Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/FKpqZdntLbQQiiDctaWjTQ-Jhgg.roa
File: FKpqZdntLbQQiiDctaWjTQ-Jhgg.roa (raw, json)
Hash identifier: 2VKhNWCYf2bUYSS476FI+lvkfrpBpN2Ra578sYJxX0M=
Subject key identifier: 14:AA:6A:65:D9:ED:2D:B4:10:8A:20:DC:B5:A5:A3:4D:0F:89:86:08
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 0196676B58C28EFE2DA23A7984E50C2CFDC8
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/FKpqZdntLbQQiiDctaWjTQ-Jhgg.roa
Signing time: Thu 24 Apr 2025 10:50:10 +0000
ROA not before: Thu 24 Apr 2025 10:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44477
IP address blocks: 37.221.124.0/22 maxlen: 24
45.67.228.0/24 maxlen: 24
45.67.229.0/24 maxlen: 24
45.67.231.0/24 maxlen: 24
45.120.176.0/22 maxlen: 24
62.3.12.0/24 maxlen: 24
74.119.192.0/24 maxlen: 24
74.119.193.0/24 maxlen: 24
74.119.194.0/24 maxlen: 24
74.119.195.0/24 maxlen: 24
80.92.204.0/24 maxlen: 24
80.92.205.0/24 maxlen: 24
80.92.206.0/24 maxlen: 24
86.104.72.0/22 maxlen: 24
89.221.224.0/24 maxlen: 24
89.221.225.0/24 maxlen: 24
91.132.132.0/22 maxlen: 24
91.194.161.0/24 maxlen: 24
91.225.217.0/24 maxlen: 24
91.225.218.0/24 maxlen: 24
91.225.219.0/24 maxlen: 24
94.131.8.0/24 maxlen: 24
103.35.188.0/22 maxlen: 24
103.106.0.0/22 maxlen: 24
103.113.68.0/22 maxlen: 24
103.231.72.0/22 maxlen: 24
176.120.64.0/22 maxlen: 24
176.120.64.0/24 maxlen: 24
176.120.72.0/22 maxlen: 24
185.234.56.0/22 maxlen: 24
185.234.64.0/22 maxlen: 24
185.235.240.0/22 maxlen: 24
185.236.232.0/22 maxlen: 24
185.242.84.0/24 maxlen: 24
185.242.85.0/24 maxlen: 24
185.242.86.0/24 maxlen: 24
185.242.87.0/24 maxlen: 24
185.250.148.0/24 maxlen: 24
185.250.150.0/24 maxlen: 24
185.250.151.0/24 maxlen: 24
193.203.202.0/24 maxlen: 24
194.54.156.0/24 maxlen: 24
194.54.157.0/24 maxlen: 24
194.54.158.0/24 maxlen: 24
194.54.159.0/24 maxlen: 24
194.62.42.0/24 maxlen: 24
194.246.114.0/24 maxlen: 24
194.246.115.0/24 maxlen: 24
195.42.232.0/22 maxlen: 24
195.149.87.0/24 maxlen: 24
213.159.64.0/21 maxlen: 24
213.159.72.0/21 maxlen: 24
213.159.76.0/24 maxlen: 24
213.159.77.0/24 maxlen: 24
213.159.78.0/24 maxlen: 24
213.159.79.0/24 maxlen: 24
2a09:7c40::/32 maxlen: 32
2a09:7c41::/32 maxlen: 32
2a09:7c42::/32 maxlen: 32
2a09:7c43::/32 maxlen: 32
2a09:7c44::/32 maxlen: 32
2a09:7c45::/32 maxlen: 32
2a09:7c46::/32 maxlen: 32
2a09:7c47::/32 maxlen: 32
2a0b:cf45::/32 maxlen: 32
2a0b:cf46::/32 maxlen: 32
2a0b:cf47::/32 maxlen: 32
2a11:3805::/32 maxlen: 32
2a11:3c02::/32 maxlen: 32
2a11:3c03::/32 maxlen: 32
2a11:4c04::/32 maxlen: 32
2a11:4c05::/32 maxlen: 32
2a11:4c06::/32 maxlen: 32
2a14:2d80::/32 maxlen: 32
2a14:2d81::/32 maxlen: 32
