Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/DRrrNMK9B1zBJ-semUSEjQrO1pg.roa
File: DRrrNMK9B1zBJ-semUSEjQrO1pg.roa (raw, json)
Hash identifier: K/SBU6cvFTaOxh52jPOkcBzRnFAnjGEmEmHPPWw71BY=
Subject key identifier: 0D:1A:EB:34:C2:BD:07:5C:C1:27:EB:1E:99:44:84:8D:0A:CE:D6:98
Certificate issuer: /CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Certificate serial: 01978C3AF45867427CA66608583280927EB7
Authority key identifier: 66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/DRrrNMK9B1zBJ-semUSEjQrO1pg.roa
Signing time: Fri 20 Jun 2025 07:26:03 +0000
ROA not before: Fri 20 Jun 2025 07:26:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64289
IP address blocks: 185.225.24.0/24 maxlen: 24
185.225.26.0/24 maxlen: 24
192.189.157.0/24 maxlen: 24
194.110.60.0/24 maxlen: 24
2a14:3f80::/45 maxlen: 45
2a14:3f80:8::/45 maxlen: 45
2a14:3f80:10::/45 maxlen: 45
2a14:3f80:18::/45 maxlen: 45
2a14:3f80:20::/45 maxlen: 45
2a14:3f80:28::/45 maxlen: 45
2a14:3f80:60::/45 maxlen: 45
2a14:3f80:80::/45 maxlen: 45
2a14:3f80:88::/45 maxlen: 45
2a14:3f80:100::/45 maxlen: 45
2a14:3f80:108::/45 maxlen: 45
2a14:3f80:3d1::/48 maxlen: 48
2a14:3f80:800::/38 maxlen: 38
2a14:3f80:c00::/38 maxlen: 38
2a14:3f80:1000::/38 maxlen: 38
2a14:3f80:1400::/38 maxlen: 38
2a14:3f80:1800::/38 maxlen: 38
2a14:3f80:1ed0::/45 maxlen: 45
2a14:3f80:2000::/38 maxlen: 38
2a14:3f80:2400::/38 maxlen: 38
2a14:3f80:2800::/38 maxlen: 38
2a14:3f80:2b40::/42 maxlen: 42
2a14:3f80:3000::/38 maxlen: 38
2a14:3f80:3400::/38 maxlen: 38
2a14:3f80:3800::/38 maxlen: 38
2a14:3f80:3c00::/38 maxlen: 38
2a14:3f80:4000::/38 maxlen: 38
2a14:3f80:4400::/38 maxlen: 38
2a14:3f80:5000::/38 maxlen: 38
2a14:3f80:6000::/38 maxlen: 38
2a14:3f80:7000::/38 maxlen: 38
2a14:3f80:8800::/38 maxlen: 38
2a14:3f80:af38::/45 maxlen: 45
2a14:3f81:5800::/38 maxlen: 38
2a14:3f82:4000::/38 maxlen: 38
2a14:3f82:6000::/38 maxlen: 38
2a14:3f82:7000::/38 maxlen: 38
2a14:3f82:8800::/38 maxlen: 38
2a14:3f87:2800::/38 maxlen: 38
2a14:3f87:4800::/38 maxlen: 38
2a14:3f87:6800::/38 maxlen: 38
2a14:3f87:6920::/44 maxlen: 44
2a14:3f87:6ba0::/44 maxlen: 44
2a14:3f87:9800::/38 maxlen: 38
2a14:3f87:c800::/38 maxlen: 38
2a14:3f87:e000::/38 maxlen: 38
2a14:3f87:f000::/38 maxlen: 38
2a14:3f87:f001::/48 maxlen: 48
2a14:3f87:f002::/48 maxlen: 48
2a14:3f87:fc00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Zu07pox4v_LEckQAreY0hIL7Q2Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Zu07pox4v_LEckQAreY0hIL7Q2Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8c:3a:f4:58:67:42:7c:a6:66:08:58:32:80:92:7e:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Validity
