Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/Mdp9Kv-Vu7KoI3CAPKr9JqJyQF0.roa
File: Mdp9Kv-Vu7KoI3CAPKr9JqJyQF0.roa (raw, json)
Hash identifier: SVNqMzugCbLVwMP8haqTfMrXYGbHl90Ct7rAkwp4GGU=
Subject key identifier: 31:DA:7D:2A:FF:95:BB:B2:A8:23:70:80:3C:AA:FD:26:A2:72:40:5D
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 01969FFFE7CD88266BFACC5D6356C01DCCC6
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/Mdp9Kv-Vu7KoI3CAPKr9JqJyQF0.roa
Signing time: Mon 05 May 2025 10:31:10 +0000
ROA not before: Mon 05 May 2025 10:31:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13194
IP address blocks: 82.140.129.0/24 maxlen: 24
84.15.0.0/16 maxlen: 24
84.15.12.0/24 maxlen: 32
84.15.223.0/24 maxlen: 24
84.46.139.0/24 maxlen: 24
84.46.204.0/24 maxlen: 24
84.46.207.0/24 maxlen: 24
86.38.1.0/24 maxlen: 24
86.38.41.0/24 maxlen: 24
86.38.52.0/24 maxlen: 24
86.38.62.0/24 maxlen: 24
86.38.72.0/24 maxlen: 24
86.38.73.0/24 maxlen: 24
86.38.74.0/24 maxlen: 24
86.38.75.0/24 maxlen: 24
86.38.81.0/24 maxlen: 24
86.38.84.0/24 maxlen: 24
86.38.97.0/24 maxlen: 24
86.38.152.0/24 maxlen: 24
86.38.153.0/24 maxlen: 24
86.38.215.0/24 maxlen: 24
86.38.228.0/24 maxlen: 24
86.38.230.0/24 maxlen: 24
86.38.245.0/24 maxlen: 24
89.116.124.0/24 maxlen: 24
89.116.129.0/24 maxlen: 24
89.116.143.0/24 maxlen: 24
89.116.151.0/24 maxlen: 24
89.116.155.0/24 maxlen: 24
89.116.160.0/24 maxlen: 24
89.116.162.0/24 maxlen: 24
89.116.174.0/24 maxlen: 24
89.116.176.0/24 maxlen: 24
89.116.178.0/24 maxlen: 24
89.116.232.0/24 maxlen: 24
89.116.235.0/24 maxlen: 24
89.116.238.0/24 maxlen: 24
89.116.240.0/24 maxlen: 24
89.116.245.0/24 maxlen: 24
89.116.249.0/24 maxlen: 24
89.117.10.0/24 maxlen: 24
89.117.14.0/24 maxlen: 24
89.117.69.0/24 maxlen: 24
89.117.92.0/24 maxlen: 24
89.117.93.0/24 maxlen: 24
89.117.125.0/24 maxlen: 24
89.117.127.0/24 maxlen: 24
89.117.138.0/24 maxlen: 24
89.117.141.0/24 maxlen: 24
89.117.156.0/24 maxlen: 24
89.117.165.0/24 maxlen: 24
89.117.220.0/24 maxlen: 24
89.117.221.0/24 maxlen: 24
89.117.223.0/24 maxlen: 24
89.117.225.0/24 maxlen: 24
89.117.243.0/24 maxlen: 24
89.117.247.0/24 maxlen: 24
89.117.249.0/24 maxlen: 24
89.117.255.0/24 maxlen: 24
185.189.154.0/24 maxlen: 24
213.226.128.0/18 maxlen: 24
213.226.161.0/24 maxlen: 24
213.252.192.0/20 maxlen: 20
