Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/IMpAH2df-itwh69PlUvx_oaWrQM.roa
File: IMpAH2df-itwh69PlUvx_oaWrQM.roa (raw, json)
Hash identifier: h8Q7AA1+3SmalXFsbalRBM1LK/5cRCw0EOsvj7ZUqfs=
Subject key identifier: 20:CA:40:1F:67:5F:FA:2B:70:87:AF:4F:95:4B:F1:FE:86:96:AD:03
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01968D9A6F47912DFD860FB84B958D0D2021
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/IMpAH2df-itwh69PlUvx_oaWrQM.roa
Signing time: Thu 01 May 2025 20:47:10 +0000
ROA not before: Thu 01 May 2025 20:47:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58212
IP address blocks: 5.83.150.0/24 maxlen: 24
5.231.70.0/24 maxlen: 24
5.231.82.0/24 maxlen: 24
5.231.96.0/24 maxlen: 24
5.231.203.0/24 maxlen: 24
5.231.225.0/24 maxlen: 24
5.231.234.0/24 maxlen: 24
77.90.22.0/24 maxlen: 24
77.90.39.0/24 maxlen: 24
77.90.41.0/24 maxlen: 24
77.90.52.0/24 maxlen: 24
77.90.58.0/24 maxlen: 24
85.93.1.0/24 maxlen: 24
85.93.6.0/24 maxlen: 24
85.93.7.0/24 maxlen: 24
85.93.22.0/24 maxlen: 24
89.106.70.0/24 maxlen: 24
89.144.14.0/24 maxlen: 24
89.144.16.0/24 maxlen: 24
89.144.25.0/24 maxlen: 24
89.144.35.0/24 maxlen: 24
94.249.153.0/24 maxlen: 24
94.249.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 23:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8d:9a:6f:47:91:2d:fd:86:0f:b8:4b:95:8d:0d:20:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: May 1 20:47:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20ca401f675ffa2b7087af4f954bf1fe8696ad03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:36:64:55:44:31:00:44:9c:7f:40:5e:1c:67:
0a:a7:05:5f:78:54:6e:2a:70:37:d3:80:5a:2b:f8:
d1:97:be:61:78:9a:6a:e6:59:07:c4:1c:4a:2f:30:
1c:5f:1f:4d:ee:8b:84:6d:df:5a:74:4e:ef:23:1a:
b0:c0:26:d0:be:98:69:04:05:46:a5:1c:9e:3a:06:
f1:b0:d3:1a:cc:39:23:7a:f2:69:25:a5:a4:30:a3:
2c:15:49:a7:52:fe:04:7b:18:6d:d7:9f:82:8b:5b:
02:cd:e9:67:75:3a:a2:7d:59:f7:65:dd:bd:6f:64:
84:5c:fb:2e:e6:fe:d6:f5:bb:93:90:7e:72:b5:2f:
9b:6c:4d:96:8f:4a:e2:57:e6:f0:e3:73:85:27:85:
da:ec:e5:53:83:92:35:cc:06:71:ac:c6:1c:fb:bd:
ae:68:14:cd:47:4d:92:38:44:d4:2f:c0:48:a4:1c:
01:52:b6:f2:16:20:20:1c:4d:37:9e:b8:9d:fb:7a:
da:94:e6:12:7b:60:11:a8:58:d4:02:f3:96:12:a0:
ed:6d:b1:55:d9:5e:9c:6d:d7:0b:9d:ad:22:b2:8f:
1d:a5:b7:19:61:b1:87:1f:db:f1:03:57:3b:f6:28:
55:43:8d:24:59:66:29:20:55:ef:04:b7:06:c2:5d:
7d:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:CA:40:1F:67:5F:FA:2B:70:87:AF:4F:95:4B:F1:FE:86:96:AD:03
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/IMpAH2df-itwh69PlUvx_oaWrQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.150.0/24
5.231.70.0/24
