Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/fjCDcJ-GdlaMAHbuKYCPeeb7aqo.roa
File: fjCDcJ-GdlaMAHbuKYCPeeb7aqo.roa (raw, json)
Hash identifier: cg/ck7JNgX5H5SPck5caxw/6enMqzT+4sXKpWgfqgXk=
Subject key identifier: 7E:30:83:70:9F:86:76:56:8C:00:76:EE:29:80:8F:79:E6:FB:6A:AA
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 0197C18056203613D7A74112546E32136F5C
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/fjCDcJ-GdlaMAHbuKYCPeeb7aqo.roa
Signing time: Mon 30 Jun 2025 15:41:42 +0000
ROA not before: Mon 30 Jun 2025 15:41:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203
IP address blocks: 5.39.176.0/21 maxlen: 24
5.159.208.0/21 maxlen: 24
5.181.72.0/22 maxlen: 24
31.192.96.0/21 maxlen: 24
45.8.100.0/22 maxlen: 24
45.132.108.0/22 maxlen: 24
45.137.44.0/22 maxlen: 24
80.74.240.0/21 maxlen: 24
80.74.248.0/21 maxlen: 24
80.87.16.0/20 maxlen: 24
83.150.252.0/22 maxlen: 24
85.95.96.0/19 maxlen: 24
87.236.128.0/21 maxlen: 24
88.151.152.0/21 maxlen: 24
89.38.120.0/21 maxlen: 24
91.143.64.0/20 maxlen: 24
92.42.120.0/21 maxlen: 24
93.115.176.0/20 maxlen: 24
94.142.168.0/21 maxlen: 24
95.129.64.0/21 maxlen: 24
176.58.0.0/21 maxlen: 24
185.52.144.0/22 maxlen: 24
185.79.184.0/22 maxlen: 24
185.90.0.0/22 maxlen: 24
185.94.204.0/22 maxlen: 24
185.99.76.0/22 maxlen: 24
185.145.88.0/22 maxlen: 24
185.178.216.0/22 maxlen: 24
185.182.0.0/21 maxlen: 24
185.182.200.0/23 maxlen: 24
185.204.212.0/22 maxlen: 24
185.229.4.0/22 maxlen: 24
185.246.132.0/22 maxlen: 24
185.247.200.0/22 maxlen: 24
185.248.252.0/24 maxlen: 24
185.248.253.0/24 maxlen: 24
185.248.254.0/24 maxlen: 24
185.248.255.0/24 maxlen: 24
188.94.16.0/21 maxlen: 24
193.24.3.0/24 maxlen: 24
193.24.6.0/24 maxlen: 24
193.24.13.0/24 maxlen: 24
193.24.31.0/24 maxlen: 24
195.26.32.0/19 maxlen: 24
195.88.8.0/23 maxlen: 24
212.11.68.0/22 maxlen: 24
212.11.72.0/22 maxlen: 24
217.145.128.0/20 maxlen: 24
2a00:f1c0::/32 maxlen: 32
2a0d:7680::/29 maxlen: 29
2a0e:a1c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 21:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c1:80:56:20:36:13:d7:a7:41:12:54:6e:32:13:6f:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Jun 30 15:41:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e3083709f8676568c0076ee29808f79e6fb6aaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:47:08:24:09:43:2c:15:a2:dd:ba:7a:a5:02:
a4:0f:4c:80:1d:b9:a2:f8:cb:d5:9f:1a:7a:5d:a4:
22:ba:6b:b5:fc:e4:a4:1c:a4:b0:92:af:6c:69:06:
39:46:cf:f8:01:23:3f:c5:e1:ab:f4:84:22:9d:95:
a4:ca:b5:54:8f:ea:d2:36:ed:45:d3:36:2d:b6:3c:
36:94:7f:62:97:e8:dd:97:10:4d:28:84:45:ef:fb:
1c:6d:af:16:43:70:b4:06:c4:16:d7:13:97:61:21:
2e:76:91:cd:8b:23:82:e8:e1:58:32:e2:32:8d:2f:
db:ad:63:86:32:00:91:d5:6f:38:80:35:49:5f:6f:
41:b4:fa:06:f0:fe:c9:c4:3c:3f:33:be:54:b1:8f:
6d:29:30:c6:bf:7f:84:c6:2f:3b:4b:92:90:0a:07:
91:ef:38:71:e7:61:62:2d:06:f2:93:b6:af:29:fc:
1e:0f:23:88:a1:4c:8e:58:e1:72:c8:e6:99:d3:a0:
68:88:74:19:91:e2:e1:56:ab:d6:da:c2:39:b1:c6:
3d:ad:41:2d:84:ca:59:d5:13:4d:20:23:c0:03:0d:
91:f4:fa:30:7d:9e:26:4d:c8:07:c0:a4:f8:2b:bb:
02:15:3a:ae:db:0e:fb:fa:0b:fc:2d:9b:1a:d5:16:
fc:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:30:83:70:9F:86:76:56:8C:00:76:EE:29:80:8F:79:E6:FB:6A:AA
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/fjCDcJ-GdlaMAHbuKYCPeeb7aqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.176.0/21
