Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/83VIUJPGessKuuZmh6v74gRpUsc.roa
File: 83VIUJPGessKuuZmh6v74gRpUsc.roa (raw, json)
Hash identifier: hEjJ7kn6iu4jZoQZ64lkutsLTIhugpN59IJ+t4tO3xo=
Subject key identifier: F3:75:48:50:93:C6:7A:CB:0A:BA:E6:66:87:AB:FB:E2:04:69:52:C7
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0196144E2EB90644715EFC85C2DE3D326F4F
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/83VIUJPGessKuuZmh6v74gRpUsc.roa
Signing time: Tue 08 Apr 2025 07:29:50 +0000
ROA not before: Tue 08 Apr 2025 07:29:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214238
IP address blocks: 5.253.56.0/24 maxlen: 24
5.253.57.0/24 maxlen: 24
5.253.58.0/24 maxlen: 24
31.169.124.0/24 maxlen: 24
31.169.125.0/24 maxlen: 24
31.169.126.0/24 maxlen: 24
31.169.127.0/24 maxlen: 24
37.139.128.0/24 maxlen: 24
45.88.66.0/24 maxlen: 24
45.95.0.0/24 maxlen: 24
45.95.2.0/24 maxlen: 24
45.128.234.0/24 maxlen: 24
45.128.235.0/24 maxlen: 24
79.110.63.0/24 maxlen: 24
85.31.44.0/24 maxlen: 24
85.31.46.0/24 maxlen: 24
85.208.136.0/24 maxlen: 24
87.120.92.0/24 maxlen: 24
87.120.108.0/24 maxlen: 24
87.120.196.0/24 maxlen: 24
87.120.205.0/24 maxlen: 24
87.120.216.0/24 maxlen: 24
87.120.219.0/24 maxlen: 24
87.120.222.0/24 maxlen: 24
87.121.47.0/24 maxlen: 24
87.121.216.0/24 maxlen: 24
91.92.21.0/24 maxlen: 24
93.123.31.0/24 maxlen: 24
94.125.102.0/24 maxlen: 24
94.125.103.0/24 maxlen: 24
94.156.236.0/24 maxlen: 24
109.206.240.0/24 maxlen: 24
109.206.243.0/24 maxlen: 24
171.22.30.0/24 maxlen: 24
185.207.14.0/24 maxlen: 24
185.207.15.0/24 maxlen: 24
185.218.138.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
185.252.179.0/24 maxlen: 24
193.8.184.0/24 maxlen: 24
193.8.186.0/24 maxlen: 24
193.8.187.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
193.47.61.0/24 maxlen: 24
193.148.56.0/24 maxlen: 24
193.148.57.0/24 maxlen: 24
193.148.58.0/24 maxlen: 24
193.148.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 16 May 2025 13:25:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:14:4e:2e:b9:06:44:71:5e:fc:85:c2:de:3d:32:6f:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 8 07:29:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f375485093c67acb0abae66687abfbe2046952c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a4:cb:8a:58:58:33:47:2f:f4:0e:81:b9:8f:
24:33:76:98:8e:72:4c:fc:85:61:45:c4:2d:e8:51:
45:83:cb:9c:44:f4:64:ae:e7:6a:d0:9c:63:36:86:
4e:f4:0d:56:cf:e6:ed:0f:d8:b8:73:0f:e0:90:8c:
69:66:89:da:25:52:2b:8b:fd:d1:96:09:ac:6d:8d:
32:0d:66:05:1f:ac:1c:b3:38:3b:35:35:02:c8:19:
35:16:98:c7:74:ed:32:96:56:ff:42:d4:07:d4:c1:
55:d7:a6:5c:c8:d3:e3:bb:7b:69:68:05:7a:7a:64:
ff:fe:16:06:13:fd:39:4c:c3:e2:d5:b6:e7:21:81:
76:8c:ee:2d:35:08:bc:81:ec:90:38:08:4b:0c:fd:
25:06:ad:ba:37:bf:20:1d:88:3d:8d:02:9f:2a:45:
02:9c:14:48:fb:95:e2:24:7e:42:52:a6:c0:14:99:
9a:c2:c4:67:28:e9:2e:bf:fb:a0:a4:c3:93:c9:6a:
8e:8c:d7:07:79:e8:fc:8e:fb:31:8e:96:23:92:a8:
76:ec:93:85:f8:6c:b9:9e:e4:10:ac:79:42:9f:b4:
57:10:20:cc:b8:77:3d:c1:05:e3:fd:43:a2:12:ab:
64:9b:e3:f5:fa:dd:69:ef:c8:9d:a6:15:c3:84:fc:
4e:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:75:48:50:93:C6:7A:CB:0A:BA:E6:66:87:AB:FB:E2:04:69:52:C7
