Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/iN2o8Un7JSexkG6ogPuRCgUoi5s.roa
File: iN2o8Un7JSexkG6ogPuRCgUoi5s.roa (raw, json)
Hash identifier: 0i0wGTTCh3Vi/q7aaqLAPQw2w2BEX/CZ+wUQ84+gybo=
Subject key identifier: 88:DD:A8:F1:49:FB:25:27:B1:90:6E:A8:80:FB:91:0A:05:28:8B:9B
Certificate issuer: /CN=99e7209a8c9b176fbf623edf3ee0b82007fc2c40
Certificate serial: 01963D65F408FF9A0EF84E09EC3C6B6B3CB0
Authority key identifier: 99:E7:20:9A:8C:9B:17:6F:BF:62:3E:DF:3E:E0:B8:20:07:FC:2C:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mecgmoybF2-_Yj7fPuC4IAf8LEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/iN2o8Un7JSexkG6ogPuRCgUoi5s.roa
Signing time: Wed 16 Apr 2025 07:00:13 +0000
ROA not before: Wed 16 Apr 2025 07:00:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16333
IP address blocks: 5.32.178.0/23 maxlen: 23
5.32.180.0/24 maxlen: 24
5.32.182.0/24 maxlen: 24
31.11.64.0/18 maxlen: 19
31.11.68.0/22 maxlen: 22
31.11.72.0/21 maxlen: 21
31.11.80.0/21 maxlen: 21
31.11.88.0/21 maxlen: 21
31.11.96.0/21 maxlen: 21
31.11.104.0/21 maxlen: 21
31.11.112.0/21 maxlen: 21
31.11.120.0/21 maxlen: 21
78.157.0.0/24 maxlen: 24
78.157.1.0/24 maxlen: 24
78.157.2.0/24 maxlen: 24
78.157.3.0/24 maxlen: 24
78.157.4.0/24 maxlen: 24
78.157.5.0/24 maxlen: 24
78.157.6.0/24 maxlen: 24
78.157.7.0/24 maxlen: 24
78.157.8.0/24 maxlen: 24
78.157.9.0/24 maxlen: 24
78.157.10.0/24 maxlen: 24
78.157.20.0/24 maxlen: 24
78.157.21.0/24 maxlen: 24
78.157.22.0/24 maxlen: 24
78.157.23.0/24 maxlen: 24
78.157.24.0/24 maxlen: 24
78.157.25.0/24 maxlen: 24
78.157.26.0/24 maxlen: 24
78.157.27.0/24 maxlen: 24
78.157.28.0/24 maxlen: 24
78.157.29.0/24 maxlen: 24
78.157.30.0/24 maxlen: 24
78.157.31.0/24 maxlen: 24
79.126.128.0/17 maxlen: 17
79.126.128.0/18 maxlen: 18
79.126.192.0/18 maxlen: 18
85.30.64.0/18 maxlen: 18
85.30.64.0/19 maxlen: 19
85.30.64.0/21 maxlen: 21
85.30.72.0/22 maxlen: 22
85.30.80.0/22 maxlen: 22
85.30.92.0/22 maxlen: 22
85.30.96.0/19 maxlen: 19
85.30.96.0/22 maxlen: 22
85.30.101.0/24 maxlen: 24
85.30.104.0/22 maxlen: 22
85.30.110.0/24 maxlen: 24
85.30.112.0/24 maxlen: 24
85.30.119.0/24 maxlen: 24
85.30.120.0/21 maxlen: 21
89.31.152.0/21 maxlen: 21
95.128.186.0/24 maxlen: 24
109.69.40.0/21 maxlen: 21
146.255.69.0/24 maxlen: 24
146.255.70.0/24 maxlen: 24
146.255.86.0/24 maxlen: 24
185.2.188.0/22 maxlen: 22
185.5.4.0/22 maxlen: 22
185.80.164.0/22 maxlen: 22
185.89.244.0/22 maxlen: 22
185.100.244.0/22 maxlen: 22
212.110.64.0/23 maxlen: 23
212.110.80.0/21 maxlen: 21
212.110.88.0/22 maxlen: 22
212.158.176.0/20 maxlen: 24
217.16.64.0/19 maxlen: 19
217.16.64.0/20 maxlen: 20
217.16.80.0/20 maxlen: 20
