Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/A614TnuaSPXB9Ic3Uxgn0PIiwlQ.roa
File: A614TnuaSPXB9Ic3Uxgn0PIiwlQ.roa (raw, json)
Hash identifier: RSdpZKJ8Cgq4h/JMTZYIRd1FNwDnpXVRg/wrcE/mhfw=
Subject key identifier: 03:AD:78:4E:7B:9A:48:F5:C1:F4:87:37:53:18:27:D0:F2:22:C2:54
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01968692359573D15CA4EC9DCCECFD86D963
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/A614TnuaSPXB9Ic3Uxgn0PIiwlQ.roa
Signing time: Wed 30 Apr 2025 12:00:51 +0000
ROA not before: Wed 30 Apr 2025 12:00:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201942
IP address blocks: 31.170.100.0/22 maxlen: 24
37.32.99.0/24 maxlen: 24
45.90.238.0/24 maxlen: 24
45.131.132.0/23 maxlen: 24
45.137.160.0/22 maxlen: 24
45.147.104.0/22 maxlen: 24
45.147.116.0/22 maxlen: 24
45.159.76.0/22 maxlen: 24
62.106.87.0/24 maxlen: 24
81.21.228.0/22 maxlen: 24
85.115.192.0/22 maxlen: 24
88.135.64.0/22 maxlen: 24
91.235.40.0/24 maxlen: 24
91.235.41.0/24 maxlen: 24
91.238.239.0/24 maxlen: 24
92.60.34.0/24 maxlen: 24
92.60.35.0/24 maxlen: 24
93.92.228.0/22 maxlen: 24
93.189.120.0/24 maxlen: 24
93.189.123.0/24 maxlen: 24
95.214.144.0/22 maxlen: 24
109.230.194.0/24 maxlen: 24
109.230.250.0/24 maxlen: 24
185.91.108.0/22 maxlen: 24
185.105.12.0/22 maxlen: 24
185.105.232.0/22 maxlen: 24
185.106.124.0/22 maxlen: 24
185.107.152.0/22 maxlen: 24
185.118.52.0/23 maxlen: 23
185.118.54.0/23 maxlen: 23
185.119.48.0/22 maxlen: 24
185.128.52.0/22 maxlen: 24
185.129.104.0/22 maxlen: 24
185.150.78.0/23 maxlen: 24
185.163.168.0/22 maxlen: 24
185.163.232.0/22 maxlen: 24
185.166.172.0/22 maxlen: 24
185.175.152.0/22 maxlen: 24
185.176.188.0/22 maxlen: 24
185.179.228.0/22 maxlen: 24
185.179.232.0/22 maxlen: 24
185.189.64.0/22 maxlen: 24
185.196.40.0/22 maxlen: 24
185.196.42.0/24 maxlen: 24
185.196.43.0/24 maxlen: 24
185.197.216.0/22 maxlen: 24
185.199.44.0/22 maxlen: 24
185.199.55.0/24 maxlen: 24
185.200.228.0/22 maxlen: 24
185.201.152.0/22 maxlen: 24
185.202.204.0/22 maxlen: 24
185.204.108.0/24 maxlen: 24
185.204.244.0/22 maxlen: 24
185.212.84.0/22 maxlen: 24
185.216.28.0/22 maxlen: 24
185.217.12.0/22 maxlen: 24
185.218.16.0/22 maxlen: 24
185.220.240.0/22 maxlen: 24
185.221.16.0/22 maxlen: 24
185.222.188.0/22 maxlen: 24
185.223.220.0/22 maxlen: 24
185.224.184.0/22 maxlen: 24
185.224.220.0/22 maxlen: 24
185.226.8.0/22 maxlen: 24
185.226.28.0/22 maxlen: 24
185.227.176.0/22 maxlen: 24
185.227.204.0/24 maxlen: 24
185.230.48.0/22 maxlen: 24
185.232.8.0/22 maxlen: 24
185.239.252.0/22 maxlen: 24
185.239.252.0/24 maxlen: 24
185.239.253.0/24 maxlen: 24
185.239.255.0/24 maxlen: 24
185.245.32.0/23 maxlen: 23
185.247.4.0/24 maxlen: 24
193.17.180.0/22 maxlen: 24
193.17.180.0/24 maxlen: 24
193.17.182.0/24 maxlen: 24
193.26.152.0/22 maxlen: 24
193.35.88.0/22 maxlen: 24
193.105.66.0/24 maxlen: 24
193.162.15.0/24 maxlen: 24
