Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/a324f4-9770-4a58-a6ef-d62fa6319fd4/1/XBM0bfMMPD6t_zmoxCt22SNmfHY.roa
File: XBM0bfMMPD6t_zmoxCt22SNmfHY.roa (raw, json)
Hash identifier: tShkOYfHc06U983P6l5t6ftsaJBkaAKS4GWPqVhBo88=
Subject key identifier: 5C:13:34:6D:F3:0C:3C:3E:AD:FF:39:A8:C4:2B:76:D9:23:66:7C:76
Certificate issuer: /CN=49ee1194bd81d1946c39f10f7fdfdf22d1a03112
Certificate serial: 01963DFB21274E8E55F51EFA6C431BB84454
Authority key identifier: 49:EE:11:94:BD:81:D1:94:6C:39:F1:0F:7F:DF:DF:22:D1:A0:31:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Se4RlL2B0ZRsOfEPf9_fItGgMRI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/a324f4-9770-4a58-a6ef-d62fa6319fd4/1/XBM0bfMMPD6t_zmoxCt22SNmfHY.roa
Signing time: Wed 16 Apr 2025 09:43:10 +0000
ROA not before: Wed 16 Apr 2025 09:43:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59441
IP address blocks: 5.144.128.0/21 maxlen: 21
5.144.128.0/22 maxlen: 22
5.144.128.0/23 maxlen: 23
5.144.128.0/24 maxlen: 24
5.144.129.0/24 maxlen: 24
5.144.130.0/23 maxlen: 24
5.144.130.0/24 maxlen: 24
5.144.131.0/24 maxlen: 24
5.144.132.0/22 maxlen: 22
5.144.132.0/23 maxlen: 24
5.144.132.0/24 maxlen: 24
5.144.133.0/24 maxlen: 24
5.144.134.0/23 maxlen: 24
5.144.134.0/24 maxlen: 24
5.144.135.0/24 maxlen: 24
45.92.92.0/22 maxlen: 24
45.92.92.0/23 maxlen: 24
45.92.92.0/24 maxlen: 24
45.92.93.0/24 maxlen: 24
45.92.94.0/23 maxlen: 24
45.92.94.0/24 maxlen: 24
45.92.95.0/24 maxlen: 24
45.138.132.0/22 maxlen: 24
45.138.132.0/23 maxlen: 24
45.138.132.0/24 maxlen: 24
45.138.133.0/24 maxlen: 24
45.138.134.0/24 maxlen: 24
45.138.135.0/24 maxlen: 24
185.40.16.0/24 maxlen: 24
185.83.112.0/22 maxlen: 22
185.83.112.0/23 maxlen: 23
185.83.112.0/24 maxlen: 24
185.83.113.0/24 maxlen: 24
185.83.114.0/23 maxlen: 24
185.83.114.0/24 maxlen: 24
185.83.115.0/24 maxlen: 24
185.83.181.0/24 maxlen: 24
185.83.183.0/24 maxlen: 24
185.169.6.0/24 maxlen: 24
185.173.104.0/22 maxlen: 24
185.173.104.0/24 maxlen: 24
185.173.105.0/24 maxlen: 24
185.173.106.0/24 maxlen: 24
185.173.107.0/24 maxlen: 24
185.205.203.0/24 maxlen: 24
185.208.76.0/23 maxlen: 23
185.208.78.0/23 maxlen: 24
185.208.78.0/24 maxlen: 24
185.208.79.0/24 maxlen: 24
193.3.231.0/24 maxlen: 24
2a05:9a00::/29 maxlen: 29
2a05:9a00::/48 maxlen: 48
2a05:9a00:1::/48 maxlen: 48
2a05:9a00:2::/48 maxlen: 48
2a05:9a00:3::/48 maxlen: 48
2a05:9a00:4::/48 maxlen: 48
2a05:9a00:1000::/48 maxlen: 48
2a05:9a00:1001::/48 maxlen: 48
2a05:9a00:1002::/48 maxlen: 48
2a05:9a00:1003::/48 maxlen: 48
2a07:e440::/29 maxlen: 29
2a10:4340::/29 maxlen: 29
2a10:5c40::/29 maxlen: 29
