Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/TRci-7qeDM6r0iGxR0T05lbhE5o.roa
File: TRci-7qeDM6r0iGxR0T05lbhE5o.roa (raw, json)
Hash identifier: lbwBwoN0WDhRyqqCXFvMsakjDMrXifMYG7v+N6KW0/4=
Subject key identifier: 4D:17:22:FB:BA:9E:0C:CE:AB:D2:21:B1:47:44:F4:E6:56:E1:13:9A
Certificate issuer: /CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Certificate serial: 0196D26DC25CBE93E37954CBCD438BB3C3C6
Authority key identifier: A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/TRci-7qeDM6r0iGxR0T05lbhE5o.roa
Signing time: Thu 15 May 2025 05:32:10 +0000
ROA not before: Thu 15 May 2025 05:32:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41221
IP address blocks: 5.56.64.0/18 maxlen: 24
37.75.16.0/20 maxlen: 24
37.75.64.0/18 maxlen: 24
46.55.0.0/17 maxlen: 24
85.204.176.0/21 maxlen: 24
86.104.196.0/22 maxlen: 24
86.105.56.0/21 maxlen: 24
86.105.80.0/21 maxlen: 24
86.105.172.0/22 maxlen: 24
86.105.208.0/22 maxlen: 24
86.106.144.0/21 maxlen: 24
86.106.208.0/20 maxlen: 24
86.107.64.0/22 maxlen: 24
86.107.160.0/21 maxlen: 24
89.32.56.0/21 maxlen: 24
89.32.136.0/21 maxlen: 24
89.32.172.0/22 maxlen: 24
89.32.252.0/22 maxlen: 24
89.34.192.0/21 maxlen: 24
89.34.204.0/22 maxlen: 24
89.34.232.0/22 maxlen: 24
89.35.8.0/21 maxlen: 24
89.35.40.0/21 maxlen: 24
89.35.84.0/22 maxlen: 24
89.35.200.0/22 maxlen: 24
89.36.156.0/22 maxlen: 24
89.37.44.0/22 maxlen: 24
89.37.104.0/24 maxlen: 24
89.38.32.0/22 maxlen: 24
89.38.64.0/22 maxlen: 24
89.38.76.0/22 maxlen: 24
89.39.76.0/22 maxlen: 24
89.39.84.0/22 maxlen: 24
89.39.96.0/21 maxlen: 24
89.39.112.0/21 maxlen: 24
89.40.228.0/22 maxlen: 24
89.41.64.0/18 maxlen: 24
89.42.64.0/22 maxlen: 24
89.42.72.0/21 maxlen: 24
89.42.104.0/22 maxlen: 24
89.42.128.0/22 maxlen: 24
89.42.180.0/22 maxlen: 24
89.42.224.0/22 maxlen: 24
89.43.128.0/22 maxlen: 24
89.43.168.0/22 maxlen: 24
89.44.152.0/22 maxlen: 24
89.45.40.0/22 maxlen: 24
89.46.164.0/22 maxlen: 24
92.114.128.0/17 maxlen: 24
93.113.64.0/21 maxlen: 24
93.113.80.0/21 maxlen: 24
93.113.92.0/22 maxlen: 24
93.113.244.0/22 maxlen: 24
93.115.136.0/21 maxlen: 24
93.116.0.0/16 maxlen: 24
93.117.48.0/20 maxlen: 24
93.117.68.0/22 maxlen: 24
93.117.72.0/21 maxlen: 24
93.117.128.0/21 maxlen: 24
93.117.140.0/22 maxlen: 24
93.117.144.0/21 maxlen: 24
93.117.156.0/22 maxlen: 24
93.117.160.0/21 maxlen: 24
93.117.168.0/22 maxlen: 24
93.118.176.0/22 maxlen: 24
93.118.188.0/22 maxlen: 24
93.119.96.0/21 maxlen: 24
