Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/bIOnLPyVT4HMkOF207Y-bxFgW_o.roa
File: bIOnLPyVT4HMkOF207Y-bxFgW_o.roa (raw, json)
Hash identifier: sgHv3RFNqOpH2R7wPkXbngTzHaihOut0tmB1GHo2cvM=
Subject key identifier: 6C:83:A7:2C:FC:95:4F:81:CC:90:E1:76:D3:B6:3E:6F:11:60:5B:FA
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 019661A5B023E3EA6A7F92A17E1B1B9781CC
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/bIOnLPyVT4HMkOF207Y-bxFgW_o.roa
Signing time: Wed 23 Apr 2025 07:56:10 +0000
ROA not before: Wed 23 Apr 2025 07:56:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31586
IP address blocks: 80.84.224.0/19 maxlen: 24
81.4.64.0/19 maxlen: 24
81.4.96.0/22 maxlen: 24
81.4.112.0/21 maxlen: 24
81.21.136.0/21 maxlen: 24
83.96.128.0/18 maxlen: 24
83.96.192.0/21 maxlen: 24
83.96.208.0/22 maxlen: 24
83.96.224.0/21 maxlen: 24
83.96.232.0/22 maxlen: 24
83.96.248.0/22 maxlen: 24
85.158.248.0/22 maxlen: 24
85.158.252.0/23 maxlen: 23
91.142.252.0/23 maxlen: 24
91.205.32.0/22 maxlen: 24
141.255.180.0/22 maxlen: 24
185.69.232.0/22 maxlen: 24
185.84.72.0/22 maxlen: 24
185.95.68.0/22 maxlen: 24
185.105.204.0/22 maxlen: 24
185.105.216.0/22 maxlen: 24
193.93.172.0/22 maxlen: 24
217.21.241.0/24 maxlen: 24
2001:828::/32 maxlen: 48
2a05:2500::/32 maxlen: 48
2a05:a282::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.mft
rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 20:38:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:61:a5:b0:23:e3:ea:6a:7f:92:a1:7e:1b:1b:97:81:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Apr 23 07:56:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c83a72cfc954f81cc90e176d3b63e6f11605bfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:db:d2:d8:0e:c8:4b:86:03:97:04:cc:b8:f4:
ab:a3:e1:a0:fc:70:94:14:00:b0:bf:48:eb:bf:03:
d9:a2:33:92:2f:87:ee:82:c8:7a:36:a6:7b:99:e9:
3b:35:88:60:41:48:a4:0c:1e:23:16:c1:e8:5c:53:
84:7b:50:50:0a:de:0c:c4:a7:fd:ad:01:b4:45:af:
d6:71:3d:6d:4c:cb:ae:f6:b3:2a:ea:34:45:91:f7:
94:ff:53:45:01:df:28:a3:9d:2c:2b:7b:e8:a9:8f:
6c:df:62:89:79:83:cc:bf:39:01:4c:93:a4:35:61:
6c:2e:01:33:46:c7:2e:cc:51:8b:56:df:3b:80:82:
1f:9b:3a:b1:0c:dc:68:b8:f3:a6:70:e8:f4:75:8d:
b4:0a:f7:a6:93:3c:5b:cf:09:f1:72:6d:b3:c0:c0:
1d:2d:0e:ce:b6:ef:f7:58:0c:3c:bf:a1:a9:51:f2:
9c:6d:b9:13:82:b6:ae:fe:11:fb:67:4e:c1:d9:cb:
86:c3:51:ed:ca:51:77:52:b2:ce:4b:46:ee:c5:d6:
b7:d8:a8:a2:26:84:17:ce:08:3c:dc:79:f9:16:9e:
49:e0:58:c3:6d:a5:dd:81:73:6b:e5:0c:ea:8c:03:
16:e1:a7:01:bf:bb:a3:de:a7:dd:83:cd:5c:79:95:
d1:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:83:A7:2C:FC:95:4F:81:CC:90:E1:76:D3:B6:3E:6F:11:60:5B:FA
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/bIOnLPyVT4HMkOF207Y-bxFgW_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.84.224.0/19
81.4.64.0-81.4.99.255