217.16.87.0/24 maxlen: 24
217.16.88.0/22 maxlen: 22
217.196.192.0/20 maxlen: 20
2a01:5b8::/29 maxlen: 29
2a01:5b8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/mecgmoybF2-_Yj7fPuC4IAf8LEA.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/mecgmoybF2-_Yj7fPuC4IAf8LEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/mecgmoybF2-_Yj7fPuC4IAf8LEA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 10:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3d:65:f4:08:ff:9a:0e:f8:4e:09:ec:3c:6b:6b:3c:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99e7209a8c9b176fbf623edf3ee0b82007fc2c40
Validity
Not Before: Apr 16 07:00:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=88dda8f149fb2527b1906ea880fb910a05288b9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b0:70:c0:47:6c:1e:05:10:5b:5b:90:8e:cc:
97:9c:fd:dd:4c:79:ee:b1:f9:34:9e:08:38:34:46:
9a:60:38:b2:42:a0:d6:20:08:0a:fb:b1:a5:08:7d:
48:a9:53:5b:3f:b9:1c:30:fd:2e:3d:c0:68:9e:d1:
86:90:7d:8b:0e:ab:ae:dd:de:3d:72:54:ee:40:83:
e8:ea:f0:02:e8:d0:82:af:33:9f:14:67:7f:6e:73:
9e:b7:06:5d:58:f2:fe:c2:1f:2c:6f:55:25:66:35:
21:18:94:8b:aa:40:04:5d:20:2a:e4:76:41:63:c4:
40:a2:dc:2c:fc:3f:3d:82:86:4b:ba:4b:dc:a7:58:
ae:c5:12:39:7c:5a:34:b6:17:dc:dd:6c:aa:f2:ab:
f3:26:f7:68:ac:c0:71:fe:7e:6e:4d:36:39:bd:87:
3b:cd:a8:0e:1d:89:73:40:a2:8a:4c:38:e6:3e:60:
b3:f5:c7:f9:6e:9b:8c:88:c0:88:79:f2:8f:2b:ee:
40:fa:24:f7:cd:14:24:59:d0:f8:91:e0:21:37:3f:
49:2d:9e:b1:33:60:0b:60:69:18:d4:48:f1:4e:19:
36:a1:51:93:8a:12:71:21:39:cc:6b:09:dc:88:4f:
0e:74:11:3a:46:63:f3:3f:6e:d6:7f:ce:86:9e:fc:
36:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:DD:A8:F1:49:FB:25:27:B1:90:6E:A8:80:FB:91:0A:05:28:8B:9B
X509v3 Authority Key Identifier:
keyid:99:E7:20:9A:8C:9B:17:6F:BF:62:3E:DF:3E:E0:B8:20:07:FC:2C:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mecgmoybF2-_Yj7fPuC4IAf8LEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/iN2o8Un7JSexkG6ogPuRCgUoi5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/mecgmoybF2-_Yj7fPuC4IAf8LEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.32.178.0-5.32.180.255
5.32.182.0/24
31.11.64.0/18
78.157.0.0-78.157.10.255
78.157.20.0-78.157.31.255
79.126.128.0/17
85.30.64.0/18
89.31.152.0/21
95.128.186.0/24
109.69.40.0/21
146.255.69.0-146.255.70.255
146.255.86.0/24
185.2.188.0/22
185.5.4.0/22
185.80.164.0/22
185.89.244.0/22
185.100.244.0/22
212.110.64.0/23
212.110.80.0-212.110.91.255
212.158.176.0/20
217.16.64.0/19
217.196.192.0/20
IPv6:
2a01:5b8::/29
Signature Algorithm: sha256WithRSAEncryption
1d:23:15:26:f1:cc:82:b8:7e:78:f2:7e:fa:1f:5b:c6:67:16:
23:88:2a:42:b3:79:00:87:c0:08:a1:f9:ff:38:72:0f:5c:ea:
2b:b9:4e:32:50:66:35:4c:a1:c4:b8:fe:53:9b:65:7e:53:5f:
32:8b:ed:86:1b:b9:ee:12:e3:e4:12:9c:13:7f:08:88:dc:44:
ab:8f:c9:ec:00:b7:7a:d0:a4:cd:77:59:ae:81:ab:12:37:4b:
20:61:cd:60:da:60:f8:2d:c0:4b:ce:d5:83:03:37:e4:e0:30:
31:d1:52:24:62:83:5f:de:86:c8:66:a3:91:10:c2:28:c1:2d:
a6:b0:a2:d6:df:0d:08:12:9f:43:2d:a4:1e:f9:37:7f:4b:1a:
ed:7f:70:0b:3b:4b:85:67:2c:5d:ff:ca:02:54:9a:53:89:d6:
6e:1a:c4:a4:05:8b:f6:9f:3b:f8:5a:b7:2f:23:43:06:df:c7:
b9:61:a0:bf:a8:67:90:ba:06:33:f9:fc:0f:36:9f:70:d0:80:
15:cd:db:1e:af:49:d8:fe:5a:55:a5:c1:44:66:a2:a0:b5:b1:
dc:60:a9:68:25:36:aa:39:ba:94:c5:63:27:f6:33:a1:9a:58:
a9:b6:8c:87:3b:a8:b8:35:21:04:e3:a2:e9:cb:d7:87:0c:c7:
0d:e1:64:d4
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAZY9ZfQI/5oO+E4J7DxrazywMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZTcyMDlhOGM5YjE3NmZiZjYyM2VkZjNlZTBiODIwMDdm
YzJjNDAwHhcNMjUwNDE2MDcwMDEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGRkYThmMTQ5ZmIyNTI3YjE5MDZlYTg4MGZiOTEwYTA1Mjg4YjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7BwwEdsHgUQW1uQjsyXnP3dTHnu
sfk0ngg4NEaaYDiyQqDWIAgK+7GlCH1IqVNbP7kcMP0uPcBontGGkH2LDquu3d49
clTuQIPo6vAC6NCCrzOfFGd/bnOetwZdWPL+wh8sb1UlZjUhGJSLqkAEXSAq5HZB
Y8RAotws/D89goZLukvcp1iuxRI5fFo0thfc3Wyq8qvzJvdorMBx/n5uTTY5vYc7
zagOHYlzQKKKTDjmPmCz9cf5bpuMiMCIefKPK+5A+iT3zRQkWdD4keAhNz9JLZ6x
M2ALYGkY1EjxThk2oVGTihJxITnMawnciE8OdBE6RmPzP27Wf86Gnvw2YQIDAQAB
o4ICwjCCAr4wHQYDVR0OBBYEFIjdqPFJ+yUnsZBuqID7kQoFKIubMB8GA1UdIwQY
MBaAFJnnIJqMmxdvv2I+3z7guCAH/CxAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWVjZ21veWJGMi1fWWo3ZlB1QzRJQWY4TEVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9lZjU4NTYtYmJjMC00NWE0LTg5MWUt
YjJkY2MxODYzZThiLzEvaU4ybzhVbjdKU2V4a0c2b2dQdVJDZ1VvaTVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9lZjU4NTYtYmJjMC00NWE0LTg5MWUtYjJkY2MxODYzZThi
LzEvbWVjZ21veWJGMi1fWWo3ZlB1QzRJQWY4TEVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHXBggrBgEFBQcBBwEB/wSBxzCBxDCBsgQCAAEwgaswDAME
AQUgsgMEAAUgtAMEAAUgtgMEBh8LQDALAwMATp0DBABOnQowDAMEAk6dFAMEBU6d
AAMEB09+gAMEBlUeQAMEA1kfmAMEAF+AugMEA21FKDAMAwQAkv9FAwQAkv9GAwQA
kv9WAwQCuQK8AwQCuQUEAwQCuVCkAwQCuVn0AwQCuWT0AwQB1G5AMAwDBATUblAD
BALUblgDBATUnrADBAXZEEADBATZxMAwDQQCAAIwBwMFAyoBBbgwDQYJKoZIhvcN
AQELBQADggEBAB0jFSbxzIK4fnjyfvofW8ZnFiOIKkKzeQCHwAih+f84cg9c6iu5
TjJQZjVMocS4/lObZX5TXzKL7YYbue4S4+QSnBN/CIjcRKuPyewAt3rQpM13Wa6B
qxI3SyBhzWDaYPgtwEvO1YMDN+TgMDHRUiRig1/ehshmo5EQwijBLaawotbfDQgS
n0MtpB75N39LGu1/cAs7S4VnLF3/ygJUmlOJ1m4axKQFi/afO/haty8jQwbfx7lh
oL+oZ5C6BjP5/A82n3DQgBXN2x6vSdj+WlWlwURmoqC1sdxgqWglNqo5upTFYyf2
M6GaWKm2jIc7qLg1IQTjounL14cMxw3hZNQ=
-----END CERTIFICATE-----
Generated at Sun May 11 18:53:01 2025 by rpki-client