Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/kp7dmjFBonBXqg5SUhwfgrpcPrk.roa
File: kp7dmjFBonBXqg5SUhwfgrpcPrk.roa (raw, json)
Hash identifier: 7Dsn4Eren5gH31G2BucmhdAuoTx/so0d2IUZRWLJoQI=
Subject key identifier: 92:9E:DD:9A:31:41:A2:70:57:AA:0E:52:52:1C:1F:82:BA:5C:3E:B9
Certificate issuer: /CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Certificate serial: 0196C47EDD13AD25D2DB8892C5D282B1781A
Authority key identifier: 0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/kp7dmjFBonBXqg5SUhwfgrpcPrk.roa
Signing time: Mon 12 May 2025 12:36:10 +0000
ROA not before: Mon 12 May 2025 12:36:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8849
IP address blocks: 5.42.206.0/24 maxlen: 24
5.44.249.0/24 maxlen: 24
31.222.226.0/24 maxlen: 24
62.122.187.0/24 maxlen: 24
88.210.36.0/23 maxlen: 24
89.36.162.0/24 maxlen: 24
89.36.163.0/24 maxlen: 24
89.40.226.0/24 maxlen: 24
91.192.81.0/24 maxlen: 24
95.174.68.0/24 maxlen: 24
95.174.69.0/24 maxlen: 24
95.174.70.0/24 maxlen: 24
95.174.71.0/24 maxlen: 24
103.97.91.0/24 maxlen: 24
103.111.112.0/22 maxlen: 22
103.253.36.0/24 maxlen: 24
109.122.200.0/23 maxlen: 23
109.122.207.0/24 maxlen: 24
146.19.196.0/24 maxlen: 24
158.255.76.0/24 maxlen: 24
176.97.192.0/24 maxlen: 24
185.140.210.0/24 maxlen: 24
185.140.211.0/24 maxlen: 24
185.147.53.0/24 maxlen: 24
185.224.249.0/24 maxlen: 24
185.230.245.0/24 maxlen: 24
193.35.224.0/24 maxlen: 24
213.111.130.0/24 maxlen: 24
213.111.131.0/24 maxlen: 24
2a06:f901:4000::/36 maxlen: 36
2a06:f901:8000::/36 maxlen: 36
2a06:f901:c000::/36 maxlen: 36
2a06:f902:4000::/36 maxlen: 36
2a06:f902:8000::/36 maxlen: 36
2a06:f903:4000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.mft
rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 16 May 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c4:7e:dd:13:ad:25:d2:db:88:92:c5:d2:82:b1:78:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Validity
Not Before: May 12 12:36:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=929edd9a3141a27057aa0e52521c1f82ba5c3eb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:bc:09:ec:b6:9a:59:20:57:75:6f:04:8a:f0:
42:7f:4d:1b:12:db:13:73:c8:d8:36:ed:0b:83:1d:
1c:7c:bc:32:9f:f1:de:33:31:19:ae:05:e6:7d:38:
30:8a:d7:be:d2:05:6c:45:50:56:34:43:8b:66:b6:
93:cf:04:a4:d2:9f:5e:02:b3:2a:e7:96:7d:48:2a:
5d:23:35:bd:cf:e7:c9:0e:a7:2d:ca:cc:9c:4f:59:
28:65:c8:d2:32:21:97:8a:9e:92:fb:df:88:7b:e3:
7b:8d:dd:75:c2:eb:70:f4:92:d5:a6:a1:c0:cc:c3:
bb:b1:7d:c9:28:17:10:f2:6a:23:cc:05:88:ec:ce:
84:d9:9a:e3:44:c6:48:11:c8:2a:9b:cd:4e:ee:13:
09:20:4b:d5:b1:6a:0c:86:ab:69:82:30:2d:89:23:
b6:97:fe:64:c4:fb:bf:50:3e:5d:14:59:38:8f:14:
e0:95:9a:0d:1c:89:10:af:1c:3b:c2:f6:94:a4:96:
cf:42:1c:06:72:af:a6:a4:cd:2e:cc:a2:96:24:9c:
32:b7:f3:c8:22:68:1f:cd:a1:53:38:9f:19:57:41:
3d:c0:72:4a:bf:45:08:f2:9b:cd:e8:f0:9b:60:a8:
3b:84:be:6d:78:27:62:15:d4:5b:7c:1b:75:03:b6:
da:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:9E:DD:9A:31:41:A2:70:57:AA:0E:52:52:1C:1F:82:BA:5C:3E:B9
X509v3 Authority Key Identifier:
keyid:0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/kp7dmjFBonBXqg5SUhwfgrpcPrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.206.0/24
