Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/lOoV_awaoXNj1bfhx0bx4WIBK_o.roa
File: lOoV_awaoXNj1bfhx0bx4WIBK_o.roa (raw, json)
Hash identifier: Oj6EJtwaCyCNiMtSUcVlupYUT3Tc0ATPehxbzKeY1zw=
Subject key identifier: 94:EA:15:FD:AC:1A:A1:73:63:D5:B7:E1:C7:46:F1:E1:62:01:2B:FA
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 019623715564D919BEB64215F3919BAC117C
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/lOoV_awaoXNj1bfhx0bx4WIBK_o.roa
Signing time: Fri 11 Apr 2025 06:02:32 +0000
ROA not before: Fri 11 Apr 2025 06:02:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54994
IP address blocks: 91.194.205.0/24 maxlen: 24
91.202.200.0/24 maxlen: 24
93.188.135.0/24 maxlen: 24
148.253.34.0/24 maxlen: 24
148.253.36.0/24 maxlen: 24
148.253.41.0/24 maxlen: 24
148.253.42.0/24 maxlen: 24
148.253.44.0/24 maxlen: 24
148.253.47.0/24 maxlen: 24
148.253.60.0/24 maxlen: 24
148.253.61.0/24 maxlen: 24
148.253.62.0/24 maxlen: 24
148.253.63.0/24 maxlen: 24
148.253.228.0/24 maxlen: 24
148.253.229.0/24 maxlen: 24
148.253.231.0/24 maxlen: 24
148.253.232.0/24 maxlen: 24
148.253.233.0/24 maxlen: 24
148.253.234.0/24 maxlen: 24
148.253.235.0/24 maxlen: 24
148.253.237.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.244.0/24 maxlen: 24
148.253.245.0/24 maxlen: 24
148.253.246.0/24 maxlen: 24
148.253.248.0/24 maxlen: 24
151.249.92.0/24 maxlen: 24
151.249.93.0/24 maxlen: 24
151.249.94.0/24 maxlen: 24
163.171.64.0/24 maxlen: 24
163.171.67.0/24 maxlen: 24
163.171.70.0/24 maxlen: 24
163.171.71.0/24 maxlen: 24
163.171.77.0/24 maxlen: 24
163.171.84.0/24 maxlen: 24
163.171.85.0/24 maxlen: 24
163.171.87.0/24 maxlen: 24
163.171.93.0/24 maxlen: 24
163.171.94.0/24 maxlen: 24
163.171.96.0/24 maxlen: 24
163.171.97.0/24 maxlen: 24
163.171.98.0/24 maxlen: 24
163.171.101.0/24 maxlen: 24
163.171.102.0/24 maxlen: 24
163.171.103.0/24 maxlen: 24
163.171.104.0/24 maxlen: 24
163.171.119.0/24 maxlen: 24
163.171.126.0/24 maxlen: 24
163.171.143.0/24 maxlen: 24
163.171.153.0/24 maxlen: 24
163.171.166.0/24 maxlen: 24
163.171.176.0/24 maxlen: 24
163.171.177.0/24 maxlen: 24
163.171.182.0/24 maxlen: 24
163.171.188.0/24 maxlen: 24
163.171.198.0/24 maxlen: 24
163.171.207.0/24 maxlen: 24
163.171.222.0/24 maxlen: 24
163.171.224.0/24 maxlen: 24
163.171.225.0/24 maxlen: 24
163.171.230.0/24 maxlen: 24
163.171.231.0/24 maxlen: 24
163.171.234.0/24 maxlen: 24
163.171.249.0/24 maxlen: 24
163.171.252.0/24 maxlen: 24
185.27.230.0/24 maxlen: 24
194.107.19.0/24 maxlen: 24
2a01:53c0:ffc6::/48 maxlen: 48
