Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/IJsuPHEjRD5U3Gv14sc7K0m3CaI.roa
File: IJsuPHEjRD5U3Gv14sc7K0m3CaI.roa (raw, json)
Hash identifier: 9xaSijx/J+UcS287yiWqygtaW2+asOVi313BpTLMGG0=
Subject key identifier: 20:9B:2E:3C:71:23:44:3E:54:DC:6B:F5:E2:C7:3B:2B:49:B7:09:A2
Certificate issuer: /CN=be550b8eff90cccee9f8d3134b6438996b7d27cd
Certificate serial: 0196BDC7804CDE80A04CBFF056C00E0D8AD3
Authority key identifier: BE:55:0B:8E:FF:90:CC:CE:E9:F8:D3:13:4B:64:38:99:6B:7D:27:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vlULjv-QzM7p-NMTS2Q4mWt9J80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/IJsuPHEjRD5U3Gv14sc7K0m3CaI.roa
Signing time: Sun 11 May 2025 05:18:10 +0000
ROA not before: Sun 11 May 2025 05:18:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204170
IP address blocks: 5.102.176.0/21 maxlen: 21
5.102.176.0/24 maxlen: 24
5.102.178.0/24 maxlen: 24
5.102.179.0/24 maxlen: 24
5.102.180.0/24 maxlen: 24
5.102.181.0/24 maxlen: 24
5.102.182.0/24 maxlen: 24
5.102.183.0/24 maxlen: 24
78.111.32.0/20 maxlen: 20
78.111.32.0/24 maxlen: 24
78.111.33.0/24 maxlen: 24
78.111.34.0/24 maxlen: 24
78.111.35.0/24 maxlen: 24
78.111.36.0/24 maxlen: 24
78.111.37.0/24 maxlen: 24
78.111.38.0/24 maxlen: 24
78.111.39.0/24 maxlen: 24
78.111.40.0/24 maxlen: 24
78.111.41.0/24 maxlen: 24
78.111.42.0/24 maxlen: 24
78.111.43.0/24 maxlen: 24
78.111.44.0/24 maxlen: 24
78.111.45.0/24 maxlen: 24
78.111.46.0/24 maxlen: 24
78.111.47.0/24 maxlen: 24
84.242.32.0/20 maxlen: 20
84.242.32.0/24 maxlen: 24
84.242.33.0/24 maxlen: 24
84.242.34.0/24 maxlen: 24
84.242.35.0/24 maxlen: 24
84.242.36.0/24 maxlen: 24
84.242.37.0/24 maxlen: 24
84.242.38.0/24 maxlen: 24
84.242.39.0/24 maxlen: 24
84.242.40.0/24 maxlen: 24
84.242.41.0/24 maxlen: 24
84.242.42.0/24 maxlen: 24
84.242.43.0/24 maxlen: 24
84.242.44.0/24 maxlen: 24
84.242.45.0/24 maxlen: 24
84.242.46.0/24 maxlen: 24
84.242.47.0/24 maxlen: 24
94.176.16.0/20 maxlen: 20
94.176.16.0/24 maxlen: 24
94.176.17.0/24 maxlen: 24
94.176.18.0/24 maxlen: 24
94.176.19.0/24 maxlen: 24
94.176.20.0/24 maxlen: 24
94.176.21.0/24 maxlen: 24
94.176.22.0/24 maxlen: 24
94.176.23.0/24 maxlen: 24
94.176.24.0/24 maxlen: 24
94.176.25.0/24 maxlen: 24
94.176.26.0/24 maxlen: 24
94.176.27.0/24 maxlen: 24
94.176.28.0/24 maxlen: 24
94.176.29.0/24 maxlen: 24
94.176.30.0/24 maxlen: 24
94.176.31.0/24 maxlen: 24
96.9.128.0/19 maxlen: 19
