Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ONBLhs2q3EPNBcKzjuUXI9NfDXk.roa
File: ONBLhs2q3EPNBcKzjuUXI9NfDXk.roa (raw, json)
Hash identifier: 02TEqjTXH1kKdBwPOe/Fj5S0NZ7Hp7pCF4TDcYi4oGk=
Subject key identifier: 38:D0:4B:86:CD:AA:DC:43:CD:05:C2:B3:8E:E5:17:23:D3:5F:0D:79
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 019736ED19E9000DF75E20D5CBA1999D477A
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ONBLhs2q3EPNBcKzjuUXI9NfDXk.roa
Signing time: Tue 03 Jun 2025 17:53:17 +0000
ROA not before: Tue 03 Jun 2025 17:53:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 5.157.136.0/24 maxlen: 24
5.157.139.0/24 maxlen: 24
5.157.160.0/22 maxlen: 22
37.35.36.0/24 maxlen: 24
37.35.37.0/24 maxlen: 24
37.35.39.0/24 maxlen: 24
62.216.72.0/24 maxlen: 24
62.216.73.0/24 maxlen: 24
62.216.74.0/24 maxlen: 24
62.216.75.0/24 maxlen: 24
62.216.80.0/24 maxlen: 24
62.216.81.0/24 maxlen: 24
62.216.82.0/24 maxlen: 24
62.216.83.0/24 maxlen: 24
62.216.92.0/24 maxlen: 24
62.216.93.0/24 maxlen: 24
62.216.94.0/24 maxlen: 24
62.216.95.0/24 maxlen: 24
91.225.14.0/24 maxlen: 24
91.225.15.0/24 maxlen: 24
91.235.123.0/24 maxlen: 24
146.66.208.0/24 maxlen: 24
146.66.209.0/24 maxlen: 24
146.66.212.0/22 maxlen: 22
146.66.212.0/23 maxlen: 23
146.66.212.0/24 maxlen: 24
146.66.213.0/24 maxlen: 24
146.66.214.0/24 maxlen: 24
146.66.215.0/24 maxlen: 24
146.66.220.0/24 maxlen: 24
146.66.221.0/24 maxlen: 24
146.66.222.0/24 maxlen: 24
146.66.223.0/24 maxlen: 24
178.157.76.0/24 maxlen: 24
178.157.94.0/24 maxlen: 24
178.157.108.0/24 maxlen: 24
178.157.110.0/24 maxlen: 24
178.157.124.0/24 maxlen: 24
178.157.126.0/24 maxlen: 24
185.76.60.0/24 maxlen: 24
185.76.62.0/24 maxlen: 24
188.74.128.0/24 maxlen: 24
188.74.130.0/24 maxlen: 24
188.74.152.0/24 maxlen: 24
188.74.155.0/24 maxlen: 24
188.74.171.0/24 maxlen: 24
188.74.181.0/24 maxlen: 24
188.74.190.0/24 maxlen: 24
188.74.208.0/24 maxlen: 24
188.74.209.0/24 maxlen: 24
188.74.212.0/22 maxlen: 22
188.74.245.0/24 maxlen: 24
188.119.165.0/24 maxlen: 24
188.119.166.0/24 maxlen: 24
188.119.181.0/24 maxlen: 24
188.119.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 07:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:36:ed:19:e9:00:0d:f7:5e:20:d5:cb:a1:99:9d:47:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Jun 3 17:53:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38d04b86cdaadc43cd05c2b38ee51723d35f0d79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:ea:41:f1:1b:48:b2:28:d5:6d:f8:9b:c3:59:
cb:0f:6c:d6:d0:86:49:bd:61:35:42:ff:6a:84:df:
70:c1:76:e2:a7:fd:5f:26:12:45:49:3c:97:28:84:
63:dd:9c:a7:1e:6a:d2:87:52:76:b6:50:d7:92:0d:
47:e7:f9:fc:ab:37:7a:59:6b:ef:1e:dc:d7:b6:c8:
8a:49:31:45:4b:8c:e2:dc:d4:09:4e:84:4d:fb:8f:
55:14:05:cd:7c:d0:99:32:ab:16:a9:a1:37:f7:3c:
60:c6:ff:c2:87:9a:1a:93:36:a8:2e:69:27:33:66:
d7:e7:be:50:91:91:6f:b2:62:c7:30:ed:b4:e2:86:
a5:e9:d7:dd:57:be:c9:9f:8f:63:8f:e1:3a:41:76:
6b:a1:6c:79:ef:98:a5:18:b4:50:fd:57:7a:e4:83:
4f:9e:3c:bc:a7:c0:16:5a:e3:7f:30:82:50:17:3c:
9b:4d:c0:c8:36:4d:33:7f:4a:4b:13:a6:a3:03:6c:
f9:cb:4c:5c:8e:55:92:c4:05:63:7a:6f:30:09:ba:
07:4c:99:06:85:f2:68:aa:2c:a3:40:97:c1:b3:f7:
e7:17:ea:ef:e4:95:11:aa:df:1a:ca:73:ff:26:af:
d9:50:be:ef:83:2e:af:fd:28:71:36:26:d6:5f:b0:
29:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:D0:4B:86:CD:AA:DC:43:CD:05:C2:B3:8E:E5:17:23:D3:5F:0D:79
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ONBLhs2q3EPNBcKzjuUXI9NfDXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.136.0/24
5.157.139.0/24
5.157.160.0/22
37.35.36.0/23
37.35.39.0/24
62.216.72.0/22
62.216.80.0/22
62.216.92.0/22
91.225.14.0/23
91.235.123.0/24
146.66.208.0/23
146.66.212.0/22
146.66.220.0/22
178.157.76.0/24
178.157.94.0/24
178.157.108.0/24
178.157.110.0/24
178.157.124.0/24
178.157.126.0/24
185.76.60.0/24
185.76.62.0/24
188.74.128.0/24
188.74.130.0/24
188.74.152.0/24
188.74.155.0/24
188.74.171.0/24
188.74.181.0/24
188.74.190.0/24
188.74.208.0/23
188.74.212.0/22
188.74.245.0/24
188.119.165.0-188.119.166.255
188.119.181.0/24
188.119.190.0/24
Signature Algorithm: sha256WithRSAEncryption
26:7f:27:18:84:1c:5f:60:dc:41:41:30:8d:ba:5f:4d:4c:cc:
d6:ef:7c:c3:07:43:b1:c1:bf:32:eb:44:ec:ad:f1:8b:86:6c:
1b:c4:f9:8a:4b:ee:c6:a0:b6:3d:93:a7:57:a4:7c:f9:63:29:
d4:0a:e3:64:8e:85:bf:fc:ea:8c:af:f2:d3:f9:13:0d:c3:e0:
c8:b4:10:da:91:24:2e:72:99:68:53:e1:7f:8a:d9:ee:8c:e0:
88:4d:5c:d5:c5:fd:54:c5:6e:fc:a5:59:95:84:b6:8e:ba:26:
f6:a6:7a:b0:ae:5e:6b:e6:47:11:d2:43:f7:a0:7d:75:98:bd:
7f:e9:bc:13:24:ee:4a:1f:06:69:f1:ce:a7:01:55:b2:18:28:
e5:e9:a6:ea:b8:6e:03:83:4b:ba:ea:95:25:b2:60:f9:56:3c:
2f:b3:63:67:77:a2:31:28:a4:5d:2d:78:f0:c7:29:65:8b:0c:
ee:78:20:e4:cc:84:be:85:e9:ad:27:d8:f9:f3:1e:de:41:c1:
9d:33:bc:c6:06:bd:79:98:26:c6:82:42:45:ba:ea:7b:87:9c:
17:30:f2:11:7c:01:91:f2:94:fc:1b:8b:86:90:4f:3d:3d:ec:
59:f7:3f:1a:2e:3f:d0:54:ba:d4:a6:13:5d:01:ec:01:69:76:
af:62:2e:39
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgISAZc27RnpAA33XiDVy6GZnUd6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjUwNjAzMTc1MzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGQwNGI4NmNkYWFkYzQzY2QwNWMyYjM4ZWU1MTcyM2QzNWYwZDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6upB8RtIsijVbfibw1nLD2zW0IZJ
vWE1Qv9qhN9wwXbip/1fJhJFSTyXKIRj3ZynHmrSh1J2tlDXkg1H5/n8qzd6WWvv
HtzXtsiKSTFFS4zi3NQJToRN+49VFAXNfNCZMqsWqaE39zxgxv/Ch5oakzaoLmkn
M2bX575QkZFvsmLHMO204oal6dfdV77Jn49jj+E6QXZroWx575ilGLRQ/Vd65INP
njy8p8AWWuN/MIJQFzybTcDINk0zf0pLE6ajA2z5y0xcjlWSxAVjem8wCboHTJkG
hfJoqiyjQJfBs/fnF+rv5JURqt8aynP/Jq/ZUL7vgy6v/ShxNibWX7Ap/QIDAQAB
o4IC3DCCAtgwHQYDVR0OBBYEFDjQS4bNqtxDzQXCs47lFyPTXw15MB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvT05CTGhzMnEzRVBOQmNLemp1VVhJOU5mRFhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHxBggrBgEFBQcBBwEB/wSB4TCB3jCB2wQCAAEwgdQDBAAF
nYgDBAAFnYsDBAIFnaADBAElIyQDBAAlIycDBAI+2EgDBAI+2FADBAI+2FwDBAFb
4Q4DBABb63sDBAGSQtADBAKSQtQDBAKSQtwDBACynUwDBACynV4DBACynWwDBACy
nW4DBACynXwDBACynX4DBAC5TDwDBAC5TD4DBAC8SoADBAC8SoIDBAC8SpgDBAC8
SpsDBAC8SqsDBAC8SrUDBAC8Sr4DBAG8StADBAK8StQDBAC8SvUwDAMEALx3pQME
ALx3pgMEALx3tQMEALx3vjANBgkqhkiG9w0BAQsFAAOCAQEAJn8nGIQcX2DcQUEw
jbpfTUzM1u98wwdDscG/MutE7K3xi4ZsG8T5ikvuxqC2PZOnV6R8+WMp1ArjZI6F
v/zqjK/y0/kTDcPgyLQQ2pEkLnKZaFPhf4rZ7ozgiE1c1cX9VMVu/KVZlYS2jrom
9qZ6sK5ea+ZHEdJD96B9dZi9f+m8EyTuSh8GafHOpwFVshgo5emm6rhuA4NLuuqV
JbJg+VY8L7NjZ3eiMSikXS148McpZYsM7ngg5MyEvoXprSfY+fMe3kHBnTO8xga9
eZgmxoJCRbrqe4ecFzDyEXwBkfKU/BuLhpBPPT3sWfc/Gi4/0FS61KYTXQHsAWl2
r2IuOQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 17:25:39 2025 by rpki-client