Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/gZNBZHUNo59qARNssN6m5IMjb7o.roa
File: gZNBZHUNo59qARNssN6m5IMjb7o.roa (raw, json)
Hash identifier: uIXZRoS8fbZYf6us/pbypI+cc76xlAIVdXka2LOBm1g=
Subject key identifier: 81:93:41:64:75:0D:A3:9F:6A:01:13:6C:B0:DE:A6:E4:83:23:6F:BA
Certificate issuer: /CN=959efe6ef97728a4282ae2c7b05a240506571f1c
Certificate serial: 019698081C476E23D7C2614D922850DC7D06
Authority key identifier: 95:9E:FE:6E:F9:77:28:A4:28:2A:E2:C7:B0:5A:24:05:06:57:1F:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lZ7-bvl3KKQoKuLHsFokBQZXHxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/gZNBZHUNo59qARNssN6m5IMjb7o.roa
Signing time: Sat 03 May 2025 21:23:10 +0000
ROA not before: Sat 03 May 2025 21:23:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202105
IP address blocks: 83.136.8.0/24 maxlen: 24
83.136.9.0/24 maxlen: 24
83.136.10.0/24 maxlen: 24
83.136.11.0/24 maxlen: 24
83.136.12.0/24 maxlen: 24
83.136.13.0/24 maxlen: 24
83.136.14.0/24 maxlen: 24
83.136.15.0/24 maxlen: 24
87.237.224.0/24 maxlen: 24
87.237.225.0/24 maxlen: 24
87.237.226.0/24 maxlen: 24
87.237.227.0/24 maxlen: 24
87.237.228.0/24 maxlen: 24
87.237.229.0/24 maxlen: 24
87.237.230.0/24 maxlen: 24
87.237.231.0/24 maxlen: 24
185.11.120.0/24 maxlen: 24
185.11.121.0/24 maxlen: 24
185.11.122.0/24 maxlen: 24
185.11.123.0/24 maxlen: 24
185.51.204.0/24 maxlen: 24
185.51.205.0/24 maxlen: 24
185.51.206.0/24 maxlen: 24
185.51.207.0/24 maxlen: 24
185.82.116.0/24 maxlen: 24
185.82.117.0/24 maxlen: 24
185.82.118.0/24 maxlen: 24
185.82.119.0/24 maxlen: 24
185.108.240.0/24 maxlen: 24
185.108.241.0/24 maxlen: 24
185.108.242.0/24 maxlen: 24
185.108.243.0/24 maxlen: 24
185.133.84.0/24 maxlen: 24
185.133.85.0/24 maxlen: 24
185.133.86.0/24 maxlen: 24
185.133.87.0/24 maxlen: 24
185.164.24.0/24 maxlen: 24
185.164.25.0/24 maxlen: 24
185.164.26.0/24 maxlen: 24
185.164.27.0/24 maxlen: 24
185.164.28.0/24 maxlen: 24
185.164.29.0/24 maxlen: 24
185.164.30.0/24 maxlen: 24
185.164.31.0/24 maxlen: 24
185.203.108.0/24 maxlen: 24
185.203.109.0/24 maxlen: 24
185.203.110.0/24 maxlen: 24
185.206.28.0/24 maxlen: 24
185.206.29.0/24 maxlen: 24
185.206.30.0/24 maxlen: 24
185.206.132.0/24 maxlen: 24
185.206.133.0/24 maxlen: 24
185.206.134.0/24 maxlen: 24
185.206.135.0/24 maxlen: 24
185.217.8.0/24 maxlen: 24
185.217.9.0/24 maxlen: 24
185.217.10.0/24 maxlen: 24
185.217.11.0/24 maxlen: 24
185.238.69.0/24 maxlen: 24
