Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/KsdspA2MoKkVoFCXal_5ncHXxFQ.roa
File: KsdspA2MoKkVoFCXal_5ncHXxFQ.roa (raw, json)
Hash identifier: 3LFoOYaJ+oCMr/nbexDRPdA4xLqgKNUJVUNsBuPiNi8=
Subject key identifier: 2A:C7:6C:A4:0D:8C:A0:A9:15:A0:50:97:6A:5F:F9:9D:C1:D7:C4:54
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 0196D32EEF33A54CB5C603F83B8ED762E197
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/KsdspA2MoKkVoFCXal_5ncHXxFQ.roa
Signing time: Thu 15 May 2025 09:03:10 +0000
ROA not before: Thu 15 May 2025 09:03:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62235
IP address blocks: 5.183.56.0/22 maxlen: 24
5.183.56.0/23 maxlen: 24
5.183.58.0/23 maxlen: 24
37.156.76.0/22 maxlen: 24
37.156.108.0/22 maxlen: 24
37.156.108.0/23 maxlen: 24
37.156.110.0/23 maxlen: 24
45.14.204.0/22 maxlen: 24
45.14.204.0/23 maxlen: 24
45.14.206.0/24 maxlen: 24
45.14.207.0/24 maxlen: 24
45.86.184.0/23 maxlen: 24
45.86.186.0/23 maxlen: 24
85.204.200.0/21 maxlen: 24
85.204.200.0/22 maxlen: 24
85.204.204.0/22 maxlen: 24
87.247.128.0/22 maxlen: 24
87.247.128.0/23 maxlen: 24
87.247.130.0/23 maxlen: 24
89.35.231.0/24 maxlen: 24
89.39.167.0/24 maxlen: 24
89.44.82.0/24 maxlen: 24
89.45.220.0/22 maxlen: 24
89.45.220.0/23 maxlen: 24
89.45.222.0/23 maxlen: 24
89.46.35.0/24 maxlen: 24
89.46.37.0/24 maxlen: 24
89.46.39.0/24 maxlen: 24
89.46.247.0/24 maxlen: 24
92.119.0.0/22 maxlen: 24
92.119.0.0/23 maxlen: 24
92.119.2.0/23 maxlen: 24
94.177.0.0/22 maxlen: 24
94.177.0.0/23 maxlen: 24
94.177.2.0/23 maxlen: 24
139.28.88.0/22 maxlen: 24
185.41.244.0/22 maxlen: 24
185.41.244.0/23 maxlen: 24
185.41.246.0/23 maxlen: 24
185.56.76.0/22 maxlen: 24
185.56.76.0/23 maxlen: 24
185.56.78.0/23 maxlen: 24
185.87.128.0/22 maxlen: 24
185.87.128.0/23 maxlen: 24
185.87.130.0/23 maxlen: 24
185.228.244.0/22 maxlen: 24
185.228.246.0/23 maxlen: 24
188.212.16.0/22 maxlen: 24
188.212.16.0/23 maxlen: 24
188.212.18.0/23 maxlen: 24
188.213.80.0/22 maxlen: 24
188.213.80.0/23 maxlen: 24
188.213.82.0/23 maxlen: 24
188.213.83.0/24 maxlen: 24
188.214.112.0/21 maxlen: 24
188.214.112.0/22 maxlen: 24
188.214.116.0/22 maxlen: 24
188.214.118.0/24 maxlen: 24
194.124.56.0/22 maxlen: 24
194.124.56.0/23 maxlen: 24
194.124.58.0/23 maxlen: 24
195.82.98.0/23 maxlen: 24
195.82.98.0/24 maxlen: 24
195.82.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d3:2e:ef:33:a5:4c:b5:c6:03:f8:3b:8e:d7:62:e1:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: May 15 09:03:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ac76ca40d8ca0a915a050976a5ff99dc1d7c454
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:13:8a:5d:47:a9:91:62:99:9b:31:72:f4:28:
5f:b4:5e:bc:26:b0:60:df:ca:e8:3f:38:f9:6e:ec:
69:a3:c8:a6:3a:58:41:3b:fa:87:f5:7c:8d:6e:5f:
aa:62:3e:29:24:5b:50:46:5b:41:f1:02:cd:85:ba:
47:39:26:ff:26:a5:b0:66:54:d5:e1:a5:17:cf:38:
f5:d3:15:8f:1f:09:ec:dd:7d:8c:6b:8a:8c:dc:55:
27:85:1a:c8:b0:6b:90:cb:9c:75:31:cd:dc:dc:eb:
0e:78:38:0f:75:1f:34:0a:34:0e:65:24:55:43:f3:
2d:90:21:89:ee:8d:fe:e4:dd:a8:19:a8:61:3b:2c:
f3:a4:35:df:57:ad:85:fe:70:8e:98:53:3e:42:93:
d5:58:0c:2d:b7:28:72:d5:c9:b6:2a:fb:74:fa:fd:
21:13:04:c4:fa:9f:2d:12:d9:01:62:d6:c6:36:a6:
29:7a:8b:0f:98:20:db:d7:72:5f:f7:83:94:e5:4f:
