Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/fiKB3ZEd13ODgcFJzMrkfn1oTsA.roa
File: fiKB3ZEd13ODgcFJzMrkfn1oTsA.roa (raw, json)
Hash identifier: ejEhvMukGrkEkT88HaSYCxi4pfIpV2Ima1aBt0Zdo8M=
Subject key identifier: 7E:22:81:DD:91:1D:D7:73:83:81:C1:49:CC:CA:E4:7E:7D:68:4E:C0
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019759F59C233DFB59319ECA65DE14DFB3CA
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/fiKB3ZEd13ODgcFJzMrkfn1oTsA.roa
Signing time: Tue 10 Jun 2025 13:09:17 +0000
ROA not before: Tue 10 Jun 2025 13:09:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201942
IP address blocks: 31.170.100.0/22 maxlen: 24
37.32.99.0/24 maxlen: 24
45.90.238.0/24 maxlen: 24
45.131.132.0/23 maxlen: 24
45.137.160.0/22 maxlen: 24
45.147.104.0/22 maxlen: 24
45.147.116.0/22 maxlen: 24
45.159.76.0/22 maxlen: 24
62.106.87.0/24 maxlen: 24
81.21.228.0/22 maxlen: 24
85.115.192.0/22 maxlen: 24
88.135.64.0/22 maxlen: 24
91.235.40.0/24 maxlen: 24
91.235.41.0/24 maxlen: 24
91.238.239.0/24 maxlen: 24
92.60.34.0/24 maxlen: 24
92.60.35.0/24 maxlen: 24
93.92.228.0/22 maxlen: 24
93.189.120.0/24 maxlen: 24
93.189.123.0/24 maxlen: 24
95.214.144.0/22 maxlen: 24
109.230.194.0/24 maxlen: 24
109.230.250.0/24 maxlen: 24
185.91.108.0/22 maxlen: 24
185.105.12.0/22 maxlen: 24
185.105.232.0/22 maxlen: 24
185.106.124.0/22 maxlen: 24
185.107.152.0/22 maxlen: 24
185.118.52.0/23 maxlen: 23
185.118.54.0/23 maxlen: 23
185.119.48.0/22 maxlen: 24
185.128.52.0/22 maxlen: 24
185.129.104.0/22 maxlen: 24
185.150.78.0/23 maxlen: 24
185.163.168.0/22 maxlen: 24
185.163.232.0/22 maxlen: 24
185.166.172.0/22 maxlen: 24
185.175.152.0/22 maxlen: 24
185.176.188.0/22 maxlen: 24
185.179.228.0/22 maxlen: 24
185.179.232.0/22 maxlen: 24
185.189.64.0/22 maxlen: 24
185.196.40.0/22 maxlen: 24
185.196.42.0/24 maxlen: 24
185.196.43.0/24 maxlen: 24
185.197.216.0/22 maxlen: 24
185.199.44.0/22 maxlen: 24
185.199.55.0/24 maxlen: 24
185.200.228.0/22 maxlen: 24
185.201.152.0/22 maxlen: 24
185.202.204.0/22 maxlen: 24
185.204.108.0/24 maxlen: 24
185.204.244.0/22 maxlen: 24
185.212.84.0/22 maxlen: 24
185.216.28.0/22 maxlen: 24
185.217.12.0/22 maxlen: 24
185.218.16.0/22 maxlen: 24
185.220.240.0/22 maxlen: 24
185.221.16.0/22 maxlen: 24
185.222.188.0/22 maxlen: 24
185.223.220.0/22 maxlen: 24
185.224.220.0/22 maxlen: 24
185.226.8.0/22 maxlen: 24
185.226.28.0/22 maxlen: 24
185.227.176.0/22 maxlen: 24
185.227.204.0/24 maxlen: 24
185.230.48.0/22 maxlen: 24
185.232.8.0/22 maxlen: 24
185.239.252.0/22 maxlen: 24
185.239.252.0/24 maxlen: 24
185.239.253.0/24 maxlen: 24
185.239.255.0/24 maxlen: 24
185.245.32.0/23 maxlen: 23
185.247.4.0/24 maxlen: 24
193.17.180.0/22 maxlen: 24
193.17.180.0/24 maxlen: 24
193.17.182.0/24 maxlen: 24
193.35.88.0/22 maxlen: 24
193.105.66.0/24 maxlen: 24
