Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/75b68b-fa56-44b7-bfba-5034f19953a3/1/Cd4rO-Hjh_1s-LE7zVhil5Tbff8.roa
File: Cd4rO-Hjh_1s-LE7zVhil5Tbff8.roa (raw, json)
Hash identifier: 1HerR65Yb0tTxX+akt3GL/BhgF51Uoa+ZBuv4yRBK4o=
Subject key identifier: 09:DE:2B:3B:E1:E3:87:FD:6C:F8:B1:3B:CD:58:62:97:94:DB:7D:FF
Certificate issuer: /CN=bc443f7aae47e0ab38bcf8d536cca60350d17270
Certificate serial: 0197397376985893733EF6081D9092A67682
Authority key identifier: BC:44:3F:7A:AE:47:E0:AB:38:BC:F8:D5:36:CC:A6:03:50:D1:72:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEQ_eq5H4Ks4vPjVNsymA1DRcnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/75b68b-fa56-44b7-bfba-5034f19953a3/1/Cd4rO-Hjh_1s-LE7zVhil5Tbff8.roa
Signing time: Wed 04 Jun 2025 05:39:17 +0000
ROA not before: Wed 04 Jun 2025 05:39:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9155
IP address blocks: 62.150.10.0/24 maxlen: 24
62.150.155.0/24 maxlen: 24
62.150.181.0/24 maxlen: 24
78.154.192.0/18 maxlen: 18
78.154.192.0/20 maxlen: 20
78.154.192.0/24 maxlen: 24
78.154.193.0/24 maxlen: 24
78.154.194.0/24 maxlen: 24
78.154.195.0/24 maxlen: 24
78.154.196.0/24 maxlen: 24
78.154.197.0/24 maxlen: 24
78.154.198.0/24 maxlen: 24
78.154.199.0/24 maxlen: 24
78.154.200.0/24 maxlen: 24
78.154.201.0/24 maxlen: 24
78.154.202.0/24 maxlen: 24
78.154.203.0/24 maxlen: 24
78.154.204.0/24 maxlen: 24
78.154.205.0/24 maxlen: 24
78.154.206.0/24 maxlen: 24
78.154.207.0/24 maxlen: 24
78.154.208.0/20 maxlen: 20
78.154.208.0/24 maxlen: 24
78.154.209.0/24 maxlen: 24
78.154.210.0/24 maxlen: 24
78.154.211.0/24 maxlen: 24
78.154.212.0/24 maxlen: 24
78.154.213.0/24 maxlen: 24
78.154.214.0/24 maxlen: 24
78.154.215.0/24 maxlen: 24
78.154.216.0/24 maxlen: 24
78.154.217.0/24 maxlen: 24
78.154.218.0/24 maxlen: 24
78.154.219.0/24 maxlen: 24
78.154.220.0/24 maxlen: 24
78.154.221.0/24 maxlen: 24
78.154.222.0/24 maxlen: 24
78.154.223.0/24 maxlen: 24
78.154.224.0/20 maxlen: 20
78.154.224.0/24 maxlen: 24
78.154.225.0/24 maxlen: 24
78.154.226.0/24 maxlen: 24
78.154.227.0/24 maxlen: 24
78.154.228.0/24 maxlen: 24
78.154.229.0/24 maxlen: 24
78.154.230.0/24 maxlen: 24
78.154.231.0/24 maxlen: 24
78.154.232.0/24 maxlen: 24
78.154.233.0/24 maxlen: 24
78.154.234.0/24 maxlen: 24
78.154.235.0/24 maxlen: 24
78.154.236.0/24 maxlen: 24
78.154.237.0/24 maxlen: 24
78.154.238.0/24 maxlen: 24
78.154.239.0/24 maxlen: 24
78.154.240.0/20 maxlen: 20
78.154.240.0/24 maxlen: 24
78.154.241.0/24 maxlen: 24
78.154.242.0/24 maxlen: 24
78.154.243.0/24 maxlen: 24
78.154.244.0/24 maxlen: 24
