Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/CsRueG1b5ZzTZPTlBKokydQc2qo.roa
File: CsRueG1b5ZzTZPTlBKokydQc2qo.roa (raw, json)
Hash identifier: jHCi91UlnFNtz2stcUbYlEZWNgg5fJNyW8RNXHw0CG4=
Subject key identifier: 0A:C4:6E:78:6D:5B:E5:9C:D3:64:F4:E5:04:AA:24:C9:D4:1C:DA:AA
Certificate issuer: /CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Certificate serial: 01968061BA644A2B7AF15176BED1AC165E67
Authority key identifier: EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/CsRueG1b5ZzTZPTlBKokydQc2qo.roa
Signing time: Tue 29 Apr 2025 07:10:10 +0000
ROA not before: Tue 29 Apr 2025 07:10:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203217
IP address blocks: 93.180.216.0/21 maxlen: 21
93.180.216.0/22 maxlen: 22
93.180.216.0/23 maxlen: 23
93.180.216.0/24 maxlen: 24
93.180.217.0/24 maxlen: 24
93.180.218.0/23 maxlen: 23
93.180.218.0/24 maxlen: 24
93.180.219.0/24 maxlen: 24
93.180.220.0/22 maxlen: 22
93.180.220.0/23 maxlen: 23
93.180.220.0/24 maxlen: 24
93.180.221.0/24 maxlen: 24
93.180.222.0/23 maxlen: 23
93.180.222.0/24 maxlen: 24
93.180.223.0/24 maxlen: 24
138.124.156.0/22 maxlen: 22
138.124.156.0/23 maxlen: 23
138.124.156.0/24 maxlen: 24
138.124.157.0/24 maxlen: 24
138.124.158.0/23 maxlen: 23
138.124.158.0/24 maxlen: 24
138.124.159.0/24 maxlen: 24
144.86.228.0/22 maxlen: 22
144.86.228.0/23 maxlen: 23
144.86.228.0/24 maxlen: 24
144.86.229.0/24 maxlen: 24
144.86.230.0/23 maxlen: 23
144.86.230.0/24 maxlen: 24
144.86.231.0/24 maxlen: 24
185.20.196.0/22 maxlen: 22
185.20.196.0/23 maxlen: 23
185.20.196.0/24 maxlen: 24
185.20.197.0/24 maxlen: 24
185.20.198.0/23 maxlen: 23
185.20.198.0/24 maxlen: 24
185.20.199.0/24 maxlen: 24
185.138.120.0/22 maxlen: 22
185.138.120.0/23 maxlen: 23
185.138.120.0/24 maxlen: 24
185.138.121.0/24 maxlen: 24
185.138.122.0/23 maxlen: 23
185.138.122.0/24 maxlen: 24
185.138.123.0/24 maxlen: 24
185.254.12.0/22 maxlen: 22
185.254.12.0/23 maxlen: 23
185.254.13.0/24 maxlen: 24
185.254.14.0/23 maxlen: 23
185.254.14.0/24 maxlen: 24
185.254.15.0/24 maxlen: 24
195.133.220.0/22 maxlen: 22
195.133.220.0/23 maxlen: 23
195.133.220.0/24 maxlen: 24
195.133.221.0/24 maxlen: 24
195.133.222.0/23 maxlen: 23
195.133.222.0/24 maxlen: 24
195.133.223.0/24 maxlen: 24
199.74.188.0/22 maxlen: 22
199.74.188.0/23 maxlen: 23
199.74.188.0/24 maxlen: 24
199.74.189.0/24 maxlen: 24
199.74.190.0/23 maxlen: 23
199.74.190.0/24 maxlen: 24
199.74.191.0/24 maxlen: 24
2a0b:1880::/29 maxlen: 29
2a0b:1880::/48 maxlen: 48
2a0b:1880:1::/48 maxlen: 48
2a0b:1880:2::/48 maxlen: 48
2a0b:1880:3::/48 maxlen: 48
2a0b:1880:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:80:61:ba:64:4a:2b:7a:f1:51:76:be:d1:ac:16:5e:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Validity
Not Before: Apr 29 07:10:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0ac46e786d5be59cd364f4e504aa24c9d41cdaaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:01:00:ff:99:93:0f:72:79:88:43:69:f2:de:
b9:a2:40:c9:92:b2:51:22:d3:5e:48:4b:d7:58:ec:
f2:fa:8d:71:6a:dd:a9:b3:83:75:90:5e:0f:03:00:
e2:07:9b:e6:f6:c2:a9:d6:3e:f4:cc:52:99:cf:50:
95:ff:cc:0f:d0:10:25:10:53:c4:53:84:a3:89:c6:
c3:87:9c:e6:a7:a1:1b:f1:a5:57:6d:7b:ad:3c:95:
16:0a:b5:c0:cd:2f:1f:ee:09:f3:0a:b1:65:19:e9:
e1:6d:c8:09:04:32:a5:8c:36:6b:e2:a7:9e:19:b1:
49:be:46:b3:ca:0e:f4:2c:84:aa:56:5b:c8:64:a2:
f8:db:47:f5:69:bf:14:40:91:23:07:60:b5:4f:51:
45:61:e5:42:dd:fa:f8:98:fc:d8:55:30:de:5c:5c:
f3:9c:a4:1c:4a:74:10:0d:2c:f7:1e:42:f7:75:7a:
b4:ef:22:6b:f0:3f:77:92:20:3b:8c:8b:21:6c:ed:
f0:07:69:9a:48:b8:d2:f2:e8:ab:42:e0:16:f3:9a:
cf:f7:34:f8:b1:ae:dd:87:de:53:44:c9:e7:50:b9:
2e:19:a4:d4:1b:5b:a7:e3:00:2d:03:24:db:58:56:
73:d5:95:32:8d:f5:05:42:51:ce:ae:9c:ae:2e:c7:
e6:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:C4:6E:78:6D:5B:E5:9C:D3:64:F4:E5:04:AA:24:C9:D4:1C:DA:AA
X509v3 Authority Key Identifier:
keyid:EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/CsRueG1b5ZzTZPTlBKokydQc2qo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.180.216.0/21
138.124.156.0/22
144.86.228.0/22
185.20.196.0/22
185.138.120.0/22
185.254.12.0/22
195.133.220.0/22
199.74.188.0/22
IPv6:
2a0b:1880::/29
Signature Algorithm: sha256WithRSAEncryption
b4:c3:ba:68:3c:19:85:45:94:4c:8a:03:5c:e7:87:70:f0:cc:
ec:6b:b3:c6:8f:fa:38:1c:96:c4:d5:87:6b:c8:5c:a9:06:0c:
9e:ed:eb:6d:5a:19:81:09:f2:4d:84:56:03:a1:91:f8:6a:3a:
90:40:44:e4:65:9c:70:29:04:ca:93:43:11:f4:cc:ad:b5:32:
63:f0:d8:c9:f1:3a:06:d2:aa:33:1b:97:7e:9c:ab:b3:70:3e:
6d:a2:17:d2:56:55:ca:d2:d4:79:76:ec:d8:77:62:b6:1a:96:
13:28:4a:55:d6:91:39:a7:55:32:ca:7f:ba:5d:e1:3e:e9:6f:
a5:bf:78:a8:57:a8:44:8a:13:27:0d:73:9c:d8:38:7c:f3:ec:
a3:b1:6a:7c:f1:f8:a3:14:bb:0d:93:d5:66:f1:d3:25:bb:80:
48:c1:a8:58:1c:bb:26:6f:04:5e:c2:b7:36:2e:c8:3e:60:47:
2e:9a:bc:79:2c:97:f9:de:1d:0e:c4:38:a5:e1:dd:8a:f6:7d:
d5:92:0a:5d:6e:26:73:1f:08:67:9d:f8:1f:a9:88:c2:1a:d6:
11:73:9f:5b:9c:0d:c5:1b:84:ed:d0:4c:5b:e2:69:ba:e4:8d:
c5:85:b9:71:63:d2:04:10:b0:aa:ae:27:79:1d:07:a5:52:ed:
1a:12:7e:1a
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZaAYbpkSit68VF2vtGsFl5nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTRkOWU0MWVhNWUyZDE2MWI3YzRjZGIyZTQ3MDJjNGYy
NDhlMTQwHhcNMjUwNDI5MDcxMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWM0NmU3ODZkNWJlNTljZDM2NGY0ZTUwNGFhMjRjOWQ0MWNkYWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0QEA/5mTD3J5iENp8t65okDJkrJR
ItNeSEvXWOzy+o1xat2ps4N1kF4PAwDiB5vm9sKp1j70zFKZz1CV/8wP0BAlEFPE
U4SjicbDh5zmp6Eb8aVXbXutPJUWCrXAzS8f7gnzCrFlGenhbcgJBDKljDZr4qee
GbFJvkazyg70LISqVlvIZKL420f1ab8UQJEjB2C1T1FFYeVC3fr4mPzYVTDeXFzz
nKQcSnQQDSz3HkL3dXq07yJr8D93kiA7jIshbO3wB2maSLjS8uirQuAW85rP9zT4
sa7dh95TRMnnULkuGaTUG1un4wAtAyTbWFZz1ZUyjfUFQlHOrpyuLsfmVwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFArEbnhtW+Wc02T05QSqJMnUHNqqMB8GA1UdIwQY
MBaAFO9U2eQepeLRYbfEzbLkcCxPJI4UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzIt
ZmJjNmZjYjVlN2E2LzEvQ3NSdWVHMWI1WnpUWlBUbEJLb2t5ZFFjMnFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzItZmJjNmZjYjVlN2E2
LzEvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDXbTYAwQC
inycAwQCkFbkAwQCuRTEAwQCuYp4AwQCuf4MAwQCw4XcAwQCx0q8MA0EAgACMAcD
BQMqCxiAMA0GCSqGSIb3DQEBCwUAA4IBAQC0w7poPBmFRZRMigNc54dw8Mzsa7PG
j/o4HJbE1YdryFypBgye7ettWhmBCfJNhFYDoZH4ajqQQETkZZxwKQTKk0MR9Myt
tTJj8NjJ8ToG0qozG5d+nKuzcD5tohfSVlXK0tR5duzYd2K2GpYTKEpV1pE5p1Uy
yn+6XeE+6W+lv3ioV6hEihMnDXOc2Dh88+yjsWp88fijFLsNk9Vm8dMlu4BIwahY
HLsmbwRewrc2Lsg+YEcumrx5LJf53h0OxDil4d2K9n3VkgpdbiZzHwhnnfgfqYjC
GtYRc59bnA3FG4Tt0Exb4mm65I3FhblxY9IEELCqrid5HQelUu0aEn4a
-----END CERTIFICATE-----
Generated at Sun May 11 07:25:13 2025 by rpki-client