Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/avM-B1l2ZcO7r4-2HMpO0TyPxg4.roa
File: avM-B1l2ZcO7r4-2HMpO0TyPxg4.roa (raw, json)
Hash identifier: LazrBG41hn09e2iQyCdBaLebO4YAsZBrJ9T8I3t42BA=
Subject key identifier: 6A:F3:3E:07:59:76:65:C3:BB:AF:8F:B6:1C:CA:4E:D1:3C:8F:C6:0E
Certificate issuer: /CN=4ee843a85dd664e9dc0310892bd7dd9ce52591c7
Certificate serial: 019773CE202F1A2D6334C6B810D71013CB34
Authority key identifier: 4E:E8:43:A8:5D:D6:64:E9:DC:03:10:89:2B:D7:DD:9C:E5:25:91:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/avM-B1l2ZcO7r4-2HMpO0TyPxg4.roa
Signing time: Sun 15 Jun 2025 13:36:17 +0000
ROA not before: Sun 15 Jun 2025 13:36:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25160
IP address blocks: 5.10.144.0/20 maxlen: 20
45.88.112.0/22 maxlen: 22
82.163.192.0/19 maxlen: 24
82.163.205.0/24 maxlen: 24
91.238.221.0/24 maxlen: 24
144.98.0.0/16 maxlen: 16
158.41.64.0/18 maxlen: 18
165.65.0.0/16 maxlen: 16
185.28.240.0/22 maxlen: 22
185.120.204.0/22 maxlen: 22
185.237.48.0/22 maxlen: 22
193.0.176.0/23 maxlen: 23
193.221.128.0/19 maxlen: 19
194.8.254.0/23 maxlen: 23
206.245.213.0/24 maxlen: 24
206.245.224.0/21 maxlen: 21
206.245.232.0/22 maxlen: 22
206.245.236.0/23 maxlen: 23
2a00:e340::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/TuhDqF3WZOncAxCJK9fdnOUlkcc.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/TuhDqF3WZOncAxCJK9fdnOUlkcc.mft
rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:73:ce:20:2f:1a:2d:63:34:c6:b8:10:d7:10:13:cb:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ee843a85dd664e9dc0310892bd7dd9ce52591c7
Validity
Not Before: Jun 15 13:36:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6af33e07597665c3bbaf8fb61cca4ed13c8fc60e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:be:00:2e:5a:32:85:d5:2a:ae:7d:ed:c4:b0:
62:b0:dc:33:d4:f3:e2:13:37:0f:e4:8e:20:92:a2:
68:45:89:29:85:49:3f:3b:52:09:bf:ca:94:63:c0:
da:f3:a8:bb:3e:d7:4a:66:20:f0:a5:bb:5b:62:5f:
3a:5e:1f:63:65:e1:39:9d:5b:20:ce:64:8f:74:d1:
50:2f:fa:a7:ff:78:34:20:df:ba:68:88:2b:9a:64:
07:14:3c:f4:95:8f:d8:db:54:08:7c:4a:c1:9a:96:
54:e6:3c:d7:56:cc:11:c3:27:da:88:28:a7:31:54:
91:ae:cb:21:22:32:ca:f5:39:d2:ce:d5:21:6b:54:
89:72:a1:5c:7e:fb:49:46:9b:7e:88:d2:c2:7c:a4:
4f:37:49:82:76:4a:62:f1:de:b5:8f:fa:0b:1f:b6:
1b:18:09:63:c5:7c:49:7a:55:34:dd:4a:8a:c7:34:
dd:ea:b4:db:eb:c7:c8:7e:9d:fb:04:15:03:48:b2:
a3:ff:95:01:5f:da:ee:de:b1:49:01:a1:6b:5a:a2:
4b:6e:02:c5:e5:fd:8d:75:8c:64:e8:07:a6:84:51:
81:21:4d:8f:2b:1f:e1:ca:7e:d0:1d:b7:6d:56:09:
58:92:0d:b1:25:3d:49:50:4c:f7:c9:ac:28:ed:be:
df:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:F3:3E:07:59:76:65:C3:BB:AF:8F:B6:1C:CA:4E:D1:3C:8F:C6:0E
X509v3 Authority Key Identifier:
keyid:4E:E8:43:A8:5D:D6:64:E9:DC:03:10:89:2B:D7:DD:9C:E5:25:91:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/avM-B1l2ZcO7r4-2HMpO0TyPxg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/TuhDqF3WZOncAxCJK9fdnOUlkcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.144.0/20