78.154.245.0/24 maxlen: 24
78.154.246.0/24 maxlen: 24
78.154.247.0/24 maxlen: 24
78.154.248.0/24 maxlen: 24
78.154.249.0/24 maxlen: 24
78.154.250.0/24 maxlen: 24
78.154.251.0/24 maxlen: 24
78.154.252.0/24 maxlen: 24
78.154.253.0/24 maxlen: 24
78.154.254.0/24 maxlen: 24
78.154.255.0/24 maxlen: 24
195.39.161.0/24 maxlen: 24
195.39.180.0/24 maxlen: 24
195.39.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/75b68b-fa56-44b7-bfba-5034f19953a3/1/vEQ_eq5H4Ks4vPjVNsymA1DRcnA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/75b68b-fa56-44b7-bfba-5034f19953a3/1/vEQ_eq5H4Ks4vPjVNsymA1DRcnA.mft
rsync://rpki.ripe.net/repository/DEFAULT/vEQ_eq5H4Ks4vPjVNsymA1DRcnA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:39:73:76:98:58:93:73:3e:f6:08:1d:90:92:a6:76:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc443f7aae47e0ab38bcf8d536cca60350d17270
Validity
Not Before: Jun 4 05:39:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=09de2b3be1e387fd6cf8b13bcd58629794db7dff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a4:85:fe:13:65:4b:09:15:db:a6:75:a8:7a:
38:a5:1e:f8:99:3f:a3:8e:8b:7f:cd:b0:a0:4d:54:
8a:c9:5c:72:db:05:6b:02:e5:db:c9:8a:19:fe:60:
3c:f1:c2:2c:2f:ef:cd:76:8e:65:ee:06:c8:f0:99:
1f:e9:d1:09:d6:f0:7f:88:78:60:cf:70:84:4f:4c:
4c:5e:8a:48:6e:d2:1b:a3:8a:0a:45:99:86:8d:e3:
69:5d:ce:0a:24:f7:6a:4a:8f:ed:2c:8a:7c:98:9d:
7d:9a:1b:88:79:2e:03:75:cc:e9:65:99:91:33:8a:
ff:0d:55:b5:6e:3a:7a:07:5f:5a:24:34:c5:0a:7c:
48:1b:1d:0a:fb:a0:00:d6:e7:69:40:f8:c4:84:17:
0a:85:6a:6c:96:ce:7c:13:e9:7b:55:77:e8:f6:05:
ee:f8:7f:d5:82:17:ef:71:54:b8:34:dc:05:0e:29:
cd:d1:e0:25:c6:94:62:10:8e:65:9d:68:f8:1b:8d:
3b:95:5d:d6:30:9c:53:4e:24:d7:07:22:0a:ba:b0:
32:d8:6b:50:0d:ab:ff:ad:c7:87:22:c9:98:3c:05:
2a:95:ac:4e:f9:ee:bb:3f:2b:9e:1c:7b:f7:78:33:
59:6d:63:ee:cf:c2:a1:c1:95:25:73:91:d1:56:4a:
5f:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:DE:2B:3B:E1:E3:87:FD:6C:F8:B1:3B:CD:58:62:97:94:DB:7D:FF
X509v3 Authority Key Identifier:
keyid:BC:44:3F:7A:AE:47:E0:AB:38:BC:F8:D5:36:CC:A6:03:50:D1:72:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEQ_eq5H4Ks4vPjVNsymA1DRcnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/75b68b-fa56-44b7-bfba-5034f19953a3/1/Cd4rO-Hjh_1s-LE7zVhil5Tbff8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/75b68b-fa56-44b7-bfba-5034f19953a3/1/vEQ_eq5H4Ks4vPjVNsymA1DRcnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.150.10.0/24
62.150.155.0/24
62.150.181.0/24
78.154.192.0/18
195.39.161.0/24
195.39.180.0/23
Signature Algorithm: sha256WithRSAEncryption