50:46:f0:21:4e:70:70:13:16:67:9e:9e:64:9c:9e:
b2:75:94:5f:56:1b:d8:9a:34:dc:5e:ce:a4:43:13:
b2:c6:62:a6:c1:28:5d:b8:4c:6d:06:d1:b1:ad:5d:
88:04:da:d0:11:10:55:d2:b3:f7:e0:65:4f:e2:50:
38:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:C7:6C:A4:0D:8C:A0:A9:15:A0:50:97:6A:5F:F9:9D:C1:D7:C4:54
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/KsdspA2MoKkVoFCXal_5ncHXxFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.56.0/22
37.156.76.0/22
37.156.108.0/22
45.14.204.0/22
45.86.184.0/22
85.204.200.0/21
87.247.128.0/22
89.35.231.0/24
89.39.167.0/24
89.44.82.0/24
89.45.220.0/22
89.46.35.0/24
89.46.37.0/24
89.46.39.0/24
89.46.247.0/24
92.119.0.0/22
94.177.0.0/22
139.28.88.0/22
185.41.244.0/22
185.56.76.0/22
185.87.128.0/22
185.228.244.0/22
188.212.16.0/22
188.213.80.0/22
188.214.112.0/21
194.124.56.0/22
195.82.98.0/23
Signature Algorithm: sha256WithRSAEncryption
15:0a:66:33:89:2d:4e:05:04:99:eb:08:e9:2c:54:da:38:eb:
f0:20:f5:13:5f:7a:0e:dc:8d:90:2c:23:ca:a0:eb:ab:d1:e9:
6c:d2:a1:cb:8b:c5:74:68:37:8f:1d:23:e6:44:96:f0:b3:cc:
11:97:30:b8:97:3d:c4:7c:1e:b2:81:b1:84:52:43:2b:78:21:
71:1f:08:9a:c5:37:5a:82:36:6c:80:00:c3:09:43:5f:8e:2a:
7b:a6:e1:64:3e:62:05:43:c8:bf:cc:12:20:43:77:e0:af:40:
fc:5b:98:4c:7e:79:6c:16:38:a2:77:e4:20:f4:d9:1e:2f:bf:
7b:b9:aa:a2:1e:3d:9e:88:42:96:6a:d1:81:7c:f4:9b:01:27:
0a:77:25:e9:c0:46:9c:79:30:fd:f0:a5:68:b8:94:a3:32:f8:
75:7a:a0:4a:09:67:89:9e:1b:8f:54:1d:e9:a0:6f:eb:13:80:
64:f2:7c:91:a4:68:c6:49:a1:a2:1b:72:0d:c8:a2:72:fd:d9:
a0:e5:01:09:eb:7c:4a:9a:a6:2e:3e:b6:b7:2e:2c:91:64:44:
7f:3f:e0:63:6a:99:87:34:fe:3a:14:ba:17:83:01:6e:b0:91:
09:77:25:5f:5f:ab:e1:ab:24:40:48:fb:a2:ef:e6:c0:29:47:
06:57:a0:69
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAZbTLu8zpUy1xgP4O47XYuGXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjUwNTE1MDkwMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWM3NmNhNDBkOGNhMGE5MTVhMDUwOTc2YTVmZjk5ZGMxZDdjNDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxOKXUepkWKZmzFy9ChftF68JrBg
38roPzj5buxpo8imOlhBO/qH9XyNbl+qYj4pJFtQRltB8QLNhbpHOSb/JqWwZlTV
4aUXzzj10xWPHwns3X2Ma4qM3FUnhRrIsGuQy5x1Mc3c3OsOeDgPdR80CjQOZSRV
Q/MtkCGJ7o3+5N2oGahhOyzzpDXfV62F/nCOmFM+QpPVWAwttyhy1cm2Kvt0+v0h
EwTE+p8tEtkBYtbGNqYpeosPmCDb13Jf94OU5U9QRvAhTnBwExZnnp5knJ6ydZRf
VhvYmjTcXs6kQxOyxmKmwShduExtBtGxrV2IBNrQERBV0rP34GVP4lA4xwIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFCrHbKQNjKCpFaBQl2pf+Z3B18RUMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvS3Nkc3BBMk1vS2tWb0ZDWGFsXzVuY0hYeEZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBqQQCAAEwgaIDBAIF
tzgDBAIlnEwDBAIlnGwDBAItDswDBAItVrgDBANVzMgDBAJX94ADBABZI+cDBABZ
J6cDBABZLFIDBAJZLdwDBABZLiMDBABZLiUDBABZLicDBABZLvcDBAJcdwADBAJe
sQADBAKLHFgDBAK5KfQDBAK5OEwDBAK5V4ADBAK55PQDBAK81BADBAK81VADBAO8
1nADBALCfDgDBAHDUmIwDQYJKoZIhvcNAQELBQADggEBABUKZjOJLU4FBJnrCOks
VNo46/Ag9RNfeg7cjZAsI8qg66vR6WzSocuLxXRoN48dI+ZElvCzzBGXMLiXPcR8
HrKBsYRSQyt4IXEfCJrFN1qCNmyAAMMJQ1+OKnum4WQ+YgVDyL/MEiBDd+CvQPxb
mEx+eWwWOKJ35CD02R4vv3u5qqIePZ6IQpZq0YF89JsBJwp3JenARpx5MP3wpWi4
lKMy+HV6oEoJZ4meG49UHemgb+sTgGTyfJGkaMZJoaIbcg3IonL92aDlAQnrfEqa
pi4+trcuLJFkRH8/4GNqmYc0/joUuheDAW6wkQl3JV9fq+GrJEBI+6Lv5sApRwZX
oGk=
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:59:04 2025 by rpki-client