Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/0a489b-9d9e-4f6a-87c7-74de258a76f8/1/2cDlM0FV1MA3E8bXg6AhLqP1u58.roa
File: 2cDlM0FV1MA3E8bXg6AhLqP1u58.roa (raw, json)
Hash identifier: ClDXDYveZPg59ygW9p5PREHRlwUfrSh09CoG00gqrAE=
Subject key identifier: D9:C0:E5:33:41:55:D4:C0:37:13:C6:D7:83:A0:21:2E:A3:F5:BB:9F
Certificate issuer: /CN=dd64166a91179308f253a9175616ccc6828c4463
Certificate serial: 01977C8AC20481586842DBBAF50A92028BA4
Authority key identifier: DD:64:16:6A:91:17:93:08:F2:53:A9:17:56:16:CC:C6:82:8C:44:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3WQWapEXkwjyU6kXVhbMxoKMRGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/0a489b-9d9e-4f6a-87c7-74de258a76f8/1/2cDlM0FV1MA3E8bXg6AhLqP1u58.roa
Signing time: Tue 17 Jun 2025 06:19:17 +0000
ROA not before: Tue 17 Jun 2025 06:19:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8193
IP address blocks: 5.133.120.0/22 maxlen: 22
45.150.24.0/22 maxlen: 22
83.222.6.0/23 maxlen: 23
84.54.64.0/19 maxlen: 19
84.54.66.0/23 maxlen: 23
84.54.70.0/23 maxlen: 23
84.54.70.0/24 maxlen: 24
84.54.71.0/24 maxlen: 24
84.54.72.0/23 maxlen: 23
84.54.72.0/24 maxlen: 24
84.54.73.0/24 maxlen: 24
84.54.76.0/23 maxlen: 23
84.54.78.0/23 maxlen: 23
84.54.80.0/23 maxlen: 23
84.54.84.0/23 maxlen: 23
84.54.86.0/23 maxlen: 23
84.54.90.0/23 maxlen: 23
84.54.92.0/23 maxlen: 23
84.54.94.0/23 maxlen: 23
84.54.96.0/20 maxlen: 20
84.54.103.0/24 maxlen: 24
84.54.104.0/24 maxlen: 24
84.54.115.0/24 maxlen: 24
84.54.116.0/23 maxlen: 23
84.54.118.0/23 maxlen: 23
84.54.118.0/24 maxlen: 24
84.54.120.0/23 maxlen: 23
84.54.122.0/23 maxlen: 23
86.62.0.0/22 maxlen: 22
86.62.1.0/24 maxlen: 24
89.104.102.0/24 maxlen: 24
89.223.3.0/24 maxlen: 24
89.249.60.0/22 maxlen: 22
89.249.62.0/24 maxlen: 24
89.249.63.0/24 maxlen: 24
90.156.160.0/24 maxlen: 24
90.156.161.0/24 maxlen: 24
90.156.162.0/24 maxlen: 24
90.156.163.0/24 maxlen: 24
90.156.164.0/24 maxlen: 24
90.156.165.0/24 maxlen: 24
90.156.166.0/24 maxlen: 24
90.156.167.0/24 maxlen: 24
90.156.192.0/21 maxlen: 21
93.188.80.0/21 maxlen: 21
93.188.84.0/22 maxlen: 22
94.230.228.0/22 maxlen: 22
94.230.228.0/24 maxlen: 24
94.230.229.0/24 maxlen: 24
94.230.230.0/24 maxlen: 24
94.230.231.0/24 maxlen: 24
94.230.232.0/24 maxlen: 24
109.94.174.0/24 maxlen: 24
109.94.175.0/24 maxlen: 24
185.4.160.0/22 maxlen: 22
185.203.236.0/22 maxlen: 22
185.203.236.0/24 maxlen: 24
185.203.237.0/24 maxlen: 24
194.93.24.0/22 maxlen: 22
198.163.192.0/20 maxlen: 20
198.163.192.0/23 maxlen: 23
198.163.192.0/24 maxlen: 24
198.163.193.0/24 maxlen: 24
198.163.194.0/23 maxlen: 23
198.163.194.0/24 maxlen: 24
198.163.195.0/24 maxlen: 24
198.163.196.0/24 maxlen: 24
198.163.197.0/24 maxlen: 24
198.163.198.0/24 maxlen: 24