45.88.112.0/22
82.163.192.0/19
91.238.221.0/24
144.98.0.0/16
158.41.64.0/18
165.65.0.0/16
185.28.240.0/22
185.120.204.0/22
185.237.48.0/22
193.0.176.0/23
193.221.128.0/19
194.8.254.0/23
206.245.213.0/24
206.245.224.0-206.245.237.255
IPv6:
2a00:e340::/29
Signature Algorithm: sha256WithRSAEncryption
35:5c:a6:86:3a:87:df:53:f0:7c:d1:e4:a1:d8:9e:50:34:1c:
8a:33:5b:56:ab:40:8c:5e:1e:5b:e9:dd:d8:8b:c8:ae:ad:5b:
8a:c2:28:0f:8d:b2:f0:d5:c0:4b:11:e7:27:a8:3f:57:85:c0:
70:ee:ef:df:e3:99:50:75:fb:52:ee:ac:d9:e5:ae:ac:63:9c:
e8:e0:68:d1:9a:6b:3f:d6:8d:22:1d:7f:b6:49:52:87:e8:92:
3c:b9:ac:7f:2a:6c:6d:f5:2c:58:9c:c5:03:6f:6f:3d:92:8c:
2a:4f:7a:7d:da:23:2e:f4:db:65:8a:d9:e5:af:32:98:77:cd:
05:7a:f6:f0:fd:f6:44:9c:df:55:10:30:6a:a7:d8:a4:71:6e:
57:1a:1e:6f:30:04:f2:52:ee:65:82:b4:61:a5:a9:35:86:c8:
59:10:9d:11:1f:dc:31:35:5f:64:12:75:d1:57:8e:45:37:fa:
c7:18:27:79:e5:17:94:10:69:34:7f:b1:0e:98:e6:2f:0a:dd:
d2:ce:9d:a6:5c:19:b3:de:5a:01:53:85:14:42:4c:b2:99:cb:
16:4a:35:6e:43:25:c4:ab:6f:0e:92:0c:65:97:22:a5:d0:11:
bb:bc:7c:28:75:ef:bb:3b:0c:a2:0c:66:8e:e5:3c:b9:33:f5:
22:ef:9e:29
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAZdzziAvGi1jNMa4ENcQE8s0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZTg0M2E4NWRkNjY0ZTlkYzAzMTA4OTJiZDdkZDljZTUy
NTkxYzcwHhcNMjUwNjE1MTMzNjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWYzM2UwNzU5NzY2NWMzYmJhZjhmYjYxY2NhNGVkMTNjOGZjNjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArr4ALloyhdUqrn3txLBisNwz1PPi
EzcP5I4gkqJoRYkphUk/O1IJv8qUY8Da86i7PtdKZiDwpbtbYl86Xh9jZeE5nVsg
zmSPdNFQL/qn/3g0IN+6aIgrmmQHFDz0lY/Y21QIfErBmpZU5jzXVswRwyfaiCin
MVSRrsshIjLK9TnSztUha1SJcqFcfvtJRpt+iNLCfKRPN0mCdkpi8d61j/oLH7Yb
GAljxXxJelU03UqKxzTd6rTb68fIfp37BBUDSLKj/5UBX9ru3rFJAaFrWqJLbgLF
5f2NdYxk6AemhFGBIU2PKx/hyn7QHbdtVglYkg2xJT1JUEz3yawo7b7fWQIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFGrzPgdZdmXDu6+PthzKTtE8j8YOMB8GA1UdIwQY
MBaAFE7oQ6hd1mTp3AMQiSvX3ZzlJZHHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHVoRHFGM1daT25jQXhDSks5ZmRuT1Vsa2NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9hZGFkMjAtYzUxMi00ZmIwLWExMjct
NDhjZjQxMmIzODdiLzEvYXZNLUIxbDJaY083cjQtMkhNcE8wVHlQeGc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9hZGFkMjAtYzUxMi00ZmIwLWExMjctNDhjZjQxMmIzODdi
LzEvVHVoRHFGM1daT25jQXhDSks5ZmRuT1Vsa2NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwZgQCAAEwYAMEBAUKkAME
Ai1YcAMEBVKjwAMEAFvu3QMDAJBiAwQGnilAAwMApUEDBAK5HPADBAK5eMwDBAK5
7TADBAHBALADBAXB3YADBAHCCP4DBADO9dUwDAMEBc714AMEAc717DANBAIAAjAH
AwUDKgDjQDANBgkqhkiG9w0BAQsFAAOCAQEANVymhjqH31PwfNHkodieUDQcijNb
VqtAjF4eW+nd2IvIrq1bisIoD42y8NXASxHnJ6g/V4XAcO7v3+OZUHX7Uu6s2eWu
rGOc6OBo0ZprP9aNIh1/tklSh+iSPLmsfypsbfUsWJzFA29vPZKMKk96fdojLvTb
ZYrZ5a8ymHfNBXr28P32RJzfVRAwaqfYpHFuVxoebzAE8lLuZYK0YaWpNYbIWRCd
ER/cMTVfZBJ10VeORTf6xxgneeUXlBBpNH+xDpjmLwrd0s6dplwZs95aAVOFFEJM
spnLFko1bkMlxKtvDpIMZZcipdARu7x8KHXvuzsMogxmjuU8uTP1Iu+eKQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 08:36:00 2025 by rpki-client