Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/ERLQF5Leznk8qzks2FbcyUxbBg0.roa
File: ERLQF5Leznk8qzks2FbcyUxbBg0.roa (raw, json)
Hash identifier: OgicERFImtr+VOWXhRpU+MBO+EsYoZYb0ZaPAtM2a08=
Subject key identifier: 11:12:D0:17:92:DE:CE:79:3C:AB:39:2C:D8:56:DC:C9:4C:5B:06:0D
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 019759221FB2900A067683A57A9F9F688A3A
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/ERLQF5Leznk8qzks2FbcyUxbBg0.roa
Signing time: Tue 10 Jun 2025 09:18:17 +0000
ROA not before: Tue 10 Jun 2025 09:18:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200845
IP address blocks: 2.59.192.0/22 maxlen: 22
2.59.192.0/23 maxlen: 23
2.59.193.0/24 maxlen: 24
2.59.194.0/23 maxlen: 23
2.59.194.0/24 maxlen: 24
31.15.0.0/22 maxlen: 22
31.15.0.0/23 maxlen: 23
31.15.0.0/24 maxlen: 24
31.15.1.0/24 maxlen: 24
31.15.2.0/23 maxlen: 23
31.15.2.0/24 maxlen: 24
31.15.3.0/24 maxlen: 25
31.15.4.0/24 maxlen: 24
31.15.5.0/24 maxlen: 24
31.15.6.0/24 maxlen: 24
45.81.104.0/24 maxlen: 24
45.81.107.0/24 maxlen: 24
45.130.160.0/22 maxlen: 22
45.133.60.0/22 maxlen: 22
45.133.60.0/23 maxlen: 23
45.133.60.0/24 maxlen: 24
45.133.61.0/24 maxlen: 24
45.133.62.0/23 maxlen: 23
45.133.62.0/24 maxlen: 24
45.133.63.0/24 maxlen: 24
45.137.136.0/23 maxlen: 23
45.137.139.0/24 maxlen: 24
45.145.135.0/24 maxlen: 24
45.150.84.0/22 maxlen: 22
45.150.84.0/23 maxlen: 23
45.150.84.0/24 maxlen: 24
45.150.85.0/24 maxlen: 24
45.150.86.0/23 maxlen: 23
45.150.86.0/24 maxlen: 24
45.150.87.0/24 maxlen: 24
45.152.140.0/22 maxlen: 22
45.152.140.0/23 maxlen: 23
45.152.140.0/24 maxlen: 24
45.152.141.0/24 maxlen: 24
45.152.142.0/23 maxlen: 23
45.152.142.0/24 maxlen: 24
45.152.143.0/24 maxlen: 24
45.155.56.0/22 maxlen: 22
45.155.56.0/23 maxlen: 23
45.155.56.0/24 maxlen: 24
45.155.57.0/24 maxlen: 24
45.155.58.0/23 maxlen: 23
45.155.58.0/24 maxlen: 24
45.155.59.0/24 maxlen: 24
89.190.152.0/22 maxlen: 22
89.190.152.0/24 maxlen: 24
89.190.153.0/24 maxlen: 24
89.190.154.0/24 maxlen: 24
89.190.155.0/24 maxlen: 24
92.118.180.0/24 maxlen: 24
92.118.183.0/24 maxlen: 24
178.19.40.0/24 maxlen: 24
178.19.41.0/24 maxlen: 24
178.19.42.0/24 maxlen: 24
185.28.51.0/24 maxlen: 24
185.229.216.0/22 maxlen: 22
185.229.216.0/23 maxlen: 23
185.229.217.0/24 maxlen: 24
185.229.218.0/23 maxlen: 23
185.229.219.0/24 maxlen: 24
185.231.184.0/22 maxlen: 22
185.231.186.0/24 maxlen: 24
185.231.187.0/24 maxlen: 24
