Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/2pti9pBmz4atvNZhpCWITb53-xY.roa
File: 2pti9pBmz4atvNZhpCWITb53-xY.roa (raw, json)
Hash identifier: 0r7is1hWfeXO9VX604GYHWtiKXbqtiLGFrPkk9l13E8=
Subject key identifier: DA:9B:62:F6:90:66:CF:86:AD:BC:D6:61:A4:25:88:4D:BE:77:FB:16
Certificate issuer: /CN=878abb29977a65b140cacb6e72ab24ceddd4e8c5
Certificate serial: 01964180ECFCB9CCBD449E407177BE67ECA6
Authority key identifier: 87:8A:BB:29:97:7A:65:B1:40:CA:CB:6E:72:AB:24:CE:DD:D4:E8:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h4q7KZd6ZbFAystucqskzt3U6MU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/2pti9pBmz4atvNZhpCWITb53-xY.roa
Signing time: Thu 17 Apr 2025 02:08:10 +0000
ROA not before: Thu 17 Apr 2025 02:08:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 132839
IP address blocks: 2.59.100.0/22 maxlen: 22
2.59.100.0/24 maxlen: 24
2.59.101.0/24 maxlen: 24
2.59.102.0/24 maxlen: 24
2.59.103.0/24 maxlen: 24
45.8.28.0/22 maxlen: 22
45.8.29.0/24 maxlen: 24
45.8.30.0/24 maxlen: 24
45.9.108.0/22 maxlen: 22
45.9.108.0/24 maxlen: 24
45.9.109.0/24 maxlen: 24
45.9.110.0/24 maxlen: 24
45.9.111.0/24 maxlen: 24
45.10.208.0/22 maxlen: 22
45.13.160.0/22 maxlen: 22
45.13.160.0/24 maxlen: 24
45.66.188.0/22 maxlen: 22
45.66.188.0/24 maxlen: 24
45.66.189.0/24 maxlen: 24
45.66.190.0/24 maxlen: 24
45.66.191.0/24 maxlen: 24
45.80.112.0/22 maxlen: 22
45.80.113.0/24 maxlen: 24
45.80.114.0/23 maxlen: 23
45.87.228.0/22 maxlen: 22
45.87.231.0/24 maxlen: 24
45.93.64.0/22 maxlen: 22
45.93.64.0/24 maxlen: 24
45.93.65.0/24 maxlen: 24
45.93.66.0/24 maxlen: 24
45.93.67.0/24 maxlen: 24
45.131.156.0/22 maxlen: 22
45.131.156.0/24 maxlen: 24
45.131.157.0/24 maxlen: 24
45.131.158.0/24 maxlen: 24
45.131.159.0/24 maxlen: 24
45.142.76.0/22 maxlen: 22
45.142.79.0/24 maxlen: 24
45.147.212.0/22 maxlen: 22
45.147.215.0/24 maxlen: 24
45.149.68.0/22 maxlen: 22
45.149.68.0/24 maxlen: 24
45.149.69.0/24 maxlen: 24
45.156.168.0/22 maxlen: 22
45.156.169.0/24 maxlen: 24
45.156.171.0/24 maxlen: 24
45.156.216.0/22 maxlen: 22
45.158.220.0/22 maxlen: 22
45.158.221.0/24 maxlen: 24
45.158.223.0/24 maxlen: 24
62.192.188.0/22 maxlen: 22
62.192.188.0/24 maxlen: 24
62.192.189.0/24 maxlen: 24
62.192.190.0/24 maxlen: 24
62.192.191.0/24 maxlen: 24
83.150.224.0/22 maxlen: 22
83.150.224.0/24 maxlen: 24
83.150.225.0/24 maxlen: 24
85.208.56.0/22 maxlen: 22
85.208.56.0/24 maxlen: 24
85.208.57.0/24 maxlen: 24
85.208.58.0/24 maxlen: 24
85.208.59.0/24 maxlen: 24
92.118.144.0/22 maxlen: 22
92.118.144.0/24 maxlen: 24
92.118.145.0/24 maxlen: 24
92.118.146.0/24 maxlen: 24
92.118.147.0/24 maxlen: 24
185.51.164.0/22 maxlen: 22
185.51.164.0/24 maxlen: 24
185.51.167.0/24 maxlen: 24