93.119.108.0/22 maxlen: 24
93.119.128.0/21 maxlen: 24
93.119.140.0/22 maxlen: 24
93.119.144.0/21 maxlen: 24
93.119.160.0/21 maxlen: 24
93.119.196.0/22 maxlen: 24
93.119.200.0/21 maxlen: 24
93.119.228.0/22 maxlen: 24
93.119.232.0/21 maxlen: 24
94.176.64.0/20 maxlen: 24
109.185.0.0/16 maxlen: 24
178.132.112.0/20 maxlen: 24
178.132.128.0/19 maxlen: 24
185.28.104.0/22 maxlen: 24
188.208.96.0/22 maxlen: 24
188.208.104.0/22 maxlen: 24
188.208.112.0/22 maxlen: 24
188.208.120.0/21 maxlen: 24
188.208.192.0/22 maxlen: 24
188.208.204.0/22 maxlen: 24
188.209.216.0/21 maxlen: 24
188.210.240.0/21 maxlen: 24
188.210.248.0/22 maxlen: 24
188.212.0.0/22 maxlen: 24
188.212.8.0/21 maxlen: 24
188.212.24.0/21 maxlen: 24
188.212.40.0/21 maxlen: 24
188.213.36.0/22 maxlen: 24
188.213.52.0/22 maxlen: 24
188.213.220.0/22 maxlen: 24
188.213.236.0/22 maxlen: 24
188.213.244.0/22 maxlen: 24
188.214.60.0/22 maxlen: 24
188.214.136.0/22 maxlen: 24
188.214.144.0/22 maxlen: 24
188.214.200.0/21 maxlen: 24
188.215.252.0/22 maxlen: 24
188.237.0.0/16 maxlen: 24
212.0.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d2:6d:c2:5c:be:93:e3:79:54:cb:cd:43:8b:b3:c3:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Validity
Not Before: May 15 05:32:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d1722fbba9e0cceabd221b14744f4e656e1139a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:69:e6:e7:f8:40:96:b1:4b:a9:cd:f8:1a:74:
2b:94:a8:43:86:0c:cd:75:fb:fc:0f:b5:4f:80:33:
8a:25:24:8f:f3:fd:dc:50:e6:44:b4:20:00:18:be:
52:20:d7:c0:5f:de:fa:29:5e:90:3b:3b:0a:92:a1:
a9:68:f4:83:42:51:22:65:63:3d:b4:a1:55:ac:b6:
fe:92:7d:e6:2d:2e:e8:ab:f0:f4:bb:5c:a6:5d:08:
da:af:01:48:8e:e6:58:43:59:c1:36:4a:15:ce:64:
fb:2b:42:b2:38:a5:9b:7f:3a:4b:ac:91:15:7d:0a:
07:21:e1:16:71:9f:3d:76:29:58:55:e2:58:71:bd:
a0:74:30:81:d6:bc:16:20:2e:f3:7e:a3:76:6d:ec:
b3:e4:41:01:4e:b2:89:ab:c3:0b:fe:eb:2c:08:dd:
1d:4c:43:c1:7d:e8:83:41:ac:a0:dd:1a:48:fc:8b:
75:7a:da:92:d6:c0:96:be:81:e7:6e:ab:26:fb:df:
ba:e4:42:d5:40:4e:1d:d5:47:45:41:ae:3b:b1:2f:
7b:50:a3:4b:3c:73:dc:09:c7:50:25:be:b0:38:23:
fe:0f:ef:c3:6d:55:ac:d6:60:91:0e:f0:00:34:b3:
d9:ba:4c:8c:33:ce:ea:1d:82:dc:7d:b7:4e:8c:fc:
8d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:17:22:FB:BA:9E:0C:CE:AB:D2:21:B1:47:44:F4:E6:56:E1:13:9A
X509v3 Authority Key Identifier:
keyid:A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/TRci-7qeDM6r0iGxR0T05lbhE5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.64.0/18
