Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/35Q1mXdFVhKts-efh8roCtzbI8M.roa
File: 35Q1mXdFVhKts-efh8roCtzbI8M.roa (raw, json)
Hash identifier: 1c5BPK/ENxEWdEbGIWv9n3I9YKKd3PTc8KJadzOlRDw=
Subject key identifier: DF:94:35:99:77:45:56:12:AD:B3:E7:9F:87:CA:E8:0A:DC:DB:23:C3
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 019630E7CD924B2E3C409251FE18CBC5BC89
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/35Q1mXdFVhKts-efh8roCtzbI8M.roa
Signing time: Sun 13 Apr 2025 20:46:59 +0000
ROA not before: Sun 13 Apr 2025 20:46:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44477
IP address blocks: 5.182.36.0/24 maxlen: 24
5.182.37.0/24 maxlen: 24
5.182.38.0/24 maxlen: 24
5.182.39.0/24 maxlen: 24
45.8.144.0/24 maxlen: 24
45.8.145.0/24 maxlen: 24
45.8.146.0/24 maxlen: 24
45.8.147.0/24 maxlen: 24
45.67.34.0/24 maxlen: 24
45.67.35.0/24 maxlen: 24
45.84.0.0/24 maxlen: 24
45.87.152.0/24 maxlen: 24
45.87.153.0/24 maxlen: 24
45.87.154.0/24 maxlen: 24
45.87.155.0/24 maxlen: 24
45.89.52.0/22 maxlen: 24
45.89.52.0/24 maxlen: 24
45.89.54.0/24 maxlen: 24
45.89.55.0/24 maxlen: 24
45.93.8.0/24 maxlen: 24
45.93.10.0/24 maxlen: 24
45.93.11.0/24 maxlen: 24
45.159.248.0/24 maxlen: 24
45.159.249.0/24 maxlen: 24
45.159.250.0/24 maxlen: 24
45.159.251.0/24 maxlen: 24
92.118.88.0/22 maxlen: 24
92.119.200.0/22 maxlen: 24
93.185.166.0/24 maxlen: 24
141.98.168.0/24 maxlen: 24
141.98.169.0/24 maxlen: 24
141.98.170.0/24 maxlen: 24
185.231.204.0/24 maxlen: 24
185.231.205.0/24 maxlen: 24
185.231.206.0/24 maxlen: 24
185.231.207.0/24 maxlen: 24
188.119.121.0/24 maxlen: 24
188.119.122.0/24 maxlen: 24
188.119.123.0/24 maxlen: 24
188.119.124.0/24 maxlen: 24
188.119.125.0/24 maxlen: 24
193.43.146.0/24 maxlen: 24
193.43.147.0/24 maxlen: 24
193.46.56.0/24 maxlen: 24
193.46.57.0/24 maxlen: 24
193.57.136.0/24 maxlen: 24
193.57.137.0/24 maxlen: 24
193.57.138.0/24 maxlen: 24
193.57.139.0/24 maxlen: 24
194.4.48.0/24 maxlen: 24
194.4.49.0/24 maxlen: 24
194.4.50.0/24 maxlen: 24
194.4.51.0/24 maxlen: 24
194.116.172.0/24 maxlen: 24
194.116.173.0/24 maxlen: 24
194.116.190.0/24 maxlen: 24
194.116.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 03 May 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:30:e7:cd:92:4b:2e:3c:40:92:51:fe:18:cb:c5:bc:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Apr 13 20:46:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df94359977455612adb3e79f87cae80adcdb23c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:75:72:e3:0e:a1:7d:4f:de:7e:2b:23:65:46:
c5:f4:43:1c:2c:f5:51:7e:87:70:c2:fb:5e:0e:0b:
38:82:9d:1a:d6:7a:72:e9:7a:d7:5f:8d:84:b7:24:
cb:61:21:72:09:23:c7:47:ae:50:43:c4:7d:53:a3:
4b:aa:7a:e9:24:cb:98:ef:43:4f:44:d8:ea:74:cc:
76:2e:f9:ca:3d:00:d8:d9:d3:b5:5c:a2:a6:47:2b:
31:6f:a3:fc:2e:dd:10:a5:15:e7:15:6f:63:5d:9b:
ee:9f:81:13:ac:d2:f8:1e:fc:37:a2:52:cf:78:78:
41:74:53:f8:41:e6:30:d2:25:ac:3f:22:1c:ef:3e:
0d:2f:76:1c:06:6b:e3:04:fe:64:48:5c:7c:d3:f6:
f8:6a:05:b6:40:05:b2:cf:53:51:52:fb:f2:e6:75:
06:c7:9c:15:e1:ca:3d:ea:b1:9f:04:c5:80:c7:5e:
b2:6c:74:81:c8:61:df:39:75:23:f1:52:f8:b7:f5:
d6:72:2f:ab:5f:ea:df:70:0a:13:64:86:52:c9:f8:
d8:78:ab:92:15:24:2f:31:49:ae:0e:25:66:ea:06:
0f:8e:b4:2f:f1:44:55:14:ff:a8:e2:f2:2b:1d:14:
19:92:32:bc:23:5e:f5:d7:3d:e2:f2:ca:e9:30:5b:
30:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:94:35:99:77:45:56:12:AD:B3:E7:9F:87:CA:E8:0A:DC:DB:23:C3
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/35Q1mXdFVhKts-efh8roCtzbI8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.36.0/22
45.8.144.0/22
45.67.34.0/23
45.84.0.0/24
45.87.152.0/22
45.89.52.0/22
45.93.8.0/24
45.93.10.0/23
45.159.248.0/22
92.118.88.0/22
92.119.200.0/22
93.185.166.0/24
141.98.168.0-141.98.170.255
185.231.204.0/22
188.119.121.0-188.119.125.255
193.43.146.0/23
193.46.56.0/23
193.57.136.0/22
194.4.48.0/22
194.116.172.0/23
194.116.190.0/23
Signature Algorithm: sha256WithRSAEncryption
66:da:68:1e:5d:d3:1a:ef:b9:95:c3:ea:07:62:d1:69:ee:0a:
e4:ce:96:df:b4:d1:07:ff:81:be:7d:53:5a:38:52:9e:db:87:
e6:4a:c8:9b:89:d8:4e:70:bf:4a:0e:e0:04:16:9e:8d:9e:71:
4d:48:8b:cb:24:95:dd:05:05:ed:59:0b:cc:f5:cf:bd:73:ae:
96:06:3d:34:ab:8b:a2:3d:10:f7:ff:9e:bf:90:84:5d:28:eb:
18:fc:85:34:8a:1c:09:20:a5:d5:4d:88:4c:20:32:b0:5b:60:
62:7a:f3:1c:7b:77:47:47:51:b5:77:c4:72:2b:26:c3:4f:d8:
de:45:20:30:51:5a:be:73:b4:94:ba:77:df:6c:b4:83:7d:72:
53:9e:26:be:17:eb:46:e3:11:88:21:92:33:19:54:82:d5:47:
0a:de:ec:29:42:03:5b:f3:89:fb:ed:df:25:60:72:a5:14:f5:
4b:ea:01:8d:97:00:6d:99:ac:44:8f:eb:f3:2b:49:2b:93:0a:
be:bc:51:55:d6:6c:f6:31:0c:98:d5:2b:be:8b:90:d2:2f:89:
c8:91:e0:37:4b:dd:79:35:a7:58:71:17:d6:4b:94:ef:56:d3:
6c:66:e3:bd:c3:62:95:a8:ce:60:61:bf:c4:8b:a6:a2:0f:06:
44:dd:5a:7f
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAZYw582SSy48QJJR/hjLxbyJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjUwNDEzMjA0NjU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjk0MzU5OTc3NDU1NjEyYWRiM2U3OWY4N2NhZTgwYWRjZGIyM2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHVy4w6hfU/efisjZUbF9EMcLPVR
fodwwvteDgs4gp0a1npy6XrXX42EtyTLYSFyCSPHR65QQ8R9U6NLqnrpJMuY70NP
RNjqdMx2LvnKPQDY2dO1XKKmRysxb6P8Lt0QpRXnFW9jXZvun4ETrNL4Hvw3olLP
eHhBdFP4QeYw0iWsPyIc7z4NL3YcBmvjBP5kSFx80/b4agW2QAWyz1NRUvvy5nUG
x5wV4co96rGfBMWAx16ybHSByGHfOXUj8VL4t/XWci+rX+rfcAoTZIZSyfjYeKuS
FSQvMUmuDiVm6gYPjrQv8URVFP+o4vIrHRQZkjK8I1711z3i8srpMFswpQIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFN+UNZl3RVYSrbPnn4fK6Arc2yPDMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvMzVRMW1YZEZWaEt0cy1lZmg4cm9DdHpiSThNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4DBAIF
tiQDBAItCJADBAEtQyIDBAAtVAADBAItV5gDBAItWTQDBAAtXQgDBAEtXQoDBAIt
n/gDBAJcdlgDBAJcd8gDBABduaYwDAMEA41iqAMEAI1iqgMEArnnzDAMAwQAvHd5
AwQBvHd8AwQBwSuSAwQBwS44AwQCwTmIAwQCwgQwAwQBwnSsAwQBwnS+MA0GCSqG
SIb3DQEBCwUAA4IBAQBm2mgeXdMa77mVw+oHYtFp7grkzpbftNEH/4G+fVNaOFKe
24fmSsibidhOcL9KDuAEFp6NnnFNSIvLJJXdBQXtWQvM9c+9c66WBj00q4uiPRD3
/56/kIRdKOsY/IU0ihwJIKXVTYhMIDKwW2BievMce3dHR1G1d8RyKybDT9jeRSAw
UVq+c7SUunffbLSDfXJTnia+F+tG4xGIIZIzGVSC1UcK3uwpQgNb84n77d8lYHKl
FPVL6gGNlwBtmaxEj+vzK0krkwq+vFFV1mz2MQyY1Su+i5DSL4nIkeA3S915NadY
cRfWS5TvVtNsZuO9w2KVqM5gYb/Ei6aiDwZE3Vp/
-----END CERTIFICATE-----
Generated at Sat May 3 06:10:21 2025 by rpki-client