5.44.249.0/24
31.222.226.0/24
62.122.187.0/24
88.210.36.0/23
89.36.162.0/23
89.40.226.0/24
91.192.81.0/24
95.174.68.0/22
103.97.91.0/24
103.111.112.0/22
103.253.36.0/24
109.122.200.0/23
109.122.207.0/24
146.19.196.0/24
158.255.76.0/24
176.97.192.0/24
185.140.210.0/23
185.147.53.0/24
185.224.249.0/24
185.230.245.0/24
193.35.224.0/24
213.111.130.0/23
IPv6:
2a06:f901:4000::/36
2a06:f901:8000::/36
2a06:f901:c000::/36
2a06:f902:4000::/36
2a06:f902:8000::/36
2a06:f903:4000::/36
Signature Algorithm: sha256WithRSAEncryption
0c:61:ab:3a:b6:8f:7c:b5:e8:eb:4b:ab:8c:6a:e9:81:62:00:
8a:be:10:aa:33:30:54:f7:7e:47:7c:7b:00:57:8d:99:7c:b9:
b0:82:16:57:ee:8e:f5:7e:49:95:e1:3d:84:0e:3d:9f:fe:72:
7f:a1:61:3a:16:ba:54:7c:64:81:a5:ea:b1:c3:d9:c8:b1:a0:
1d:63:07:c0:65:96:65:3a:d6:d1:39:5e:3d:b3:7f:fc:8f:b0:
90:3f:e7:2b:8d:b7:4a:db:d2:d2:e3:a1:86:ea:9a:19:c6:61:
cb:20:db:69:7f:5e:eb:74:e3:7c:45:98:fb:d6:38:f6:43:3c:
dc:6a:a1:ea:b6:d4:3f:03:3e:13:49:a8:0a:a3:19:c1:44:6d:
5a:4e:29:8a:c6:e0:72:d9:3b:bd:c6:ff:32:e8:21:74:5a:19:
f6:d3:53:5a:66:a4:4c:53:97:ee:6f:6e:6f:62:7c:ac:48:27:
92:22:11:39:90:b5:7b:6b:5b:e7:8b:ef:b5:01:1c:c4:35:56:
2c:4a:68:53:e4:4e:9a:ec:2e:a7:57:16:c3:d8:f5:75:61:95:
4a:8d:53:66:e3:d2:bc:b9:a9:49:10:87:89:9e:74:90:47:08:
67:56:c6:63:d1:66:0d:b3:a5:19:b0:8f:40:86:55:1f:a4:2b:
d0:6d:73:c4
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAZbEft0TrSXS24iSxdKCsXgaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZWJmYmZkNmY5MzdjNWFlMzllM2UzOGU4YWI4Mzg0MTA3
NDIxYTYwHhcNMjUwNTEyMTIzNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjllZGQ5YTMxNDFhMjcwNTdhYTBlNTI1MjFjMWY4MmJhNWMzZWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bwJ7LaaWSBXdW8EivBCf00bEtsT
c8jYNu0Lgx0cfLwyn/HeMzEZrgXmfTgwite+0gVsRVBWNEOLZraTzwSk0p9eArMq
55Z9SCpdIzW9z+fJDqctysycT1koZcjSMiGXip6S+9+Ie+N7jd11wutw9JLVpqHA
zMO7sX3JKBcQ8mojzAWI7M6E2ZrjRMZIEcgqm81O7hMJIEvVsWoMhqtpgjAtiSO2
l/5kxPu/UD5dFFk4jxTglZoNHIkQrxw7wvaUpJbPQhwGcq+mpM0uzKKWJJwyt/PI
ImgfzaFTOJ8ZV0E9wHJKv0UI8pvN6PCbYKg7hL5teCdiFdRbfBt1A7baGQIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFJKe3ZoxQaJwV6oOUlIcH4K6XD65MB8GA1UdIwQY
MBaAFA/r+/1vk3xa454+OOirg4QQdCGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGIt
N2Q3MDM3NGQ3NmQyLzEva3A3ZG1qRkJvbkJYcWc1U1Vod2ZncnBjUHJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGItN2Q3MDM3NGQ3NmQy
LzEvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCBkQQCAAEwgYoDBAAF
Ks4DBAAFLPkDBAAf3uIDBAA+ersDBAFY0iQDBAFZJKIDBABZKOIDBABbwFEDBAJf
rkQDBABnYVsDBAJnb3ADBABn/SQDBAFtesgDBABtes8DBACSE8QDBACe/0wDBACw
YcADBAG5jNIDBAC5kzUDBAC54PkDBAC55vUDBADBI+ADBAHVb4IwNgQCAAIwMAMG
BCoG+QFAAwYEKgb5AYADBgQqBvkBwAMGBCoG+QJAAwYEKgb5AoADBgQqBvkDQDAN
BgkqhkiG9w0BAQsFAAOCAQEADGGrOraPfLXo60urjGrpgWIAir4QqjMwVPd+R3x7
AFeNmXy5sIIWV+6O9X5JleE9hA49n/5yf6FhOha6VHxkgaXqscPZyLGgHWMHwGWW
ZTrW0TlePbN//I+wkD/nK423StvS0uOhhuqaGcZhyyDbaX9e63TjfEWY+9Y49kM8
3Gqh6rbUPwM+E0moCqMZwURtWk4pisbgctk7vcb/MughdFoZ9tNTWmakTFOX7m9u
b2J8rEgnkiIROZC1e2tb54vvtQEcxDVWLEpoU+ROmuwup1cWw9j1dWGVSo1TZuPS
vLmpSRCHiZ50kEcIZ1bGY9FmDbOlGbCPQIZVH6Qr0G1zxA==
-----END CERTIFICATE-----
Generated at Thu May 15 14:34:41 2025 by rpki-client