Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/EnVgqnV2DU3DJZUH_ORE2QooR0w.roa
File: EnVgqnV2DU3DJZUH_ORE2QooR0w.roa (raw, json)
Hash identifier: 7zEtqJMGX4h7AQJwiOMecVDUrkwhYySa+Ddvogq9uEE=
Subject key identifier: 12:75:60:AA:75:76:0D:4D:C3:25:95:07:FC:E4:44:D9:0A:28:47:4C
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0196869ABF051A37F904666747C48E338062
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/EnVgqnV2DU3DJZUH_ORE2QooR0w.roa
Signing time: Wed 30 Apr 2025 12:10:10 +0000
ROA not before: Wed 30 Apr 2025 12:10:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.13.189.0/24 maxlen: 24
45.13.190.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
77.83.37.0/24 maxlen: 24
146.19.125.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/24 maxlen: 24
194.242.98.0/24 maxlen: 24
194.242.99.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.211.188.0/24 maxlen: 24
195.211.189.0/24 maxlen: 24
195.211.190.0/24 maxlen: 24
195.211.191.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a01:7120:7::/48 maxlen: 48
2a07:9200::/29 maxlen: 29
2a07:9201::/32 maxlen: 32
2a07:9206::/32 maxlen: 32
2a07:9207::/32 maxlen: 32
2a09:340::/32 maxlen: 32
2a09:342::/32 maxlen: 32
2a09:346::/32 maxlen: 32
2a09:c440::/32 maxlen: 32
2a0c:5d40::/32 maxlen: 32
2a0c:a580::/29 maxlen: 29
2a0c:a580::/32 maxlen: 32
2a0c:a581::/32 maxlen: 32
2a0c:a584::/32 maxlen: 32
2a0c:a586::/32 maxlen: 32
2a10:dfc0::/29 maxlen: 29
2a10:dfc0::/32 maxlen: 32
2a10:fac0::/32 maxlen: 32
2a11:580::/29 maxlen: 29
2a11:580::/32 maxlen: 32
2a11:1600::/32 maxlen: 32
2a11:2a80::/32 maxlen: 32
2a11:3900::/32 maxlen: 32
2a11:d680::/32 maxlen: 32
2a12:9f00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 18:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:86:9a:bf:05:1a:37:f9:04:66:67:47:c4:8e:33:80:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Apr 30 12:10:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=127560aa75760d4dc3259507fce444d90a28474c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:6b:e8:73:17:e8:1c:7c:a9:cd:56:5e:f8:a6:
6d:e3:c7:31:05:91:73:b5:df:1f:62:82:0c:3c:12:
7c:46:eb:8f:96:8c:b6:de:ce:ed:c8:42:f6:2c:27:
3f:41:dc:d7:4f:c3:45:b8:75:c6:6c:89:f7:31:66:
60:6a:3e:fd:a7:25:6f:9f:26:d0:b4:09:d9:e9:70:
19:a2:1d:19:4d:9b:04:55:1b:5a:16:37:3b:43:62:
d1:af:14:02:80:04:8c:8c:89:e0:9b:9f:a4:cf:3e:
b1:14:92:0c:08:60:d7:77:d4:eb:40:01:f5:2c:ab:
de:73:40:c7:68:24:dd:3b:d3:6b:b9:f9:a5:10:34:
4b:27:bc:ba:90:5b:af:f4:6b:ae:ea:ee:a9:f1:91:
bf:31:dc:04:f8:66:dc:ef:03:04:80:e3:95:d7:05:
57:e8:3c:f8:40:e1:89:45:d1:36:d6:06:71:db:b6:
04:6d:94:3f:53:cd:13:91:66:55:66:4c:92:8a:2d:
9c:99:80:0a:27:63:6a:ba:dd:fc:3c:dd:45:85:25:
ec:9e:36:74:63:44:ab:4c:25:39:ba:e5:8f:f1:3a:
fe:a3:fb:5c:02:45:63:55:84:9c:03:4a:cc:cd:31:
1e:3e:1a:eb:39:68:93:0b:71:18:da:f9:92:1c:1a:
ca:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:75:60:AA:75:76:0D:4D:C3:25:95:07:FC:E4:44:D9:0A:28:47:4C
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/EnVgqnV2DU3DJZUH_ORE2QooR0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/24
