Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/tNnILJcglaIoGnh4ByFK7f0QO7U.roa
File: tNnILJcglaIoGnh4ByFK7f0QO7U.roa (raw, json)
Hash identifier: GbTAbJ4kIEJFmwGtZm3TBKso2cSpLsB0cIHVOq3zelw=
Subject key identifier: B4:D9:C8:2C:97:20:95:A2:28:1A:78:78:07:21:4A:ED:FD:10:3B:B5
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 0196A9BB1058F35CD2F28C0A447F59642B2E
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/tNnILJcglaIoGnh4ByFK7f0QO7U.roa
Signing time: Wed 07 May 2025 07:52:10 +0000
ROA not before: Wed 07 May 2025 07:52:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 5.157.136.0/24 maxlen: 24
5.157.139.0/24 maxlen: 24
5.157.160.0/22 maxlen: 22
37.35.36.0/24 maxlen: 24
37.35.37.0/24 maxlen: 24
37.35.39.0/24 maxlen: 24
62.216.82.0/24 maxlen: 24
62.216.92.0/24 maxlen: 24
62.216.93.0/24 maxlen: 24
91.225.14.0/24 maxlen: 24
91.225.15.0/24 maxlen: 24
91.235.123.0/24 maxlen: 24
146.66.208.0/24 maxlen: 24
146.66.209.0/24 maxlen: 24
146.66.212.0/22 maxlen: 22
146.66.212.0/23 maxlen: 23
146.66.212.0/24 maxlen: 24
146.66.213.0/24 maxlen: 24
146.66.214.0/24 maxlen: 24
146.66.215.0/24 maxlen: 24
146.66.220.0/24 maxlen: 24
146.66.221.0/24 maxlen: 24
146.66.222.0/24 maxlen: 24
146.66.223.0/24 maxlen: 24
178.157.76.0/24 maxlen: 24
178.157.94.0/24 maxlen: 24
178.157.108.0/24 maxlen: 24
178.157.110.0/24 maxlen: 24
178.157.124.0/24 maxlen: 24
178.157.126.0/24 maxlen: 24
185.76.60.0/24 maxlen: 24
185.76.62.0/24 maxlen: 24
188.74.128.0/24 maxlen: 24
188.74.130.0/24 maxlen: 24
188.74.152.0/24 maxlen: 24
188.74.155.0/24 maxlen: 24
188.74.171.0/24 maxlen: 24
188.74.181.0/24 maxlen: 24
188.74.190.0/24 maxlen: 24
188.74.208.0/24 maxlen: 24
188.74.209.0/24 maxlen: 24
188.74.212.0/22 maxlen: 22
188.74.245.0/24 maxlen: 24
188.119.165.0/24 maxlen: 24
188.119.166.0/24 maxlen: 24
188.119.181.0/24 maxlen: 24
188.119.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a9:bb:10:58:f3:5c:d2:f2:8c:0a:44:7f:59:64:2b:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: May 7 07:52:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4d9c82c972095a2281a787807214aedfd103bb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:c7:2f:b2:64:79:c0:9f:2e:38:48:0f:49:51:
46:3c:a9:4d:34:6d:20:8d:d9:e2:03:2a:d0:b7:55:
7b:19:f8:0a:c9:ce:68:65:45:d0:be:86:ba:8f:59:
cf:71:36:c9:22:5a:44:43:33:64:4b:80:b9:9f:a4:
67:bb:a8:08:cc:29:18:82:68:cf:88:bf:35:71:2b:
dc:16:cb:bc:ce:98:25:8b:b2:62:58:69:0d:26:74:
6b:68:29:90:51:eb:5a:f7:7d:1e:64:f8:02:a3:47:
c5:ca:03:ee:5e:56:c7:37:57:33:96:81:9b:4b:b9:
ee:51:4f:68:02:c4:2b:db:d7:4f:c5:ef:15:de:4c:
60:35:e5:02:70:2c:88:51:23:eb:55:6b:c5:69:3d:
cb:2a:fe:0c:f9:15:4e:b2:4a:01:b7:f7:a6:ef:72:
37:98:38:71:75:18:44:5d:ca:4e:12:82:20:cf:b2:
8d:25:a9:75:ad:0a:ce:b7:f6:16:d3:3f:32:04:c6:
42:5b:b5:20:3c:6a:56:d7:46:13:34:49:f9:cf:61:
91:1a:cb:64:48:71:0f:79:bb:17:c4:8e:f1:3b:31:
09:ef:ba:5a:e5:f7:7c:2e:b9:67:a5:25:4b:43:90:
cc:86:59:45:9b:ff:ed:15:b0:41:bf:06:cf:f7:65:
b7:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:D9:C8:2C:97:20:95:A2:28:1A:78:78:07:21:4A:ED:FD:10:3B:B5