5.231.82.0/24
5.231.96.0/24
5.231.203.0/24
5.231.225.0/24
5.231.234.0/24
77.90.22.0/24
77.90.39.0/24
77.90.41.0/24
77.90.52.0/24
77.90.58.0/24
85.93.1.0/24
85.93.6.0/23
85.93.22.0/24
89.106.70.0/24
89.144.14.0/24
89.144.16.0/24
89.144.25.0/24
89.144.35.0/24
94.249.153.0/24
94.249.158.0/24
Signature Algorithm: sha256WithRSAEncryption
09:e6:bc:cf:38:e3:68:09:1e:f5:26:89:8e:16:f3:e9:19:d8:
6a:80:2c:ad:21:c2:25:fc:2a:8b:af:df:11:05:ee:2b:d0:3c:
b2:b1:82:6b:50:13:88:a2:20:c5:58:d0:c6:7d:b5:37:fd:da:
c9:91:b0:86:48:fc:a7:79:e6:3b:6e:2e:9e:e3:3c:10:9a:69:
d1:52:a0:5b:49:19:c3:20:40:1e:86:c7:83:9d:04:85:1c:2f:
d6:fa:a0:46:df:03:9e:e3:45:93:53:69:c9:9f:e1:0b:6f:6a:
85:d7:22:91:9d:27:24:62:47:ea:9f:c1:9b:02:82:12:6e:52:
4d:5c:6a:65:99:51:8e:61:b6:26:80:97:4e:2f:f7:85:42:4d:
c0:e1:1c:8d:dd:67:3f:6e:af:22:cc:4d:ac:b9:13:07:ef:89:
10:a7:5b:b7:b0:12:8e:f7:d8:89:84:44:81:1a:81:8d:33:4b:
18:4d:2c:0a:22:e9:76:a4:ce:7d:c4:00:05:8c:f7:2a:b0:04:
e9:97:61:f0:79:ae:e5:3c:05:5b:4c:b4:72:88:9c:4a:03:98:
a7:04:cb:12:d7:23:cc:3c:50:52:5b:9a:ad:34:34:3f:b6:a3:
96:fa:2c:57:77:59:82:c6:58:03:ea:ff:93:83:e4:e9:c1:f3:
28:00:cd:e7
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZaNmm9HkS39hg+4S5WNDSAhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNTAxMjA0NzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGNhNDAxZjY3NWZmYTJiNzA4N2FmNGY5NTRiZjFmZTg2OTZhZDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzZkVUQxAEScf0BeHGcKpwVfeFRu
KnA304BaK/jRl75heJpq5lkHxBxKLzAcXx9N7ouEbd9adE7vIxqwwCbQvphpBAVG
pRyeOgbxsNMazDkjevJpJaWkMKMsFUmnUv4Eexht15+Ci1sCzelndTqifVn3Zd29
b2SEXPsu5v7W9buTkH5ytS+bbE2Wj0riV+bw43OFJ4Xa7OVTg5I1zAZxrMYc+72u
aBTNR02SOETUL8BIpBwBUrbyFiAgHE03nrid+3ralOYSe2ARqFjUAvOWEqDtbbFV
2V6cbdcLna0iso8dpbcZYbGHH9vxA1c79ihVQ40kWWYpIFXvBLcGwl19jQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFCDKQB9nX/orcIevT5VL8f6Glq0DMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvSU1wQUgyZGYtaXR3aDY5UGxVdnhfb2FXclFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAAF
U5YDBAAF50YDBAAF51IDBAAF52ADBAAF58sDBAAF5+EDBAAF5+oDBABNWhYDBABN
WicDBABNWikDBABNWjQDBABNWjoDBABVXQEDBAFVXQYDBABVXRYDBABZakYDBABZ
kA4DBABZkBADBABZkBkDBABZkCMDBABe+ZkDBABe+Z4wDQYJKoZIhvcNAQELBQAD
ggEBAAnmvM8442gJHvUmiY4W8+kZ2GqALK0hwiX8Kouv3xEF7ivQPLKxgmtQE4ii
IMVY0MZ9tTf92smRsIZI/Kd55jtuLp7jPBCaadFSoFtJGcMgQB6Gx4OdBIUcL9b6
oEbfA57jRZNTacmf4QtvaoXXIpGdJyRiR+qfwZsCghJuUk1camWZUY5htiaAl04v
94VCTcDhHI3dZz9uryLMTay5EwfviRCnW7ewEo732ImERIEagY0zSxhNLAoi6Xak
zn3EAAWM9yqwBOmXYfB5ruU8BVtMtHKInEoDmKcEyxLXI8w8UFJbmq00ND+2o5b6
LFd3WYLGWAPq/5OD5OnB8ygAzec=
-----END CERTIFICATE-----
Generated at Tue May 6 05:21:52 2025 by rpki-client