94:9b:f5:16:be:d9:c6:21:2b:8e:f7:15:b5:13:3b:29:e1:df:
80:16:59:4b:3a:43:a5:80:c0:72:cb:bc:04:bf:68:54:8e:4a:
ac:3c:0a:91:59:55:20:c4:a2:52:29:33:f8:31:29:cc:6b:51:
d6:62:33:5e:36:a8:44:da:31:7b:17:9d:ac:71:96:3a:00:6a:
8b:89:53:7b:26:ab:a3:d2:62:ba:f2:d1:7e:44:ed:bc:00:8e:
63:93:f4:d0:73:81:79:c8:b0:be:2f:e5:34:ee:f2:e9:8f:69:
a6:e2:8a:3a:62:ef:43:6b:bc:ac:13:86:0b:aa:3e:d0:86:ac:
b9:e3:d9:45:0a:bc:50:2f:72:5e:8b:20:7f:a5:6f:72:bb:10:
8c:da:5d:83:43:da:0b:a2:8d:68:8e:c8:0e:ba:da:74:28:16:
18:f6:af:a8:69:d5:4c:4c:99:2f:6e:29:8c:6d:e6:9e:9b:f9:
2f:08:32:bd:12:b4:55:dd:3e:82:36:24:8a:ae:1f:e6:a2:8f:
fc:e6:a6:ff:86:24:f1:8a:66:70:e1:c0:6d:15:be:d6:42:f7:
ce:5d:1f:fb:95:a5:95:ad:82:f0:ef:0e:2f:04:c9:20:65:03:
69:fd:f3:9e:bf:a2:28:3a:24:63:32:56:e0:d0:90:0c:42:7d:
c7:d0:d5:f1
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZc5c3aYWJNzPvYIHZCSpnaCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNDQzZjdhYWU0N2UwYWIzOGJjZjhkNTM2Y2NhNjAzNTBk
MTcyNzAwHhcNMjUwNjA0MDUzOTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWRlMmIzYmUxZTM4N2ZkNmNmOGIxM2JjZDU4NjI5Nzk0ZGI3ZGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvaSF/hNlSwkV26Z1qHo4pR74mT+j
jot/zbCgTVSKyVxy2wVrAuXbyYoZ/mA88cIsL+/Ndo5l7gbI8Jkf6dEJ1vB/iHhg
z3CET0xMXopIbtIbo4oKRZmGjeNpXc4KJPdqSo/tLIp8mJ19mhuIeS4DdczpZZmR
M4r/DVW1bjp6B19aJDTFCnxIGx0K+6AA1udpQPjEhBcKhWpsls58E+l7VXfo9gXu
+H/VghfvcVS4NNwFDinN0eAlxpRiEI5lnWj4G407lV3WMJxTTiTXByIKurAy2GtQ
Dav/rceHIsmYPAUqlaxO+e67PyueHHv3eDNZbWPuz8KhwZUlc5HRVkpfAQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAneKzvh44f9bPixO81YYpeU233/MB8GA1UdIwQY
MBaAFLxEP3quR+CrOLz41TbMpgNQ0XJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkVRX2VxNUg0S3M0dlBqVk5zeW1BMURSY25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC83NWI2OGItZmE1Ni00NGI3LWJmYmEt
NTAzNGYxOTk1M2EzLzEvQ2Q0ck8tSGpoXzFzLUxFN3pWaGlsNVRiZmY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC83NWI2OGItZmE1Ni00NGI3LWJmYmEtNTAzNGYxOTk1M2Ez
LzEvdkVRX2VxNUg0S3M0dlBqVk5zeW1BMURSY25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAPpYKAwQA
PpabAwQAPpa1AwQGTprAAwQAwyehAwQBwye0MA0GCSqGSIb3DQEBCwUAA4IBAQCU
m/UWvtnGISuO9xW1Ezsp4d+AFllLOkOlgMByy7wEv2hUjkqsPAqRWVUgxKJSKTP4
MSnMa1HWYjNeNqhE2jF7F52scZY6AGqLiVN7Jquj0mK68tF+RO28AI5jk/TQc4F5
yLC+L+U07vLpj2mm4oo6Yu9Da7ysE4YLqj7Qhqy549lFCrxQL3JeiyB/pW9yuxCM
2l2DQ9oLoo1ojsgOutp0KBYY9q+oadVMTJkvbimMbeaem/kvCDK9ErRV3T6CNiSK
rh/moo/85qb/hiTximZw4cBtFb7WQvfOXR/7laWVrYLw7w4vBMkgZQNp/fOev6Io
OiRjMlbg0JAMQn3H0NXx
-----END CERTIFICATE-----
Generated at Sat Jun 14 12:09:49 2025 by rpki-client