Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/0988af-8d7f-4c29-b5cc-7aab6ef955a1/1/wZytHkz1eTrO_daNgd0l88TpMno.roa
File: wZytHkz1eTrO_daNgd0l88TpMno.roa (raw, json)
Hash identifier: aO2EKOjOiT6GiecSdUo1ipV7w9UfmDYsqeI6Hxz5eZo=
Subject key identifier: C1:9C:AD:1E:4C:F5:79:3A:CE:FD:D6:8D:81:DD:25:F3:C4:E9:32:7A
Certificate issuer: /CN=624c494f56193b4e9adf3db72e4f01978c587f18
Certificate serial: 01965FFEB6817B7B191163EAE8169AEF9436
Authority key identifier: 62:4C:49:4F:56:19:3B:4E:9A:DF:3D:B7:2E:4F:01:97:8C:58:7F:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkxJT1YZO06a3z23Lk8Bl4xYfxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/0988af-8d7f-4c29-b5cc-7aab6ef955a1/1/wZytHkz1eTrO_daNgd0l88TpMno.roa
Signing time: Wed 23 Apr 2025 00:14:10 +0000
ROA not before: Wed 23 Apr 2025 00:14:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57363
IP address blocks: 91.231.234.0/24 maxlen: 24
91.231.235.0/24 maxlen: 24
91.231.236.0/24 maxlen: 24
91.231.237.0/24 maxlen: 24
91.231.239.0/24 maxlen: 24
91.238.108.0/24 maxlen: 24
91.238.109.0/24 maxlen: 24
91.238.110.0/24 maxlen: 24
91.240.168.0/24 maxlen: 24
91.240.169.0/24 maxlen: 24
91.240.170.0/24 maxlen: 24
91.240.171.0/24 maxlen: 24
151.236.64.0/24 maxlen: 24
151.236.65.0/24 maxlen: 24
151.236.67.0/24 maxlen: 24
151.236.68.0/24 maxlen: 24
151.236.70.0/24 maxlen: 24
151.236.72.0/24 maxlen: 24
151.236.73.0/24 maxlen: 24
151.236.74.0/24 maxlen: 24
151.236.75.0/24 maxlen: 24
151.236.76.0/24 maxlen: 24
151.236.77.0/24 maxlen: 24
151.236.78.0/24 maxlen: 24
151.236.80.0/24 maxlen: 24
151.236.81.0/24 maxlen: 24
151.236.83.0/24 maxlen: 24
151.236.84.0/24 maxlen: 24
151.236.85.0/24 maxlen: 24
151.236.86.0/24 maxlen: 24
151.236.87.0/24 maxlen: 24
151.236.88.0/24 maxlen: 24
151.236.89.0/24 maxlen: 24
151.236.90.0/24 maxlen: 24
151.236.91.0/24 maxlen: 24
151.236.94.0/24 maxlen: 24
151.236.95.0/24 maxlen: 24
151.236.96.0/24 maxlen: 24
151.236.99.0/24 maxlen: 24
151.236.100.0/24 maxlen: 24
151.236.102.0/24 maxlen: 24
151.236.106.0/24 maxlen: 24
151.236.107.0/24 maxlen: 24
151.236.109.0/24 maxlen: 24
151.236.110.0/23 maxlen: 23
151.236.111.0/24 maxlen: 24
151.236.113.0/24 maxlen: 24
151.236.122.0/23 maxlen: 23
151.236.123.0/24 maxlen: 24
151.236.125.0/24 maxlen: 24
185.31.112.0/24 maxlen: 24
185.31.114.0/24 maxlen: 24
185.31.115.0/24 maxlen: 24
2a02:aec0:1::/48 maxlen: 48
2a02:aec0:2::/48 maxlen: 48
2a02:aec0:3::/48 maxlen: 48
2a02:aec0:5::/48 maxlen: 48
2a02:aec0:6::/48 maxlen: 48
2a02:aec0:7::/48 maxlen: 48
2a02:aec0:8::/48 maxlen: 48
2a02:aec0:9::/48 maxlen: 48
2a02:aec0:b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/0988af-8d7f-4c29-b5cc-7aab6ef955a1/1/YkxJT1YZO06a3z23Lk8Bl4xYfxg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/0988af-8d7f-4c29-b5cc-7aab6ef955a1/1/YkxJT1YZO06a3z23Lk8Bl4xYfxg.mft