5.159.208.0/21
5.181.72.0/22
31.192.96.0/21
45.8.100.0/22
45.132.108.0/22
45.137.44.0/22
80.74.240.0/20
80.87.16.0/20
83.150.252.0/22
85.95.96.0/19
87.236.128.0/21
88.151.152.0/21
89.38.120.0/21
91.143.64.0/20
92.42.120.0/21
93.115.176.0/20
94.142.168.0/21
95.129.64.0/21
176.58.0.0/21
185.52.144.0/22
185.79.184.0/22
185.90.0.0/22
185.94.204.0/22
185.99.76.0/22
185.145.88.0/22
185.178.216.0/22
185.182.0.0/21
185.182.200.0/23
185.204.212.0/22
185.229.4.0/22
185.246.132.0/22
185.247.200.0/22
185.248.252.0/22
188.94.16.0/21
193.24.3.0/24
193.24.6.0/24
193.24.13.0/24
193.24.31.0/24
195.26.32.0/19
195.88.8.0/23
212.11.68.0-212.11.75.255
217.145.128.0/20
IPv6:
2a00:f1c0::/32
2a0d:7680::/29
2a0e:a1c0::/29
Signature Algorithm: sha256WithRSAEncryption
aa:79:28:5c:14:c8:61:6b:d9:73:27:aa:4f:6c:17:2c:15:65:
b5:37:cc:f1:74:73:65:e0:0b:90:25:b1:fb:5d:3e:c4:d2:0c:
8c:b5:75:49:22:75:fc:18:f6:a5:89:55:65:66:cb:9c:2f:27:
f4:40:1b:10:c2:50:fb:60:26:86:43:37:3a:76:a2:84:ce:64:
97:23:d9:a3:bd:9e:e9:31:9a:be:b4:51:97:2c:98:bc:5d:2e:
ae:ec:f5:3e:f8:62:4c:1c:b1:44:32:2b:35:2c:19:07:2c:0a:
07:4f:a5:14:f6:9b:df:75:cf:0c:2f:43:a3:90:e1:a9:f5:35:
a6:18:37:dd:49:6f:65:e6:7c:04:b5:81:09:46:38:b4:68:74:
8a:8b:66:ce:37:2f:e4:51:97:89:15:12:8e:98:74:dd:bc:bc:
5e:ba:9a:87:12:e5:ea:6f:57:a3:20:bd:5c:35:2f:f3:45:d3:
cd:f4:57:ba:b0:4b:00:de:25:1f:05:fb:09:b1:a9:c8:c5:6f:
c0:a8:f7:a1:32:85:3a:1c:2a:25:bc:7b:88:8f:d1:f3:4c:2b:
dc:42:58:33:b6:d2:45:b3:26:44:9a:38:89:b4:17:56:4a:8b:
85:e1:fe:d0:6f:e5:30:44:a4:38:89:28:9b:d0:38:ce:9a:24:
fa:18:db:cf
-----BEGIN CERTIFICATE-----
MIIGKDCCBRCgAwIBAgISAZfBgFYgNhPXp0ESVG4yE29cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjUwNjMwMTU0MTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTMwODM3MDlmODY3NjU2OGMwMDc2ZWUyOTgwOGY3OWU2ZmI2YWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUcIJAlDLBWi3bp6pQKkD0yAHbmi
+MvVnxp6XaQiumu1/OSkHKSwkq9saQY5Rs/4ASM/xeGr9IQinZWkyrVUj+rSNu1F
0zYttjw2lH9il+jdlxBNKIRF7/scba8WQ3C0BsQW1xOXYSEudpHNiyOC6OFYMuIy
jS/brWOGMgCR1W84gDVJX29BtPoG8P7JxDw/M75UsY9tKTDGv3+Exi87S5KQCgeR
7zhx52FiLQbyk7avKfweDyOIoUyOWOFyyOaZ06BoiHQZkeLhVqvW2sI5scY9rUEt
hMpZ1RNNICPAAw2R9PowfZ4mTcgHwKT4K7sCFTqu2w77+gv8LZsa1Rb8cQIDAQAB
o4IDNDCCAzAwHQYDVR0OBBYEFH4wg3CfhnZWjAB27imAj3nm+2qqMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvZmpDRGNKLUdkbGFNQUhidUtZQ1BlZWI3YXFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBSAYIKwYBBQUHAQcBAf8EggE3MIIBMzCCARIEAgABMIIB
CgMEAwUnsAMEAwWf0AMEAgW1SAMEAx/AYAMEAi0IZAMEAi2EbAMEAi2JLAMEBFBK
8AMEBFBXEAMEAlOW/AMEBVVfYAMEA1fsgAMEA1iXmAMEA1kmeAMEBFuPQAMEA1wq
eAMEBF1zsAMEA16OqAMEA1+BQAMEA7A6AAMEArk0kAMEArlPuAMEArlaAAMEArle
zAMEArljTAMEArmRWAMEArmy2AMEA7m2AAMEAbm2yAMEArnM1AMEArnlBAMEArn2
hAMEArn3yAMEArn4/AMEA7xeEAMEAMEYAwMEAMEYBgMEAMEYDQMEAMEYHwMEBcMa
IAMEAcNYCDAMAwQC1AtEAwQC1AtIAwQE2ZGAMBsEAgACMBUDBQAqAPHAAwUDKg12
gAMFAyoOocAwDQYJKoZIhvcNAQELBQADggEBAKp5KFwUyGFr2XMnqk9sFywVZbU3
zPF0c2XgC5AlsftdPsTSDIy1dUkidfwY9qWJVWVmy5wvJ/RAGxDCUPtgJoZDNzp2
ooTOZJcj2aO9nukxmr60UZcsmLxdLq7s9T74YkwcsUQyKzUsGQcsCgdPpRT2m991
zwwvQ6OQ4an1NaYYN91Jb2XmfAS1gQlGOLRodIqLZs43L+RRl4kVEo6YdN28vF66
mocS5epvV6MgvVw1L/NF0830V7qwSwDeJR8F+wmxqcjFb8Co96EyhTocKiW8e4iP
0fNMK9xCWDO20kWzJkSaOIm0F1ZKi4Xh/tBv5TBEpDiJKJvQOM6aJPoY288=
-----END CERTIFICATE-----
Generated at Thu Jul 3 06:50:31 2025 by rpki-client