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/83VIUJPGessKuuZmh6v74gRpUsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.56.0-5.253.58.255
31.169.124.0/22
37.139.128.0/24
45.88.66.0/24
45.95.0.0/24
45.95.2.0/24
45.128.234.0/23
79.110.63.0/24
85.31.44.0/24
85.31.46.0/24
85.208.136.0/24
87.120.92.0/24
87.120.108.0/24
87.120.196.0/24
87.120.205.0/24
87.120.216.0/24
87.120.219.0/24
87.120.222.0/24
87.121.47.0/24
87.121.216.0/24
91.92.21.0/24
93.123.31.0/24
94.125.102.0/23
94.156.236.0/24
109.206.240.0/24
109.206.243.0/24
171.22.30.0/24
185.207.14.0/23
185.218.138.0/24
185.246.221.0/24
185.252.179.0/24
193.8.184.0/24
193.8.186.0/23
193.47.60.0/23
193.148.56.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:b8:12:df:b6:7f:d5:c6:26:6e:72:1b:b3:d4:77:b4:be:bd:
85:0b:b1:32:30:57:bb:7f:5c:82:5b:0f:56:9f:5a:b9:e2:93:
fb:0e:73:de:52:09:10:59:3a:a3:40:8a:80:55:ed:5e:45:6f:
92:32:8a:e6:7d:05:85:a6:ce:d1:9e:ae:ba:1c:c0:b5:25:92:
91:fb:17:9c:19:be:cc:97:2f:f7:9e:51:95:14:d8:a3:20:38:
1e:1e:6e:14:a8:c9:60:57:8e:27:01:f5:8b:ff:dc:b3:bf:a6:
d0:2c:f3:af:48:e7:a7:05:b0:d2:9b:73:8d:a3:68:bb:4a:c7:
cf:22:80:5e:72:38:97:48:c2:ee:98:ee:59:5b:a6:f2:44:1a:
0d:35:c8:96:ac:02:5d:77:70:a2:80:db:6d:69:dc:36:c9:4d:
18:d0:85:aa:a6:e6:29:97:5a:55:55:24:51:17:92:3e:7a:af:
f9:2f:f8:63:31:14:16:29:69:7c:7e:3a:15:43:7c:72:ca:92:
a8:16:c9:a5:b0:3f:b4:69:01:d7:c7:de:f7:2c:88:18:9c:da:
5b:e7:c3:d4:47:50:a2:e2:01:29:12:4d:fe:5e:cc:7e:0a:7e:
73:29:b3:00:cc:24:f0:58:1c:7c:83:4d:50:0a:72:85:e1:7c:
ed:6e:66:d7
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAZYUTi65BkRxXvyFwt49Mm9PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNDA4MDcyOTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzc1NDg1MDkzYzY3YWNiMGFiYWU2NjY4N2FiZmJlMjA0Njk1MmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaTLilhYM0cv9A6BuY8kM3aYjnJM
/IVhRcQt6FFFg8ucRPRkrudq0JxjNoZO9A1Wz+btD9i4cw/gkIxpZonaJVIri/3R
lgmsbY0yDWYFH6wcszg7NTUCyBk1FpjHdO0yllb/QtQH1MFV16ZcyNPju3tpaAV6
emT//hYGE/05TMPi1bbnIYF2jO4tNQi8geyQOAhLDP0lBq26N78gHYg9jQKfKkUC
nBRI+5XiJH5CUqbAFJmawsRnKOkuv/ugpMOTyWqOjNcHeej8jvsxjpYjkqh27JOF
+Gy5nuQQrHlCn7RXECDMuHc9wQXj/UOiEqtkm+P1+t1p78idphXDhPxO9QIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFPN1SFCTxnrLCrrmZoer++IEaVLHMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvODNWSVVKUEdlc3NLdXVabWg2djc0Z1JwVXNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH3BggrBgEFBQcBBwEB/wSB5zCB5DCB4QQCAAEwgdowDAME
AwX9OAMEAAX9OgMEAh+pfAMEACWLgAMEAC1YQgMEAC1fAAMEAC1fAgMEAS2A6gME
AE9uPwMEAFUfLAMEAFUfLgMEAFXQiAMEAFd4XAMEAFd4bAMEAFd4xAMEAFd4zQME
AFd42AMEAFd42wMEAFd43gMEAFd5LwMEAFd52AMEAFtcFQMEAF17HwMEAV59ZgME
AF6c7AMEAG3O8AMEAG3O8wMEAKsWHgMEAbnPDgMEALnaigMEALn23QMEALn8swME
AMEIuAMEAcEIugMEAcEvPAMEAsGUODANBgkqhkiG9w0BAQsFAAOCAQEAG7gS37Z/
1cYmbnIbs9R3tL69hQuxMjBXu39cglsPVp9aueKT+w5z3lIJEFk6o0CKgFXtXkVv
kjKK5n0FhabO0Z6uuhzAtSWSkfsXnBm+zJcv955RlRTYoyA4Hh5uFKjJYFeOJwH1
i//cs7+m0Czzr0jnpwWw0ptzjaNou0rHzyKAXnI4l0jC7pjuWVum8kQaDTXIlqwC
XXdwooDbbWncNslNGNCFqqbmKZdaVVUkUReSPnqv+S/4YzEUFilpfH46FUN8csqS
qBbJpbA/tGkB18fe9yyIGJzaW+fD1EdQouIBKRJN/l7Mfgp+cymzAMwk8FgcfINN
UApyheF87W5m1w==
-----END CERTIFICATE-----
Generated at Thu May 15 18:57:51 2025 by rpki-client