rsync://rpki.ripe.net/repository/DEFAULT/YkxJT1YZO06a3z23Lk8Bl4xYfxg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 02 May 2025 19:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5f:fe:b6:81:7b:7b:19:11:63:ea:e8:16:9a:ef:94:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624c494f56193b4e9adf3db72e4f01978c587f18
Validity
Not Before: Apr 23 00:14:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c19cad1e4cf5793acefdd68d81dd25f3c4e9327a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:c0:25:71:8d:ea:ca:a6:15:2a:10:6c:4a:93:
c9:41:ac:e7:3a:e8:d9:a9:27:2c:8e:19:f0:4e:ff:
dd:1d:e5:6d:81:c3:fa:4b:bb:bf:05:45:90:b2:b5:
1c:d3:06:68:95:5e:90:e3:ed:6d:ce:31:1d:31:34:
46:99:2e:a6:48:ca:78:7c:ee:d8:de:35:52:19:17:
47:1c:10:78:79:0f:b7:6a:b5:03:f7:4e:74:e2:77:
29:16:9e:4b:47:c8:f2:f9:52:ef:f6:d8:46:d3:13:
3f:19:21:26:24:42:e2:3c:a2:29:ad:98:3f:e0:38:
76:9f:24:f3:59:c0:9f:3a:e4:1f:47:20:f6:74:83:
64:71:7c:15:cf:f5:76:fe:f4:77:dc:16:3d:39:d6:
de:d2:1a:79:4e:f1:1c:4b:cf:1d:48:56:8b:7f:06:
f3:ea:fb:4b:d8:83:67:0c:ca:a4:bb:23:f3:dc:f8:
7f:ab:1f:cd:6f:31:76:64:9e:bb:ed:9b:86:a9:f2:
b4:49:2f:ca:97:b0:53:7f:58:cc:73:98:02:f2:66:
fc:5d:dc:1b:5a:df:a8:9c:53:0c:b1:2c:f3:ae:ef:
04:b4:01:6e:76:0c:5c:08:1f:58:20:d2:1b:cb:ac:
2a:9d:9c:16:11:19:27:9f:7f:60:09:8c:9f:4d:7d:
8d:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:9C:AD:1E:4C:F5:79:3A:CE:FD:D6:8D:81:DD:25:F3:C4:E9:32:7A
X509v3 Authority Key Identifier:
keyid:62:4C:49:4F:56:19:3B:4E:9A:DF:3D:B7:2E:4F:01:97:8C:58:7F:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkxJT1YZO06a3z23Lk8Bl4xYfxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/0988af-8d7f-4c29-b5cc-7aab6ef955a1/1/wZytHkz1eTrO_daNgd0l88TpMno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/0988af-8d7f-4c29-b5cc-7aab6ef955a1/1/YkxJT1YZO06a3z23Lk8Bl4xYfxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.234.0-91.231.237.255
91.231.239.0/24
91.238.108.0-91.238.110.255
91.240.168.0/22
151.236.64.0/23
151.236.67.0-151.236.68.255
151.236.70.0/24
151.236.72.0-151.236.78.255
151.236.80.0/23
151.236.83.0-151.236.91.255
151.236.94.0-151.236.96.255
151.236.99.0-151.236.100.255
151.236.102.0/24
151.236.106.0/23
151.236.109.0-151.236.111.255
151.236.113.0/24
151.236.122.0/23
151.236.125.0/24
185.31.112.0/24
185.31.114.0/23
IPv6:
2a02:aec0:1::-2a02:aec0:3:ffff:ffff:ffff:ffff:ffff
2a02:aec0:5::-2a02:aec0:9:ffff:ffff:ffff:ffff:ffff
2a02:aec0:b::/48
Signature Algorithm: sha256WithRSAEncryption
87:b1:65:bb:b1:95:6f:b3:88:09:3e:a5:ff:a1:cb:57:89:40:
bd:97:65:a9:f0:50:3c:1b:ef:db:52:04:c8:2e:12:01:b7:ed:
59:bb:f4:98:d6:03:4b:4b:33:e3:63:ba:b0:76:5d:bd:d4:74:
1f:e9:30:27:8b:ae:08:36:39:9e:10:7f:3b:0a:ce:ff:a0:7c:
4f:b9:41:3c:0c:1d:69:1f:31:e4:ba:57:56:35:64:f5:99:7c:
51:b6:78:e1:00:34:f2:88:65:e1:89:3a:b2:d0:23:87:26:6f:
95:fb:eb:e3:34:aa:3a:4f:86:95:77:dc:95:67:5f:63:45:26:
80:c5:27:0e:5d:2f:0d:2a:2e:5d:7d:e8:a7:0b:ad:fc:2b:99:
09:63:6d:20:6c:1c:31:9c:a9:0b:e7:aa:33:cd:a3:ae:a1:56:
d7:93:20:9c:3f:e2:4a:d6:8b:5b:b2:a6:ba:f3:22:ef:2f:05:
6c:9a:db:a2:96:57:f2:1e:e7:35:5b:8c:05:1d:e9:fc:5c:60:
37:06:c7:46:ed:82:68:b6:f9:84:85:91:27:fc:76:dc:d5:5a:
63:cf:a7:dd:74:4e:c0:42:05:90:c8:21:df:c0:50:a2:dd:3b:
f4:87:1f:ea:05:5b:96:70:67:b4:d5:01:2a:ef:97:8a:1b:7a:
6a:fa:e1:3b
-----BEGIN CERTIFICATE-----
MIIF7jCCBNagAwIBAgISAZZf/raBe3sZEWPq6Baa75Q2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNGM0OTRmNTYxOTNiNGU5YWRmM2RiNzJlNGYwMTk3OGM1
ODdmMTgwHhcNMjUwNDIzMDAxNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTljYWQxZTRjZjU3OTNhY2VmZGQ2OGQ4MWRkMjVmM2M0ZTkzMjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA58AlcY3qyqYVKhBsSpPJQaznOujZ
qScsjhnwTv/dHeVtgcP6S7u/BUWQsrUc0wZolV6Q4+1tzjEdMTRGmS6mSMp4fO7Y
3jVSGRdHHBB4eQ+3arUD90504ncpFp5LR8jy+VLv9thG0xM/GSEmJELiPKIprZg/
4Dh2nyTzWcCfOuQfRyD2dINkcXwVz/V2/vR33BY9Odbe0hp5TvEcS88dSFaLfwbz
6vtL2INnDMqkuyPz3Ph/qx/NbzF2ZJ677ZuGqfK0SS/Kl7BTf1jMc5gC8mb8Xdwb
Wt+onFMMsSzzru8EtAFudgxcCB9YINIby6wqnZwWERknn39gCYyfTX2N4wIDAQAB
o4IC+jCCAvYwHQYDVR0OBBYEFMGcrR5M9Xk6zv3WjYHdJfPE6TJ6MB8GA1UdIwQY
MBaAFGJMSU9WGTtOmt89ty5PAZeMWH8YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWt4SlQxWVpPMDZhM3oyM0xrOEJsNHhZZnhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8wOTg4YWYtOGQ3Zi00YzI5LWI1Y2Mt
N2FhYjZlZjk1NWExLzEvd1p5dEhrejFlVHJPX2RhTmdkMGw4OFRwTW5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8wOTg4YWYtOGQ3Zi00YzI5LWI1Y2MtN2FhYjZlZjk1NWEx
LzEvWWt4SlQxWVpPMDZhM3oyM0xrOEJsNHhZZnhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDgYIKwYBBQUHAQcBAf8Egf4wgfswgb8EAgABMIG4MAwD
BAFb5+oDBAFb5+wDBABb5+8wDAMEAlvubAMEAFvubgMEAlvwqAMEAZfsQDAMAwQA
l+xDAwQAl+xEAwQAl+xGMAwDBAOX7EgDBACX7E4DBAGX7FAwDAMEAJfsUwMEApfs
WDAMAwQBl+xeAwQAl+xgMAwDBACX7GMDBACX7GQDBACX7GYDBAGX7GowDAMEAJfs
bQMEBJfsYAMEAJfscQMEAZfsegMEAJfsfQMEALkfcAMEAbkfcjA3BAIAAjAxMBID
BwAqAq7AAAEDBwIqAq7AAAAwEgMHACoCrsAABQMHASoCrsAACAMHACoCrsAACzAN
BgkqhkiG9w0BAQsFAAOCAQEAh7Flu7GVb7OICT6l/6HLV4lAvZdlqfBQPBvv21IE
yC4SAbftWbv0mNYDS0sz42O6sHZdvdR0H+kwJ4uuCDY5nhB/OwrO/6B8T7lBPAwd
aR8x5LpXVjVk9Zl8UbZ44QA08ohl4Yk6stAjhyZvlfvr4zSqOk+GlXfclWdfY0Um
gMUnDl0vDSouXX3opwut/CuZCWNtIGwcMZypC+eqM82jrqFW15MgnD/iStaLW7Km
uvMi7y8FbJrbopZX8h7nNVuMBR3p/FxgNwbHRu2CaLb5hIWRJ/x23NVaY8+n3XRO
wEIFkMgh38BQot079Icf6gVblnBntNUBKu+Xiht6avrhOw==
-----END CERTIFICATE-----
Generated at Fri May 2 05:06:43 2025 by rpki-client