Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/CaKii_G7zsFC8SjWjCwMxdtfUeg.roa
File: CaKii_G7zsFC8SjWjCwMxdtfUeg.roa (raw, json)
Hash identifier: aAWUywuVNrJFcMklJdXonwRlkylbQJ7dK99mYdbf8R8=
Subject key identifier: 09:A2:A2:8B:F1:BB:CE:C1:42:F1:28:D6:8C:2C:0C:C5:DB:5F:51:E8
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 01964956D8CF65F8EDB324B07AC476B16A21
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/CaKii_G7zsFC8SjWjCwMxdtfUeg.roa
Signing time: Fri 18 Apr 2025 14:39:10 +0000
ROA not before: Fri 18 Apr 2025 14:39:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42473
IP address blocks: 37.235.3.0/24 maxlen: 24
37.235.4.0/24 maxlen: 24
37.235.5.0/24 maxlen: 24
37.235.7.0/24 maxlen: 24
37.252.224.0/19 maxlen: 32
37.252.226.0/24 maxlen: 24
37.252.228.0/24 maxlen: 32
37.252.234.0/24 maxlen: 24
37.252.243.0/24 maxlen: 24
37.252.244.0/24 maxlen: 24
37.252.251.0/24 maxlen: 24
37.252.253.0/24 maxlen: 24
45.132.61.0/24 maxlen: 24
45.132.62.0/23 maxlen: 24
94.16.98.0/24 maxlen: 24
94.16.100.0/24 maxlen: 24
94.16.125.0/24 maxlen: 24
94.16.126.0/24 maxlen: 24
144.208.192.0/18 maxlen: 32
144.208.204.0/24 maxlen: 24
144.208.205.0/24 maxlen: 24
144.208.206.0/24 maxlen: 24
144.208.207.0/24 maxlen: 24
144.208.212.0/22 maxlen: 32
144.208.216.0/24 maxlen: 24
144.208.217.0/24 maxlen: 24
144.208.219.0/24 maxlen: 24
144.208.221.0/24 maxlen: 24
144.208.222.0/24 maxlen: 24
144.208.223.0/24 maxlen: 24
144.208.224.0/24 maxlen: 24
144.208.225.0/24 maxlen: 24
144.208.226.0/24 maxlen: 24
144.208.228.0/24 maxlen: 24
144.208.229.0/24 maxlen: 24
144.208.230.0/24 maxlen: 24
144.208.231.0/24 maxlen: 24
144.208.232.0/24 maxlen: 24
144.208.233.0/24 maxlen: 24
144.208.235.0/24 maxlen: 24
144.208.236.0/24 maxlen: 24
144.208.237.0/24 maxlen: 24
144.208.238.0/24 maxlen: 24
144.208.240.0/24 maxlen: 24
144.208.241.0/24 maxlen: 24
144.208.242.0/24 maxlen: 24
144.208.244.0/24 maxlen: 24
144.208.254.0/24 maxlen: 24
144.208.255.0/24 maxlen: 24
176.123.54.0/23 maxlen: 23
178.255.152.0/21 maxlen: 32
185.2.176.0/22 maxlen: 32
185.2.176.0/24 maxlen: 24
185.50.232.0/23 maxlen: 23
185.50.235.0/24 maxlen: 24
185.81.206.0/24 maxlen: 24
185.81.209.0/24 maxlen: 24
185.116.96.0/24 maxlen: 24
185.116.97.0/24 maxlen: 24
185.116.98.0/24 maxlen: 24
185.116.99.0/24 maxlen: 24
185.228.148.0/22 maxlen: 22
188.65.72.0/21 maxlen: 32
188.172.192.0/18 maxlen: 32
188.172.208.0/24 maxlen: 24
188.172.230.0/23 maxlen: 23
188.172.247.0/24 maxlen: 24
188.172.249.0/24 maxlen: 24
188.172.254.0/24 maxlen: 24
193.33.114.0/23 maxlen: 32
194.1.206.0/24 maxlen: 32
213.227.160.0/19 maxlen: 32
213.227.184.0/24 maxlen: 24
217.146.0.0/19 maxlen: 24
217.146.6.0/24 maxlen: 24
217.146.7.0/24 maxlen: 24
2a00:11c0::/32 maxlen: 128
2a00:11c0:13::/48 maxlen: 48