2a14:2d82::/32 maxlen: 32
2a14:2d83::/32 maxlen: 32
2a14:2d85::/32 maxlen: 32
2a14:2d87::/32 maxlen: 32
2a14:2e80::/32 maxlen: 32
2a14:2f80::/32 maxlen: 32
2a14:3080::/32 maxlen: 32
2a14:3081::/32 maxlen: 32
2a14:3082::/32 maxlen: 32
2a14:3083::/32 maxlen: 32
2a14:3084::/32 maxlen: 32
2a14:3085::/32 maxlen: 32
2a14:3086::/32 maxlen: 32
2a14:3880::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.mft
rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 20:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:67:6b:58:c2:8e:fe:2d:a2:3a:79:84:e5:0c:2c:fd:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Apr 24 10:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=14aa6a65d9ed2db4108a20dcb5a5a34d0f898608
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:10:cc:9f:77:9c:b5:0a:50:21:62:a5:5f:ce:
bf:a7:d8:b2:23:f0:85:67:53:e4:87:cd:d2:ae:f5:
3d:33:29:70:7b:93:02:51:5d:3c:fd:64:90:3e:7e:
3d:48:57:b9:1f:65:bc:21:2f:c8:62:f7:c9:14:5e:
8c:21:bd:f3:3c:0a:3a:05:25:93:b6:20:12:0d:38:
6b:ab:21:fc:a0:c2:4b:59:77:cc:96:37:c5:5d:94:
69:30:b7:5b:5d:37:93:f8:7e:bb:f4:60:08:7b:9e:
f0:10:66:e8:8f:e5:a8:d8:89:a3:85:c0:7c:3b:ec:
d6:65:98:ad:99:e6:12:77:a8:43:50:4f:b8:cc:2b:
00:62:54:26:5d:e0:45:cf:48:19:a6:66:c5:7e:1c:
4f:90:c1:9e:e0:a7:c0:21:9d:60:9b:6f:78:38:8c:
fa:0f:ae:71:6b:44:6c:47:11:86:6c:29:97:64:dc:
4d:c0:36:99:79:aa:58:df:3b:78:c7:c8:f5:86:67:
a5:2f:df:10:64:89:3b:4a:5d:34:5e:f0:d1:7a:d1:
e1:7e:dd:9d:66:bd:d2:84:c7:51:fe:2e:cb:ea:50:
66:7b:98:9f:a4:46:9c:19:a9:d0:95:ea:a6:d4:20:
0e:f7:45:b2:f8:11:2c:0a:03:f3:a5:70:63:ba:e7:
83:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:AA:6A:65:D9:ED:2D:B4:10:8A:20:DC:B5:A5:A3:4D:0F:89:86:08
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/FKpqZdntLbQQiiDctaWjTQ-Jhgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.124.0/22
45.67.228.0/23
45.67.231.0/24
45.120.176.0/22
62.3.12.0/24
74.119.192.0/22
80.92.204.0-80.92.206.255
86.104.72.0/22
89.221.224.0/23
91.132.132.0/22
91.194.161.0/24
91.225.217.0-91.225.219.255
94.131.8.0/24
103.35.188.0/22
103.106.0.0/22
103.113.68.0/22
103.231.72.0/22
176.120.64.0/22
176.120.72.0/22
185.234.56.0/22
185.234.64.0/22
185.235.240.0/22
185.236.232.0/22
185.242.84.0/22
185.250.148.0/24
185.250.150.0/23
193.203.202.0/24
194.54.156.0/22
194.62.42.0/24
194.246.114.0/23
195.42.232.0/22
195.149.87.0/24
213.159.64.0/20
IPv6:
2a09:7c40::/29
2a0b:cf45::-2a0b:cf47:ffff:ffff:ffff:ffff:ffff:ffff
2a11:3805::/32
2a11:3c02::/31
2a11:4c04::-2a11:4c06:ffff:ffff:ffff:ffff:ffff:ffff
2a14:2d80::/30
2a14:2d85::/32
2a14:2d87::/32
2a14:2e80::/32
2a14:2f80::/32
2a14:3080::-2a14:3086:ffff:ffff:ffff:ffff:ffff:ffff