81.4.112.0/21
81.21.136.0/21
83.96.128.0-83.96.199.255
83.96.208.0/22
83.96.224.0-83.96.235.255
83.96.248.0/22
85.158.248.0-85.158.253.255
91.142.252.0/23
91.205.32.0/22
141.255.180.0/22
185.69.232.0/22
185.84.72.0/22
185.95.68.0/22
185.105.204.0/22
185.105.216.0/22
193.93.172.0/22
217.21.241.0/24
IPv6:
2001:828::/32
2a05:2500::/32
2a05:a282::/32
Signature Algorithm: sha256WithRSAEncryption
9a:05:10:09:91:05:1d:04:5c:4f:de:0e:5e:4e:69:f0:bd:f5:
94:f1:14:3a:f8:07:b9:97:34:dd:40:07:aa:ba:d3:a4:97:24:
d9:cf:83:ae:8a:dc:ec:20:48:b7:64:87:44:2e:67:c8:2e:ab:
e5:07:51:bb:89:9b:a6:88:76:58:c8:58:d3:8b:df:b2:a3:ab:
a4:83:e8:b1:d4:7d:2f:92:eb:89:b3:31:ef:79:3b:2d:90:27:
3a:47:d4:17:b5:a0:cc:e0:81:04:03:e3:54:b1:cf:74:21:39:
51:ac:f0:a6:74:30:f2:aa:78:72:4f:6a:cc:f8:c2:e8:ac:18:
5e:56:20:c9:c4:c9:92:bd:e3:5d:37:49:c1:8e:78:55:7c:50:
84:46:db:be:22:14:c4:d3:35:71:62:6b:65:3d:43:fd:81:03:
88:28:cf:3b:da:0d:9b:47:de:fc:ee:1c:92:d3:92:9a:cf:f3:
f0:ba:94:e6:56:70:5a:82:39:d8:fe:60:4a:41:00:54:1f:ae:
02:2e:81:5c:5e:ac:f3:84:52:a5:72:8f:5c:75:8a:7c:e5:db:
de:fd:87:63:30:88:36:a6:de:d7:4b:7a:79:7a:d8:a2:e3:37:
4b:3b:da:78:8d:61:17:00:bb:af:c3:2b:ef:57:c9:d6:33:4f:
74:91:76:31
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgISAZZhpbAj4+pqf5Khfhsbl4HMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjUwNDIzMDc1NjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzgzYTcyY2ZjOTU0ZjgxY2M5MGUxNzZkM2I2M2U2ZjExNjA1YmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNvS2A7IS4YDlwTMuPSro+Gg/HCU
FACwv0jrvwPZojOSL4fugsh6NqZ7mek7NYhgQUikDB4jFsHoXFOEe1BQCt4MxKf9
rQG0Ra/WcT1tTMuu9rMq6jRFkfeU/1NFAd8oo50sK3voqY9s32KJeYPMvzkBTJOk
NWFsLgEzRscuzFGLVt87gIIfmzqxDNxouPOmcOj0dY20Cvemkzxbzwnxcm2zwMAd
LQ7Otu/3WAw8v6GpUfKcbbkTgrau/hH7Z07B2cuGw1HtylF3UrLOS0buxda32Kii
JoQXzgg83Hn5Fp5J4FjDbaXdgXNr5QzqjAMW4acBv7uj3qfdg81ceZXRUQIDAQAB
o4ICtzCCArMwHQYDVR0OBBYEFGyDpyz8lU+BzJDhdtO2Pm8RYFv6MB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvYklPbkxQeVZUNEhNa09GMjA3WS1ieEZnV19vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHMBggrBgEFBQcBBwEB/wSBvDCBuTCBmQQCAAEwgZIDBAVQ
VOAwDAMEBlEEQAMEAlEEYAMEA1EEcAMEA1EViDAMAwQHU2CAAwQDU2DAAwQCU2DQ
MAwDBAVTYOADBAJTYOgDBAJTYPgwDAMEA1We+AMEAVWe/AMEAVuO/AMEAlvNIAME
Ao3/tAMEArlF6AMEArlUSAMEArlfRAMEArlpzAMEArlp2AMEAsFdrAMEANkV8TAb
BAIAAjAVAwUAIAEIKAMFACoFJQADBQAqBaKCMA0GCSqGSIb3DQEBCwUAA4IBAQCa
BRAJkQUdBFxP3g5eTmnwvfWU8RQ6+Ae5lzTdQAequtOklyTZz4OuitzsIEi3ZIdE
LmfILqvlB1G7iZumiHZYyFjTi9+yo6ukg+ix1H0vkuuJszHveTstkCc6R9QXtaDM
4IEEA+NUsc90ITlRrPCmdDDyqnhyT2rM+MLorBheViDJxMmSveNdN0nBjnhVfFCE
Rtu+IhTE0zVxYmtlPUP9gQOIKM872g2bR9787hyS05Kaz/PwupTmVnBagjnY/mBK
QQBUH64CLoFcXqzzhFKlco9cdYp85dve/YdjMIg2pt7XS3p5etii4zdLO9p4jWEX
ALuvwyvvV8nWM090kXYx
-----END CERTIFICATE-----
Generated at Thu May 8 06:27:15 2025 by rpki-client