213.252.194.0/24 maxlen: 24
213.252.200.0/22 maxlen: 22
213.252.220.0/24 maxlen: 24
213.252.223.0/24 maxlen: 24
213.252.224.0/22 maxlen: 22
213.252.234.0/23 maxlen: 23
213.252.236.0/23 maxlen: 23
213.252.252.0/24 maxlen: 24
213.252.254.0/24 maxlen: 24
217.9.248.0/23 maxlen: 23
2a00:f500::/29 maxlen: 29
2a00:f502:150::/44 maxlen: 44
2a00:f502:160::/44 maxlen: 44
2a00:f502:170::/47 maxlen: 47
2a00:f502:172::/47 maxlen: 47
2a00:f502:174::/47 maxlen: 47
2a00:f502:176::/47 maxlen: 47
2a00:f502:178::/47 maxlen: 47
2a00:f502:17a::/47 maxlen: 47
2a00:f502:17c::/47 maxlen: 47
2a00:f502:17e::/47 maxlen: 47
2a00:f502:180::/47 maxlen: 47
2a00:f502:250::/44 maxlen: 44
2a00:f502:260::/44 maxlen: 44
2a00:f502:270::/47 maxlen: 47
2a00:f502:272::/47 maxlen: 47
2a00:f502:274::/47 maxlen: 47
2a00:f502:276::/47 maxlen: 47
2a00:f502:278::/47 maxlen: 47
2a00:f502:27a::/47 maxlen: 47
2a00:f502:27c::/47 maxlen: 47
2a00:f502:27e::/47 maxlen: 47
2a00:f502:280::/47 maxlen: 47
2a00:f503:150::/45 maxlen: 45
2a00:f503:158::/45 maxlen: 45
2a00:f503:160::/45 maxlen: 45
2a00:f503:168::/45 maxlen: 45
2a00:f503:170::/47 maxlen: 47
2a00:f503:172::/47 maxlen: 47
2a00:f503:174::/47 maxlen: 47
2a00:f503:176::/47 maxlen: 47
2a00:f503:178::/47 maxlen: 47
2a00:f503:17a::/47 maxlen: 47
2a00:f503:17c::/47 maxlen: 47
2a00:f503:17e::/47 maxlen: 47
2a00:f503:180::/47 maxlen: 47
2a00:f503:250::/45 maxlen: 45
2a00:f503:258::/45 maxlen: 45
2a00:f503:260::/45 maxlen: 45
2a00:f503:268::/45 maxlen: 45
2a00:f503:270::/47 maxlen: 47
2a00:f503:272::/47 maxlen: 47
2a00:f503:274::/47 maxlen: 47
2a00:f503:276::/47 maxlen: 47
2a00:f503:278::/47 maxlen: 47
2a00:f503:27a::/47 maxlen: 47
2a00:f503:27c::/47 maxlen: 47
2a00:f503:27e::/47 maxlen: 47
2a00:f503:280::/47 maxlen: 47
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 20:38:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:9f:ff:e7:cd:88:26:6b:fa:cc:5d:63:56:c0:1d:cc:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: May 5 10:31:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=31da7d2aff95bbb2a82370803caafd26a272405d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:0a:db:7b:b1:b8:93:34:44:09:b0:b7:67:59:
88:b6:9a:b2:3b:c7:eb:6e:57:58:96:df:85:3f:f1:
f0:a2:71:8b:dd:ef:9d:e1:75:70:e6:7e:cd:67:66:
