Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/duOf09gggM7TDjJiWU0nkT8FsYU.roa
File: duOf09gggM7TDjJiWU0nkT8FsYU.roa (raw, json)
Hash identifier: 25aNtWfE21D31QMlGlCqimTiOpzPGbBhttON+NoFDhc=
Subject key identifier: 76:E3:9F:D3:D8:20:80:CE:D3:0E:32:62:59:4D:27:91:3F:05:B1:85
Certificate issuer: /CN=64fa66fb84a781a0584fd0d1c2df39bda4760519
Certificate serial: 01969257820B5E4A5EE74FAFFE4201A9C74F
Authority key identifier: 64:FA:66:FB:84:A7:81:A0:58:4F:D0:D1:C2:DF:39:BD:A4:76:05:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/duOf09gggM7TDjJiWU0nkT8FsYU.roa
Signing time: Fri 02 May 2025 18:52:10 +0000
ROA not before: Fri 02 May 2025 18:52:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49367
IP address blocks: 31.193.188.0/24 maxlen: 24
37.156.174.0/24 maxlen: 24
45.83.56.0/22 maxlen: 22
45.86.144.0/22 maxlen: 22
77.81.103.0/24 maxlen: 24
85.204.255.0/24 maxlen: 24
86.107.110.0/24 maxlen: 24
89.34.236.0/23 maxlen: 23
89.34.239.0/24 maxlen: 24
89.39.201.0/24 maxlen: 24
89.39.254.0/24 maxlen: 24
89.40.142.0/23 maxlen: 23
89.40.227.0/24 maxlen: 24
89.42.134.0/24 maxlen: 24
89.43.34.0/24 maxlen: 24
89.43.35.0/24 maxlen: 24
89.43.52.0/24 maxlen: 24
89.44.237.0/24 maxlen: 24
91.212.52.0/24 maxlen: 24
91.229.186.0/24 maxlen: 24
92.114.86.0/24 maxlen: 24
92.114.87.0/24 maxlen: 24
93.113.144.0/21 maxlen: 21
93.113.144.0/22 maxlen: 22
93.113.144.0/24 maxlen: 24
93.113.145.0/24 maxlen: 24
93.113.146.0/24 maxlen: 24
93.113.147.0/24 maxlen: 24
93.113.148.0/22 maxlen: 22
93.113.148.0/24 maxlen: 24
93.113.149.0/24 maxlen: 24
93.113.150.0/24 maxlen: 24
93.113.151.0/24 maxlen: 24
93.115.56.0/24 maxlen: 24
93.115.57.0/24 maxlen: 24
94.176.108.0/24 maxlen: 24
94.176.212.0/24 maxlen: 24
94.177.10.0/24 maxlen: 24
94.177.11.0/24 maxlen: 24
94.177.21.0/24 maxlen: 24
94.177.48.0/23 maxlen: 23
94.177.96.0/24 maxlen: 24
94.177.97.0/24 maxlen: 24
94.177.98.0/24 maxlen: 24
94.177.99.0/24 maxlen: 24
185.184.240.0/22 maxlen: 22
185.184.240.0/24 maxlen: 24
185.184.241.0/24 maxlen: 24
185.184.242.0/24 maxlen: 24
185.184.243.0/24 maxlen: 24
185.198.244.0/24 maxlen: 24
185.198.245.0/24 maxlen: 24
185.198.246.0/24 maxlen: 24
185.198.247.0/24 maxlen: 24
188.208.16.0/23 maxlen: 23
188.208.16.0/24 maxlen: 24
188.208.17.0/24 maxlen: 24
188.211.248.0/24 maxlen: 24
188.214.199.0/24 maxlen: 24
188.215.6.0/23 maxlen: 23
188.215.6.0/24 maxlen: 24
188.215.7.0/24 maxlen: 24
188.215.94.0/24 maxlen: 24
188.240.228.0/23 maxlen: 23
188.240.228.0/24 maxlen: 24
188.240.229.0/24 maxlen: 24
188.241.66.0/24 maxlen: 24
188.241.67.0/24 maxlen: 24
188.241.126.0/24 maxlen: 24
188.241.138.0/24 maxlen: 24
188.241.139.0/24 maxlen: 24
188.241.143.0/24 maxlen: 24
188.241.213.0/24 maxlen: 24