193.42.15.0/24 maxlen: 24
193.42.132.0/24 maxlen: 24
193.42.135.0/24 maxlen: 24
193.42.149.0/24 maxlen: 24
193.108.46.0/23 maxlen: 23
193.108.96.0/23 maxlen: 23
193.164.222.0/23 maxlen: 23
193.168.4.0/23 maxlen: 23
194.146.84.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/h4q7KZd6ZbFAystucqskzt3U6MU.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/h4q7KZd6ZbFAystucqskzt3U6MU.mft
rsync://rpki.ripe.net/repository/DEFAULT/h4q7KZd6ZbFAystucqskzt3U6MU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:41:80:ec:fc:b9:cc:bd:44:9e:40:71:77:be:67:ec:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=878abb29977a65b140cacb6e72ab24ceddd4e8c5
Validity
Not Before: Apr 17 02:08:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da9b62f69066cf86adbcd661a425884dbe77fb16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f0:43:a6:a9:f6:a7:f2:d3:5b:d4:13:57:ea:
82:32:96:bf:e9:5e:86:9c:dc:ee:d4:82:ab:38:ad:
aa:35:59:29:13:83:1a:42:2e:ba:2e:e3:c3:bc:77:
92:9f:2a:37:53:d4:98:da:84:bd:d3:fc:83:9d:ec:
d8:27:bf:8e:bb:6e:61:60:fb:00:2f:1e:4f:fb:e5:
97:99:68:7e:6a:af:07:61:fe:c3:37:bd:fd:6e:74:
26:d3:01:d1:c3:6a:a7:1b:1d:58:40:b9:dd:d4:86:
12:77:d3:ab:1b:1b:1a:70:82:cd:c0:9a:00:c0:67:
fa:40:f5:73:ed:e8:33:ed:8e:76:82:27:13:74:d3:
93:71:8a:41:0b:5f:e3:2c:01:88:b5:5b:14:dd:30:
82:c6:eb:10:0d:b8:55:31:a8:df:24:dc:e3:59:27:
f1:e4:87:bb:ff:72:df:cb:8b:af:27:53:72:69:b1:
dd:1e:3e:db:ef:6e:b0:d4:2e:2c:93:61:a9:7d:d8:
7e:1b:e7:92:07:5d:f1:0c:a7:42:e4:51:31:04:c7:
42:9c:fb:33:f2:6f:77:1d:69:72:fe:ff:e9:4d:76:
c9:75:1e:68:61:69:39:2b:39:78:fe:9c:d5:30:c7:
da:08:13:9a:e5:f5:b6:38:bc:0e:9d:d0:26:fb:c5:
83:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:9B:62:F6:90:66:CF:86:AD:BC:D6:61:A4:25:88:4D:BE:77:FB:16
X509v3 Authority Key Identifier:
keyid:87:8A:BB:29:97:7A:65:B1:40:CA:CB:6E:72:AB:24:CE:DD:D4:E8:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h4q7KZd6ZbFAystucqskzt3U6MU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/2pti9pBmz4atvNZhpCWITb53-xY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/h4q7KZd6ZbFAystucqskzt3U6MU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.100.0/22
45.8.28.0/22
45.9.108.0/22
45.10.208.0/22
45.13.160.0/22
45.66.188.0/22
45.80.112.0/22
45.87.228.0/22
45.93.64.0/22
45.131.156.0/22
45.142.76.0/22
45.147.212.0/22
45.149.68.0/22
45.156.168.0/22
45.156.216.0/22
45.158.220.0/22
62.192.188.0/22
83.150.224.0/22
85.208.56.0/22
92.118.144.0/22
185.51.164.0/22
193.42.15.0/24
193.42.132.0/24
193.42.135.0/24
193.42.149.0/24
193.108.46.0/23
193.108.96.0/23
193.164.222.0/23
193.168.4.0/23
194.146.84.0/22
Signature Algorithm: sha256WithRSAEncryption
c1:2b:92:10:01:5a:24:f4:65:1e:60:93:96:af:24:2f:b9:a8:
61:d1:3f:60:53:98:b7:6f:f2:b0:db:59:3e:e8:e4:d1:fb:59:
02:63:57:76:2b:98:e7:34:9c:d6:bb:0d:43:dc:a2:49:29:66:
2a:c4:30:90:02:41:14:ff:48:68:8e:bb:a7:68:26:20:55:ec:
9a:b9:93:63:5a:31:e4:9f:c7:4d:aa:ba:2f:08:e3:15:8f:6a:
6d:59:98:ca:c0:de:a1:9d:d6:1f:10:b7:7b:c5:cc:12:0b:5d:
81:80:d2:9a:82:0a:96:c6:ad:cd:19:73:aa:d6:c2:29:b0:27:
41:6c:ab:6b:c3:25:b9:1a:04:a0:20:1d:7b:1c:33:35:e6:95:
20:60:46:01:5f:26:a5:d6:df:37:51:0b:71:41:34:f5:dc:16:
9d:86:03:8b:03:38:5d:67:3d:a6:2d:f9:60:68:69:31:42:12:
11:9f:47:84:15:19:d2:67:12:5a:de:0e:66:95:37:c0:b4:dd:
f8:8a:5c:c0:b9:f8:5b:bd:18:3a:83:bf:26:8f:85:86:3c:a9:
05:06:7f:45:f1:52:45:f5:bb:6f:10:0a:de:fe:22:78:07:51:
c6:6e:b0:d2:0a:56:17:19:13:cb:69:ad:b1:01:bf:97:fb:b4:
7d:14:8e:42
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAZZBgOz8ucy9RJ5AcXe+Z+ymMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3OGFiYjI5OTc3YTY1YjE0MGNhY2I2ZTcyYWIyNGNlZGRk
NGU4YzUwHhcNMjUwNDE3MDIwODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTliNjJmNjkwNjZjZjg2YWRiY2Q2NjFhNDI1ODg0ZGJlNzdmYjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfBDpqn2p/LTW9QTV+qCMpa/6V6G
nNzu1IKrOK2qNVkpE4MaQi66LuPDvHeSnyo3U9SY2oS90/yDnezYJ7+Ou25hYPsA
Lx5P++WXmWh+aq8HYf7DN739bnQm0wHRw2qnGx1YQLnd1IYSd9OrGxsacILNwJoA
wGf6QPVz7egz7Y52gicTdNOTcYpBC1/jLAGItVsU3TCCxusQDbhVMajfJNzjWSfx
5Ie7/3Lfy4uvJ1NyabHdHj7b726w1C4sk2Gpfdh+G+eSB13xDKdC5FExBMdCnPsz
8m93HWly/v/pTXbJdR5oYWk5Kzl4/pzVMMfaCBOa5fW2OLwOndAm+8WDvQIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFNqbYvaQZs+GrbzWYaQliE2+d/sWMB8GA1UdIwQY
MBaAFIeKuymXemWxQMrLbnKrJM7d1OjFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDRxN0taZDZaYkZBeXN0dWNxc2t6dDNVNk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8wNmI4ZjUtMWE3Ni00NWY4LWI5N2Et
YWM4NjQ3ZDA1NThhLzEvMnB0aTlwQm16NGF0dk5aaHBDV0lUYjUzLXhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8wNmI4ZjUtMWE3Ni00NWY4LWI5N2EtYWM4NjQ3ZDA1NThh
LzEvaDRxN0taZDZaYkZBeXN0dWNxc2t6dDNVNk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBuwQCAAEwgbQDBAIC
O2QDBAItCBwDBAItCWwDBAItCtADBAItDaADBAItQrwDBAItUHADBAItV+QDBAIt
XUADBAItg5wDBAItjkwDBAItk9QDBAItlUQDBAItnKgDBAItnNgDBAItntwDBAI+
wLwDBAJTluADBAJV0DgDBAJcdpADBAK5M6QDBADBKg8DBADBKoQDBADBKocDBADB
KpUDBAHBbC4DBAHBbGADBAHBpN4DBAHBqAQDBALCklQwDQYJKoZIhvcNAQELBQAD
ggEBAMErkhABWiT0ZR5gk5avJC+5qGHRP2BTmLdv8rDbWT7o5NH7WQJjV3YrmOc0
nNa7DUPcokkpZirEMJACQRT/SGiOu6doJiBV7Jq5k2NaMeSfx02qui8I4xWPam1Z
mMrA3qGd1h8Qt3vFzBILXYGA0pqCCpbGrc0Zc6rWwimwJ0Fsq2vDJbkaBKAgHXsc
MzXmlSBgRgFfJqXW3zdRC3FBNPXcFp2GA4sDOF1nPaYt+WBoaTFCEhGfR4QVGdJn
ElreDmaVN8C03fiKXMC5+Fu9GDqDvyaPhYY8qQUGf0XxUkX1u28QCt7+IngHUcZu
sNIKVhcZE8tprbEBv5f7tH0UjkI=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:30:51 2025 by rpki-client