Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/pnb8pLsvgN8vSuu3ec43Y0nmHYw.roa
File: pnb8pLsvgN8vSuu3ec43Y0nmHYw.roa (raw, json)
Hash identifier: zPHpSvGA6E2b0A6Zd5CjPX65burstvR3Hb0ptVecBLE=
Subject key identifier: A6:76:FC:A4:BB:2F:80:DF:2F:4A:EB:B7:79:CE:37:63:49:E6:1D:8C
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019756001F243D6304F2744406466F22699C
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/pnb8pLsvgN8vSuu3ec43Y0nmHYw.roa
Signing time: Mon 09 Jun 2025 18:42:17 +0000
ROA not before: Mon 09 Jun 2025 18:42:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49505
IP address blocks: 5.172.179.0/24 maxlen: 24
31.41.253.0/24 maxlen: 24
45.10.248.0/22 maxlen: 22
45.87.255.0/24 maxlen: 24
45.93.12.0/24 maxlen: 24
45.93.14.0/24 maxlen: 24
45.93.15.0/24 maxlen: 24
45.94.228.0/22 maxlen: 22
45.95.28.0/24 maxlen: 24
45.95.148.0/22 maxlen: 22
45.128.129.0/24 maxlen: 24
45.129.4.0/22 maxlen: 22
45.142.254.0/24 maxlen: 24
88.151.11.0/24 maxlen: 24
91.190.158.0/24 maxlen: 24
93.190.123.0/24 maxlen: 24
94.154.188.0/24 maxlen: 24
94.154.189.0/24 maxlen: 24
94.154.191.0/24 maxlen: 24
176.116.17.0/24 maxlen: 24
176.126.98.0/24 maxlen: 24
176.126.102.0/24 maxlen: 24
185.222.214.0/24 maxlen: 24
193.187.106.0/24 maxlen: 24
194.50.73.0/24 maxlen: 24
194.104.232.0/24 maxlen: 24
212.60.7.0/24 maxlen: 24
217.8.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 22:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:56:00:1f:24:3d:63:04:f2:74:44:06:46:6f:22:69:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jun 9 18:42:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a676fca4bb2f80df2f4aebb779ce376349e61d8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:93:90:8a:0e:ac:9e:a2:81:88:bf:07:ed:ac:
65:2f:1b:f0:61:55:98:89:d3:62:3c:fe:bb:10:82:
0e:ad:5e:6e:33:0b:29:70:23:b2:dc:2c:cb:18:08:
a8:db:5a:ad:f4:f8:07:8a:98:fe:2e:9e:6d:c3:bd:
af:36:7c:70:ce:d4:eb:ee:7c:65:63:5d:e7:1f:24:
09:99:2b:f1:fb:57:a1:87:be:2d:47:f1:c3:a5:cd:
ee:eb:fe:77:a4:7a:30:8a:c8:2b:99:8b:cc:80:f0:
c0:17:12:ff:7b:ad:09:10:f8:40:69:04:52:57:bb:
a5:06:8d:83:66:9a:18:4b:11:41:a6:30:32:56:84:
fd:5b:6e:b7:17:fb:38:48:cc:95:f1:7b:15:5a:7e:
b6:f6:4a:b1:c3:7c:59:b9:fa:1e:1e:ac:7c:83:86:
41:4a:eb:27:b4:d7:93:54:df:c7:e0:b0:a8:57:5a:
d8:04:bd:5b:62:5e:05:ad:71:4b:2e:6f:88:5b:2b:
65:85:42:07:2e:f0:7e:0c:ab:c9:1d:11:61:d7:92:
47:3b:0c:4d:41:e3:b3:dd:26:6b:a2:d1:65:9b:c9:
dd:c8:f6:90:b8:db:d3:61:c4:99:31:43:d9:fa:44:
ad:7d:92:6b:5b:18:c4:3d:41:42:91:1a:14:c7:8a:
20:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:76:FC:A4:BB:2F:80:DF:2F:4A:EB:B7:79:CE:37:63:49:E6:1D:8C
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/pnb8pLsvgN8vSuu3ec43Y0nmHYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.179.0/24
