Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/CAIL5Sba9vuw3xbHl0Jp9_DlI9k.roa
File: CAIL5Sba9vuw3xbHl0Jp9_DlI9k.roa (raw, json)
Hash identifier: wPL1lVp/Vodp1aZNHY5GchNJRJZ20Six1+bRYj2q89w=
Subject key identifier: 08:02:0B:E5:26:DA:F6:FB:B0:DF:16:C7:97:42:69:F7:F0:E5:23:D9
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 01968119FC7FA9D4852F9C4887814F53AAFD
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/CAIL5Sba9vuw3xbHl0Jp9_DlI9k.roa
Signing time: Tue 29 Apr 2025 10:31:26 +0000
ROA not before: Tue 29 Apr 2025 10:31:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9125
IP address blocks: 5.172.33.0/24 maxlen: 24
5.172.34.0/23 maxlen: 23
5.172.34.0/24 maxlen: 24
5.172.36.0/22 maxlen: 22
5.172.36.0/23 maxlen: 23
89.23.65.0/24 maxlen: 24
89.23.66.0/23 maxlen: 23
89.23.68.0/23 maxlen: 23
89.23.70.0/24 maxlen: 24
89.23.74.0/24 maxlen: 24
89.23.75.0/24 maxlen: 24
89.23.77.0/24 maxlen: 24
89.23.78.0/24 maxlen: 24
89.23.79.0/24 maxlen: 24
89.23.83.0/24 maxlen: 24
89.23.84.0/24 maxlen: 24
89.23.86.0/24 maxlen: 24
89.23.88.0/24 maxlen: 24
89.23.90.0/24 maxlen: 24
89.23.93.0/24 maxlen: 24
92.42.248.0/22 maxlen: 22
92.42.252.0/24 maxlen: 24
92.42.253.0/24 maxlen: 24
92.42.254.0/24 maxlen: 24
92.42.255.0/24 maxlen: 24
93.93.192.0/21 maxlen: 21
95.140.112.0/22 maxlen: 22
95.140.115.0/24 maxlen: 24
95.140.116.0/22 maxlen: 22
95.140.120.0/23 maxlen: 23
95.140.124.0/22 maxlen: 22
95.140.125.0/24 maxlen: 24
109.111.224.0/24 maxlen: 24
109.111.225.0/24 maxlen: 24
109.111.226.0/24 maxlen: 24
109.111.227.0/24 maxlen: 24
109.111.228.0/24 maxlen: 24
109.111.229.0/24 maxlen: 24
109.111.230.0/23 maxlen: 23
109.111.232.0/22 maxlen: 22
109.111.236.0/22 maxlen: 22
109.111.240.0/24 maxlen: 24
109.111.243.0/24 maxlen: 24
109.111.244.0/24 maxlen: 24
109.111.245.0/24 maxlen: 24
109.111.246.0/24 maxlen: 24
109.111.247.0/24 maxlen: 24
109.111.248.0/24 maxlen: 24
109.111.249.0/24 maxlen: 24
109.111.250.0/24 maxlen: 24
109.111.252.0/23 maxlen: 23
109.111.254.0/24 maxlen: 24
178.254.128.0/21 maxlen: 21
178.254.133.0/24 maxlen: 24
178.254.136.0/22 maxlen: 22
178.254.140.0/22 maxlen: 22
178.254.144.0/20 maxlen: 20
178.254.145.0/24 maxlen: 24
178.254.163.0/24 maxlen: 24
178.254.165.0/24 maxlen: 24
178.254.168.0/24 maxlen: 24
178.254.169.0/24 maxlen: 24
178.254.172.0/24 maxlen: 24
178.254.175.0/24 maxlen: 24
178.254.177.0/24 maxlen: 24
178.254.182.0/24 maxlen: 24
178.254.183.0/24 maxlen: 24