94:79:11:f7:27:e2:f4:11:12:50:8e:3a:9f:91:b9:
bd:fc:49:c2:c9:92:2d:0d:37:4b:aa:0f:84:cb:df:
3b:cb:c1:5e:0f:92:4c:ff:18:9f:12:bd:ef:0b:27:
78:e1:7c:b4:78:aa:0c:aa:68:3a:b6:72:34:35:dd:
82:e3:75:e2:52:58:24:7d:1a:c4:dc:2b:0e:71:8c:
a6:3c:2b:a5:36:9a:22:dc:09:ad:cd:b5:79:7c:3a:
5d:3b:8f:7b:ce:fa:39:03:b0:e4:83:50:fb:7a:90:
2d:de:f6:2d:66:94:9c:df:3b:c7:15:97:86:5b:9c:
55:bc:24:a4:9f:65:6d:ad:01:34:f2:60:c2:ea:4c:
e5:f6:a6:2c:ba:4c:92:93:77:7a:fb:8b:86:a1:36:
d9:60:35:96:ba:66:58:e9:59:3c:14:f8:86:db:e0:
bd:34:78:01:4e:87:ab:15:aa:b8:d9:08:61:34:93:
d5:9f:52:1c:24:c7:f5:2a:7b:b5:06:d1:58:b5:17:
f6:c0:7a:6c:0a:b7:0a:e3:44:41:e7:e6:ae:3f:5f:
48:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:DA:7D:2A:FF:95:BB:B2:A8:23:70:80:3C:AA:FD:26:A2:72:40:5D
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/Mdp9Kv-Vu7KoI3CAPKr9JqJyQF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.129.0/24
84.15.0.0/16
84.46.139.0/24
84.46.204.0/24
84.46.207.0/24
86.38.1.0/24
86.38.41.0/24
86.38.52.0/24
86.38.62.0/24
86.38.72.0/22
86.38.81.0/24
86.38.84.0/24
86.38.97.0/24
86.38.152.0/23
86.38.215.0/24
86.38.228.0/24
86.38.230.0/24
86.38.245.0/24
89.116.124.0/24
89.116.129.0/24
89.116.143.0/24
89.116.151.0/24
89.116.155.0/24
89.116.160.0/24
89.116.162.0/24
89.116.174.0/24
89.116.176.0/24
89.116.178.0/24
89.116.232.0/24
89.116.235.0/24
89.116.238.0/24
89.116.240.0/24
89.116.245.0/24
89.116.249.0/24
89.117.10.0/24
89.117.14.0/24
89.117.69.0/24
89.117.92.0/23
89.117.125.0/24
89.117.127.0/24
89.117.138.0/24
89.117.141.0/24
89.117.156.0/24
89.117.165.0/24
89.117.220.0/23
89.117.223.0/24
89.117.225.0/24
89.117.243.0/24
89.117.247.0/24
89.117.249.0/24
89.117.255.0/24
185.189.154.0/24
213.226.128.0/18
213.252.192.0/20
213.252.220.0/24
213.252.223.0-213.252.227.255
213.252.234.0-213.252.237.255
213.252.252.0/24
213.252.254.0/24
217.9.248.0/23
IPv6:
2a00:f500::/29
Signature Algorithm: sha256WithRSAEncryption
26:0f:fb:81:b0:05:21:cb:fa:c9:c8:60:40:7e:b7:5a:93:b3:
5c:ab:41:28:fc:de:c7:21:ef:dd:9c:f9:00:fa:cc:d5:34:ac:
41:24:c6:7b:6f:e8:6e:8c:24:b0:39:34:30:28:50:7b:bf:74:
08:db:9f:9e:14:0c:67:ed:f1:e1:f3:3a:f5:0a:91:a9:16:f9:
b5:79:72:23:89:2d:64:ca:58:86:77:1b:dc:29:07:c0:3a:fa:
26:78:e1:da:66:18:af:7a:15:d6:22:d8:d7:1b:55:6a:e4:0d:
47:16:8d:c4:5e:f3:e3:89:e0:5f:6f:b8:b3:23:99:7c:95:d4:
