Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/3cYEcx55Jeov9uoHhaE5j8d-Hls.roa
File: 3cYEcx55Jeov9uoHhaE5j8d-Hls.roa (raw, json)
Hash identifier: yy+pSOPQxwEIkgPGY3M7bj7jp1HL8fwmOalEYO4eOrg=
Subject key identifier: DD:C6:04:73:1E:79:25:EA:2F:F6:EA:07:85:A1:39:8F:C7:7E:1E:5B
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 019686D6B6DDE67F8D96C3A4F9EEB98E1D6D
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/3cYEcx55Jeov9uoHhaE5j8d-Hls.roa
Signing time: Wed 30 Apr 2025 13:15:40 +0000
ROA not before: Wed 30 Apr 2025 13:15:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44477
IP address blocks: 37.221.124.0/22 maxlen: 24
45.67.228.0/24 maxlen: 24
45.67.229.0/24 maxlen: 24
45.67.231.0/24 maxlen: 24
45.120.176.0/22 maxlen: 24
62.3.12.0/24 maxlen: 24
74.119.192.0/24 maxlen: 24
74.119.193.0/24 maxlen: 24
74.119.194.0/24 maxlen: 24
74.119.195.0/24 maxlen: 24
80.92.204.0/24 maxlen: 24
80.92.205.0/24 maxlen: 24
80.92.206.0/24 maxlen: 24
86.104.72.0/22 maxlen: 24
89.221.224.0/24 maxlen: 24
89.221.225.0/24 maxlen: 24
91.132.132.0/22 maxlen: 24
91.194.161.0/24 maxlen: 24
91.225.217.0/24 maxlen: 24
91.225.218.0/24 maxlen: 24
91.225.219.0/24 maxlen: 24
94.131.8.0/24 maxlen: 24
94.131.20.0/24 maxlen: 24
103.35.188.0/22 maxlen: 24
103.106.0.0/22 maxlen: 24
103.113.68.0/22 maxlen: 24
103.231.72.0/22 maxlen: 24
176.120.64.0/22 maxlen: 24
176.120.64.0/24 maxlen: 24
176.120.72.0/22 maxlen: 24
185.234.56.0/22 maxlen: 24
185.234.64.0/22 maxlen: 24
185.235.240.0/22 maxlen: 24
185.236.232.0/22 maxlen: 24
185.242.84.0/24 maxlen: 24
185.242.85.0/24 maxlen: 24
185.242.86.0/24 maxlen: 24
185.242.87.0/24 maxlen: 24
185.250.148.0/24 maxlen: 24
185.250.150.0/24 maxlen: 24
185.250.151.0/24 maxlen: 24
193.203.202.0/24 maxlen: 24
194.54.156.0/24 maxlen: 24
194.54.157.0/24 maxlen: 24
194.54.158.0/24 maxlen: 24
194.54.159.0/24 maxlen: 24
194.62.42.0/24 maxlen: 24
194.246.114.0/24 maxlen: 24
194.246.115.0/24 maxlen: 24
195.42.232.0/22 maxlen: 24
195.149.87.0/24 maxlen: 24
213.159.64.0/21 maxlen: 24
213.159.72.0/21 maxlen: 24
213.159.76.0/24 maxlen: 24
213.159.77.0/24 maxlen: 24
213.159.78.0/24 maxlen: 24
213.159.79.0/24 maxlen: 24
2a09:7c40::/32 maxlen: 32
2a09:7c41::/32 maxlen: 32
2a09:7c42::/32 maxlen: 32
2a09:7c43::/32 maxlen: 32
2a09:7c44::/32 maxlen: 32
2a09:7c45::/32 maxlen: 32
2a09:7c46::/32 maxlen: 32
2a09:7c47::/32 maxlen: 32
2a0b:cf45::/32 maxlen: 32
2a0b:cf46::/32 maxlen: 32
2a0b:cf47::/32 maxlen: 32
2a11:3805::/32 maxlen: 32
2a11:3c02::/32 maxlen: 32
2a11:3c03::/32 maxlen: 32
2a11:4c04::/32 maxlen: 32
2a11:4c05::/32 maxlen: 32
2a11:4c06::/32 maxlen: 32
2a14:2d80::/32 maxlen: 32
2a14:2d81::/32 maxlen: 32