178.254.184.0/24 maxlen: 24
178.254.187.0/24 maxlen: 24
178.254.188.0/22 maxlen: 24
185.157.44.0/24 maxlen: 24
193.104.68.0/24 maxlen: 24
217.169.208.0/20 maxlen: 20
217.169.208.0/22 maxlen: 22
217.169.212.0/22 maxlen: 22
217.169.216.0/22 maxlen: 22
217.169.219.0/24 maxlen: 24
217.169.220.0/22 maxlen: 22
2a02:b58::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.mft
rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:81:19:fc:7f:a9:d4:85:2f:9c:48:87:81:4f:53:aa:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Apr 29 10:31:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=08020be526daf6fbb0df16c7974269f7f0e523d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:4d:47:b0:ae:e0:e3:19:19:be:81:58:df:0f:
96:99:57:95:97:81:e4:eb:97:e7:93:29:d8:78:ce:
18:cb:5a:37:a2:ce:ec:01:73:f1:3b:3c:c7:07:dd:
6a:66:72:c2:7b:5a:0a:81:80:cc:6d:64:c1:5f:f3:
b7:38:db:da:f6:4b:d1:bb:fd:97:8a:d2:db:81:95:
e2:df:28:66:59:9b:3d:e5:38:bc:ab:21:ef:c6:21:
e2:80:e0:d0:f5:be:56:08:a0:3f:bf:8d:8c:e9:96:
ee:1a:fc:e1:c5:50:81:eb:0a:3c:2e:95:a6:4f:d4:
3c:66:c0:b3:13:ae:ac:36:12:6a:1f:73:bc:1f:a0:
98:7f:94:b8:25:d9:d8:3d:30:9f:23:27:38:de:86:
2e:87:02:e0:a7:bc:58:87:dc:d2:2c:ab:d8:df:b1:
0d:cd:e3:47:3c:aa:3b:c1:98:a8:b3:6f:a8:93:2d:
03:91:a7:8c:b1:be:b5:33:60:46:59:7c:43:4d:e5:
b8:37:ff:1b:ee:40:b1:dd:fc:f8:bc:dc:ce:be:14:
8f:08:f9:5e:5b:97:c1:12:78:49:2d:ae:e4:be:c0:
9f:62:5c:0b:0a:67:b0:32:de:68:f1:07:98:a2:f9:
02:f4:97:b3:b0:4d:66:e5:d7:3a:95:8d:9b:fe:ae:
05:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:02:0B:E5:26:DA:F6:FB:B0:DF:16:C7:97:42:69:F7:F0:E5:23:D9
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/CAIL5Sba9vuw3xbHl0Jp9_DlI9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.33.0-5.172.39.255
89.23.65.0-89.23.70.255
89.23.74.0/23
89.23.77.0-89.23.79.255
89.23.83.0-89.23.84.255
89.23.86.0/24
89.23.88.0/24
89.23.90.0/24
89.23.93.0/24
92.42.248.0/21
93.93.192.0/21
95.140.112.0-95.140.121.255
95.140.124.0/22
109.111.224.0-109.111.240.255
109.111.243.0-109.111.250.255
109.111.252.0-109.111.254.255
178.254.128.0/19
178.254.163.0/24
178.254.165.0/24
178.254.168.0/23
178.254.172.0/24
178.254.175.0/24
178.254.177.0/24
178.254.182.0-178.254.184.255
178.254.187.0-178.254.191.255
185.157.44.0/24
193.104.68.0/24
217.169.208.0/20
IPv6:
2a02:b58::/32
Signature Algorithm: sha256WithRSAEncryption
2a:4c:3a:dd:39:a2:a8:ba:1e:a0:de:95:fc:b1:0c:d8:df:c1:
45:e6:3d:c3:fd:4d:32:30:c8:c1:9d:a2:f6:95:8c:fc:e7:72:
99:2c:d1:00:28:14:65:c8:44:ae:3d:57:6d:36:09:c3:d0:79:
91:d4:5f:83:b8:d2:1b:3c:b9:4d:2f:bb:d2:7d:bc:5c:74:97:
09:be:83:42:86:20:66:13:ee:95:35:02:db:68:34:ee:c7:06:
46:45:c8:e2:58:95:9c:dd:7f:ab:0c:ec:fe:e9:da:17:68:f9:
04:fc:80:69:6c:76:af:62:eb:fd:07:0e:fc:32:99:cd:08:65:
d0:18:46:02:ae:97:fe:73:19:e7:f5:00:18:f8:54:cf:a4:c7:
bb:7a:21:c2:be:95:4c:d0:1b:ad:e4:f6:d5:37:e2:4e:f9:00:
d3:86:00:8c:6f:86:15:71:c8:82:21:17:6e:c0:e8:63:7a:51:
f9:4f:58:c1:ee:7d:4f:0a:12:27:a8:55:b5:6c:9d:4b:58:7d:
50:23:be:51:72:6b:72:6a:a3:2f:4d:5d:02:ba:4c:f1:63:7b:
d6:4f:c7:98:d9:7c:a1:82:2e:75:b4:cb:3f:ab:45:2a:a8:8f:
1c:1f:79:af:9a:33:75:ea:04:13:81:13:f7:75:09:05:e1:b9:
46:1e:ce:c7
-----BEGIN CERTIFICATE-----
MIIGBjCCBO6gAwIBAgISAZaBGfx/qdSFL5xIh4FPU6r9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjUwNDI5MTAzMTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODAyMGJlNTI2ZGFmNmZiYjBkZjE2Yzc5NzQyNjlmN2YwZTUyM2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoU1HsK7g4xkZvoFY3w+WmVeVl4Hk
65fnkynYeM4Yy1o3os7sAXPxOzzHB91qZnLCe1oKgYDMbWTBX/O3ONva9kvRu/2X
itLbgZXi3yhmWZs95Ti8qyHvxiHigODQ9b5WCKA/v42M6ZbuGvzhxVCB6wo8LpWm
T9Q8ZsCzE66sNhJqH3O8H6CYf5S4JdnYPTCfIyc43oYuhwLgp7xYh9zSLKvY37EN
zeNHPKo7wZios2+oky0DkaeMsb61M2BGWXxDTeW4N/8b7kCx3fz4vNzOvhSPCPle
W5fBEnhJLa7kvsCfYlwLCmewMt5o8QeYovkC9JezsE1m5dc6lY2b/q4FMwIDAQAB
o4IDEjCCAw4wHQYDVR0OBBYEFAgCC+Um2vb7sN8Wx5dCaffw5SPZMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvQ0FJTDVTYmE5dnV3M3hiSGwwSnA5X0RsSTlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJgYIKwYBBQUHAQcBAf8EggEVMIIBETCB/wQCAAEwgfgw
DAMEAAWsIQMEAwWsIDAMAwQAWRdBAwQAWRdGAwQBWRdKMAwDBABZF00DBARZF0Aw
DAMEAFkXUwMEAFkXVAMEAFkXVgMEAFkXWAMEAFkXWgMEAFkXXQMEA1wq+AMEA11d
wDAMAwQEX4xwAwQBX4x4AwQCX4x8MAwDBAVtb+ADBABtb/AwDAMEAG1v8wMEAG1v
+jAMAwQCbW/8AwQAbW/+AwQFsv6AAwQAsv6jAwQAsv6lAwQBsv6oAwQAsv6sAwQA
sv6vAwQAsv6xMAwDBAGy/rYDBACy/rgwDAMEALL+uwMEBrL+gAMEALmdLAMEAMFo
RAMEBNmp0DANBAIAAjAHAwUAKgILWDANBgkqhkiG9w0BAQsFAAOCAQEAKkw63Tmi
qLoeoN6V/LEM2N/BReY9w/1NMjDIwZ2i9pWM/OdymSzRACgUZchErj1XbTYJw9B5
kdRfg7jSGzy5TS+70n28XHSXCb6DQoYgZhPulTUC22g07scGRkXI4liVnN1/qwzs
/unaF2j5BPyAaWx2r2Lr/QcO/DKZzQhl0BhGAq6X/nMZ5/UAGPhUz6THu3ohwr6V
TNAbreT21TfiTvkA04YAjG+GFXHIgiEXbsDoY3pR+U9Ywe59TwoSJ6hVtWydS1h9
UCO+UXJrcmqjL01dArpM8WN71k/HmNl8oYIudbTLP6tFKqiPHB95r5ozdeoEE4ET
93UJBeG5Rh7Oxw==
-----END CERTIFICATE-----
Generated at Sun May 11 09:41:40 2025 by rpki-client