5.181.87.0/24
45.9.29.0/24
45.13.189.0-45.13.190.255
45.88.136.0/24
45.94.171.0/24
45.132.180.0/24
45.132.182.0/23
77.83.37.0/24
146.19.125.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/24
194.242.98.0/23
195.62.24.0/24
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a09:340::/32
2a09:342::/32
2a09:346::/32
2a09:c440::/32
2a0c:5d40::/32
2a0c:a580::/29
2a10:dfc0::/29
2a10:fac0::/32
2a11:580::/29
2a11:1600::/32
2a11:2a80::/32
2a11:3900::/32
2a11:d680::/32
2a12:9f00::/32
Signature Algorithm: sha256WithRSAEncryption
28:b8:4c:e5:7c:03:b2:2e:4a:dc:36:f0:03:63:51:6a:a6:a9:
32:3c:c0:00:c0:cb:68:ef:db:00:21:35:b5:18:58:1b:a1:b3:
0f:50:95:0e:2f:82:70:0d:73:66:ab:23:e0:0a:70:ee:c5:c8:
88:26:c4:00:52:fd:9a:58:58:41:64:aa:b0:58:bf:ac:b9:6d:
41:f9:f7:c5:7b:6a:8a:c5:08:6f:8a:05:94:00:f8:12:79:b3:
76:dd:61:81:71:c4:30:f1:c9:b2:5c:da:1d:f6:74:c2:85:fa:
b7:c4:e8:3e:91:26:c4:66:66:78:c8:f2:06:12:42:42:5a:68:
74:5d:9a:6d:1f:41:7d:b2:ad:3a:08:d3:db:f1:bc:bc:57:75:
08:d6:7c:fd:19:13:50:d8:0b:3c:d6:7c:5f:35:68:79:15:f1:
d7:a7:5a:7a:4c:d4:50:00:95:11:fe:af:1a:bb:9d:7e:e1:fd:
4e:52:d9:22:4e:88:45:ff:40:c0:f8:34:65:b6:6d:a0:34:fa:
33:57:ae:62:42:a7:8a:99:59:7b:fb:17:e3:cb:a5:2f:d9:d3:
e5:b0:d1:fa:0a:25:e9:84:66:46:c5:64:9d:c6:62:3c:a1:53:
29:25:ea:49:e2:af:8a:aa:0b:79:b9:9c:6e:e6:87:4b:39:7c:
3b:e2:0b:94
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgISAZaGmr8FGjf5BGZnR8SOM4BiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjUwNDMwMTIxMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjc1NjBhYTc1NzYwZDRkYzMyNTk1MDdmY2U0NDRkOTBhMjg0NzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWvocxfoHHypzVZe+KZt48cxBZFz
td8fYoIMPBJ8RuuPloy23s7tyEL2LCc/QdzXT8NFuHXGbIn3MWZgaj79pyVvnybQ
tAnZ6XAZoh0ZTZsEVRtaFjc7Q2LRrxQCgASMjIngm5+kzz6xFJIMCGDXd9TrQAH1
LKvec0DHaCTdO9NrufmlEDRLJ7y6kFuv9Guu6u6p8ZG/MdwE+Gbc7wMEgOOV1wVX
6Dz4QOGJRdE21gZx27YEbZQ/U80TkWZVZkySii2cmYAKJ2Nqut38PN1FhSXsnjZ0
Y0SrTCU5uuWP8Tr+o/tcAkVjVYScA0rMzTEePhrrOWiTC3EY2vmSHBrKJQIDAQAB
o4IDCTCCAwUwHQYDVR0OBBYEFBJ1YKp1dg1NwyWVB/zkRNkKKEdMMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvRW5WZ3FuVjJEVTNESlpVSF9PUkUyUW9vUjB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHQYIKwYBBQUHAQcBAf8EggEMMIIBCDCBjQQCAAEwgYYD
BAAFtVQDBAAFtVcDBAAtCR0wDAMEAC0NvQMEAC0NvgMEAC1YiAMEAC1eqwMEAC2E
tAMEAS2EtgMEAE1TJQMEAJITfQMEAbkr+AMEALkr+wMEAbnIPgMEAMEe8AMEAcEe
8gMEAME5KwMEAMLyYAMEAcLyYgMEAMM+GAMEAsOxXAMEAsPTvDB2BAIAAjBwAwUA
KgFxIAMFAyoHkgADBQAqCQNAAwUAKgkDQgMFACoJA0YDBQAqCcRAAwUAKgxdQAMF
AyoMpYADBQMqEN/AAwUAKhD6wAMFAyoRBYADBQAqERYAAwUAKhEqgAMFACoROQAD
BQAqEdaAAwUAKhKfADANBgkqhkiG9w0BAQsFAAOCAQEAKLhM5XwDsi5K3DbwA2NR
aqapMjzAAMDLaO/bACE1tRhYG6GzD1CVDi+CcA1zZqsj4Apw7sXIiCbEAFL9mlhY
QWSqsFi/rLltQfn3xXtqisUIb4oFlAD4Enmzdt1hgXHEMPHJslzaHfZ0woX6t8To
PpEmxGZmeMjyBhJCQlpodF2abR9BfbKtOgjT2/G8vFd1CNZ8/RkTUNgLPNZ8XzVo
eRXx16daekzUUACVEf6vGrudfuH9TlLZIk6IRf9AwPg0ZbZtoDT6M1euYkKniplZ
e/sX48ulL9nT5bDR+gol6YRmRsVkncZiPKFTKSXqSeKviqoLebmcbuaHSzl8O+IL
lA==
-----END CERTIFICATE-----
Generated at Mon May 5 23:57:45 2025 by rpki-client