2a14:2d82::/32 maxlen: 32
2a14:2d83::/32 maxlen: 32
2a14:2d85::/32 maxlen: 32
2a14:2d87::/32 maxlen: 32
2a14:2e80::/32 maxlen: 32
2a14:2f80::/32 maxlen: 32
2a14:3080::/32 maxlen: 32
2a14:3081::/32 maxlen: 32
2a14:3082::/32 maxlen: 32
2a14:3083::/32 maxlen: 32
2a14:3084::/32 maxlen: 32
2a14:3085::/32 maxlen: 32
2a14:3086::/32 maxlen: 32
2a14:3087::/32 maxlen: 32
2a14:3880::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.mft
rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 14 May 2025 16:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:86:d6:b6:dd:e6:7f:8d:96:c3:a4:f9:ee:b9:8e:1d:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Apr 30 13:15:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ddc604731e7925ea2ff6ea0785a1398fc77e1e5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:5e:c9:7e:e3:ca:f5:0d:d0:ad:a7:09:3e:b8:
55:36:5d:7a:ec:5e:d2:e2:25:f8:09:62:d1:01:1f:
82:3e:48:5f:ac:97:34:59:a5:16:67:9e:66:9d:5b:
58:d9:6a:a7:b0:e7:2f:7e:bd:67:b6:28:65:78:51:
96:44:59:e2:2d:8c:bd:ca:12:cf:bc:35:96:e7:26:
a4:00:ea:d8:45:41:f5:ec:9f:60:16:e5:8b:91:ab:
3d:f6:9c:43:05:58:02:42:b6:46:8b:3d:b6:43:fa:
6f:3c:40:0b:f3:1e:ef:07:39:75:91:d9:b4:e7:72:
52:0e:52:50:d9:5d:e4:fb:35:9d:f9:0b:6d:3b:af:
7e:01:d6:fd:ab:13:4b:34:96:01:aa:db:c8:c9:2f:
f5:1c:39:1f:bf:ea:a3:d1:f6:5c:25:be:68:15:4d:
30:dd:be:9d:14:55:0e:25:4e:bc:ba:a1:0a:b2:4e:
f9:29:d8:f0:91:1b:04:4f:75:fd:12:39:f8:54:31:
21:b3:c8:74:f1:e9:fa:03:e1:03:2f:c5:8d:f8:5f:
b8:3f:16:0f:29:26:77:df:c6:66:11:1f:98:6c:c1:
40:8c:26:1d:b3:12:7a:3a:4f:7e:6b:59:4e:1e:da:
45:e3:0e:e5:36:b0:c5:27:15:78:30:26:4b:a6:ef:
3e:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:C6:04:73:1E:79:25:EA:2F:F6:EA:07:85:A1:39:8F:C7:7E:1E:5B
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/3cYEcx55Jeov9uoHhaE5j8d-Hls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.124.0/22
45.67.228.0/23
45.67.231.0/24
45.120.176.0/22
62.3.12.0/24
74.119.192.0/22
80.92.204.0-80.92.206.255
86.104.72.0/22
89.221.224.0/23
91.132.132.0/22
91.194.161.0/24
91.225.217.0-91.225.219.255
94.131.8.0/24
94.131.20.0/24
103.35.188.0/22
103.106.0.0/22
103.113.68.0/22
103.231.72.0/22
176.120.64.0/22
176.120.72.0/22
185.234.56.0/22
185.234.64.0/22
185.235.240.0/22
185.236.232.0/22
185.242.84.0/22
185.250.148.0/24
185.250.150.0/23
193.203.202.0/24
194.54.156.0/22
194.62.42.0/24
194.246.114.0/23
195.42.232.0/22
195.149.87.0/24
213.159.64.0/20
IPv6:
2a09:7c40::/29
2a0b:cf45::-2a0b:cf47:ffff:ffff:ffff:ffff:ffff:ffff
2a11:3805::/32
2a11:3c02::/31
2a11:4c04::-2a11:4c06:ffff:ffff:ffff:ffff:ffff:ffff
2a14:2d80::/30
2a14:2d85::/32
2a14:2d87::/32
2a14:2e80::/32
2a14:2f80::/32