2a14:3880::/32
Signature Algorithm: sha256WithRSAEncryption
92:10:34:b4:4d:57:a9:bb:a6:08:0e:b3:27:b4:5b:b1:02:b5:
0d:09:ef:6e:e7:31:af:ac:e8:d9:32:5c:be:f2:19:a6:11:f4:
6a:df:4a:6c:e0:6c:f0:24:65:1c:35:29:fb:70:dc:d3:d4:bc:
49:50:ad:74:13:70:72:d9:7d:a1:78:b0:62:bf:2b:df:4d:02:
3a:bf:5d:0e:dc:41:82:f0:02:7b:18:84:04:d0:7b:c8:b3:26:
4c:38:e8:cc:2c:55:ec:30:d8:e0:96:98:88:09:f3:d4:6c:70:
f4:4d:e5:84:97:e8:09:ef:16:44:7c:47:f4:92:35:94:08:66:
e2:10:52:9c:1a:e7:af:f6:dd:a1:ca:b2:b6:2f:ef:de:a5:eb:
82:e5:7d:a7:8e:a5:b8:3e:e8:3f:59:1e:56:39:3c:08:21:1b:
fe:4e:eb:83:99:d0:6f:a4:e4:66:23:78:5d:5f:2f:cd:db:1b:
b7:b1:e2:90:59:e7:89:2f:85:1f:49:03:4d:e4:f3:63:5d:7a:
b5:b3:e9:38:97:82:7b:5d:10:4c:48:28:c2:00:72:ae:09:d1:
9f:45:82:2e:07:93:f3:ec:73:90:91:af:9d:0d:46:66:23:70:
1e:98:70:48:b8:25:66:55:b1:29:d4:53:ba:40:2f:26:7b:9e:
21:77:c4:89
-----BEGIN CERTIFICATE-----
MIIGTDCCBTSgAwIBAgISAZZna1jCjv4tojp5hOUMLP3IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjUwNDI0MTA1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGFhNmE2NWQ5ZWQyZGI0MTA4YTIwZGNiNWE1YTM0ZDBmODk4NjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxDMn3ectQpQIWKlX86/p9iyI/CF
Z1Pkh83SrvU9Mylwe5MCUV08/WSQPn49SFe5H2W8IS/IYvfJFF6MIb3zPAo6BSWT
tiASDThrqyH8oMJLWXfMljfFXZRpMLdbXTeT+H679GAIe57wEGboj+Wo2ImjhcB8
O+zWZZitmeYSd6hDUE+4zCsAYlQmXeBFz0gZpmbFfhxPkMGe4KfAIZ1gm294OIz6
D65xa0RsRxGGbCmXZNxNwDaZeapY3zt4x8j1hmelL98QZIk7Sl00XvDRetHhft2d
Zr3ShMdR/i7L6lBme5ifpEacGanQleqm1CAO90Wy+BEsCgPzpXBjuueDYQIDAQAB
o4IDWDCCA1QwHQYDVR0OBBYEFBSqamXZ7S20EIog3LWlo00PiYYIMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvRktwcVpkbnRMYlFRaWlEY3RhV2pUUS1KaGdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbAYIKwYBBQUHAQcBAf8EggFbMIIBVzCB3QQCAAEwgdYD
BAIl3XwDBAEtQ+QDBAAtQ+cDBAIteLADBAA+AwwDBAJKd8AwDAMEAlBczAMEAFBc
zgMEAlZoSAMEAVnd4AMEAluEhAMEAFvCoTAMAwQAW+HZAwQCW+HYAwQAXoMIAwQC
ZyO8AwQCZ2oAAwQCZ3FEAwQCZ+dIAwQCsHhAAwQCsHhIAwQCueo4AwQCuepAAwQC
uevwAwQCuezoAwQCufJUAwQAufqUAwQBufqWAwQAwcvKAwQCwjacAwQAwj4qAwQB
wvZyAwQCwyroAwQAw5VXAwQE1Z9AMHUEAgACMG8DBQMqCXxAMA4DBQAqC89FAwUD
KgvPQAMFACoROAUDBQEqETwCMA4DBQIqEUwEAwUAKhFMBgMFAioULYADBQAqFC2F
AwUAKhQthwMFACoULoADBQAqFC+AMA4DBQcqFDCAAwUAKhQwhgMFACoUOIAwDQYJ
KoZIhvcNAQELBQADggEBAJIQNLRNV6m7pggOsye0W7ECtQ0J727nMa+s6NkyXL7y
GaYR9GrfSmzgbPAkZRw1Kftw3NPUvElQrXQTcHLZfaF4sGK/K99NAjq/XQ7cQYLw
AnsYhATQe8izJkw46MwsVeww2OCWmIgJ89RscPRN5YSX6AnvFkR8R/SSNZQIZuIQ
Upwa56/23aHKsrYv796l64LlfaeOpbg+6D9ZHlY5PAghG/5O64OZ0G+k5GYjeF1f
L83bG7ex4pBZ54kvhR9JA03k82NderWz6TiXgntdEExIKMIAcq4J0Z9Fgi4Hk/Ps
c5CRr50NRmYjcB6YcEi4JWZVsSnUU7pALyZ7niF3xIk=
-----END CERTIFICATE-----
Generated at Sun Apr 27 04:22:48 2025 by rpki-client