193.162.15.0/24 maxlen: 24
194.35.40.0/24 maxlen: 24
194.41.116.0/22 maxlen: 24
194.41.118.0/24 maxlen: 24
195.182.13.0/24 maxlen: 24
212.80.208.0/22 maxlen: 24
212.115.44.0/22 maxlen: 24
213.232.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:59:f5:9c:23:3d:fb:59:31:9e:ca:65:de:14:df:b3:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 10 13:09:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e2281dd911dd7738381c149cccae47e7d684ec0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e9:33:28:b5:49:a8:3d:47:8a:9b:69:d2:b2:
5d:e5:16:5d:dd:02:2e:8b:36:1a:dd:f7:b1:9c:1c:
4f:fb:7d:bb:65:20:b3:32:df:31:70:d8:9b:bc:cc:
92:c4:8f:c2:c9:39:a2:d1:ca:71:fb:55:ff:0b:06:
0b:17:b3:0d:4a:92:31:5a:32:59:30:84:0a:dc:1c:
70:c5:41:84:71:b4:8a:76:93:2b:d3:66:e6:d3:d5:
49:0a:94:68:4a:bd:2f:5d:9d:06:83:88:f1:19:1f:
e2:3d:bb:69:77:3a:c1:ff:46:de:d8:c7:36:fb:1a:
ab:52:bf:21:76:1a:1a:63:73:db:09:26:98:59:1e:
4d:75:18:e9:9b:67:d0:a9:6c:57:41:f9:fe:d1:cd:
fe:e1:ae:eb:b6:e1:9b:9a:fc:ad:9b:20:ed:4b:cd:
22:60:18:40:b0:f5:bb:67:c0:c5:0b:c7:d4:14:5e:
a4:c3:d3:71:44:5b:43:dc:8d:ba:cc:06:29:2b:a6:
37:8c:f7:b9:cd:2d:bc:2b:0c:dd:93:a7:41:fa:72:
95:17:22:b0:91:6a:ae:df:01:36:ab:c9:b6:23:39:
fe:ab:9e:25:16:cc:bc:22:e4:1a:20:35:8a:2a:f6:
ca:0d:2a:c8:b8:6d:4b:5c:39:60:98:b5:b9:80:34:
42:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:22:81:DD:91:1D:D7:73:83:81:C1:49:CC:CA:E4:7E:7D:68:4E:C0
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/fiKB3ZEd13ODgcFJzMrkfn1oTsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.100.0/22
37.32.99.0/24
45.90.238.0/24
45.131.132.0/23
45.137.160.0/22
45.147.104.0/22
45.147.116.0/22
45.159.76.0/22
62.106.87.0/24
81.21.228.0/22
85.115.192.0/22
88.135.64.0/22
91.235.40.0/23
91.238.239.0/24
92.60.34.0/23
93.92.228.0/22
93.189.120.0/24
93.189.123.0/24
95.214.144.0/22
109.230.194.0/24
109.230.250.0/24
185.91.108.0/22
185.105.12.0/22
185.105.232.0/22
185.106.124.0/22
185.107.152.0/22
185.118.52.0/22
185.119.48.0/22
185.128.52.0/22
185.129.104.0/22
185.150.78.0/23
185.163.168.0/22
185.163.232.0/22
185.166.172.0/22
185.175.152.0/22
185.176.188.0/22
185.179.228.0-185.179.235.255
185.189.64.0/22
185.196.40.0/22
185.197.216.0/22
185.199.44.0/22
185.199.55.0/24
185.200.228.0/22
185.201.152.0/22
185.202.204.0/22
185.204.108.0/24
185.204.244.0/22
185.212.84.0/22
185.216.28.0/22
185.217.12.0/22
185.218.16.0/22
185.220.240.0/22
185.221.16.0/22
185.222.188.0/22
185.223.220.0/22
185.224.220.0/22
185.226.8.0/22
185.226.28.0/22
185.227.176.0/22
185.227.204.0/24
185.230.48.0/22
185.232.8.0/22
185.239.252.0/22
185.245.32.0/23
185.247.4.0/24
193.17.180.0/22
193.35.88.0/22
193.105.66.0/24
193.162.15.0/24
194.35.40.0/24
194.41.116.0/22
195.182.13.0/24
212.80.208.0/22
212.115.44.0/22
213.232.232.0/24