194.35.40.0/24 maxlen: 24
194.38.56.0/22 maxlen: 24
194.41.116.0/22 maxlen: 24
194.41.118.0/24 maxlen: 24
195.182.13.0/24 maxlen: 24
212.80.208.0/22 maxlen: 24
212.115.44.0/22 maxlen: 24
213.232.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 22:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:86:92:35:95:73:d1:5c:a4:ec:9d:cc:ec:fd:86:d9:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 30 12:00:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=03ad784e7b9a48f5c1f48737531827d0f222c254
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c7:9d:1a:6a:55:29:71:6d:bd:47:52:d4:54:
d0:90:f3:2d:d6:82:d9:c7:00:8a:65:84:1c:a6:90:
10:ad:23:2d:ed:43:aa:61:73:b3:c9:ab:05:db:bd:
9b:0b:df:a5:9c:d8:2e:3d:3e:0a:88:0a:f6:46:0a:
73:1c:00:70:82:04:b5:8e:2f:6b:ba:88:74:f4:d8:
4d:e4:74:44:e3:05:22:08:ef:50:f7:cd:45:74:52:
e5:11:d4:3f:56:98:26:07:e5:e6:f2:e5:02:8d:2b:
23:de:6f:d5:8a:81:59:1b:3f:88:e7:6c:aa:3d:a4:
8f:b0:17:e3:ce:50:fd:7f:d1:3c:3a:d3:f7:f8:d5:
83:08:3a:ad:e5:13:b1:eb:ef:b8:77:0d:3f:90:0b:
1c:c8:87:91:94:7d:fd:f2:1f:0e:d9:33:38:60:b8:
a8:d4:a7:e4:8f:2d:05:d8:ac:bd:81:72:86:2c:04:
fe:73:a2:5e:0a:f7:c2:1d:cb:9c:8f:69:e2:82:41:
bf:47:88:3e:ba:45:4c:ee:8d:03:20:92:29:96:e1:
aa:a9:83:d3:54:e0:e1:57:f7:88:bf:ed:4b:25:de:
40:7e:f3:03:1d:d9:80:51:c1:af:80:96:8d:0f:f6:
5e:ec:3f:b1:04:46:6b:e3:68:18:70:00:a1:9a:b9:
e4:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:AD:78:4E:7B:9A:48:F5:C1:F4:87:37:53:18:27:D0:F2:22:C2:54
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/A614TnuaSPXB9Ic3Uxgn0PIiwlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.100.0/22
37.32.99.0/24
45.90.238.0/24
45.131.132.0/23
45.137.160.0/22
45.147.104.0/22
45.147.116.0/22
45.159.76.0/22
62.106.87.0/24
81.21.228.0/22
85.115.192.0/22
88.135.64.0/22
91.235.40.0/23
91.238.239.0/24
92.60.34.0/23
93.92.228.0/22
93.189.120.0/24
93.189.123.0/24
95.214.144.0/22
109.230.194.0/24
109.230.250.0/24
185.91.108.0/22
185.105.12.0/22
185.105.232.0/22
185.106.124.0/22
185.107.152.0/22
185.118.52.0/22
185.119.48.0/22
185.128.52.0/22
185.129.104.0/22
185.150.78.0/23
185.163.168.0/22
185.163.232.0/22
185.166.172.0/22
185.175.152.0/22
185.176.188.0/22
185.179.228.0-185.179.235.255
185.189.64.0/22
185.196.40.0/22
185.197.216.0/22
185.199.44.0/22
185.199.55.0/24
185.200.228.0/22
185.201.152.0/22
185.202.204.0/22
185.204.108.0/24
185.204.244.0/22
185.212.84.0/22
185.216.28.0/22
185.217.12.0/22
185.218.16.0/22
185.220.240.0/22
185.221.16.0/22
185.222.188.0/22
185.223.220.0/22
185.224.184.0/22
185.224.220.0/22
185.226.8.0/22
185.226.28.0/22
185.227.176.0/22
185.227.204.0/24
185.230.48.0/22
185.232.8.0/22
185.239.252.0/22
185.245.32.0/23
185.247.4.0/24
193.17.180.0/22
193.26.152.0/22
193.35.88.0/22
193.105.66.0/24
193.162.15.0/24
194.35.40.0/24
194.38.56.0/22
194.41.116.0/22
195.182.13.0/24
212.80.208.0/22
212.115.44.0/22