Not Before: Jun 20 07:26:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d1aeb34c2bd075cc127eb1e9944848d0aced698
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:79:4a:da:07:6b:7b:62:6d:1b:f6:44:95:28:
b9:e6:f6:3b:f5:a0:fa:9d:21:ee:21:a2:35:f9:71:
d7:af:2c:06:93:a4:8d:ef:f1:76:1e:c7:49:6c:fa:
cc:20:05:4c:56:1f:a3:3e:db:f6:90:77:65:af:28:
69:3a:82:f7:87:12:33:52:4e:bd:6c:2f:f2:4f:c4:
e0:a7:b7:c5:20:4a:c2:07:1a:f6:8f:2e:64:2f:2e:
0f:d4:49:5b:74:56:7c:33:da:c8:46:ca:76:fe:b5:
b0:4d:22:fb:17:cd:0d:82:b2:71:9a:3e:b7:06:82:
98:05:d5:c3:39:2c:46:40:85:2d:b7:dd:1d:a4:e3:
1e:aa:9e:9b:4d:1a:db:ef:14:66:b8:0f:12:5a:dd:
6d:fc:fd:d4:3d:d2:c8:3a:bc:d1:97:a1:46:a6:82:
5b:cc:9e:d4:ba:73:4d:0d:54:1e:89:54:31:8d:76:
3e:b2:05:85:a8:96:98:fa:5e:a7:6a:f7:e2:b6:58:
47:09:fd:16:b1:1c:5e:d6:cf:ce:d0:a8:29:17:9b:
0a:78:7c:e4:a0:1d:ea:50:92:7c:55:b5:71:62:34:
dd:2e:57:fe:25:44:ca:52:1b:1f:89:66:e4:30:3a:
32:4a:0f:79:a0:9c:7e:eb:a6:bc:f2:e9:aa:ca:56:
45:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:1A:EB:34:C2:BD:07:5C:C1:27:EB:1E:99:44:84:8D:0A:CE:D6:98
X509v3 Authority Key Identifier:
keyid:66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/DRrrNMK9B1zBJ-semUSEjQrO1pg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Zu07pox4v_LEckQAreY0hIL7Q2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.24.0/24
185.225.26.0/24
192.189.157.0/24
194.110.60.0/24
IPv6:
2a14:3f80::-2a14:3f80:2f:ffff:ffff:ffff:ffff:ffff
2a14:3f80:60::/45
2a14:3f80:80::/44
2a14:3f80:100::/44
2a14:3f80:3d1::/48
2a14:3f80:800::-2a14:3f80:1bff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:1ed0::/45
2a14:3f80:2000::-2a14:3f80:2bff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:3000::-2a14:3f80:47ff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:5000::/38
2a14:3f80:6000::/38
2a14:3f80:7000::/38
2a14:3f80:8800::/38
2a14:3f80:af38::/45
2a14:3f81:5800::/38
2a14:3f82:4000::/38
2a14:3f82:6000::/38
2a14:3f82:7000::/38
2a14:3f82:8800::/38
2a14:3f87:2800::/38
2a14:3f87:4800::/38
2a14:3f87:6800::/38
2a14:3f87:9800::/38
2a14:3f87:c800::/38
2a14:3f87:e000::/38
2a14:3f87:f000::/38
2a14:3f87:fc00::/38
Signature Algorithm: sha256WithRSAEncryption
27:f3:2f:7a:b8:9f:09:ec:fe:3e:1f:80:8e:06:e7:71:fb:56:
3c:4d:42:cf:ed:9d:18:cd:25:77:cb:d7:3f:d7:ba:86:6e:95:
d4:f4:35:c7:60:e8:41:1f:28:18:20:13:61:f1:43:e1:14:36:
6d:2f:19:3f:5a:2f:f6:10:47:01:8c:53:dc:13:88:0c:aa:d5:
43:bf:f7:13:db:13:ce:5d:da:1e:f1:26:2d:dc:63:cc:f6:61:
b8:9c:1d:44:45:e4:0f:74:34:d0:c5:bf:f4:5a:ef:27:64:57:
5a:b8:79:b2:60:b0:c7:56:f1:14:8a:9f:60:71:46:e6:b2:25:
54:53:f7:18:ba:82:5f:8b:e3:52:85:f2:b7:29:e9:3d:c3:f8:
6b:63:ce:cd:a4:e2:69:bd:84:fc:49:70:e4:6d:62:b4:46:3a:
78:20:1d:50:cb:cd:c3:cd:14:df:97:01:67:43:0a:8b:59:f9:
b7:af:35:90:42:a4:44:09:e5:b8:ec:ae:05:d6:30:39:9e:df:
85:e0:d0:b2:45:de:80:6e:76:1d:cc:27:cf:83:5e:a7:dc:51:
d6:6c:db:94:14:6e:e1:e9:09:8e:2f:ca:0e:08:d9:ad:89:ed:
bf:8f:37:93:19:8d:c2:0d:5c:c6:6c:96:26:8d:91:c1:0f:db:
eb:4b:b8:c4
-----BEGIN CERTIFICATE-----
MIIGJzCCBQ+gAwIBAgISAZeMOvRYZ0J8pmYIWDKAkn63MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZWQzYmE2OGM3OGJmZjJjNDcyNDQwMGFkZTYzNDg0ODJm
YjQzNjQwHhcNMjUwNjIwMDcyNjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDFhZWIzNGMyYmQwNzVjYzEyN2ViMWU5OTQ0ODQ4ZDBhY2VkNjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2nlK2gdre2JtG/ZElSi55vY79aD6
nSHuIaI1+XHXrywGk6SN7/F2HsdJbPrMIAVMVh+jPtv2kHdlryhpOoL3hxIzUk69
bC/yT8Tgp7fFIErCBxr2jy5kLy4P1ElbdFZ8M9rIRsp2/rWwTSL7F80NgrJxmj63
BoKYBdXDOSxGQIUtt90dpOMeqp6bTRrb7xRmuA8SWt1t/P3UPdLIOrzRl6FGpoJb
zJ7UunNNDVQeiVQxjXY+sgWFqJaY+l6navfitlhHCf0WsRxe1s/O0KgpF5sKeHzk
oB3qUJJ8VbVxYjTdLlf+JUTKUhsfiWbkMDoySg95oJx+66a88umqylZFCwIDAQAB
o4IDMzCCAy8wHQYDVR0OBBYEFA0a6zTCvQdcwSfrHplEhI0KztaYMB8GA1UdIwQY
MBaAFGbtO6aMeL/yxHJEAK3mNISC+0NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMt
MGE0M2I3YTNlYjU0LzEvRFJyck5NSzlCMXpCSi1zZW1VU0VqUXJPMXBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMtMGE0M2I3YTNlYjU0
LzEvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBRwYIKwYBBQUHAQcBAf8EggE2MIIBMjAeBAIAATAYAwQA
ueEYAwQAueEaAwQAwL2dAwQAwm48MIIBDgQCAAIwggEGMBADBQcqFD+AAwcEKhQ/
gAAgAwcDKhQ/gABgAwcEKhQ/gACAAwcEKhQ/gAEAAwcAKhQ/gAPRMBADBgMqFD+A
CAMGAioUP4AYAwcDKhQ/gB7QMBADBgUqFD+AIAMGAioUP4AoMBADBgQqFD+AMAMG
AyoUP4BAAwYCKhQ/gFADBgIqFD+AYAMGAioUP4BwAwYCKhQ/gIgDBwMqFD+ArzgD
BgIqFD+BWAMGAioUP4JAAwYCKhQ/gmADBgIqFD+CcAMGAioUP4KIAwYCKhQ/hygD
BgIqFD+HSAMGAioUP4doAwYCKhQ/h5gDBgIqFD+HyAMGAioUP4fgAwYCKhQ/h/AD
BgIqFD+H/DANBgkqhkiG9w0BAQsFAAOCAQEAJ/MverifCez+Ph+AjgbncftWPE1C
z+2dGM0ld8vXP9e6hm6V1PQ1x2DoQR8oGCATYfFD4RQ2bS8ZP1ov9hBHAYxT3BOI
DKrVQ7/3E9sTzl3aHvEmLdxjzPZhuJwdREXkD3Q00MW/9FrvJ2RXWrh5smCwx1bx
FIqfYHFG5rIlVFP3GLqCX4vjUoXytynpPcP4a2POzaTiab2E/Elw5G1itEY6eCAd
UMvNw80U35cBZ0MKi1n5t681kEKkRAnluOyuBdYwOZ7fheDQskXegG52Hcwnz4Ne
p9xR1mzblBRu4ekJji/KDgjZrYntv483kxmNwg1cxmyWJo2RwQ/b60u4xA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 13:45:00 2025 by rpki-client