Signature Algorithm: sha256WithRSAEncryption
49:65:6a:f2:77:b9:81:19:47:f5:0e:a0:fa:10:47:c6:4e:6f:
86:dd:56:ae:ea:bc:26:02:4d:95:9d:25:fe:90:67:33:7f:83:
9e:06:da:83:84:56:b3:71:67:5b:d3:02:32:34:cb:4f:0d:e2:
c9:7c:04:79:15:10:e2:a6:cc:6d:55:e0:f9:cf:3d:6c:a7:e8:
21:32:5a:eb:d2:59:b8:b9:99:d9:7b:c5:e8:83:a8:2d:d2:12:
ba:fc:87:2b:9f:e5:18:a6:1f:86:75:ff:14:52:3d:f7:61:9c:
c8:01:5a:a1:e1:67:03:39:07:1a:cf:b6:9c:41:5c:69:31:71:
3c:69:ba:69:d5:57:56:84:0c:a7:d5:90:55:9c:b1:1a:e4:fb:
7a:9b:57:cb:f5:c8:27:8d:7c:80:fe:e7:ab:41:b0:70:da:7b:
50:81:88:eb:02:cd:c4:b5:18:40:e2:c1:00:7f:f5:f5:35:80:
0b:34:8d:94:9e:52:72:77:9b:ca:47:3b:bd:d7:6e:fd:ae:dd:
6b:20:cf:17:25:93:48:3f:e6:ab:18:ca:bf:8f:b5:e7:bb:1b:
f4:2c:07:5e:ea:bf:2d:fb:2a:26:77:b6:e8:bc:b8:e0:f7:81:
d9:56:6a:b1:c6:fd:ee:10:7d:56:5c:4a:cb:17:b5:68:14:e4:
64:b0:0f:2a
-----BEGIN CERTIFICATE-----
MIIGyzCCBbOgAwIBAgISAZdZ9ZwjPftZMZ7KZd4U37PKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwNjEwMTMwOTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTIyODFkZDkxMWRkNzczODM4MWMxNDljY2NhZTQ3ZTdkNjg0ZWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOkzKLVJqD1Hiptp0rJd5RZd3QIu
izYa3fexnBxP+327ZSCzMt8xcNibvMySxI/CyTmi0cpx+1X/CwYLF7MNSpIxWjJZ
MIQK3BxwxUGEcbSKdpMr02bm09VJCpRoSr0vXZ0Gg4jxGR/iPbtpdzrB/0be2Mc2
+xqrUr8hdhoaY3PbCSaYWR5NdRjpm2fQqWxXQfn+0c3+4a7rtuGbmvytmyDtS80i
YBhAsPW7Z8DFC8fUFF6kw9NxRFtD3I26zAYpK6Y3jPe5zS28Kwzdk6dB+nKVFyKw
kWqu3wE2q8m2Izn+q54lFsy8IuQaIDWKKvbKDSrIuG1LXDlgmLW5gDRCgwIDAQAB
o4ID1zCCA9MwHQYDVR0OBBYEFH4igd2RHddzg4HBSczK5H59aE7AMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvZmlLQjNaRWQxM09EZ2NGSnpNcmtmbjFvVHNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB6wYIKwYBBQUHAQcBAf8EggHaMIIB1jCCAdIEAgABMIIB
ygMEAh+qZAMEACUgYwMEAC1a7gMEAS2DhAMEAi2JoAMEAi2TaAMEAi2TdAMEAi2f
TAMEAD5qVwMEAlEV5AMEAlVzwAMEAliHQAMEAVvrKAMEAFvu7wMEAVw8IgMEAl1c
5AMEAF29eAMEAF29ewMEAl/WkAMEAG3mwgMEAG3m+gMEArlbbAMEArlpDAMEArlp
6AMEArlqfAMEArlrmAMEArl2NAMEArl3MAMEArmANAMEArmBaAMEAbmWTgMEArmj
qAMEArmj6AMEArmmrAMEArmvmAMEArmwvDAMAwQCubPkAwQCubPoAwQCub1AAwQC
ucQoAwQCucXYAwQCuccsAwQAucc3AwQCucjkAwQCucmYAwQCucrMAwQAucxsAwQC
ucz0AwQCudRUAwQCudgcAwQCudkMAwQCudoQAwQCudzwAwQCud0QAwQCud68AwQC
ud/cAwQCueDcAwQCueIIAwQCueIcAwQCueOwAwQAuePMAwQCueYwAwQCuegIAwQC
ue/8AwQBufUgAwQAufcEAwQCwRG0AwQCwSNYAwQAwWlCAwQAwaIPAwQAwiMoAwQC
wil0AwQAw7YNAwQC1FDQAwQC1HMsAwQA1ejoMA0GCSqGSIb3DQEBCwUAA4IBAQBJ
ZWryd7mBGUf1DqD6EEfGTm+G3Vau6rwmAk2VnSX+kGczf4OeBtqDhFazcWdb0wIy
NMtPDeLJfAR5FRDipsxtVeD5zz1sp+ghMlrr0lm4uZnZe8Xog6gt0hK6/Icrn+UY
ph+Gdf8UUj33YZzIAVqh4WcDOQcaz7acQVxpMXE8abpp1VdWhAyn1ZBVnLEa5Pt6
m1fL9cgnjXyA/uerQbBw2ntQgYjrAs3EtRhA4sEAf/X1NYALNI2UnlJyd5vKRzu9
1279rt1rIM8XJZNIP+arGMq/j7Xnuxv0LAde6r8t+yomd7bovLjg94HZVmqxxv3u
EH1WXErLF7VoFORksA8q
-----END CERTIFICATE-----
Generated at Sat Jun 14 13:04:06 2025 by rpki-client