Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/u0oYfsQSubuPv-wY7a_VQQkEpgM.roa
File: u0oYfsQSubuPv-wY7a_VQQkEpgM.roa (raw, json)
Hash identifier: j05VwvFL1oGc87rdn5AKxIMaR89cSPwJbEMU7RgIH7w=
Subject key identifier: BB:4A:18:7E:C4:12:B9:BB:8F:BF:EC:18:ED:AF:D5:41:09:04:A6:03
Certificate issuer: /CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Certificate serial: 019680EB0E46F23330958C64A87EECEA3431
Authority key identifier: A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/u0oYfsQSubuPv-wY7a_VQQkEpgM.roa
Signing time: Tue 29 Apr 2025 09:40:10 +0000
ROA not before: Tue 29 Apr 2025 09:40:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41221
IP address blocks: 5.56.64.0/18 maxlen: 24
37.75.16.0/20 maxlen: 24
37.75.64.0/18 maxlen: 24
46.55.0.0/17 maxlen: 24
85.204.176.0/21 maxlen: 24
86.104.196.0/22 maxlen: 24
86.105.56.0/21 maxlen: 24
86.105.80.0/21 maxlen: 24
86.105.172.0/22 maxlen: 24
86.105.208.0/22 maxlen: 24
86.106.144.0/21 maxlen: 24
86.106.208.0/20 maxlen: 24
86.107.64.0/22 maxlen: 24
86.107.160.0/21 maxlen: 24
89.32.56.0/21 maxlen: 24
89.32.136.0/21 maxlen: 24
89.32.172.0/22 maxlen: 24
89.32.252.0/22 maxlen: 24
89.34.112.0/21 maxlen: 24
89.34.192.0/21 maxlen: 24
89.34.204.0/22 maxlen: 24
89.34.232.0/22 maxlen: 24
89.35.8.0/21 maxlen: 24
89.35.40.0/21 maxlen: 24
89.35.84.0/22 maxlen: 24
89.35.200.0/22 maxlen: 24
89.36.156.0/22 maxlen: 24
89.37.44.0/22 maxlen: 24
89.37.104.0/24 maxlen: 24
89.38.32.0/22 maxlen: 24
89.38.64.0/22 maxlen: 24
89.38.76.0/22 maxlen: 24
89.39.76.0/22 maxlen: 24
89.39.84.0/22 maxlen: 24
89.39.96.0/21 maxlen: 24
89.39.112.0/21 maxlen: 24
89.40.228.0/22 maxlen: 24
89.41.64.0/18 maxlen: 24
89.42.64.0/22 maxlen: 24
89.42.72.0/21 maxlen: 24
89.42.104.0/22 maxlen: 24
89.42.128.0/22 maxlen: 24
89.42.180.0/22 maxlen: 24
89.42.224.0/22 maxlen: 24
89.43.128.0/22 maxlen: 24
89.43.168.0/22 maxlen: 24
89.44.152.0/22 maxlen: 24
89.45.40.0/22 maxlen: 24
89.46.164.0/22 maxlen: 24
92.114.128.0/17 maxlen: 24
93.113.64.0/21 maxlen: 24
93.113.80.0/21 maxlen: 24
93.113.92.0/22 maxlen: 24
93.113.244.0/22 maxlen: 24
93.115.136.0/21 maxlen: 24
93.116.0.0/16 maxlen: 24
93.117.48.0/20 maxlen: 24
93.117.68.0/22 maxlen: 24
93.117.72.0/21 maxlen: 24
93.117.128.0/21 maxlen: 24
93.117.140.0/22 maxlen: 24
93.117.144.0/21 maxlen: 24
93.117.156.0/22 maxlen: 24
93.117.160.0/21 maxlen: 24
93.117.168.0/22 maxlen: 24
93.118.176.0/22 maxlen: 24
93.118.188.0/22 maxlen: 24