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/tNnILJcglaIoGnh4ByFK7f0QO7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.136.0/24
5.157.139.0/24
5.157.160.0/22
37.35.36.0/23
37.35.39.0/24
62.216.82.0/24
62.216.92.0/23
91.225.14.0/23
91.235.123.0/24
146.66.208.0/23
146.66.212.0/22
146.66.220.0/22
178.157.76.0/24
178.157.94.0/24
178.157.108.0/24
178.157.110.0/24
178.157.124.0/24
178.157.126.0/24
185.76.60.0/24
185.76.62.0/24
188.74.128.0/24
188.74.130.0/24
188.74.152.0/24
188.74.155.0/24
188.74.171.0/24
188.74.181.0/24
188.74.190.0/24
188.74.208.0/23
188.74.212.0/22
188.74.245.0/24
188.119.165.0-188.119.166.255
188.119.181.0/24
188.119.190.0/24
Signature Algorithm: sha256WithRSAEncryption
88:49:5e:b1:bb:43:20:33:a7:72:3b:c4:c8:be:b2:0c:b7:df:
de:ca:dc:ef:8a:c6:0b:4b:2b:09:53:a2:ae:a7:64:4a:05:91:
96:48:ea:c8:d5:1b:7b:57:36:87:56:b6:4e:9c:60:60:b1:9e:
2b:e9:1f:ff:51:46:99:7a:a6:f3:c0:16:ed:a0:e6:20:e1:fb:
19:62:fc:d4:9c:27:70:b7:c5:5a:ea:15:48:67:ee:f3:5c:cc:
46:02:79:e5:86:08:b8:67:99:81:fb:60:62:4c:5a:6d:35:2a:
bc:a1:f7:c7:52:35:7d:20:1d:8d:0d:cb:62:a8:fc:af:27:51:
69:83:52:2b:43:dc:81:12:1c:da:f8:1c:9d:36:bf:3e:d9:17:
09:9d:30:37:96:ff:02:fe:a3:03:f8:b0:3e:8f:97:2f:81:8a:
3f:5a:54:41:77:b6:1f:4f:92:2c:8a:20:9d:f0:4b:9b:d6:9c:
d6:26:5d:1b:58:21:20:fa:5a:ed:20:e0:fe:ba:68:81:a3:16:
06:f5:1e:44:d2:2c:cc:7e:33:10:f2:96:3d:65:8f:d7:c3:03:
4d:18:d1:4c:84:ed:b5:0d:67:1d:35:eb:e0:7e:60:38:a4:c2:
f5:e0:73:88:3b:0b:3e:41:9b:7b:7b:1b:5e:d5:3e:06:56:a1:
51:6f:e8:ac
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAZapuxBY81zS8owKRH9ZZCsuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjUwNTA3MDc1MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGQ5YzgyYzk3MjA5NWEyMjgxYTc4NzgwNzIxNGFlZGZkMTAzYmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA78cvsmR5wJ8uOEgPSVFGPKlNNG0g
jdniAyrQt1V7GfgKyc5oZUXQvoa6j1nPcTbJIlpEQzNkS4C5n6Rnu6gIzCkYgmjP
iL81cSvcFsu8zpgli7JiWGkNJnRraCmQUeta930eZPgCo0fFygPuXlbHN1czloGb
S7nuUU9oAsQr29dPxe8V3kxgNeUCcCyIUSPrVWvFaT3LKv4M+RVOskoBt/em73I3
mDhxdRhEXcpOEoIgz7KNJal1rQrOt/YW0z8yBMZCW7UgPGpW10YTNEn5z2GRGstk
SHEPebsXxI7xOzEJ77pa5fd8LrlnpSVLQ5DMhllFm//tFbBBvwbP92W3PwIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFLTZyCyXIJWiKBp4eAchSu39EDu1MB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvdE5uSUxKY2dsYUlvR25oNEJ5Rks3ZjBRTzdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DCB1QQCAAEwgc4DBAAF
nYgDBAAFnYsDBAIFnaADBAElIyQDBAAlIycDBAA+2FIDBAE+2FwDBAFb4Q4DBABb
63sDBAGSQtADBAKSQtQDBAKSQtwDBACynUwDBACynV4DBACynWwDBACynW4DBACy
nXwDBACynX4DBAC5TDwDBAC5TD4DBAC8SoADBAC8SoIDBAC8SpgDBAC8SpsDBAC8
SqsDBAC8SrUDBAC8Sr4DBAG8StADBAK8StQDBAC8SvUwDAMEALx3pQMEALx3pgME
ALx3tQMEALx3vjANBgkqhkiG9w0BAQsFAAOCAQEAiElesbtDIDOncjvEyL6yDLff
3src74rGC0srCVOirqdkSgWRlkjqyNUbe1c2h1a2TpxgYLGeK+kf/1FGmXqm88AW
7aDmIOH7GWL81JwncLfFWuoVSGfu81zMRgJ55YYIuGeZgftgYkxabTUqvKH3x1I1
fSAdjQ3LYqj8rydRaYNSK0PcgRIc2vgcnTa/PtkXCZ0wN5b/Av6jA/iwPo+XL4GK
P1pUQXe2H0+SLIognfBLm9ac1iZdG1ghIPpa7SDg/rpogaMWBvUeRNIszH4zEPKW
PWWP18MDTRjRTITttQ1nHTXr4H5gOKTC9eBziDsLPkGbe3sbXtU+BlahUW/orA==
-----END CERTIFICATE-----
Generated at Sun May 11 04:49:36 2025 by rpki-client