31.41.253.0/24
45.10.248.0/22
45.87.255.0/24
45.93.12.0/24
45.93.14.0/23
45.94.228.0/22
45.95.28.0/24
45.95.148.0/22
45.128.129.0/24
45.129.4.0/22
45.142.254.0/24
88.151.11.0/24
91.190.158.0/24
93.190.123.0/24
94.154.188.0/23
94.154.191.0/24
176.116.17.0/24
176.126.98.0/24
176.126.102.0/24
185.222.214.0/24
193.187.106.0/24
194.50.73.0/24
194.104.232.0/24
212.60.7.0/24
217.8.117.0/24
Signature Algorithm: sha256WithRSAEncryption
43:7c:f8:5e:57:27:c3:47:ba:10:2e:4e:98:5b:61:f5:1c:a5:
96:5d:37:10:13:2e:92:00:c3:65:cb:4c:46:bf:84:09:ab:0d:
13:72:dd:1b:41:a6:a3:a7:3c:69:ce:51:f4:0b:95:fa:ad:52:
bb:1a:2d:2b:db:c6:22:a1:c5:1a:16:8f:d1:d0:a9:d1:f0:c8:
9f:d2:7d:5b:47:01:da:d7:a2:ab:ce:58:4b:74:f5:bb:f1:4c:
cc:28:c4:df:fc:6a:2c:c9:5a:61:46:97:ac:4f:71:90:79:4a:
e3:ce:0c:d5:19:c8:a9:98:c3:34:59:3d:77:a9:9d:b9:42:5f:
91:23:f9:a9:df:bf:f5:e9:d7:fa:d2:6e:df:98:40:c4:82:2e:
81:b9:ef:b7:8b:96:d3:de:e3:bb:b4:e7:44:2a:61:90:bd:04:
b6:43:46:89:e6:fe:35:d8:0f:72:79:28:73:2f:19:90:b8:b1:
79:6e:81:e9:57:cb:c0:e8:6f:eb:34:43:03:34:e7:df:2d:52:
91:71:97:0c:f9:97:e9:82:88:bc:91:03:f4:46:46:79:c6:0e:
db:fa:a4:16:da:8e:0b:0d:85:43:06:2f:ae:eb:57:d1:22:93:
c5:1e:84:62:f1:87:9e:5e:8c:3c:5d:52:43:00:45:3e:8f:57:
6d:da:22:2c
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAZdWAB8kPWME8nREBkZvImmcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwNjA5MTg0MjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjc2ZmNhNGJiMmY4MGRmMmY0YWViYjc3OWNlMzc2MzQ5ZTYxZDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5OQig6snqKBiL8H7axlLxvwYVWY
idNiPP67EIIOrV5uMwspcCOy3CzLGAio21qt9PgHipj+Lp5tw72vNnxwztTr7nxl
Y13nHyQJmSvx+1ehh74tR/HDpc3u6/53pHowisgrmYvMgPDAFxL/e60JEPhAaQRS
V7ulBo2DZpoYSxFBpjAyVoT9W263F/s4SMyV8XsVWn629kqxw3xZufoeHqx8g4ZB
SusntNeTVN/H4LCoV1rYBL1bYl4FrXFLLm+IWytlhUIHLvB+DKvJHRFh15JHOwxN
QeOz3SZrotFlm8ndyPaQuNvTYcSZMUPZ+kStfZJrWxjEPUFCkRoUx4ogdwIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFKZ2/KS7L4DfL0rrt3nON2NJ5h2MMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvcG5iOHBMc3ZnTjh2U3V1M2VjNDNZMG5tSFl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwDBAAF
rLMDBAAfKf0DBAItCvgDBAAtV/8DBAAtXQwDBAEtXQ4DBAItXuQDBAAtXxwDBAIt
X5QDBAAtgIEDBAItgQQDBAAtjv4DBABYlwsDBABbvp4DBABdvnsDBAFemrwDBABe
mr8DBACwdBEDBACwfmIDBACwfmYDBAC53tYDBADBu2oDBADCMkkDBADCaOgDBADU
PAcDBADZCHUwDQYJKoZIhvcNAQELBQADggEBAEN8+F5XJ8NHuhAuTphbYfUcpZZd
NxATLpIAw2XLTEa/hAmrDRNy3RtBpqOnPGnOUfQLlfqtUrsaLSvbxiKhxRoWj9HQ
qdHwyJ/SfVtHAdrXoqvOWEt09bvxTMwoxN/8aizJWmFGl6xPcZB5SuPODNUZyKmY
wzRZPXepnblCX5Ej+anfv/Xp1/rSbt+YQMSCLoG577eLltPe47u050QqYZC9BLZD
Ronm/jXYD3J5KHMvGZC4sXlugelXy8Dob+s0QwM0598tUpFxlwz5l+mCiLyRA/RG
RnnGDtv6pBbajgsNhUMGL67rV9Eik8UehGLxh55ejDxdUkMART6PV23aIiw=
-----END CERTIFICATE-----
Generated at Sun Jun 15 07:49:07 2025 by rpki-client