2a10:6140::/29 maxlen: 29
2a10:b800::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/a324f4-9770-4a58-a6ef-d62fa6319fd4/1/Se4RlL2B0ZRsOfEPf9_fItGgMRI.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/a324f4-9770-4a58-a6ef-d62fa6319fd4/1/Se4RlL2B0ZRsOfEPf9_fItGgMRI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Se4RlL2B0ZRsOfEPf9_fItGgMRI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 14:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3d:fb:21:27:4e:8e:55:f5:1e:fa:6c:43:1b:b8:44:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49ee1194bd81d1946c39f10f7fdfdf22d1a03112
Validity
Not Before: Apr 16 09:43:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c13346df30c3c3eadff39a8c42b76d923667c76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:61:d8:c5:b4:76:93:1b:ee:cc:c5:b1:be:7e:
a3:ff:50:59:7b:be:1e:e0:52:d5:72:af:48:a5:99:
ff:57:b1:b0:51:13:d2:a0:85:8f:b8:39:ef:da:05:
90:99:29:93:8e:3a:ab:8e:fc:b0:a8:4c:3d:02:46:
4e:73:7c:58:eb:be:4b:28:38:f2:e0:ee:f6:7f:0e:
21:5a:10:e1:35:cc:dc:36:99:ed:b3:ff:38:d0:55:
8b:af:e4:5b:e2:63:de:cb:a2:b3:6a:b2:d0:26:65:
38:cc:57:79:b7:06:4f:53:68:53:ae:54:46:f3:1f:
cf:f6:3d:cc:15:b8:63:bd:97:d8:be:ed:46:8b:41:
7f:af:89:a4:c7:d6:b2:8d:43:3c:50:4b:8e:14:1c:
b3:21:73:de:f6:a1:a0:42:7c:fc:9f:52:af:c2:5c:
ce:9c:ca:43:e7:30:84:10:b5:e6:31:29:f1:6a:fd:
42:78:23:16:b6:85:78:bf:10:00:11:cd:5f:73:4e:
66:80:d1:15:50:82:b5:3d:a9:8c:92:b7:35:22:d8:
03:3f:f6:e0:74:5b:8e:0b:e2:e8:59:2c:91:8f:b3:
f7:55:97:2c:22:36:df:fc:82:79:7c:40:54:10:b3:
2f:86:80:f9:7a:e0:dd:58:c2:d6:e8:68:fb:21:70:
35:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:13:34:6D:F3:0C:3C:3E:AD:FF:39:A8:C4:2B:76:D9:23:66:7C:76
X509v3 Authority Key Identifier:
keyid:49:EE:11:94:BD:81:D1:94:6C:39:F1:0F:7F:DF:DF:22:D1:A0:31:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Se4RlL2B0ZRsOfEPf9_fItGgMRI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/a324f4-9770-4a58-a6ef-d62fa6319fd4/1/XBM0bfMMPD6t_zmoxCt22SNmfHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/a324f4-9770-4a58-a6ef-d62fa6319fd4/1/Se4RlL2B0ZRsOfEPf9_fItGgMRI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.128.0/21
45.92.92.0/22
45.138.132.0/22
185.40.16.0/24
185.83.112.0/22
185.83.181.0/24
185.83.183.0/24
185.169.6.0/24
185.173.104.0/22
185.205.203.0/24
185.208.76.0/22
193.3.231.0/24
IPv6:
2a05:9a00::/29
2a07:e440::/29
2a10:4340::/29
2a10:5c40::/29
2a10:6140::/29
2a10:b800::/29
Signature Algorithm: sha256WithRSAEncryption
51:f0:0b:0a:84:20:4c:3d:c2:81:63:fe:57:30:76:9a:8b:3f:
e7:ad:97:25:7a:5d:a7:cf:4b:5a:16:54:8f:3e:76:27:a5:f7:
4c:49:d6:a7:17:89:97:4c:af:24:3d:af:f0:70:76:3c:0d:0d:
83:f4:42:3e:d5:58:e3:73:3e:16:fc:83:0c:2d:80:4b:1f:37:
c8:ef:76:be:71:b7:37:f3:0e:15:61:aa:87:ca:b6:de:96:df:
da:6a:1b:12:cb:fc:43:39:cc:67:c1:a4:79:b9:fc:77:59:38:
07:a1:c1:dc:df:97:df:61:ba:cf:2b:ef:92:bc:80:22:55:81:
2d:90:f9:69:19:f1:50:2c:ea:ce:4c:e3:5d:c8:8c:a4:2c:f2:
c9:71:f1:13:60:31:52:1e:c9:e0:89:74:b1:38:f9:1e:dd:fd:
85:0a:5a:14:26:9e:f3:bd:ea:a8:62:8a:73:e2:0e:62:9a:e0:
f6:3e:ed:dc:76:7e:a5:9a:fb:fb:4c:e8:ec:8a:f1:c0:4a:de:
0d:f1:9d:e1:c4:48:66:5d:51:2d:9c:6d:a1:ed:91:9a:7c:71:
ea:76:e1:42:1c:0a:f3:97:b0:87:32:1b:61:7c:aa:78:65:78:
db:41:60:49:fd:db:32:81:0d:16:b5:ef:67:8c:ff:a8:69:d0:
84:6d:04:7a
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgISAZY9+yEnTo5V9R76bEMbuERUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZWUxMTk0YmQ4MWQxOTQ2YzM5ZjEwZjdmZGZkZjIyZDFh
MDMxMTIwHhcNMjUwNDE2MDk0MzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzEzMzQ2ZGYzMGMzYzNlYWRmZjM5YThjNDJiNzZkOTIzNjY3Yzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWHYxbR2kxvuzMWxvn6j/1BZe74e
4FLVcq9IpZn/V7GwURPSoIWPuDnv2gWQmSmTjjqrjvywqEw9AkZOc3xY675LKDjy
4O72fw4hWhDhNczcNpnts/840FWLr+Rb4mPey6KzarLQJmU4zFd5twZPU2hTrlRG
8x/P9j3MFbhjvZfYvu1Gi0F/r4mkx9ayjUM8UEuOFByzIXPe9qGgQnz8n1KvwlzO
nMpD5zCEELXmMSnxav1CeCMWtoV4vxAAEc1fc05mgNEVUIK1PamMkrc1ItgDP/bg
dFuOC+LoWSyRj7P3VZcsIjbf/IJ5fEBUELMvhoD5euDdWMLW6Gj7IXA1uQIDAQAB
o4ICgDCCAnwwHQYDVR0OBBYEFFwTNG3zDDw+rf85qMQrdtkjZnx2MB8GA1UdIwQY
MBaAFEnuEZS9gdGUbDnxD3/f3yLRoDESMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2U0UmxMMkIwWlJzT2ZFUGY5X2ZJdEdnTVJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9hMzI0ZjQtOTc3MC00YTU4LWE2ZWYt
ZDYyZmE2MzE5ZmQ0LzEvWEJNMGJmTU1QRDZ0X3ptb3hDdDIyU05tZkhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9hMzI0ZjQtOTc3MC00YTU4LWE2ZWYtZDYyZmE2MzE5ZmQ0
LzEvU2U0UmxMMkIwWlJzT2ZFUGY5X2ZJdEdnTVJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGVBggrBgEFBQcBBwEB/wSBhTCBgjBOBAIAATBIAwQDBZCA
AwQCLVxcAwQCLYqEAwQAuSgQAwQCuVNwAwQAuVO1AwQAuVO3AwQAuakGAwQCua1o
AwQAuc3LAwQCudBMAwQAwQPnMDAEAgACMCoDBQMqBZoAAwUDKgfkQAMFAyoQQ0AD
BQMqEFxAAwUDKhBhQAMFAyoQuAAwDQYJKoZIhvcNAQELBQADggEBAFHwCwqEIEw9
woFj/lcwdpqLP+etlyV6XafPS1oWVI8+diel90xJ1qcXiZdMryQ9r/BwdjwNDYP0
Qj7VWONzPhb8gwwtgEsfN8jvdr5xtzfzDhVhqofKtt6W39pqGxLL/EM5zGfBpHm5
/HdZOAehwdzfl99hus8r75K8gCJVgS2Q+WkZ8VAs6s5M413IjKQs8slx8RNgMVIe
yeCJdLE4+R7d/YUKWhQmnvO96qhiinPiDmKa4PY+7dx2fqWa+/tM6OyK8cBK3g3x
neHESGZdUS2cbaHtkZp8cep24UIcCvOXsIcyG2F8qnhleNtBYEn92zKBDRa172eM
/6hp0IRtBHo=
-----END CERTIFICATE-----
Generated at Tue May 6 19:25:25 2025 by rpki-client