96.9.128.0/24 maxlen: 24
96.9.129.0/24 maxlen: 24
96.9.130.0/24 maxlen: 24
96.9.131.0/24 maxlen: 24
96.9.132.0/24 maxlen: 24
96.9.133.0/24 maxlen: 24
96.9.134.0/24 maxlen: 24
96.9.135.0/24 maxlen: 24
96.9.136.0/24 maxlen: 24
96.9.137.0/24 maxlen: 24
96.9.138.0/24 maxlen: 24
96.9.139.0/24 maxlen: 24
96.9.140.0/24 maxlen: 24
96.9.141.0/24 maxlen: 24
96.9.142.0/24 maxlen: 24
96.9.143.0/24 maxlen: 24
96.9.144.0/24 maxlen: 24
96.9.146.0/24 maxlen: 24
96.9.147.0/24 maxlen: 24
96.9.148.0/24 maxlen: 24
96.9.149.0/24 maxlen: 24
96.9.150.0/24 maxlen: 24
96.9.151.0/24 maxlen: 24
96.9.152.0/24 maxlen: 24
96.9.153.0/24 maxlen: 24
96.9.154.0/24 maxlen: 24
96.9.155.0/24 maxlen: 24
96.9.156.0/24 maxlen: 24
96.9.157.0/24 maxlen: 24
96.9.158.0/24 maxlen: 24
96.9.159.0/24 maxlen: 24
141.105.168.0/21 maxlen: 21
141.105.168.0/24 maxlen: 24
141.105.169.0/24 maxlen: 24
141.105.170.0/24 maxlen: 24
141.105.171.0/24 maxlen: 24
141.105.172.0/24 maxlen: 24
141.105.173.0/24 maxlen: 24
141.105.174.0/24 maxlen: 24
141.105.175.0/24 maxlen: 24
178.20.16.0/21 maxlen: 21
178.20.16.0/24 maxlen: 24
178.20.17.0/24 maxlen: 24
178.20.18.0/24 maxlen: 24
178.20.19.0/24 maxlen: 24
178.20.20.0/24 maxlen: 24
178.20.21.0/24 maxlen: 24
178.20.22.0/24 maxlen: 24
178.20.23.0/24 maxlen: 24
185.29.140.0/22 maxlen: 22
185.29.140.0/24 maxlen: 24
185.29.141.0/24 maxlen: 24
185.29.142.0/24 maxlen: 24
185.29.143.0/24 maxlen: 24
185.112.104.0/22 maxlen: 22
185.112.104.0/24 maxlen: 24
185.112.105.0/24 maxlen: 24
185.112.106.0/24 maxlen: 24
185.112.107.0/24 maxlen: 24
199.48.224.0/24 maxlen: 24
206.167.33.0/24 maxlen: 24
2a0a:c740:2::/48 maxlen: 48
2a0a:c740:4::/48 maxlen: 48
2a0a:c740:5::/48 maxlen: 48
2a0a:c740:7::/48 maxlen: 48
2a0a:c740:8::/48 maxlen: 48
2a0a:c740:a::/48 maxlen: 48
2a0a:c740:b::/48 maxlen: 48
2a0a:c740:100::/48 maxlen: 48
2a0a:c740:1009::/48 maxlen: 48
2a0a:c740:2000::/48 maxlen: 48
2a0a:c740:2009::/48 maxlen: 48
2a0a:c740:9998::/48 maxlen: 48
2a0a:c740:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/vlULjv-QzM7p-NMTS2Q4mWt9J80.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/vlULjv-QzM7p-NMTS2Q4mWt9J80.mft
rsync://rpki.ripe.net/repository/DEFAULT/vlULjv-QzM7p-NMTS2Q4mWt9J80.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 14 May 2025 11:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:bd:c7:80:4c:de:80:a0:4c:bf:f0:56:c0:0e:0d:8a:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be550b8eff90cccee9f8d3134b6438996b7d27cd