185.241.122.0/23 maxlen: 23
185.244.228.0/23 maxlen: 23
185.244.228.0/24 maxlen: 24
185.244.229.0/24 maxlen: 24
185.244.230.0/24 maxlen: 24
185.244.231.0/24 maxlen: 24
185.246.12.0/23 maxlen: 23
185.246.12.0/24 maxlen: 24
185.246.13.0/24 maxlen: 24
185.246.14.0/24 maxlen: 24
185.246.15.0/24 maxlen: 24
194.31.104.0/22 maxlen: 22
194.31.104.0/23 maxlen: 23
194.31.104.0/24 maxlen: 24
194.31.105.0/24 maxlen: 24
194.31.106.0/23 maxlen: 23
194.31.106.0/24 maxlen: 24
194.31.107.0/24 maxlen: 24
194.32.112.0/22 maxlen: 22
194.32.112.0/24 maxlen: 24
194.32.113.0/24 maxlen: 24
194.32.114.0/24 maxlen: 24
194.32.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Jun 2025 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:59:22:1f:b2:90:0a:06:76:83:a5:7a:9f:9f:68:8a:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jun 10 09:18:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1112d01792dece793cab392cd856dcc94c5b060d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:fc:26:b2:92:75:2c:96:1e:70:4f:f5:24:b3:
68:03:6b:09:31:40:85:c8:79:05:37:ae:dd:3d:40:
0a:63:7d:1f:e8:6a:3f:8e:9a:b3:8f:e4:57:83:11:
0d:34:e5:dc:ea:65:6d:fe:3f:99:3f:7c:8c:50:d4:
3d:c5:7b:fd:51:59:33:28:52:1e:70:df:33:7d:7b:
9f:3d:d5:12:d6:ca:c4:0e:d4:04:44:64:73:6e:20:
dd:31:ff:34:09:9c:29:3b:e9:52:9b:3b:0f:55:12:
27:97:fc:91:91:3a:0b:a6:03:32:30:84:32:41:bd:
78:b4:a8:50:e5:d0:ef:76:33:65:94:d5:49:17:17:
f3:07:ab:5b:83:5e:36:f3:07:c4:c7:60:8f:fe:57:
43:dd:52:31:43:e8:b8:94:b8:d7:15:6e:3f:c1:90:
2d:11:55:01:ba:5a:69:e5:e4:f2:fb:0e:1c:cf:7e:
c5:e6:ad:9b:5f:0e:2d:be:77:b1:61:d8:6e:e6:86:
14:ff:9f:c3:fb:f8:2b:55:35:61:ce:3b:f8:07:70:
9b:d9:0c:70:e1:a6:f6:60:2f:cc:b2:a4:d6:bc:86:
5e:50:c3:22:44:0f:57:f7:0a:90:53:65:4c:f5:3a:
21:34:6d:15:1a:50:8c:fb:e1:bd:f4:88:c8:96:57:
16:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:12:D0:17:92:DE:CE:79:3C:AB:39:2C:D8:56:DC:C9:4C:5B:06:0D
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/ERLQF5Leznk8qzks2FbcyUxbBg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.192.0/22
31.15.0.0-31.15.6.255
45.81.104.0/24
45.81.107.0/24
45.130.160.0/22
45.133.60.0/22
45.137.136.0/23
45.137.139.0/24
45.145.135.0/24
45.150.84.0/22
45.152.140.0/22
45.155.56.0/22
89.190.152.0/22
92.118.180.0/24
92.118.183.0/24
178.19.40.0-178.19.42.255
185.28.51.0/24
185.229.216.0/22
185.231.184.0/22
185.241.122.0/23
185.244.228.0/22
185.246.12.0/22
194.31.104.0/22