213.232.232.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:d9:8d:8a:81:24:bb:22:f6:e6:c1:9c:a8:ce:b0:7c:27:58:
c1:5f:b6:c2:db:16:0f:71:a1:ec:8b:f9:92:dd:5d:e4:2e:20:
86:99:0b:ca:a5:4d:a0:aa:76:fd:13:e6:7d:2d:d8:3a:2c:0c:
d5:ce:27:52:8f:b4:88:e7:45:78:57:25:6c:a9:c5:c0:3f:91:
f6:55:6c:a7:62:b8:95:c9:09:d3:e2:95:ac:fd:01:b5:cb:ff:
c2:39:fb:c7:6a:26:72:9d:e2:91:ce:e5:da:23:76:62:f0:8f:
85:a3:a0:a8:37:d1:62:1b:72:71:b4:49:bd:68:e6:4d:2a:2f:
8e:9c:16:10:3f:3b:c4:f4:21:d4:2e:2e:c9:e7:90:4b:00:0e:
a4:87:ac:80:f8:1a:34:04:ec:7b:4a:92:0b:41:a1:d2:62:35:
cc:f5:82:6f:99:4b:c7:8d:4b:a8:81:d4:1e:1f:ae:c9:11:2e:
1c:c1:0f:0e:d0:0e:c1:11:b4:7f:ef:a7:b4:f5:1a:b7:0e:44:
7d:fa:da:b6:b7:3a:95:50:e7:49:6e:03:7c:80:c5:62:b4:17:
78:cf:e4:9c:d3:e6:c5:cc:90:56:26:5e:27:78:23:28:40:37:
ed:bb:9b:7d:05:aa:91:42:52:e8:fa:64:52:33:dc:f3:a0:31:
d9:b9:29:42
-----BEGIN CERTIFICATE-----
MIIG3TCCBcWgAwIBAgISAZaGkjWVc9FcpOydzOz9htljMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwNDMwMTIwMDUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2FkNzg0ZTdiOWE0OGY1YzFmNDg3Mzc1MzE4MjdkMGYyMjJjMjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcedGmpVKXFtvUdS1FTQkPMt1oLZ
xwCKZYQcppAQrSMt7UOqYXOzyasF272bC9+lnNguPT4KiAr2RgpzHABwggS1ji9r
uoh09NhN5HRE4wUiCO9Q981FdFLlEdQ/VpgmB+Xm8uUCjSsj3m/VioFZGz+I52yq
PaSPsBfjzlD9f9E8OtP3+NWDCDqt5ROx6++4dw0/kAscyIeRlH398h8O2TM4YLio
1Kfkjy0F2Ky9gXKGLAT+c6JeCvfCHcucj2nigkG/R4g+ukVM7o0DIJIpluGqqYPT
VODhV/eIv+1LJd5AfvMDHdmAUcGvgJaND/Ze7D+xBEZr42gYcAChmrnkuwIDAQAB
o4ID6TCCA+UwHQYDVR0OBBYEFAOteE57mkj1wfSHN1MYJ9DyIsJUMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvQTYxNFRudWFTUFhCOUljM1V4Z24wUElpd2xRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB/QYIKwYBBQUHAQcBAf8EggHsMIIB6DCCAeQEAgABMIIB
3AMEAh+qZAMEACUgYwMEAC1a7gMEAS2DhAMEAi2JoAMEAi2TaAMEAi2TdAMEAi2f
TAMEAD5qVwMEAlEV5AMEAlVzwAMEAliHQAMEAVvrKAMEAFvu7wMEAVw8IgMEAl1c
5AMEAF29eAMEAF29ewMEAl/WkAMEAG3mwgMEAG3m+gMEArlbbAMEArlpDAMEArlp
6AMEArlqfAMEArlrmAMEArl2NAMEArl3MAMEArmANAMEArmBaAMEAbmWTgMEArmj
qAMEArmj6AMEArmmrAMEArmvmAMEArmwvDAMAwQCubPkAwQCubPoAwQCub1AAwQC
ucQoAwQCucXYAwQCuccsAwQAucc3AwQCucjkAwQCucmYAwQCucrMAwQAucxsAwQC
ucz0AwQCudRUAwQCudgcAwQCudkMAwQCudoQAwQCudzwAwQCud0QAwQCud68AwQC
ud/cAwQCueC4AwQCueDcAwQCueIIAwQCueIcAwQCueOwAwQAuePMAwQCueYwAwQC
uegIAwQCue/8AwQBufUgAwQAufcEAwQCwRG0AwQCwRqYAwQCwSNYAwQAwWlCAwQA
waIPAwQAwiMoAwQCwiY4AwQCwil0AwQAw7YNAwQC1FDQAwQC1HMsAwQA1ejoMA0G
CSqGSIb3DQEBCwUAA4IBAQAq2Y2KgSS7IvbmwZyozrB8J1jBX7bC2xYPcaHsi/mS
3V3kLiCGmQvKpU2gqnb9E+Z9Ldg6LAzVzidSj7SI50V4VyVsqcXAP5H2VWynYriV
yQnT4pWs/QG1y//COfvHaiZyneKRzuXaI3Zi8I+Fo6CoN9FiG3JxtEm9aOZNKi+O
nBYQPzvE9CHULi7J55BLAA6kh6yA+Bo0BOx7SpILQaHSYjXM9YJvmUvHjUuogdQe
H67JES4cwQ8O0A7BEbR/76e09Rq3DkR9+tq2tzqVUOdJbgN8gMVitBd4z+Sc0+bF
zJBWJl4neCMoQDftu5t9BaqRQlLo+mRSM9zzoDHZuSlC
-----END CERTIFICATE-----
Generated at Fri May 9 06:51:03 2025 by rpki-client