198.163.199.0/24 maxlen: 24
198.163.200.0/24 maxlen: 24
198.163.201.0/24 maxlen: 24
198.163.202.0/24 maxlen: 24
198.163.203.0/24 maxlen: 24
213.206.60.0/22 maxlen: 22
213.206.60.0/24 maxlen: 24
213.206.61.0/24 maxlen: 24
213.206.62.0/24 maxlen: 24
213.206.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/0a489b-9d9e-4f6a-87c7-74de258a76f8/1/3WQWapEXkwjyU6kXVhbMxoKMRGM.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/0a489b-9d9e-4f6a-87c7-74de258a76f8/1/3WQWapEXkwjyU6kXVhbMxoKMRGM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3WQWapEXkwjyU6kXVhbMxoKMRGM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Jun 2025 14:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7c:8a:c2:04:81:58:68:42:db:ba:f5:0a:92:02:8b:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd64166a91179308f253a9175616ccc6828c4463
Validity
Not Before: Jun 17 06:19:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9c0e5334155d4c03713c6d783a0212ea3f5bb9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:b8:cd:a5:28:df:cf:48:fd:1d:da:6b:39:fd:
2b:57:58:fc:c1:e8:57:5e:77:c1:e1:34:8c:d2:07:
94:55:5e:16:77:38:45:ce:88:70:cf:e5:f3:8d:43:
fd:45:0c:34:67:68:3b:e1:76:6a:44:54:bd:8a:0d:
2f:e8:ee:27:07:26:af:47:a3:12:3d:6c:ea:b1:92:
5c:73:69:2e:fc:c9:34:d1:3a:7d:bc:46:d9:44:72:
4e:c7:21:e5:97:f8:e4:b3:06:d1:6d:b3:12:61:20:
f4:78:0b:d1:1a:ac:73:0f:fd:e8:f4:85:32:70:cf:
12:a4:34:77:c2:98:e7:a9:4e:23:7a:eb:be:51:8c:
d2:df:86:28:7c:be:80:94:26:7e:b7:88:6b:43:5e:
de:8c:13:37:a1:09:ea:16:bb:60:2b:57:fe:8f:e6:
09:cb:0f:86:df:0f:fd:36:01:eb:94:95:65:5d:e8:
6d:5e:73:0e:c4:89:3c:e9:6c:a6:82:c2:7c:f5:52:
2b:d0:84:ab:d2:ea:cb:5a:62:5a:ff:1d:2c:32:ad:
38:b4:7f:77:6f:1c:7c:01:78:3f:58:da:a8:f3:2d:
33:68:c0:c5:1d:c5:d0:f7:2b:2f:54:46:64:4d:08:
45:aa:93:f6:0c:6f:bb:ab:01:31:85:a2:3c:97:d5:
1e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:C0:E5:33:41:55:D4:C0:37:13:C6:D7:83:A0:21:2E:A3:F5:BB:9F
X509v3 Authority Key Identifier:
keyid:DD:64:16:6A:91:17:93:08:F2:53:A9:17:56:16:CC:C6:82:8C:44:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQWapEXkwjyU6kXVhbMxoKMRGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/0a489b-9d9e-4f6a-87c7-74de258a76f8/1/2cDlM0FV1MA3E8bXg6AhLqP1u58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/0a489b-9d9e-4f6a-87c7-74de258a76f8/1/3WQWapEXkwjyU6kXVhbMxoKMRGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.120.0/22
45.150.24.0/22
83.222.6.0/23
84.54.64.0-84.54.111.255
84.54.115.0-84.54.123.255
86.62.0.0/22
89.104.102.0/24
89.223.3.0/24
89.249.60.0/22
90.156.160.0/21
90.156.192.0/21
93.188.80.0/21
94.230.228.0-94.230.232.255
109.94.174.0/23
185.4.160.0/22
185.203.236.0/22
194.93.24.0/22
198.163.192.0/20
213.206.60.0/22