93.119.96.0/21 maxlen: 24
93.119.108.0/22 maxlen: 24
93.119.128.0/21 maxlen: 24
93.119.140.0/22 maxlen: 24
93.119.144.0/21 maxlen: 24
93.119.160.0/21 maxlen: 24
93.119.196.0/22 maxlen: 24
93.119.200.0/21 maxlen: 24
93.119.228.0/22 maxlen: 24
93.119.232.0/21 maxlen: 24
94.176.64.0/20 maxlen: 24
109.185.0.0/16 maxlen: 24
178.132.112.0/20 maxlen: 24
178.132.128.0/19 maxlen: 24
185.28.104.0/22 maxlen: 24
188.208.96.0/22 maxlen: 24
188.208.104.0/22 maxlen: 24
188.208.112.0/22 maxlen: 24
188.208.120.0/21 maxlen: 24
188.208.192.0/22 maxlen: 24
188.208.204.0/22 maxlen: 24
188.209.216.0/21 maxlen: 24
188.210.240.0/21 maxlen: 24
188.210.248.0/22 maxlen: 24
188.212.0.0/22 maxlen: 24
188.212.8.0/21 maxlen: 24
188.212.24.0/21 maxlen: 24
188.212.40.0/21 maxlen: 24
188.213.36.0/22 maxlen: 24
188.213.52.0/22 maxlen: 24
188.213.220.0/22 maxlen: 24
188.213.236.0/22 maxlen: 24
188.213.244.0/22 maxlen: 24
188.214.60.0/22 maxlen: 24
188.214.136.0/22 maxlen: 24
188.214.144.0/22 maxlen: 24
188.214.200.0/21 maxlen: 24
188.215.252.0/22 maxlen: 24
188.237.0.0/16 maxlen: 24
212.0.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:80:eb:0e:46:f2:33:30:95:8c:64:a8:7e:ec:ea:34:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Validity
Not Before: Apr 29 09:40:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb4a187ec412b9bb8fbfec18edafd5410904a603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:28:06:78:c4:86:6c:bd:62:52:55:64:a6:7f:
6d:d5:91:81:8a:fe:ef:a1:ed:70:f6:17:e0:3a:f8:
72:82:b6:44:9e:89:84:5d:a8:77:41:61:f8:10:19:
db:f4:5e:b0:a4:f8:f3:20:97:8a:6a:3c:8f:7e:b4:
65:0d:0d:5d:2d:81:bf:52:8d:16:34:3a:f8:21:fe:
67:43:d5:dc:2e:ba:01:13:f7:70:8c:c7:5f:76:9c:
a7:bb:6f:28:d9:94:a1:90:87:57:ad:b1:3e:e8:0e:
19:60:90:40:39:a2:df:33:d2:95:e3:d8:cb:00:56:
b0:95:1a:a4:ca:0c:6a:da:8b:e2:be:d8:b9:0f:45:
68:88:e6:f6:8a:2a:4f:ea:42:0b:da:01:ad:ad:eb:
16:c4:ba:07:56:f6:75:c7:46:4f:25:0e:73:ad:d3:
de:6b:68:b7:6f:f2:af:c2:e1:6c:36:90:cb:2e:f3:
49:60:6d:c1:cc:d2:c3:c0:08:e7:85:49:44:d8:b3:
74:92:79:21:cb:ed:f1:ff:37:c1:d5:3c:fd:bc:f0:
5a:6c:c8:9b:94:85:06:61:d7:45:e1:69:94:95:49:
68:a1:42:b1:72:43:55:d2:70:47:20:79:df:dd:a6:
43:35:b4:a9:f2:6a:e9:dd:0d:9b:4c:3e:b3:55:f2:
24:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:4A:18:7E:C4:12:B9:BB:8F:BF:EC:18:ED:AF:D5:41:09:04:A6:03
X509v3 Authority Key Identifier:
keyid:A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/u0oYfsQSubuPv-wY7a_VQQkEpgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.64.0/18