185.238.70.0/24 maxlen: 24
185.238.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/lZ7-bvl3KKQoKuLHsFokBQZXHxw.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/lZ7-bvl3KKQoKuLHsFokBQZXHxw.mft
rsync://rpki.ripe.net/repository/DEFAULT/lZ7-bvl3KKQoKuLHsFokBQZXHxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:98:08:1c:47:6e:23:d7:c2:61:4d:92:28:50:dc:7d:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=959efe6ef97728a4282ae2c7b05a240506571f1c
Validity
Not Before: May 3 21:23:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81934164750da39f6a01136cb0dea6e483236fba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:93:d2:67:01:76:9e:e2:a8:e5:59:6b:31:87:
25:14:e1:ef:5f:07:52:d4:bc:45:be:e7:62:62:5b:
19:f4:eb:b3:84:f0:96:d1:62:b5:8a:e4:a5:33:93:
65:a9:6e:7d:20:18:df:9a:bc:79:8a:54:29:43:72:
62:76:5f:17:f0:80:77:cf:29:6d:72:f0:e5:78:2d:
e2:f6:ec:7d:b6:89:3c:a9:dc:da:5d:98:2c:93:54:
21:21:37:7f:a0:5f:db:c9:a5:d7:96:54:6b:9e:c1:
96:ab:c1:58:4d:ac:09:4e:5b:30:9b:79:07:1b:75:
37:fe:98:23:84:26:e5:dc:3a:65:a6:46:33:44:72:
a2:f7:f3:e3:f0:04:68:7e:77:47:78:a1:84:47:fb:
9d:74:8d:ae:5e:93:5b:e0:bf:ae:b4:b4:50:eb:82:
eb:4e:6c:b0:90:87:7b:03:c8:7f:13:93:c2:bd:b0:
79:7b:be:ce:67:ab:39:e8:4b:c6:25:3d:4d:e3:c4:
5e:de:a7:d1:1e:aa:26:aa:f9:7c:96:eb:8e:ef:ed:
42:0e:c9:2b:de:22:39:0b:a6:6c:34:a2:10:72:86:
86:26:37:cd:d9:ce:2f:c8:66:62:c0:c3:99:3f:73:
a7:f8:38:05:12:80:87:55:b1:cf:e5:8f:97:b4:ee:
7e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:93:41:64:75:0D:A3:9F:6A:01:13:6C:B0:DE:A6:E4:83:23:6F:BA
X509v3 Authority Key Identifier:
keyid:95:9E:FE:6E:F9:77:28:A4:28:2A:E2:C7:B0:5A:24:05:06:57:1F:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lZ7-bvl3KKQoKuLHsFokBQZXHxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/gZNBZHUNo59qARNssN6m5IMjb7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/lZ7-bvl3KKQoKuLHsFokBQZXHxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.8.0/21
87.237.224.0/21
185.11.120.0/22
185.51.204.0/22
185.82.116.0/22
185.108.240.0/22
185.133.84.0/22
185.164.24.0/21
185.203.108.0-185.203.110.255
185.206.28.0-185.206.30.255
185.206.132.0/22
185.217.8.0/22
185.238.69.0-185.238.71.255
Signature Algorithm: sha256WithRSAEncryption
9d:0e:a4:ed:ea:ab:85:ec:76:b0:bf:e2:b3:bc:86:20:01:2d:
13:29:e2:7c:96:75:53:f4:0c:a0:89:93:0b:10:bb:d5:a4:84:
f6:34:e5:d7:a4:f4:f1:47:87:52:5d:22:a7:be:d4:4d:08:2f:
9d:be:b9:d3:0a:24:42:58:2f:64:43:13:7e:e5:51:61:47:d1:
ee:b4:f5:7b:87:f8:f0:99:8b:5c:2a:95:83:1f:ad:62:4b:5d:
6f:8c:b1:d3:cf:60:b0:1e:b9:28:df:cb:2e:26:99:b0:c9:a2:
87:99:3a:45:08:cf:75:51:b5:46:e4:30:89:7a:f6:1a:53:9a:
fc:78:44:e3:8d:36:17:fe:b3:10:90:16:f5:e3:f1:50:5c:ae:
b6:e4:21:58:f7:61:0e:f6:6c:4f:69:bc:e2:a9:c1:1a:d2:86:
0c:07:09:19:2b:bd:5d:07:59:fd:7f:56:ae:a8:d8:c1:9c:ad:
8b:17:47:68:34:cd:bd:9e:cf:4b:67:ef:03:a0:83:6e:70:b5:
0b:9d:15:29:50:4d:1d:c5:63:f2:dd:59:3f:0d:b0:7c:e2:79:
ab:ca:73:38:e3:fb:18:38:d2:45:fb:dd:d6:23:5d:14:eb:41:
09:35:dc:20:47:ef:3c:cf:17:1a:06:c4:d7:54:17:02:9f:1f:
5f:bf:19:60
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZaYCBxHbiPXwmFNkihQ3H0GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1OWVmZTZlZjk3NzI4YTQyODJhZTJjN2IwNWEyNDA1MDY1
NzFmMWMwHhcNMjUwNTAzMjEyMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTkzNDE2NDc1MGRhMzlmNmEwMTEzNmNiMGRlYTZlNDgzMjM2ZmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5PSZwF2nuKo5VlrMYclFOHvXwdS
1LxFvudiYlsZ9OuzhPCW0WK1iuSlM5NlqW59IBjfmrx5ilQpQ3Jidl8X8IB3zylt
cvDleC3i9ux9tok8qdzaXZgsk1QhITd/oF/byaXXllRrnsGWq8FYTawJTlswm3kH
G3U3/pgjhCbl3DplpkYzRHKi9/Pj8ARofndHeKGER/uddI2uXpNb4L+utLRQ64Lr
TmywkId7A8h/E5PCvbB5e77OZ6s56EvGJT1N48Re3qfRHqomqvl8luuO7+1CDskr
3iI5C6ZsNKIQcoaGJjfN2c4vyGZiwMOZP3On+DgFEoCHVbHP5Y+XtO5+XwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFIGTQWR1DaOfagETbLDepuSDI2+6MB8GA1UdIwQY
MBaAFJWe/m75dyikKCrix7BaJAUGVx8cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFo3LWJ2bDNLS1FvS3VMSHNGb2tCUVpYSHh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84YzFlNDktN2RkMS00NDhkLTg4MTUt
YTA5MjY2YmI0ZDhjLzEvZ1pOQlpIVU5vNTlxQVJOc3NONm01SU1qYjdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84YzFlNDktN2RkMS00NDhkLTg4MTUtYTA5MjY2YmI0ZDhj
LzEvbFo3LWJ2bDNLS1FvS3VMSHNGb2tCUVpYSHh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQDU4gIAwQD
V+3gAwQCuQt4AwQCuTPMAwQCuVJ0AwQCuWzwAwQCuYVUAwQDuaQYMAwDBAK5y2wD
BAC5y24wDAMEArnOHAMEALnOHgMEArnOhAMEArnZCDAMAwQAue5FAwQDue5AMA0G
CSqGSIb3DQEBCwUAA4IBAQCdDqTt6quF7Hawv+KzvIYgAS0TKeJ8lnVT9AygiZML
ELvVpIT2NOXXpPTxR4dSXSKnvtRNCC+dvrnTCiRCWC9kQxN+5VFhR9HutPV7h/jw
mYtcKpWDH61iS11vjLHTz2CwHrko38suJpmwyaKHmTpFCM91UbVG5DCJevYaU5r8
eETjjTYX/rMQkBb14/FQXK625CFY92EO9mxPabziqcEa0oYMBwkZK71dB1n9f1au
qNjBnK2LF0doNM29ns9LZ+8DoINucLULnRUpUE0dxWPy3Vk/DbB84nmrynM44/sY
ONJF+93WI10U60EJNdwgR+88zxcaBsTXVBcCnx9fvxlg
-----END CERTIFICATE-----
Generated at Thu May 8 15:33:58 2025 by rpki-client