Validity
Not Before: May 11 05:18:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=209b2e3c7123443e54dc6bf5e2c73b2b49b709a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:f2:87:13:55:9b:f1:e3:bf:05:a7:bb:79:e9:
7d:32:c9:ef:51:42:3c:25:24:f8:6c:77:63:b7:a3:
f5:5d:0b:66:ad:7d:c9:aa:da:da:e0:e6:47:4c:dd:
10:83:28:6a:bc:cb:d3:7f:3f:af:29:44:d2:f7:d7:
9a:6b:b6:c7:8e:91:21:e7:1c:6d:95:12:b6:a6:27:
37:a6:61:97:79:6d:47:63:20:2d:82:b5:2b:df:21:
58:40:97:94:51:2d:8a:e0:a6:ca:83:d7:8c:48:ce:
8c:91:e5:0f:7a:72:89:bb:e3:0b:58:82:e5:9d:de:
3a:86:e6:ab:14:4e:36:61:f0:1f:b6:2b:b4:c5:e1:
e1:a9:33:d0:d7:b0:6c:61:44:6a:d5:4b:ef:3f:e6:
2d:61:6b:a0:6c:6b:f2:c3:ee:68:d8:9d:6e:33:3e:
29:9f:47:0c:e1:97:2d:64:70:8e:0b:1e:0b:b2:0d:
cf:64:8a:3f:3d:47:02:98:f1:38:1b:8b:22:4d:bc:
ec:c3:ed:73:9d:d1:ec:7f:aa:73:b6:43:89:9d:e2:
13:d7:0b:b0:1d:3b:0c:79:e3:f4:65:f9:5d:7e:fa:
ff:62:14:0f:87:b1:4b:cf:bf:ca:d1:78:3f:36:fb:
6a:fb:3b:7b:26:34:75:e5:bc:6f:c4:31:e7:a1:36:
89:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:9B:2E:3C:71:23:44:3E:54:DC:6B:F5:E2:C7:3B:2B:49:B7:09:A2
X509v3 Authority Key Identifier:
keyid:BE:55:0B:8E:FF:90:CC:CE:E9:F8:D3:13:4B:64:38:99:6B:7D:27:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vlULjv-QzM7p-NMTS2Q4mWt9J80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/IJsuPHEjRD5U3Gv14sc7K0m3CaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/vlULjv-QzM7p-NMTS2Q4mWt9J80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.176.0/21
78.111.32.0/20
84.242.32.0/20
94.176.16.0/20
96.9.128.0/19
141.105.168.0/21
178.20.16.0/21
185.29.140.0/22
185.112.104.0/22
199.48.224.0/24
206.167.33.0/24
IPv6:
2a0a:c740:2::/48
2a0a:c740:4::/47
2a0a:c740:7::-2a0a:c740:8:ffff:ffff:ffff:ffff:ffff
2a0a:c740:a::/47
2a0a:c740:100::/48
2a0a:c740:1009::/48
2a0a:c740:2000::/48
2a0a:c740:2009::/48
2a0a:c740:9998::/48
2a0a:c740:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
08:4e:7b:01:ac:ae:88:da:df:d0:93:65:24:57:f0:4c:65:3b:
11:11:ae:51:fd:98:94:b4:3c:e7:f0:3b:5d:ef:dc:f5:fd:04:
4e:ed:e0:1a:95:e2:33:75:7a:f0:a5:7a:90:4c:15:69:78:14:
d2:28:bf:5d:54:49:de:a0:03:4c:a6:95:30:5f:0c:f2:65:aa:
01:2a:8b:b6:5d:13:a5:ad:4c:43:91:33:da:78:48:ba:99:ae:
ca:0b:33:20:5a:e8:2c:41:f9:d7:31:66:09:6d:db:2c:8f:f2:
70:e3:7d:71:0a:eb:33:ac:31:19:df:c4:0f:12:25:d2:e1:1e:
0b:22:91:e2:ea:2a:d3:d7:3e:2d:be:11:5a:7c:27:41:d1:70:
35:42:c8:f5:aa:eb:8a:86:e4:93:81:91:2f:de:ca:16:2f:7f:
4d:73:c3:71:2e:e4:c7:6a:27:54:66:fd:ce:f7:a6:93:85:6f:
2f:c6:fd:25:69:a9:cf:ed:72:76:47:c7:e0:01:d8:f1:bb:d0:
6f:be:88:5e:82:24:c2:52:d2:8e:f1:54:c4:6c:ae:b6:02:2f:
64:9b:6e:7f:d5:d8:e7:35:87:ca:69:47:7c:d6:75:00:f8:19:
0b:f6:c0:aa:54:14:a5:a8:10:63:7e:2f:7f:c0:d8:80:7a:68:
55:8a:e2:08
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZa9x4BM3oCgTL/wVsAODYrTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNTUwYjhlZmY5MGNjY2VlOWY4ZDMxMzRiNjQzODk5NmI3
ZDI3Y2QwHhcNMjUwNTExMDUxODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDliMmUzYzcxMjM0NDNlNTRkYzZiZjVlMmM3M2IyYjQ5YjcwOWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3/KHE1Wb8eO/Bae7eel9MsnvUUI8
JST4bHdjt6P1XQtmrX3Jqtra4OZHTN0QgyhqvMvTfz+vKUTS99eaa7bHjpEh5xxt
lRK2pic3pmGXeW1HYyAtgrUr3yFYQJeUUS2K4KbKg9eMSM6MkeUPenKJu+MLWILl
nd46huarFE42YfAftiu0xeHhqTPQ17BsYURq1UvvP+YtYWugbGvyw+5o2J1uMz4p
n0cM4ZctZHCOCx4Lsg3PZIo/PUcCmPE4G4siTbzsw+1zndHsf6pztkOJneIT1wuw
HTsMeeP0Zfldfvr/YhQPh7FLz7/K0Xg/Nvtq+zt7JjR15bxvxDHnoTaJ8QIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFCCbLjxxI0Q+VNxr9eLHOytJtwmiMB8GA1UdIwQY
MBaAFL5VC47/kMzO6fjTE0tkOJlrfSfNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmxVTGp2LVF6TTdwLU5NVFMyUTRtV3Q5SjgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8zNDBkY2QtM2FlZS00MDEyLTkyMzMt
YzE1NTMyYmFmZjdkLzEvSUpzdVBIRWpSRDVVM0d2MTRzYzdLMG0zQ2FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8zNDBkY2QtM2FlZS00MDEyLTkyMzMtYzE1NTMyYmFmZjdk
LzEvdmxVTGp2LVF6TTdwLU5NVFMyUTRtV3Q5SjgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHKBggrBgEFBQcBBwEB/wSBujCBtzBIBAIAATBCAwQDBWaw
AwQETm8gAwQEVPIgAwQEXrAQAwQFYAmAAwQDjWmoAwQDshQQAwQCuR2MAwQCuXBo
AwQAxzDgAwQAzqchMGsEAgACMGUDBwAqCsdAAAIDBwEqCsdAAAQwEgMHACoKx0AA
BwMHACoKx0AACAMHASoKx0AACgMHACoKx0ABAAMHACoKx0AQCQMHACoKx0AgAAMH
ACoKx0AgCQMHACoKx0CZmAMHACoKx0D//zANBgkqhkiG9w0BAQsFAAOCAQEACE57
AayuiNrf0JNlJFfwTGU7ERGuUf2YlLQ85/A7Xe/c9f0ETu3gGpXiM3V68KV6kEwV
aXgU0ii/XVRJ3qADTKaVMF8M8mWqASqLtl0Tpa1MQ5Ez2nhIupmuygszIFroLEH5
1zFmCW3bLI/ycON9cQrrM6wxGd/EDxIl0uEeCyKR4uoq09c+Lb4RWnwnQdFwNULI
9arriobkk4GRL97KFi9/TXPDcS7kx2onVGb9zvemk4VvL8b9JWmpz+1ydkfH4AHY
8bvQb76IXoIkwlLSjvFUxGyutgIvZJtuf9XY5zWHymlHfNZ1APgZC/bAqlQUpagQ
Y34vf8DYgHpoVYriCA==
-----END CERTIFICATE-----
Generated at Tue May 13 20:14:22 2025 by rpki-client