37.75.16.0/20
37.75.64.0/18
46.55.0.0/17
85.204.176.0/21
86.104.196.0/22
86.105.56.0/21
86.105.80.0/21
86.105.172.0/22
86.105.208.0/22
86.106.144.0/21
86.106.208.0/20
86.107.64.0/22
86.107.160.0/21
89.32.56.0/21
89.32.136.0/21
89.32.172.0/22
89.32.252.0/22
89.34.112.0/21
89.34.192.0/21
89.34.204.0/22
89.34.232.0/22
89.35.8.0/21
89.35.40.0/21
89.35.84.0/22
89.35.200.0/22
89.36.156.0/22
89.37.44.0/22
89.37.104.0/24
89.38.32.0/22
89.38.64.0/22
89.38.76.0/22
89.39.76.0/22
89.39.84.0/22
89.39.96.0/21
89.39.112.0/21
89.40.228.0/22
89.41.64.0/18
89.42.64.0/22
89.42.72.0/21
89.42.104.0/22
89.42.128.0/22
89.42.180.0/22
89.42.224.0/22
89.43.128.0/22
89.43.168.0/22
89.44.152.0/22
89.45.40.0/22
89.46.164.0/22
92.114.128.0/17
93.113.64.0/21
93.113.80.0/21
93.113.92.0/22
93.113.244.0/22
93.115.136.0/21
93.116.0.0/16
93.117.48.0/20
93.117.68.0-93.117.79.255
93.117.128.0/21
93.117.140.0-93.117.151.255
93.117.156.0-93.117.171.255
93.118.176.0/22
93.118.188.0/22
93.119.96.0/21
93.119.108.0/22
93.119.128.0/21
93.119.140.0-93.119.151.255
93.119.160.0/21
93.119.196.0-93.119.207.255
93.119.228.0-93.119.239.255
94.176.64.0/20
109.185.0.0/16
178.132.112.0-178.132.159.255
185.28.104.0/22
188.208.96.0/22
188.208.104.0/22
188.208.112.0/22
188.208.120.0/21
188.208.192.0/22
188.208.204.0/22
188.209.216.0/21
188.210.240.0-188.210.251.255
188.212.0.0/22
188.212.8.0/21
188.212.24.0/21
188.212.40.0/21
188.213.36.0/22
188.213.52.0/22
188.213.220.0/22
188.213.236.0/22
188.213.244.0/22
188.214.60.0/22
188.214.136.0/22
188.214.144.0/22
188.214.200.0/21
188.215.252.0/22
188.237.0.0/16
212.0.192.0/19
Signature Algorithm: sha256WithRSAEncryption
66:70:d1:1f:55:e0:17:32:a9:17:67:7a:c8:58:75:45:66:00:
19:1c:9f:8f:0c:48:c9:73:62:ff:15:e2:c1:42:d0:3f:5a:10:
45:2d:19:1d:50:82:f0:c1:72:ad:28:78:4b:17:58:f3:5b:2e:
bb:2b:97:7f:38:f7:6d:1e:e8:75:a6:68:ab:b1:6b:71:61:91:
b8:b6:9a:4c:65:5e:a9:b9:9d:6c:7d:2d:15:ec:3c:fb:6d:79:
b7:49:1e:04:dc:4b:ac:74:03:e4:c1:f4:69:2b:79:3b:03:70:
53:e8:42:e7:95:b0:e7:95:4d:6f:a6:6e:6d:71:86:cd:a5:2a:
b7:7a:6a:6f:aa:e0:72:1a:7f:0a:5a:07:44:35:bb:9f:5d:c7:
15:8b:b0:75:92:ef:b4:94:84:8c:cc:5e:2f:87:55:c5:60:cd:
d7:36:96:e1:43:10:d9:02:6a:dc:9d:69:99:37:40:59:f7:f4:
2e:43:6b:c5:6b:3c:07:eb:bf:05:05:34:a1:38:8b:41:c1:98:
5d:87:40:03:fc:68:9c:7a:00:5e:a2:c2:b1:78:6b:2f:73:4e:
40:a3:ea:a0:d4:c8:21:0f:e9:6f:2c:97:05:dc:3b:ea:19:df:
bf:ad:f3:f1:6d:f7:90:7d:85:16:3e:a4:da:50:5f:eb:69:be:
67:b1:82:70
-----BEGIN CERTIFICATE-----
MIIHijCCBnKgAwIBAgISAZaA6w5G8jMwlYxkqH7s6jQxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMDg4ZTA2ZDU1M2NmZjI5M2QyNzdmNGQ3NmMzYTcxMGJk
OGIyZjcwHhcNMjUwNDI5MDk0MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjRhMTg3ZWM0MTJiOWJiOGZiZmVjMThlZGFmZDU0MTA5MDRhNjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ygGeMSGbL1iUlVkpn9t1ZGBiv7v
oe1w9hfgOvhygrZEnomEXah3QWH4EBnb9F6wpPjzIJeKajyPfrRlDQ1dLYG/Uo0W
NDr4If5nQ9XcLroBE/dwjMdfdpynu28o2ZShkIdXrbE+6A4ZYJBAOaLfM9KV49jL
AFawlRqkygxq2ovivti5D0VoiOb2iipP6kIL2gGtresWxLoHVvZ1x0ZPJQ5zrdPe
a2i3b/KvwuFsNpDLLvNJYG3BzNLDwAjnhUlE2LN0knkhy+3x/zfB1Tz9vPBabMib
lIUGYddF4WmUlUlooUKxckNV0nBHIHnf3aZDNbSp8mrp3Q2bTD6zVfIkHwIDAQAB
o4IEljCCBJIwHQYDVR0OBBYEFLtKGH7EErm7j7/sGO2v1UEJBKYDMB8GA1UdIwQY
MBaAFKIIjgbVU8/yk9J39NdsOnEL2LL3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTct
YmJlYTI5MThlMTAyLzEvdTBvWWZzUVN1YnVQdi13WTdhX1ZRUWtFcGdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTctYmJlYTI5MThlMTAy
LzEvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICqgYIKwYBBQUHAQcBAf8EggKZMIIClTCCApEEAgABMIIC
iQMEBgU4QAMEBCVLEAMEBiVLQAMEBy43AAMEA1XMsAMEAlZoxAMEA1ZpOAMEA1Zp
UAMEAlZprAMEAlZp0AMEA1ZqkAMEBFZq0AMEAlZrQAMEA1ZroAMEA1kgOAMEA1kg
iAMEAlkgrAMEAlkg/AMEA1kicAMEA1kiwAMEAlkizAMEAlki6AMEA1kjCAMEA1kj
KAMEAlkjVAMEAlkjyAMEAlkknAMEAlklLAMEAFklaAMEAlkmIAMEAlkmQAMEAlkm
TAMEAlknTAMEAlknVAMEA1knYAMEA1kncAMEAlko5AMEBlkpQAMEAlkqQAMEA1kq
SAMEAlkqaAMEAlkqgAMEAlkqtAMEAlkq4AMEAlkrgAMEAlkrqAMEAlksmAMEAlkt
KAMEAlkupAMEB1xygAMEA11xQAMEA11xUAMEAl1xXAMEAl1x9AMEA11ziAMDAF10
AwQEXXUwMAwDBAJddUQDBARddUADBANddYAwDAMEAl11jAMEA111kDAMAwQCXXWc
AwQCXXWoAwQCXXawAwQCXXa8AwQDXXdgAwQCXXdsAwQDXXeAMAwDBAJdd4wDBANd
d5ADBANdd6AwDAMEAl13xAMEBF13wDAMAwQCXXfkAwQEXXfgAwQEXrBAAwMAbbkw
DAMEBLKEcAMEBbKEgAMEArkcaAMEArzQYAMEArzQaAMEArzQcAMEA7zQeAMEArzQ
wAMEArzQzAMEA7zR2DAMAwQEvNLwAwQCvNL4AwQCvNQAAwQDvNQIAwQDvNQYAwQD
vNQoAwQCvNUkAwQCvNU0AwQCvNXcAwQCvNXsAwQCvNX0AwQCvNY8AwQCvNaIAwQC
vNaQAwQDvNbIAwQCvNf8AwMAvO0DBAXUAMAwDQYJKoZIhvcNAQELBQADggEBAGZw
0R9V4BcyqRdneshYdUVmABkcn48MSMlzYv8V4sFC0D9aEEUtGR1QgvDBcq0oeEsX
WPNbLrsrl384920e6HWmaKuxa3Fhkbi2mkxlXqm5nWx9LRXsPPttebdJHgTcS6x0
A+TB9GkreTsDcFPoQueVsOeVTW+mbm1xhs2lKrd6am+q4HIafwpaB0Q1u59dxxWL
sHWS77SUhIzMXi+HVcVgzdc2luFDENkCatydaZk3QFn39C5Da8VrPAfrvwUFNKE4
i0HBmF2HQAP8aJx6AF6iwrF4ay9zTkCj6qDUyCEP6W8slwXcO+oZ37+t8/Ft95B9
hRY+pNpQX+tpvmexgnA=
-----END CERTIFICATE-----
Generated at Sat May 10 10:13:24 2025 by rpki-client