2a00:11c0:19::/48 maxlen: 48
2a00:11c0:22::/48 maxlen: 48
2a00:11c0:24::/48 maxlen: 48
2a00:11c0:29::/48 maxlen: 48
2a00:11c0:40::/48 maxlen: 48
2a00:11c0:41::/48 maxlen: 48
2a00:11c0:42::/48 maxlen: 48
2a00:11c0:43::/48 maxlen: 48
2a00:11c0:46::/48 maxlen: 48
2a00:11c0:4a::/48 maxlen: 48
2a00:11c0:5c::/48 maxlen: 48
2a00:11c0:66::/48 maxlen: 48
2a00:11c0:6c::/48 maxlen: 48
2a00:11c0:79::/48 maxlen: 48
2a00:11c0:80::/48 maxlen: 48
2a00:11c0:83::/48 maxlen: 48
2a00:11c0:84::/48 maxlen: 48
2a00:11c0:86::/48 maxlen: 48
2a00:11c0:87::/48 maxlen: 48
2a00:11c0:88::/48 maxlen: 48
2a00:11c0:96::/48 maxlen: 48
2a00:11c0:97::/48 maxlen: 48
2a00:11c0:98::/48 maxlen: 48
2a00:11c0:99::/48 maxlen: 48
2a00:11c0:9a::/48 maxlen: 48
2a00:11c0:dc::/48 maxlen: 48
2a00:11c0:dd::/48 maxlen: 48
2a00:11c0:de::/48 maxlen: 48
2a00:11c0:1334::/48 maxlen: 48
2a00:11c0:1335::/48 maxlen: 48
2a00:11c0:1798::/48 maxlen: 48
2a00:11c0:179a::/48 maxlen: 48
2a00:11c0:179b::/48 maxlen: 48
2a00:11c0:9021::/48 maxlen: 48
2a01:aea0::/32 maxlen: 32
2a01:aea0::/40 maxlen: 40
2a01:aea0:dd1::/48 maxlen: 48
2a01:aea0:df1::/48 maxlen: 48
2a05:8900:28::/48 maxlen: 48
2a05:8900:36::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.mft
rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 01 May 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:49:56:d8:cf:65:f8:ed:b3:24:b0:7a:c4:76:b1:6a:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Apr 18 14:39:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=09a2a28bf1bbcec142f128d68c2c0cc5db5f51e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f8:93:f8:db:20:6e:ef:f0:cc:3a:64:3a:7d:
2e:61:fb:c4:40:ef:c5:fe:d4:93:60:79:b7:f3:2f:
9e:29:1b:52:97:86:7f:65:c8:87:a1:d0:04:dd:02:
59:1a:7c:b3:ad:d3:a4:05:5b:d9:4a:7b:e1:b6:c2:
84:63:47:d2:df:8e:b2:8f:b9:79:1b:a7:ea:8e:4e:
51:6d:3c:48:82:4a:d3:2c:ee:a2:bb:4c:8b:b6:80:
50:ae:d2:63:6a:f0:a3:58:b3:9f:42:21:16:99:68:
b3:d1:25:2b:61:0c:c7:66:7b:e0:5d:54:09:54:52:
dc:f8:7c:ee:b1:8e:eb:06:e2:1d:45:7d:88:8b:bd:
3f:81:4f:70:0d:d6:e5:2b:cc:39:cb:3e:c9:0f:55:
1c:15:87:85:9d:14:25:b6:ab:21:84:71:00:49:ca:
c3:1f:63:ff:00:34:0b:9e:1e:5e:38:d1:f6:0d:ea:
59:fc:e1:87:e8:ec:87:33:17:71:ee:62:fe:76:92:
26:a3:96:e9:4b:f2:3c:fd:d7:af:92:c9:2b:e6:4c:
9c:b5:a4:9f:00:37:87:21:e4:a9:8f:22:b0:84:2e:
62:4b:19:fd:8b:fd:49:1b:4e:ce:fd:6e:31:59:0c:
31:5c:ff:27:bc:3c:1d:61:59:ac:2e:98:de:88:7d:
d2:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:A2:A2:8B:F1:BB:CE:C1:42:F1:28:D6:8C:2C:0C:C5:DB:5F:51:E8
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/CaKii_G7zsFC8SjWjCwMxdtfUeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.3.0-37.235.5.255
37.235.7.0/24
37.252.224.0/19
45.132.61.0-45.132.63.255
94.16.98.0/24
94.16.100.0/24
94.16.125.0-94.16.126.255
144.208.192.0/18