193.239.140.0/23 maxlen: 23
217.198.177.0/24 maxlen: 24
2a04:68c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/ZPpm-4SngaBYT9DRwt85vaR2BRk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/ZPpm-4SngaBYT9DRwt85vaR2BRk.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:92:57:82:0b:5e:4a:5e:e7:4f:af:fe:42:01:a9:c7:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64fa66fb84a781a0584fd0d1c2df39bda4760519
Validity
Not Before: May 2 18:52:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76e39fd3d82080ced30e3262594d27913f05b185
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:8d:4e:fe:d0:da:46:bb:e2:e0:2d:a6:73:68:
b9:f6:71:09:fc:f0:8d:0c:b2:3a:bd:09:b1:bc:76:
a0:07:26:f3:6f:a8:c3:7d:9d:d7:34:fe:19:86:e0:
d7:78:b0:63:12:f7:6d:96:9e:39:8a:8c:7a:87:23:
15:14:8a:93:aa:1c:26:4d:60:17:bf:ae:f7:46:b1:
94:5b:fb:ca:23:62:6d:92:87:4a:08:26:5f:cd:ce:
04:e2:61:50:32:21:be:9b:98:90:4f:e8:d8:40:1f:
a0:bb:bb:1b:4e:b3:e7:bd:57:66:cc:e8:35:cc:17:
e3:f4:4c:1c:08:45:85:28:9e:74:10:7d:65:b2:de:
17:10:22:fa:b9:dc:4b:14:f9:89:90:e8:08:8e:e5:
6b:17:c3:d4:ac:84:d5:48:09:ea:75:23:3b:c1:ef:
09:02:1e:d0:a3:43:84:e4:7e:a2:a0:7c:28:64:d8:
d7:f5:cc:37:fc:87:a6:0e:77:b7:e0:73:48:aa:97:
a0:b0:a1:00:62:a5:6c:37:5b:64:02:9e:6b:bd:9b:
44:d3:bc:49:78:bf:f4:43:7f:ab:49:79:a0:f4:56:
12:cf:a3:f8:8c:c0:74:d7:f6:22:38:58:90:e2:6c:
b9:87:e9:25:ee:26:71:b1:cc:69:0d:5d:73:d0:95:
38:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:E3:9F:D3:D8:20:80:CE:D3:0E:32:62:59:4D:27:91:3F:05:B1:85
X509v3 Authority Key Identifier:
keyid:64:FA:66:FB:84:A7:81:A0:58:4F:D0:D1:C2:DF:39:BD:A4:76:05:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/duOf09gggM7TDjJiWU0nkT8FsYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/ZPpm-4SngaBYT9DRwt85vaR2BRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.188.0/24
37.156.174.0/24
45.83.56.0/22
45.86.144.0/22
77.81.103.0/24
85.204.255.0/24
86.107.110.0/24
89.34.236.0/23
89.34.239.0/24
89.39.201.0/24
89.39.254.0/24
89.40.142.0/23
89.40.227.0/24
89.42.134.0/24
89.43.34.0/23
89.43.52.0/24
89.44.237.0/24
91.212.52.0/24
91.229.186.0/24
92.114.86.0/23
93.113.144.0/21
93.115.56.0/23
94.176.108.0/24
94.176.212.0/24
94.177.10.0/23
94.177.21.0/24
94.177.48.0/23
94.177.96.0/22
185.184.240.0/22
185.198.244.0/22
188.208.16.0/23
188.211.248.0/24
188.214.199.0/24
188.215.6.0/23
188.215.94.0/24
188.240.228.0/23
188.241.66.0/23
188.241.126.0/24
188.241.138.0/23
188.241.143.0/24
188.241.213.0/24
193.239.140.0/23
217.198.177.0/24
IPv6:
2a04:68c0::/32
Signature Algorithm: sha256WithRSAEncryption
26:76:3c:ee:e9:2f:1a:af:43:00:89:ea:78:73:ae:ed:09:c5:
49:00:9f:74:d6:a6:12:9a:ab:b8:3e:ce:75:61:28:60:83:4a:
bd:76:bc:41:b6:77:b1:c2:12:98:f4:73:54:a4:02:29:de:bc:
bb:0d:9c:c2:44:21:2c:b9:05:37:45:9e:e1:c3:55:a1:72:7d:
8c:7f:5e:05:7a:31:74:51:cb:2b:fb:f6:b4:92:ce:8d:35:ae:
ed:02:fb:58:df:9d:57:1d:13:14:db:9c:18:82:25:97:a8:ff:
d6:5b:8a:26:e6:6c:cc:2d:23:e3:2a:30:b3:21:2e:3a:6f:c0:
5c:f5:ae:2a:a8:67:c0:83:c4:56:43:29:97:7a:59:53:09:b3:
87:b0:44:e6:a2:af:85:84:f8:cc:6d:02:59:5d:94:74:89:64:
a3:c9:7e:68:59:dd:3d:2b:9e:ce:e2:5b:f1:d1:f8:08:bc:67:
f3:f9:f4:88:63:94:0c:5a:3f:05:d0:82:2b:5d:e9:3f:0c:02:
9c:d5:be:ce:e6:91:82:78:64:e6:b9:09:2d:93:29:a5:5a:ed:
c6:86:5f:dc:d3:fc:7d:10:32:58:a5:fd:66:a4:f4:f1:0a:a1:
0f:f1:8e:04:3c:ad:2c:3b:73:8b:d3:c5:ea:ed:b7:0e:9e:13:
1a:9e:b4:ef
-----BEGIN CERTIFICATE-----
MIIGEjCCBPqgAwIBAgISAZaSV4ILXkpe50+v/kIBqcdPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZmE2NmZiODRhNzgxYTA1ODRmZDBkMWMyZGYzOWJkYTQ3
NjA1MTkwHhcNMjUwNTAyMTg1MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmUzOWZkM2Q4MjA4MGNlZDMwZTMyNjI1OTRkMjc5MTNmMDViMTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Y1O/tDaRrvi4C2mc2i59nEJ/PCN
DLI6vQmxvHagBybzb6jDfZ3XNP4ZhuDXeLBjEvdtlp45iox6hyMVFIqTqhwmTWAX
v673RrGUW/vKI2JtkodKCCZfzc4E4mFQMiG+m5iQT+jYQB+gu7sbTrPnvVdmzOg1
zBfj9EwcCEWFKJ50EH1lst4XECL6udxLFPmJkOgIjuVrF8PUrITVSAnqdSM7we8J
Ah7Qo0OE5H6ioHwoZNjX9cw3/IemDne34HNIqpegsKEAYqVsN1tkAp5rvZtE07xJ
eL/0Q3+rSXmg9FYSz6P4jMB01/YiOFiQ4my5h+kl7iZxscxpDV1z0JU48QIDAQAB
o4IDHjCCAxowHQYDVR0OBBYEFHbjn9PYIIDO0w4yYllNJ5E/BbGFMB8GA1UdIwQY
MBaAFGT6ZvuEp4GgWE/Q0cLfOb2kdgUZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlBwbS00U25nYUJZVDlEUnd0ODV2YVIyQlJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82NjNiNGQtYjgwZS00OTQ2LTg0YzQt
NzQwOGViOGJjNTg2LzEvZHVPZjA5Z2dnTTdURGpKaVdVMG5rVDhGc1lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi82NjNiNGQtYjgwZS00OTQ2LTg0YzQtNzQwOGViOGJjNTg2
LzEvWlBwbS00U25nYUJZVDlEUnd0ODV2YVIyQlJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMgYIKwYBBQUHAQcBAf8EggEhMIIBHTCCAQoEAgABMIIB
AgMEAB/BvAMEACWcrgMEAi1TOAMEAi1WkAMEAE1RZwMEAFXM/wMEAFZrbgMEAVki
7AMEAFki7wMEAFknyQMEAFkn/gMEAVkojgMEAFko4wMEAFkqhgMEAVkrIgMEAFkr
NAMEAFks7QMEAFvUNAMEAFvlugMEAVxyVgMEA11xkAMEAV1zOAMEAF6wbAMEAF6w
1AMEAV6xCgMEAF6xFQMEAV6xMAMEAl6xYAMEArm48AMEArnG9AMEAbzQEAMEALzT
+AMEALzWxwMEAbzXBgMEALzXXgMEAbzw5AMEAbzxQgMEALzxfgMEAbzxigMEALzx
jwMEALzx1QMEAcHvjAMEANnGsTANBAIAAjAHAwUAKgRowDANBgkqhkiG9w0BAQsF
AAOCAQEAJnY87ukvGq9DAInqeHOu7QnFSQCfdNamEpqruD7OdWEoYINKvXa8QbZ3
scISmPRzVKQCKd68uw2cwkQhLLkFN0We4cNVoXJ9jH9eBXoxdFHLK/v2tJLOjTWu
7QL7WN+dVx0TFNucGIIll6j/1luKJuZszC0j4yowsyEuOm/AXPWuKqhnwIPEVkMp
l3pZUwmzh7BE5qKvhYT4zG0CWV2UdIlko8l+aFndPSuezuJb8dH4CLxn8/n0iGOU
DFo/BdCCK13pPwwCnNW+zuaRgnhk5rkJLZMppVrtxoZf3NP8fRAyWKX9ZqT08Qqh
D/GOBDytLDtzi9PF6u23Dp4TGp607w==
-----END CERTIFICATE-----
Generated at Sun May 11 07:44:28 2025 by rpki-client