2a14:3080::/29
2a14:3880::/32
Signature Algorithm: sha256WithRSAEncryption
0d:8e:94:7a:f8:38:5e:0d:27:e1:de:c0:d7:51:c4:51:5e:ad:
64:a1:03:21:93:33:e0:ff:ef:26:5b:17:f4:e1:7d:09:2f:21:
ab:53:42:1e:13:7a:94:2d:ca:95:0f:1d:a5:1c:5c:68:3c:57:
08:05:23:90:9e:25:57:a8:fd:9d:77:20:65:b6:12:96:a2:9c:
42:87:fa:ed:10:9c:5c:e2:9c:9c:d8:31:f9:c3:82:1a:68:89:
4a:d4:e7:93:9c:9d:42:46:7e:fa:64:60:3a:6f:8f:14:c5:b4:
f3:6d:09:69:60:4b:d2:48:b2:7b:54:d4:a1:37:2a:99:35:13:
26:1f:2f:be:09:1f:b3:6b:ad:82:e7:b1:51:06:6c:00:43:ba:
2c:43:90:ab:a5:79:57:f3:12:31:c8:b4:49:5b:f4:a3:ff:ce:
0c:ff:9e:82:57:f9:d9:be:36:c2:ee:f0:5b:36:a6:31:6a:0d:
8a:71:a6:12:88:53:a9:34:6e:d7:c0:e5:29:95:73:e4:3e:28:
74:e7:6d:ba:ea:b6:72:48:7c:e8:ea:21:49:13:66:a6:da:20:
bd:0f:60:90:bc:a2:50:ed:14:5b:53:64:5d:8e:cf:d2:78:3b:
a1:e3:fa:b7:cf:b7:e7:12:cb:6b:53:b6:84:1a:19:c5:39:59:
45:0c:71:1b
-----BEGIN CERTIFICATE-----
MIIGSTCCBTGgAwIBAgISAZaG1rbd5n+NlsOk+e65jh1tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjUwNDMwMTMxNTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGM2MDQ3MzFlNzkyNWVhMmZmNmVhMDc4NWExMzk4ZmM3N2UxZTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6V7JfuPK9Q3QracJPrhVNl167F7S
4iX4CWLRAR+CPkhfrJc0WaUWZ55mnVtY2WqnsOcvfr1ntihleFGWRFniLYy9yhLP
vDWW5yakAOrYRUH17J9gFuWLkas99pxDBVgCQrZGiz22Q/pvPEAL8x7vBzl1kdm0
53JSDlJQ2V3k+zWd+QttO69+Adb9qxNLNJYBqtvIyS/1HDkfv+qj0fZcJb5oFU0w
3b6dFFUOJU68uqEKsk75KdjwkRsET3X9Ejn4VDEhs8h08en6A+EDL8WN+F+4PxYP
KSZ338ZmER+YbMFAjCYdsxJ6Ok9+a1lOHtpF4w7lNrDFJxV4MCZLpu8+swIDAQAB
o4IDVTCCA1EwHQYDVR0OBBYEFN3GBHMeeSXqL/bqB4WhOY/Hfh5bMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvM2NZRWN4NTVKZW92OXVvSGhhRTVqOGQtSGxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBaQYIKwYBBQUHAQcBAf8EggFYMIIBVDCB4wQCAAEwgdwD
BAIl3XwDBAEtQ+QDBAAtQ+cDBAIteLADBAA+AwwDBAJKd8AwDAMEAlBczAMEAFBc
zgMEAlZoSAMEAVnd4AMEAluEhAMEAFvCoTAMAwQAW+HZAwQCW+HYAwQAXoMIAwQA
XoMUAwQCZyO8AwQCZ2oAAwQCZ3FEAwQCZ+dIAwQCsHhAAwQCsHhIAwQCueo4AwQC
uepAAwQCuevwAwQCuezoAwQCufJUAwQAufqUAwQBufqWAwQAwcvKAwQCwjacAwQA
wj4qAwQBwvZyAwQCwyroAwQAw5VXAwQE1Z9AMGwEAgACMGYDBQMqCXxAMA4DBQAq
C89FAwUDKgvPQAMFACoROAUDBQEqETwCMA4DBQIqEUwEAwUAKhFMBgMFAioULYAD
BQAqFC2FAwUAKhQthwMFACoULoADBQAqFC+AAwUDKhQwgAMFACoUOIAwDQYJKoZI
hvcNAQELBQADggEBAA2OlHr4OF4NJ+HewNdRxFFerWShAyGTM+D/7yZbF/ThfQkv
IatTQh4TepQtypUPHaUcXGg8VwgFI5CeJVeo/Z13IGW2EpainEKH+u0QnFzinJzY
MfnDghpoiUrU55OcnUJGfvpkYDpvjxTFtPNtCWlgS9JIsntU1KE3Kpk1EyYfL74J
H7NrrYLnsVEGbABDuixDkKuleVfzEjHItElb9KP/zgz/noJX+dm+NsLu8Fs2pjFq
DYpxphKIU6k0btfA5SmVc+Q+KHTnbbrqtnJIfOjqIUkTZqbaIL0PYJC8olDtFFtT
ZF2Oz9J4O6Hj+rfPt+cSy2tTtoQaGcU5WUUMcRs=
-----END CERTIFICATE-----
Generated at Wed May 14 01:15:24 2025 by rpki-client