2a01:53c0:ffe7::/48 maxlen: 48
2a01:53c0:fff2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 03 May 2025 06:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:23:71:55:64:d9:19:be:b6:42:15:f3:91:9b:ac:11:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Apr 11 06:02:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94ea15fdac1aa17363d5b7e1c746f1e162012bfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:fe:19:1c:2e:85:b8:54:e7:da:af:31:52:31:
88:76:68:19:a4:9c:08:43:e5:04:db:8b:61:bd:3a:
9f:bf:a3:07:81:fa:d6:91:7f:f0:91:c5:73:f3:06:
51:61:7b:ee:1c:08:b9:81:11:7f:b2:55:41:1a:97:
f2:40:c2:7a:fc:df:c7:5f:8b:e1:55:f3:e2:9f:50:
17:54:a7:a8:ab:c2:6c:5a:24:21:fe:7e:f5:57:40:
42:00:87:c4:09:66:53:c7:d2:91:d5:e4:8e:96:49:
e7:fc:64:1e:4c:9b:4c:0b:91:e3:03:83:c9:5d:03:
68:76:71:0a:7b:8a:58:80:8e:53:55:29:69:53:6a:
64:c0:ea:28:28:c7:3c:12:94:b3:dc:4a:c6:5d:49:
4e:b9:f9:ae:96:5d:c6:67:89:3b:d0:a1:20:9f:7f:
2b:ae:28:d6:3c:ab:4b:42:da:32:86:ef:71:d7:90:
0d:52:72:81:73:1f:75:fa:9c:fe:cd:da:19:ff:51:
fd:18:8c:19:ca:0d:17:86:af:0f:00:2b:71:f9:66:
6d:be:be:f8:5d:f0:df:6a:8d:17:e2:33:3f:b5:e5:
71:5d:3f:ba:8e:a0:60:f3:3b:40:83:4b:e5:b5:6c:
68:03:65:a9:95:e6:66:ce:c9:fa:70:7f:5d:d8:fc:
b2:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:EA:15:FD:AC:1A:A1:73:63:D5:B7:E1:C7:46:F1:E1:62:01:2B:FA
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/lOoV_awaoXNj1bfhx0bx4WIBK_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.205.0/24
91.202.200.0/24
93.188.135.0/24
148.253.34.0/24
148.253.36.0/24
148.253.41.0-148.253.42.255
148.253.44.0/24
148.253.47.0/24
148.253.60.0/22
148.253.228.0/23
148.253.231.0-148.253.235.255
148.253.237.0/24
148.253.239.0/24
148.253.244.0-148.253.246.255
148.253.248.0/24
151.249.92.0-151.249.94.255
163.171.64.0/24
163.171.67.0/24
163.171.70.0/23
163.171.77.0/24
163.171.84.0/23
163.171.87.0/24
163.171.93.0-163.171.94.255
163.171.96.0-163.171.98.255
163.171.101.0-163.171.104.255
163.171.119.0/24
163.171.126.0/24
163.171.143.0/24
163.171.153.0/24
163.171.166.0/24
163.171.176.0/23
163.171.182.0/24
163.171.188.0/24
163.171.198.0/24
163.171.207.0/24
163.171.222.0/24
163.171.224.0/23
163.171.230.0/23
163.171.234.0/24
163.171.249.0/24
163.171.252.0/24
185.27.230.0/24
194.107.19.0/24
IPv6:
2a01:53c0:ffc6::/48
2a01:53c0:ffe7::/48
2a01:53c0:fff2::/48
Signature Algorithm: sha256WithRSAEncryption
16:43:dc:e5:e8:90:a3:f1:be:6d:6c:8a:2b:66:43:09:c9:d8:
04:df:d9:cb:38:e3:08:aa:d6:6a:9b:98:f8:4a:91:07:ec:69:
05:fd:1f:a1:80:2f:74:8d:27:25:44:86:50:04:cb:f5:53:21:
10:8d:e6:58:4c:a9:34:46:c2:bb:9f:ba:60:55:cd:02:8d:a1:
9f:de:41:49:8e:a6:f8:3a:ae:09:22:9b:19:90:1c:c6:f7:d8:
f0:55:b2:67:79:4e:99:1b:f7:46:4d:b7:90:6a:27:87:bb:71:
33:fe:9e:e9:f8:4d:10:5b:10:c3:1c:00:5a:65:24:2b:fa:ef:
96:c1:d0:c6:c1:8d:37:5f:e1:f1:58:05:e3:27:e2:76:99:df:
af:24:e4:1e:1e:17:63:14:73:8a:76:f0:b4:ea:84:4e:36:65:
d0:6c:24:6a:15:0e:2d:d8:cf:88:6f:46:04:b1:43:d5:84:ed:
30:d6:13:27:14:e1:01:a7:fd:47:84:78:ea:a4:94:05:7e:59:
7f:cb:cf:da:95:fd:cb:c9:5e:ab:46:83:46:1e:45:c2:e2:bd:
de:41:16:5a:06:9c:58:af:95:e9:79:73:93:38:83:08:1d:a7:
54:39:38:13:ff:3d:b8:eb:e1:52:31:c9:4f:c7:61:c4:b8:ad:
1c:31:22:4e
-----BEGIN CERTIFICATE-----
MIIGXjCCBUagAwIBAgISAZYjcVVk2Rm+tkIV85GbrBF8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjUwNDExMDYwMjMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGVhMTVmZGFjMWFhMTczNjNkNWI3ZTFjNzQ2ZjFlMTYyMDEyYmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkv4ZHC6FuFTn2q8xUjGIdmgZpJwI
Q+UE24thvTqfv6MHgfrWkX/wkcVz8wZRYXvuHAi5gRF/slVBGpfyQMJ6/N/HX4vh
VfPin1AXVKeoq8JsWiQh/n71V0BCAIfECWZTx9KR1eSOlknn/GQeTJtMC5HjA4PJ
XQNodnEKe4pYgI5TVSlpU2pkwOooKMc8EpSz3ErGXUlOufmull3GZ4k70KEgn38r
rijWPKtLQtoyhu9x15ANUnKBcx91+pz+zdoZ/1H9GIwZyg0Xhq8PACtx+WZtvr74
XfDfao0X4jM/teVxXT+6jqBg8ztAg0vltWxoA2WpleZmzsn6cH9d2PyyiwIDAQAB
o4IDajCCA2YwHQYDVR0OBBYEFJTqFf2sGqFzY9W34cdG8eFiASv6MB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvbE9vVl9hd2FvWE5qMWJmaHgwYng0V0lCS19vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBfgYIKwYBBQUHAQcBAf8EggFtMIIBaTCCAUIEAgABMIIB
OgMEAFvCzQMEAFvKyAMEAF28hwMEAJT9IgMEAJT9JDAMAwQAlP0pAwQAlP0qAwQA
lP0sAwQAlP0vAwQClP08AwQBlP3kMAwDBACU/ecDBAKU/egDBACU/e0DBACU/e8w
DAMEApT99AMEAJT99gMEAJT9+DAMAwQCl/lcAwQAl/leAwQAo6tAAwQAo6tDAwQB
o6tGAwQAo6tNAwQBo6tUAwQAo6tXMAwDBACjq10DBACjq14wDAMEBaOrYAMEAKOr
YjAMAwQAo6tlAwQAo6toAwQAo6t3AwQAo6t+AwQAo6uPAwQAo6uZAwQAo6umAwQB
o6uwAwQAo6u2AwQAo6u8AwQAo6vGAwQAo6vPAwQAo6veAwQBo6vgAwQBo6vmAwQA
o6vqAwQAo6v5AwQAo6v8AwQAuRvmAwQAwmsTMCEEAgACMBsDBwAqAVPA/8YDBwAq
AVPA/+cDBwAqAVPA//IwDQYJKoZIhvcNAQELBQADggEBABZD3OXokKPxvm1siitm
QwnJ2ATf2cs44wiq1mqbmPhKkQfsaQX9H6GAL3SNJyVEhlAEy/VTIRCN5lhMqTRG
wrufumBVzQKNoZ/eQUmOpvg6rgkimxmQHMb32PBVsmd5Tpkb90ZNt5BqJ4e7cTP+
nun4TRBbEMMcAFplJCv675bB0MbBjTdf4fFYBeMn4naZ368k5B4eF2MUc4p28LTq
hE42ZdBsJGoVDi3Yz4hvRgSxQ9WE7TDWEycU4QGn/UeEeOqklAV+WX/Lz9qV/cvJ
XqtGg0YeRcLivd5BFloGnFivlel5c5M4gwgdp1Q5OBP/Pbjr4VIxyU/HYcS4rRwx
Ik4=
-----END CERTIFICATE-----
Generated at Fri May 2 13:19:20 2025 by rpki-client