37.75.16.0/20
37.75.64.0/18
46.55.0.0/17
85.204.176.0/21
86.104.196.0/22
86.105.56.0/21
86.105.80.0/21
86.105.172.0/22
86.105.208.0/22
86.106.144.0/21
86.106.208.0/20
86.107.64.0/22
86.107.160.0/21
89.32.56.0/21
89.32.136.0/21
89.32.172.0/22
89.32.252.0/22
89.34.192.0/21
89.34.204.0/22
89.34.232.0/22
89.35.8.0/21
89.35.40.0/21
89.35.84.0/22
89.35.200.0/22
89.36.156.0/22
89.37.44.0/22
89.37.104.0/24
89.38.32.0/22
89.38.64.0/22
89.38.76.0/22
89.39.76.0/22
89.39.84.0/22
89.39.96.0/21
89.39.112.0/21
89.40.228.0/22
89.41.64.0/18
89.42.64.0/22
89.42.72.0/21
89.42.104.0/22
89.42.128.0/22
89.42.180.0/22
89.42.224.0/22
89.43.128.0/22
89.43.168.0/22
89.44.152.0/22
89.45.40.0/22
89.46.164.0/22
92.114.128.0/17
93.113.64.0/21
93.113.80.0/21
93.113.92.0/22
93.113.244.0/22
93.115.136.0/21
93.116.0.0/16
93.117.48.0/20
93.117.68.0-93.117.79.255
93.117.128.0/21
93.117.140.0-93.117.151.255
93.117.156.0-93.117.171.255
93.118.176.0/22
93.118.188.0/22
93.119.96.0/21
93.119.108.0/22
93.119.128.0/21
93.119.140.0-93.119.151.255
93.119.160.0/21
93.119.196.0-93.119.207.255
93.119.228.0-93.119.239.255
94.176.64.0/20
109.185.0.0/16
178.132.112.0-178.132.159.255
185.28.104.0/22
188.208.96.0/22
188.208.104.0/22
188.208.112.0/22
188.208.120.0/21
188.208.192.0/22
188.208.204.0/22
188.209.216.0/21
188.210.240.0-188.210.251.255
188.212.0.0/22
188.212.8.0/21
188.212.24.0/21
188.212.40.0/21
188.213.36.0/22
188.213.52.0/22
188.213.220.0/22
188.213.236.0/22
188.213.244.0/22
188.214.60.0/22
188.214.136.0/22
188.214.144.0/22
188.214.200.0/21
188.215.252.0/22
188.237.0.0/16
212.0.192.0/19
Signature Algorithm: sha256WithRSAEncryption
cf:91:cf:8c:71:20:0e:dd:b6:0b:4c:67:1b:4c:e5:f2:1a:7a:
c6:05:55:07:04:f6:0f:ba:d8:2e:7d:6f:3e:53:b3:86:39:16:
57:14:ad:c5:8a:bb:7d:e7:a5:32:94:17:61:41:76:30:aa:62:
fd:97:43:12:d5:42:ae:16:01:9a:c4:1c:82:d1:21:a2:1e:a2:
38:8b:a5:28:bf:2b:29:2e:0c:fe:83:1b:9e:4c:5b:e5:8a:1e:
01:03:b6:5b:e9:9c:71:42:16:48:9a:d3:5d:ed:bf:d6:87:08:
dc:73:46:b2:e9:61:bd:a2:f0:a1:ca:ec:4d:bd:3d:90:5f:81:
1b:9d:69:ab:19:42:74:04:93:0b:fe:90:85:35:1e:d2:96:b5:
b6:52:9e:35:9b:d9:ea:cb:a7:74:2f:71:65:34:ab:27:1d:9d:
1f:39:80:aa:fe:45:2f:0b:3e:95:e8:86:af:8d:99:9a:c2:62:
2d:30:c4:2e:43:d2:08:42:9b:dd:31:0b:47:4b:f4:54:33:d8:
af:18:09:9a:e3:be:fb:fc:ba:1f:4d:a9:a2:af:f8:70:e8:5d:
77:a7:cf:f3:0b:ab:92:69:1b:74:d9:f1:46:c8:a0:ec:16:53:
b5:19:b0:bd:7b:52:57:d4:52:1d:71:fc:01:bc:d6:d3:c2:a7:
64:e4:d0:2d
-----BEGIN CERTIFICATE-----
MIIHhDCCBmygAwIBAgISAZbSbcJcvpPjeVTLzUOLs8PGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMDg4ZTA2ZDU1M2NmZjI5M2QyNzdmNGQ3NmMzYTcxMGJk
OGIyZjcwHhcNMjUwNTE1MDUzMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDE3MjJmYmJhOWUwY2NlYWJkMjIxYjE0NzQ0ZjRlNjU2ZTExMzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGnm5/hAlrFLqc34GnQrlKhDhgzN
dfv8D7VPgDOKJSSP8/3cUOZEtCAAGL5SINfAX976KV6QOzsKkqGpaPSDQlEiZWM9
tKFVrLb+kn3mLS7oq/D0u1ymXQjarwFIjuZYQ1nBNkoVzmT7K0KyOKWbfzpLrJEV
fQoHIeEWcZ89dilYVeJYcb2gdDCB1rwWIC7zfqN2beyz5EEBTrKJq8ML/ussCN0d
TEPBfeiDQayg3RpI/It1etqS1sCWvoHnbqsm+9+65ELVQE4d1UdFQa47sS97UKNL
PHPcCcdQJb6wOCP+D+/DbVWs1mCRDvAANLPZukyMM87qHYLcfbdOjPyNzQIDAQAB
o4IEkDCCBIwwHQYDVR0OBBYEFE0XIvu6ngzOq9IhsUdE9OZW4ROaMB8GA1UdIwQY
MBaAFKIIjgbVU8/yk9J39NdsOnEL2LL3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTct
YmJlYTI5MThlMTAyLzEvVFJjaS03cWVETTZyMGlHeFIwVDA1bGJoRTVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTctYmJlYTI5MThlMTAy
LzEvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICpAYIKwYBBQUHAQcBAf8EggKTMIICjzCCAosEAgABMIIC
gwMEBgU4QAMEBCVLEAMEBiVLQAMEBy43AAMEA1XMsAMEAlZoxAMEA1ZpOAMEA1Zp
UAMEAlZprAMEAlZp0AMEA1ZqkAMEBFZq0AMEAlZrQAMEA1ZroAMEA1kgOAMEA1kg
iAMEAlkgrAMEAlkg/AMEA1kiwAMEAlkizAMEAlki6AMEA1kjCAMEA1kjKAMEAlkj
VAMEAlkjyAMEAlkknAMEAlklLAMEAFklaAMEAlkmIAMEAlkmQAMEAlkmTAMEAlkn
TAMEAlknVAMEA1knYAMEA1kncAMEAlko5AMEBlkpQAMEAlkqQAMEA1kqSAMEAlkq
aAMEAlkqgAMEAlkqtAMEAlkq4AMEAlkrgAMEAlkrqAMEAlksmAMEAlktKAMEAlku
pAMEB1xygAMEA11xQAMEA11xUAMEAl1xXAMEAl1x9AMEA11ziAMDAF10AwQEXXUw
MAwDBAJddUQDBARddUADBANddYAwDAMEAl11jAMEA111kDAMAwQCXXWcAwQCXXWo
AwQCXXawAwQCXXa8AwQDXXdgAwQCXXdsAwQDXXeAMAwDBAJdd4wDBANdd5ADBANd
d6AwDAMEAl13xAMEBF13wDAMAwQCXXfkAwQEXXfgAwQEXrBAAwMAbbkwDAMEBLKE
cAMEBbKEgAMEArkcaAMEArzQYAMEArzQaAMEArzQcAMEA7zQeAMEArzQwAMEArzQ
zAMEA7zR2DAMAwQEvNLwAwQCvNL4AwQCvNQAAwQDvNQIAwQDvNQYAwQDvNQoAwQC
vNUkAwQCvNU0AwQCvNXcAwQCvNXsAwQCvNX0AwQCvNY8AwQCvNaIAwQCvNaQAwQD
vNbIAwQCvNf8AwMAvO0DBAXUAMAwDQYJKoZIhvcNAQELBQADggEBAM+Rz4xxIA7d
tgtMZxtM5fIaesYFVQcE9g+62C59bz5Ts4Y5FlcUrcWKu33npTKUF2FBdjCqYv2X
QxLVQq4WAZrEHILRIaIeojiLpSi/KykuDP6DG55MW+WKHgEDtlvpnHFCFkia013t
v9aHCNxzRrLpYb2i8KHK7E29PZBfgRudaasZQnQEkwv+kIU1HtKWtbZSnjWb2erL
p3QvcWU0qycdnR85gKr+RS8LPpXohq+NmZrCYi0wxC5D0ghCm90xC0dL9FQz2K8Y
CZrjvvv8uh9NqaKv+HDoXXenz/MLq5JpG3TZ8UbIoOwWU7UZsL17UlfUUh1x/AG8
1tPCp2Tk0C0=
-----END CERTIFICATE-----
Generated at Sun Jun 29 11:34:06 2025 by rpki-client