03:8e:eb:39:da:a8:f3:e9:ae:93:f5:a8:9a:57:00:b6:0f:c2:
84:1d:97:4f:5a:e1:35:dc:b2:8c:96:01:b3:5a:d1:ef:38:c8:
ea:95:88:cc:f6:fc:e9:92:f8:df:3d:ec:d5:29:1b:a3:c0:4e:
1a:67:50:db:39:e2:6f:b5:ac:a3:0c:24:4a:e3:b9:83:dc:21:
6e:34:04:a7:dc:5b:9b:2e:2b:bb:2d:2e:67:8b:c1:2e:1c:9c:
36:88:42:ea:29:30:ec:e0:cc:0e:f3:92:c6:d0:dd:a9:c0:47:
8e:dc:ae:e0:69:9a:b7:c8:77:a6:0e:31:73:f3:0b:71:92:46:
59:57:02:5e
-----BEGIN CERTIFICATE-----
MIIGhzCCBW+gAwIBAgISAZaf/+fNiCZr+sxdY1bAHczGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjUwNTA1MTAzMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWRhN2QyYWZmOTViYmIyYTgyMzcwODAzY2FhZmQyNmEyNzI0MDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwrbe7G4kzRECbC3Z1mItpqyO8fr
bldYlt+FP/HwonGL3e+d4XVw5n7NZ2aUeRH3J+L0ERJQjjqfkbm9/EnCyZItDTdL
qg+Ey987y8FeD5JM/xifEr3vCyd44Xy0eKoMqmg6tnI0Nd2C43XiUlgkfRrE3CsO
cYymPCulNpoi3AmtzbV5fDpdO497zvo5A7Dkg1D7epAt3vYtZpSc3zvHFZeGW5xV
vCSkn2VtrQE08mDC6kzl9qYsukySk3d6+4uGoTbZYDWWumZY6Vk8FPiG2+C9NHgB
ToerFaq42QhhNJPVn1IcJMf1Knu1BtFYtRf2wHpsCrcK40RB5+auP19IOQIDAQAB
o4IDkzCCA48wHQYDVR0OBBYEFDHafSr/lbuyqCNwgDyq/SaickBdMB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEvTWRwOUt2LVZ1N0tvSTNDQVBLcjlKcUp5UUYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBpwYIKwYBBQUHAQcBAf8EggGWMIIBkjCCAX8EAgABMIIB
dwMEAFKMgQMDAFQPAwQAVC6LAwQAVC7MAwQAVC7PAwQAViYBAwQAViYpAwQAViY0
AwQAViY+AwQCViZIAwQAViZRAwQAViZUAwQAViZhAwQBViaYAwQAVibXAwQAVibk
AwQAVibmAwQAVib1AwQAWXR8AwQAWXSBAwQAWXSPAwQAWXSXAwQAWXSbAwQAWXSg
AwQAWXSiAwQAWXSuAwQAWXSwAwQAWXSyAwQAWXToAwQAWXTrAwQAWXTuAwQAWXTw
AwQAWXT1AwQAWXT5AwQAWXUKAwQAWXUOAwQAWXVFAwQBWXVcAwQAWXV9AwQAWXV/
AwQAWXWKAwQAWXWNAwQAWXWcAwQAWXWlAwQBWXXcAwQAWXXfAwQAWXXhAwQAWXXz
AwQAWXX3AwQAWXX5AwQAWXX/AwQAub2aAwQG1eKAAwQE1fzAAwQA1fzcMAwDBADV
/N8DBALV/OAwDAMEAdX86gMEAdX87AMEANX8/AMEANX8/gMEAdkJ+DANBAIAAjAH
AwUDKgD1ADANBgkqhkiG9w0BAQsFAAOCAQEAJg/7gbAFIcv6ychgQH63WpOzXKtB
KPzexyHv3Zz5APrM1TSsQSTGe2/obowksDk0MChQe790CNufnhQMZ+3x4fM69QqR
qRb5tXlyI4ktZMpYhncb3CkHwDr6Jnjh2mYYr3oV1iLY1xtVauQNRxaNxF7z44ng
X2+4syOZfJXUA47rOdqo8+muk/WomlcAtg/ChB2XT1rhNdyyjJYBs1rR7zjI6pWI
zPb86ZL43z3s1Skbo8BOGmdQ2znib7WsowwkSuO5g9whbjQEp9xbmy4ruy0uZ4vB
LhycNohC6ikw7ODMDvOSxtDdqcBHjtyu4Gmat8h3pg4xc/MLcZJGWVcCXg==
-----END CERTIFICATE-----
Generated at Thu May 8 04:53:18 2025 by rpki-client