176.123.54.0/23
178.255.152.0/21
185.2.176.0/22
185.50.232.0/23
185.50.235.0/24
185.81.206.0/24
185.81.209.0/24
185.116.96.0/22
185.228.148.0/22
188.65.72.0/21
188.172.192.0/18
193.33.114.0/23
194.1.206.0/24
213.227.160.0/19
217.146.0.0/19
IPv6:
2a00:11c0::/32
2a01:aea0::/32
2a05:8900:28::/48
2a05:8900:36::/48
Signature Algorithm: sha256WithRSAEncryption
d1:62:86:ee:55:c8:36:ae:47:ac:f1:98:6b:61:7f:a7:35:83:
33:8b:7a:e0:c6:c3:d7:8e:5f:08:ba:c8:92:ae:ca:55:9a:43:
42:5a:f1:46:e6:eb:35:4f:3a:72:f9:da:1e:c5:24:c9:61:d7:
70:e8:f1:34:a0:2a:c1:e6:26:44:3e:64:19:40:41:cd:48:04:
3c:83:47:9d:c2:5a:83:73:bb:2a:ab:3e:4b:ec:19:fa:0f:95:
4a:23:92:2b:9d:74:fb:74:fa:bb:a4:8f:69:5d:70:a1:3c:08:
1f:bd:c7:5b:ca:10:d9:68:a6:c8:17:b6:22:89:7a:b4:ec:9d:
4a:32:57:56:ec:09:2c:5a:23:b8:d9:f1:c7:f3:96:0e:35:8b:
c1:ae:9e:96:a9:fd:dd:a0:68:18:91:ec:0a:90:38:94:5c:6b:
ff:7d:93:78:a7:fc:6e:11:fe:27:23:5f:2b:d0:b5:fa:82:0a:
93:06:74:fa:10:e8:09:40:00:79:8d:91:cc:c9:66:ea:7f:a3:
8b:c3:c9:74:9d:a8:e5:a1:c7:66:f6:da:a9:3c:14:7e:af:fc:
9a:dd:86:bb:4d:93:ea:90:60:68:c7:bc:be:20:51:58:e7:88:
f9:99:63:97:e5:51:15:d0:ba:cf:5a:f6:5a:9d:33:e2:8e:02:
db:a0:60:84
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAZZJVtjPZfjtsySwesR2sWohMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjUwNDE4MTQzOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWEyYTI4YmYxYmJjZWMxNDJmMTI4ZDY4YzJjMGNjNWRiNWY1MWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfiT+Nsgbu/wzDpkOn0uYfvEQO/F
/tSTYHm38y+eKRtSl4Z/ZciHodAE3QJZGnyzrdOkBVvZSnvhtsKEY0fS346yj7l5
G6fqjk5RbTxIgkrTLO6iu0yLtoBQrtJjavCjWLOfQiEWmWiz0SUrYQzHZnvgXVQJ
VFLc+HzusY7rBuIdRX2Ii70/gU9wDdblK8w5yz7JD1UcFYeFnRQltqshhHEAScrD
H2P/ADQLnh5eONH2DepZ/OGH6OyHMxdx7mL+dpImo5bpS/I8/devkskr5kyctaSf
ADeHIeSpjyKwhC5iSxn9i/1JG07O/W4xWQwxXP8nvDwdYVmsLpjeiH3SWwIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFAmioovxu87BQvEo1owsDMXbX1HoMB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvQ2FLaWlfRzd6c0ZDOFNqV2pDd014ZHRmVWVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCBqQQCAAEwgaIwDAME
ACXrAwMEASXrBAMEACXrBwMEBSX84DAMAwQALYQ9AwQGLYQAAwQAXhBiAwQAXhBk
MAwDBABeEH0DBABeEH4DBAaQ0MADBAGwezYDBAOy/5gDBAK5ArADBAG5MugDBAC5
MusDBAC5Uc4DBAC5UdEDBAK5dGADBAK55JQDBAO8QUgDBAa8rMADBAHBIXIDBADC
Ac4DBAXV46ADBAXZkgAwJgQCAAIwIAMFACoAEcADBQAqAa6gAwcAKgWJAAAoAwcA
KgWJAAA2MA0GCSqGSIb3DQEBCwUAA4IBAQDRYobuVcg2rkes8ZhrYX+nNYMzi3rg
xsPXjl8IusiSrspVmkNCWvFG5us1Tzpy+doexSTJYddw6PE0oCrB5iZEPmQZQEHN
SAQ8g0edwlqDc7sqqz5L7Bn6D5VKI5IrnXT7dPq7pI9pXXChPAgfvcdbyhDZaKbI
F7YiiXq07J1KMldW7AksWiO42fHH85YONYvBrp6Wqf3doGgYkewKkDiUXGv/fZN4
p/xuEf4nI18r0LX6ggqTBnT6EOgJQAB5jZHMyWbqf6OLw8l0najlocdm9tqpPBR+
r/ya3Ya7TZPqkGBox7y+IFFY54j5mWOX5VEV0LrPWvZanTPijgLboGCE
-----END CERTIFICATE-----
Generated at Wed Apr 30 11:20:05 2025 by rpki-client