
185.227.252.0/24 maxlen: 24
185.227.254.0/23 maxlen: 24
185.227.254.0/24 maxlen: 24
185.228.44.0/22 maxlen: 24
185.235.120.0/22 maxlen: 24
185.235.122.0/24 maxlen: 24
185.235.123.0/24 maxlen: 24
185.238.115.0/24 maxlen: 24
185.242.185.0/24 maxlen: 24
193.3.16.0/24 maxlen: 24
193.31.112.0/22 maxlen: 24
193.31.114.0/24 maxlen: 24
193.163.35.0/24 maxlen: 24
193.176.116.0/22 maxlen: 24
193.187.180.0/22 maxlen: 24
194.50.192.0/22 maxlen: 24
195.216.148.0/22 maxlen: 24
195.245.74.0/23 maxlen: 24
217.18.56.0/22 maxlen: 24
2a07:4580::/29 maxlen: 29
2a07:4580:b0d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.mft
rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 02 May 2025 15:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:35:87:94:0b:bc:cf:c2:5d:cf:eb:d5:0f:f7:b2:f6:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=505127723ea0cfd0724713b291734caa353e20ea
Validity
Not Before: Apr 14 18:19:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=73041f7d88349226231fed6b35c60b03de3e79fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a0:7c:3a:44:e9:5e:20:c6:86:91:71:b7:01:
63:e1:8c:32:48:47:f2:96:9a:03:47:c9:f3:b0:94:
8f:29:92:ca:d1:95:c1:b9:9d:5f:a8:59:1f:b7:ab:
91:7d:cb:d7:ef:87:57:bb:0f:11:4c:e5:dd:22:f7:
06:34:16:c9:96:50:a3:dd:35:b3:88:d7:54:af:1f:
37:69:2d:db:e4:97:e0:ba:67:dd:34:fd:5e:3b:70:
8c:92:bf:51:64:c0:0c:4c:17:74:26:ce:fd:a7:17:
8c:85:32:e2:7d:5f:61:6d:64:63:d4:e9:9d:3b:8f:
75:0a:72:43:66:cb:32:cc:06:50:29:aa:82:5b:1d:
d2:e4:bf:e3:7c:b1:4d:c3:16:26:fd:db:90:ce:a0:
95:01:5d:03:d8:5f:74:6e:a2:f7:74:fc:80:c6:2e:
1f:4b:97:f4:c7:e7:5c:d7:63:65:2f:50:fe:70:30:
85:af:8b:40:e2:f7:c7:83:20:1f:4a:96:a2:19:29:
f4:de:7d:07:e7:c0:23:30:af:7e:fe:48:f7:c4:14:
0d:5b:61:a5:5e:08:5f:83:e4:de:2e:89:19:b0:0a:
45:dd:1a:92:31:4c:8e:54:81:30:cd:af:96:90:b8:
24:4e:7e:6f:76:4a:95:57:91:5e:e2:6d:e7:9c:26:
f2:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:04:1F:7D:88:34:92:26:23:1F:ED:6B:35:C6:0B:03:DE:3E:79:FD
X509v3 Authority Key Identifier:
keyid:50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/cwQffYg0kiYjH-1rNcYLA94-ef0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.255.0/24
59.152.124.0/22
61.14.224.0/22
62.106.64.0/24
79.110.176.0/21
85.8.148.0/22
85.202.172.0/22
91.132.84.0/22
103.203.40.0/22
103.205.84.0/22
103.207.160.0/22
121.46.124.0/22
160.238.96.0/22
185.105.10.0/24
185.118.132.0/22
185.145.44.0/22
185.147.156.0/22
185.157.232.0/22
185.158.136.0/22
185.176.88.0/22
185.190.56.0/22
185.196.24.0/22
185.202.44.0/22
185.206.20.0/22
185.209.128.0/22
185.213.16.0/22
185.214.140.0/22
185.214.240.0/22
185.219.20.0/22
185.225.12.0/22
185.227.252.0/22
185.228.44.0/22
185.235.120.0/22
185.238.115.0/24
185.242.185.0/24
193.3.16.0/24
193.31.112.0/22
193.163.35.0/24
193.176.116.0/22
193.187.180.0/22
194.50.192.0/22
195.216.148.0/22