Signature Algorithm: sha256WithRSAEncryption
35:d6:21:e7:d1:ee:9e:d0:af:97:85:62:46:3a:4e:50:dc:47:
aa:e4:c8:fd:23:85:0d:59:5b:41:6a:a1:86:f5:f4:1d:17:46:
30:5a:0c:2e:2e:d9:ab:0f:3d:c9:d8:e4:b1:fe:53:00:12:33:
c8:1f:79:0c:b8:35:58:8a:04:88:50:c7:15:0c:c8:3f:d3:36:
74:fe:79:b1:eb:80:1d:8a:d8:d3:c5:db:52:1e:9b:ef:73:7d:
da:71:13:02:22:4d:b8:56:49:96:e3:ec:f6:f6:6d:3b:65:62:
6b:9c:0e:2f:cc:cf:72:ea:12:b1:76:6f:f4:c6:37:db:5c:17:
a3:5a:f3:0f:0b:af:f0:84:72:c3:11:7f:74:bc:57:50:9a:44:
3d:31:a0:20:8b:1d:47:d1:ce:a2:9a:3c:55:88:79:99:b2:0b:
10:ae:b2:31:73:a9:8a:c8:41:af:b7:0f:96:8e:7e:f5:51:2d:
48:3d:b6:1b:ff:22:9e:24:f2:26:70:8f:08:dc:28:c2:9e:0f:
c1:70:54:b7:b8:2c:cb:fe:68:42:e6:6c:f2:d6:86:3e:13:9f:
c4:ed:63:66:00:8c:5f:f8:79:99:08:dc:8b:72:bf:58:ab:8a:
c3:08:6c:8d:b8:fd:9c:ed:a0:97:21:a7:3a:e1:b3:91:7c:e4:
26:ce:43:ba
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZd8isIEgVhoQtu69QqSAoukMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNjQxNjZhOTExNzkzMDhmMjUzYTkxNzU2MTZjY2M2ODI4
YzQ0NjMwHhcNMjUwNjE3MDYxOTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWMwZTUzMzQxNTVkNGMwMzcxM2M2ZDc4M2EwMjEyZWEzZjViYjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA57jNpSjfz0j9HdprOf0rV1j8wehX
XnfB4TSM0geUVV4WdzhFzohwz+XzjUP9RQw0Z2g74XZqRFS9ig0v6O4nByavR6MS
PWzqsZJcc2ku/Mk00Tp9vEbZRHJOxyHll/jkswbRbbMSYSD0eAvRGqxzD/3o9IUy
cM8SpDR3wpjnqU4jeuu+UYzS34YofL6AlCZ+t4hrQ17ejBM3oQnqFrtgK1f+j+YJ
yw+G3w/9NgHrlJVlXehtXnMOxIk86WymgsJ89VIr0ISr0urLWmJa/x0sMq04tH93
bxx8AXg/WNqo8y0zaMDFHcXQ9ysvVEZkTQhFqpP2DG+7qwExhaI8l9UeNwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFNnA5TNBVdTANxPG14OgIS6j9bufMB8GA1UdIwQY
MBaAFN1kFmqRF5MI8lOpF1YWzMaCjERjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1dRV2FwRVhrd2p5VTZrWFZoYk14b0tNUkdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC8wYTQ4OWItOWQ5ZS00ZjZhLTg3Yzct
NzRkZTI1OGE3NmY4LzEvMmNEbE0wRlYxTUEzRThiWGc2QWhMcVAxdTU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC8wYTQ4OWItOWQ5ZS00ZjZhLTg3YzctNzRkZTI1OGE3NmY4
LzEvM1dRV2FwRVhrd2p5VTZrWFZoYk14b0tNUkdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAIF
hXgDBAItlhgDBAFT3gYwDAMEBlQ2QAMEBFQ2YDAMAwQAVDZzAwQCVDZ4AwQCVj4A
AwQAWWhmAwQAWd8DAwQCWfk8AwQDWpygAwQDWpzAAwQDXbxQMAwDBAJe5uQDBABe
5ugDBAFtXq4DBAK5BKADBAK5y+wDBALCXRgDBATGo8ADBALVzjwwDQYJKoZIhvcN
AQELBQADggEBADXWIefR7p7Qr5eFYkY6TlDcR6rkyP0jhQ1ZW0FqoYb19B0XRjBa
DC4u2asPPcnY5LH+UwASM8gfeQy4NViKBIhQxxUMyD/TNnT+ebHrgB2K2NPF21Ie
m+9zfdpxEwIiTbhWSZbj7Pb2bTtlYmucDi/Mz3LqErF2b/TGN9tcF6Na8w8Lr/CE
csMRf3S8V1CaRD0xoCCLHUfRzqKaPFWIeZmyCxCusjFzqYrIQa+3D5aOfvVRLUg9
thv/Ip4k8iZwjwjcKMKeD8FwVLe4LMv+aELmbPLWhj4Tn8TtY2YAjF/4eZkI3Ity
v1irisMIbI24/ZztoJchpzrhs5F85CbOQ7o=
-----END CERTIFICATE-----
Generated at Wed Jun 18 19:29:43 2025 by rpki-client