194.32.112.0/22
Signature Algorithm: sha256WithRSAEncryption
ba:de:4d:84:8d:53:70:21:cb:78:e3:60:18:04:22:40:ca:e3:
13:83:10:45:e7:a1:6f:f4:df:94:90:38:7c:89:f6:89:9c:23:
ca:83:ad:e1:9c:77:28:15:82:59:b5:67:a2:7d:f7:c9:a0:e2:
a6:86:16:f6:df:ec:bf:ca:fd:aa:f7:4e:58:cf:4f:2d:f3:77:
ce:08:a3:99:07:44:58:4a:81:c2:d0:93:13:23:e0:17:d5:51:
e4:ff:a9:4e:15:78:28:7b:e8:38:2c:4b:83:0e:12:f5:7b:6c:
93:0b:8d:88:31:fd:a0:93:09:ae:c9:e2:c7:77:ce:06:b0:4d:
e5:70:eb:a6:ba:06:44:dc:24:f9:83:84:b7:7c:d0:e1:3a:bb:
8e:16:b7:a5:57:f5:42:e4:45:07:b1:66:d9:88:65:ca:56:bf:
45:9a:c3:77:7b:05:33:4b:67:15:77:37:29:87:7c:ac:f6:54:
39:53:ac:0d:e7:dc:96:0b:12:15:55:c5:db:d5:83:f1:8a:66:
24:3d:6d:1b:97:1e:b4:4c:bf:c1:e0:10:37:bc:ef:10:06:fb:
4f:17:e4:c6:16:54:3d:e6:06:f8:73:1e:22:ef:44:b3:2c:9d:
37:54:61:2d:86:13:50:09:00:2a:bd:07:ca:c7:41:1d:42:7b:
49:fa:22:4a
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgISAZdZIh+ykAoGdoOlep+faIo6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwNjEwMDkxODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTEyZDAxNzkyZGVjZTc5M2NhYjM5MmNkODU2ZGNjOTRjNWIwNjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3/wmspJ1LJYecE/1JLNoA2sJMUCF
yHkFN67dPUAKY30f6Go/jpqzj+RXgxENNOXc6mVt/j+ZP3yMUNQ9xXv9UVkzKFIe
cN8zfXufPdUS1srEDtQERGRzbiDdMf80CZwpO+lSmzsPVRInl/yRkToLpgMyMIQy
Qb14tKhQ5dDvdjNllNVJFxfzB6tbg1428wfEx2CP/ldD3VIxQ+i4lLjXFW4/wZAt
EVUBulpp5eTy+w4cz37F5q2bXw4tvnexYdhu5oYU/5/D+/grVTVhzjv4B3Cb2Qxw
4ab2YC/MsqTWvIZeUMMiRA9X9wqQU2VM9TohNG0VGlCM++G99IjIllcWpQIDAQAB
o4ICpzCCAqMwHQYDVR0OBBYEFBES0BeS3s55PKs5LNhW3MlMWwYNMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvRVJMUUY1TGV6bms4cXprczJGYmN5VXhiQmcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG8BggrBgEFBQcBBwEB/wSBrDCBqTCBpgQCAAEwgZ8DBAIC
O8AwCwMDAB8PAwQAHw8GAwQALVFoAwQALVFrAwQCLYKgAwQCLYU8AwQBLYmIAwQA
LYmLAwQALZGHAwQCLZZUAwQCLZiMAwQCLZs4AwQCWb6YAwQAXHa0AwQAXHa3MAwD
BAOyEygDBACyEyoDBAC5HDMDBAK55dgDBAK557gDBAG58XoDBAK59OQDBAK59gwD
BALCH2gDBALCIHAwDQYJKoZIhvcNAQELBQADggEBALreTYSNU3Ahy3jjYBgEIkDK
4xODEEXnoW/035SQOHyJ9omcI8qDreGcdygVglm1Z6J998mg4qaGFvbf7L/K/ar3
TljPTy3zd84Io5kHRFhKgcLQkxMj4BfVUeT/qU4VeCh76DgsS4MOEvV7bJMLjYgx
/aCTCa7J4sd3zgawTeVw66a6BkTcJPmDhLd80OE6u44Wt6VX9ULkRQexZtmIZcpW
v0Waw3d7BTNLZxV3NymHfKz2VDlTrA3n3JYLEhVVxdvVg/GKZiQ9bRuXHrRMv8Hg
EDe87xAG+08X5MYWVD3mBvhzHiLvRLMsnTdUYS2GE1AJACq9B8rHQR1Ce0n6Iko=
-----END CERTIFICATE-----
Generated at Mon Jun 16 14:47:07 2025 by rpki-client