195.245.74.0/23
217.18.56.0/22
IPv6:
2a07:4580::/29
Signature Algorithm: sha256WithRSAEncryption
50:56:ed:b9:5e:ff:40:9b:90:30:c7:e1:84:c7:ad:67:15:77:
27:01:00:cb:6b:38:7b:80:3d:10:6d:43:db:e3:7d:8b:4e:31:
9b:49:c1:2a:f8:01:9e:05:67:21:26:bb:44:fc:f4:51:7c:1c:
0b:bc:c6:99:7a:b3:45:1f:27:52:b2:7e:d8:26:e8:c2:95:da:
a6:34:41:b3:bb:fb:cb:76:09:e0:a1:b2:03:d7:42:d9:33:6a:
96:d8:e2:6d:09:d5:61:d6:ea:07:fa:25:4e:ec:92:51:10:a1:
cd:96:57:3d:ca:dd:f4:f8:7c:92:55:d4:27:32:ef:d8:67:bf:
3e:2e:29:c6:92:05:fb:c7:48:64:c2:63:59:ea:6b:59:52:b9:
f4:e0:ce:d1:76:e0:1f:ab:de:d0:df:c3:76:fc:7e:d9:86:14:
a8:63:0d:6e:91:f0:99:ee:25:c4:d9:a1:fb:24:b8:f9:41:41:
f1:a8:db:e0:b3:5c:98:f1:8e:5e:c1:9d:05:e1:c7:9f:d8:90:
36:6f:ea:cb:ef:be:9a:0a:4d:f2:bb:39:fc:d8:5b:56:4c:c0:
26:33:fa:5b:9d:f0:f2:7a:f4:e4:5d:a1:d7:de:e1:25:07:ec:
24:a1:a2:d0:0f:9c:69:4d:07:18:1e:9c:b3:7b:25:40:8c:37:
7d:bd:8c:16
-----BEGIN CERTIFICATE-----
MIIGGDCCBQCgAwIBAgISAZY1h5QLvM/CXc/r1Q/3svb8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTEyNzcyM2VhMGNmZDA3MjQ3MTNiMjkxNzM0Y2FhMzUz
ZTIwZWEwHhcNMjUwNDE0MTgxOTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzA0MWY3ZDg4MzQ5MjI2MjMxZmVkNmIzNWM2MGIwM2RlM2U3OWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6B8OkTpXiDGhpFxtwFj4YwySEfy
lpoDR8nzsJSPKZLK0ZXBuZ1fqFkft6uRfcvX74dXuw8RTOXdIvcGNBbJllCj3TWz
iNdUrx83aS3b5JfgumfdNP1eO3CMkr9RZMAMTBd0Js79pxeMhTLifV9hbWRj1Omd
O491CnJDZssyzAZQKaqCWx3S5L/jfLFNwxYm/duQzqCVAV0D2F90bqL3dPyAxi4f
S5f0x+dc12NlL1D+cDCFr4tA4vfHgyAfSpaiGSn03n0H58AjMK9+/kj3xBQNW2Gl
Xghfg+TeLokZsApF3RqSMUyOVIEwza+WkLgkTn5vdkqVV5Fe4m3nnCbyNQIDAQAB
o4IDJDCCAyAwHQYDVR0OBBYEFHMEH32INJImIx/tazXGCwPePnn9MB8GA1UdIwQY
MBaAFFBRJ3I+oM/QckcTspFzTKo1PiDqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYt
NTU2MDhiNjk0NDU2LzEvY3dRZmZZZzBraVlqSC0xck5jWUxBOTQtZWYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYtNTU2MDhiNjk0NDU2
LzEvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOAYIKwYBBQUHAQcBAf8EggEnMIIBIzCCARAEAgABMIIB
CAMEAAUs/wMEAjuYfAMEAj0O4AMEAD5qQAMEA09usAMEAlUIlAMEAlXKrAMEAluE
VAMEAmfLKAMEAmfNVAMEAmfPoAMEAnkufAMEAqDuYAMEALlpCgMEArl2hAMEArmR
LAMEArmTnAMEArmd6AMEArmeiAMEArmwWAMEArm+OAMEArnEGAMEArnKLAMEArnO
FAMEArnRgAMEArnVEAMEArnWjAMEArnW8AMEArnbFAMEArnhDAMEArnj/AMEArnk
LAMEArnreAMEALnucwMEALnyuQMEAMEDEAMEAsEfcAMEAMGjIwMEAsGwdAMEAsG7
tAMEAsIywAMEAsPYlAMEAcP1SgMEAtkSODANBAIAAjAHAwUDKgdFgDANBgkqhkiG
9w0BAQsFAAOCAQEAUFbtuV7/QJuQMMfhhMetZxV3JwEAy2s4e4A9EG1D2+N9i04x
m0nBKvgBngVnISa7RPz0UXwcC7zGmXqzRR8nUrJ+2CbowpXapjRBs7v7y3YJ4KGy
A9dC2TNqltjibQnVYdbqB/olTuySURChzZZXPcrd9Ph8klXUJzLv2Ge/Pi4pxpIF
+8dIZMJjWeprWVK59ODO0XbgH6ve0N/Ddvx+2YYUqGMNbpHwme4lxNmh+yS4+UFB
8ajb4LNcmPGOXsGdBeHHn9iQNm/qy+++mgpN8rs5/NhbVkzAJjP6W53w8nr05F2h
197hJQfsJKGi0A+caU0HGB6cs3slQIw3fb2MFg==
-----END CERTIFICATE-----
Generated at Fri May 2 00:06:54 2025 by rpki-client