Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/i7NdTPcfWm6S-ia8jMavL8TwgBo.roa
File: i7NdTPcfWm6S-ia8jMavL8TwgBo.roa (raw, json)
Hash identifier: rfwL8AVw3aN8CfLATlDNteM+c6BBXT+JuCeDGBUeAPo=
Subject key identifier: 8B:B3:5D:4C:F7:1F:5A:6E:92:FA:26:BC:8C:C6:AF:2F:C4:F0:80:1A
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 01968F88D0C62A0934F1B796E58384B71CAD
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/i7NdTPcfWm6S-ia8jMavL8TwgBo.roa
Signing time: Fri 02 May 2025 05:47:10 +0000
ROA not before: Fri 02 May 2025 05:47:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25211
IP address blocks: 45.141.232.0/24 maxlen: 24
45.141.234.0/24 maxlen: 24
45.141.235.0/24 maxlen: 24
78.159.128.0/24 maxlen: 24
78.159.129.0/24 maxlen: 24
78.159.131.0/24 maxlen: 24
78.159.136.0/24 maxlen: 24
78.159.137.0/24 maxlen: 24
78.159.138.0/24 maxlen: 24
78.159.139.0/24 maxlen: 24
78.159.149.0/24 maxlen: 24
78.159.150.0/24 maxlen: 24
78.159.152.0/22 maxlen: 22
78.159.153.0/24 maxlen: 24
78.159.154.0/24 maxlen: 24
78.159.155.0/24 maxlen: 24
78.159.156.0/24 maxlen: 24
78.159.157.0/24 maxlen: 24
78.159.158.0/24 maxlen: 24
78.159.159.0/24 maxlen: 24
91.92.33.0/24 maxlen: 24
91.92.35.0/24 maxlen: 24
91.92.40.0/24 maxlen: 24
91.92.41.0/24 maxlen: 24
91.92.42.0/24 maxlen: 24
91.92.43.0/24 maxlen: 24
91.92.44.0/24 maxlen: 24
91.92.45.0/24 maxlen: 24
91.92.46.0/24 maxlen: 24
91.92.49.0/24 maxlen: 24
91.92.50.0/24 maxlen: 24
91.92.51.0/24 maxlen: 24
91.92.52.0/24 maxlen: 24
91.92.53.0/24 maxlen: 24
93.152.206.0/24 maxlen: 24
93.152.207.0/24 maxlen: 24
93.152.209.0/24 maxlen: 24
93.152.210.0/24 maxlen: 24
93.152.211.0/24 maxlen: 24
93.152.213.0/24 maxlen: 24
93.152.214.0/24 maxlen: 24
93.152.215.0/24 maxlen: 24
93.152.216.0/24 maxlen: 24
93.152.218.0/24 maxlen: 24
93.152.219.0/24 maxlen: 24
93.152.220.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
93.152.222.0/24 maxlen: 24
93.152.223.0/24 maxlen: 24
93.152.224.0/24 maxlen: 24
93.152.226.0/24 maxlen: 24
93.152.227.0/24 maxlen: 24
93.152.230.0/24 maxlen: 24
94.26.28.0/24 maxlen: 24
94.26.29.0/24 maxlen: 24
94.26.76.0/22 maxlen: 22
94.26.76.0/24 maxlen: 24
94.26.77.0/24 maxlen: 24
94.26.78.0/24 maxlen: 24
94.26.79.0/24 maxlen: 24
94.26.89.0/24 maxlen: 24
94.26.90.0/24 maxlen: 24
94.190.195.0/24 maxlen: 24
185.96.252.0/24 maxlen: 24
185.96.253.0/24 maxlen: 24
185.96.255.0/24 maxlen: 24
212.102.105.0/24 maxlen: 24
212.102.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 05:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8f:88:d0:c6:2a:09:34:f1:b7:96:e5:83:84:b7:1c:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: May 2 05:47:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8bb35d4cf71f5a6e92fa26bc8cc6af2fc4f0801a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:72:ec:1f:56:bc:ff:70:14:bc:d6:bb:16:7b:
b7:95:31:d3:0d:29:a7:4b:a4:9b:91:cb:db:ed:bd:
d8:7f:9e:b9:7f:a5:92:4d:f6:f8:b3:a2:6b:59:9e:
e1:1e:0f:74:8f:dd:1d:76:51:7f:80:ae:1c:75:aa:
05:bb:c3:eb:e4:c7:29:2c:35:15:ad:dc:d5:8b:d1:
45:fb:ca:f1:58:3c:82:e4:ce:60:72:1a:57:1f:e7:
93:54:51:07:ec:2c:9e:27:97:f6:3d:73:0b:c7:7d:
69:dc:6b:f8:32:79:12:49:54:83:3b:13:9e:d3:14:
e0:09:dd:70:58:2a:92:7d:b0:5d:7f:eb:28:93:ca:
96:6f:02:6b:97:cf:72:fc:67:fa:34:b8:44:f8:c1:
9d:f9:30:55:9e:5f:27:46:de:6b:15:aa:3b:b4:ac:
20:01:03:de:4c:4a:b2:30:cf:5f:5f:eb:53:2c:6f:
92:f4:89:98:12:7b:41:59:ad:0e:71:68:e3:19:df:
f6:ab:f8:f1:74:cd:3f:9b:f1:90:f7:ae:13:54:74:
01:f0:a6:ef:4a:40:aa:04:9a:1a:67:a0:8c:2a:c6:
8c:9a:2f:c1:2b:f7:70:e0:19:57:83:71:9d:13:9b:
cd:e2:e4:f2:4b:7f:d2:26:e0:a5:e2:ce:df:fc:07:
32:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:B3:5D:4C:F7:1F:5A:6E:92:FA:26:BC:8C:C6:AF:2F:C4:F0:80:1A
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/i7NdTPcfWm6S-ia8jMavL8TwgBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.232.0/24
45.141.234.0/23
78.159.128.0/23
78.159.131.0/24
78.159.136.0/22
78.159.149.0-78.159.150.255
78.159.152.0/21
91.92.33.0/24
91.92.35.0/24
91.92.40.0-91.92.46.255
91.92.49.0-91.92.53.255
93.152.206.0/23
93.152.209.0-93.152.211.255
93.152.213.0-93.152.216.255
93.152.218.0-93.152.224.255
93.152.226.0/23
93.152.230.0/24
94.26.28.0/23
94.26.76.0/22
94.26.89.0-94.26.90.255
94.190.195.0/24
185.96.252.0/23
185.96.255.0/24
212.102.105.0/24
212.102.107.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:20:f8:44:c0:de:71:3d:67:60:c0:d1:2b:1b:d3:c4:7d:f9:
0a:73:74:f9:b8:c4:30:d0:99:7b:3c:e1:83:b7:e5:9b:90:97:
f2:bb:5c:dd:c7:1e:96:69:1a:85:3a:e5:c4:1b:44:08:5d:47:
8d:fe:89:dc:42:d6:6e:24:ea:b2:2a:dc:18:0a:c8:65:5d:3d:
39:e0:f0:7b:63:47:1d:c0:d9:fd:54:72:ec:a2:9a:8c:06:17:
78:85:45:2f:71:c3:87:4e:34:fd:05:5f:f0:0f:d4:70:ae:2e:
23:db:3a:85:9f:22:f3:a8:36:18:4c:d3:ed:ad:16:13:0a:a9:
a0:e9:13:32:75:d2:e8:e7:4b:e1:ba:45:b3:46:6f:cf:18:4c:
d4:bd:7f:a9:ac:32:fd:b4:43:38:0e:0d:cf:41:64:4c:d4:2a:
51:a7:b0:31:21:d8:65:7d:b4:ff:91:a3:5d:df:f3:71:b6:0b:
31:f4:43:7f:ae:c8:05:59:24:8e:92:19:57:2a:93:87:3b:93:
db:ee:15:de:d4:dc:3b:12:bf:9c:8e:64:78:a3:79:cb:4c:27:
34:98:94:8d:cb:5e:29:e5:44:01:a2:3c:de:fa:24:9c:ee:86:
73:59:cd:02:8a:38:cb:0d:97:13:12:c4:0d:af:db:a1:99:0a:
da:70:91:ef
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAZaPiNDGKgk08beW5YOEtxytMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjUwNTAyMDU0NzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmIzNWQ0Y2Y3MWY1YTZlOTJmYTI2YmM4Y2M2YWYyZmM0ZjA4MDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7nLsH1a8/3AUvNa7Fnu3lTHTDSmn
S6Sbkcvb7b3Yf565f6WSTfb4s6JrWZ7hHg90j90ddlF/gK4cdaoFu8Pr5McpLDUV
rdzVi9FF+8rxWDyC5M5gchpXH+eTVFEH7CyeJ5f2PXMLx31p3Gv4MnkSSVSDOxOe
0xTgCd1wWCqSfbBdf+sok8qWbwJrl89y/Gf6NLhE+MGd+TBVnl8nRt5rFao7tKwg
AQPeTEqyMM9fX+tTLG+S9ImYEntBWa0OcWjjGd/2q/jxdM0/m/GQ964TVHQB8Kbv
SkCqBJoaZ6CMKsaMmi/BK/dw4BlXg3GdE5vN4uTyS3/SJuCl4s7f/AcyPwIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFIuzXUz3H1pukvomvIzGry/E8IAaMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvaTdOZFRQY2ZXbTZTLWlhOGpNYXZMOFR3Z0JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DCB1QQCAAEwgc4DBAAt
jegDBAEtjeoDBAFOn4ADBABOn4MDBAJOn4gwDAMEAE6flQMEAE6flgMEA06fmAME
AFtcIQMEAFtcIzAMAwQDW1woAwQAW1wuMAwDBABbXDEDBAFbXDQDBAFdmM4wDAME
AF2Y0QMEAl2Y0DAMAwQAXZjVAwQAXZjYMAwDBAFdmNoDBABdmOADBAFdmOIDBABd
mOYDBAFeGhwDBAJeGkwwDAMEAF4aWQMEAF4aWgMEAF6+wwMEAblg/AMEALlg/wME
ANRmaQMEANRmazANBgkqhkiG9w0BAQsFAAOCAQEATCD4RMDecT1nYMDRKxvTxH35
CnN0+bjEMNCZezzhg7flm5CX8rtc3ccelmkahTrlxBtECF1Hjf6J3ELWbiTqsirc
GArIZV09OeDwe2NHHcDZ/VRy7KKajAYXeIVFL3HDh040/QVf8A/UcK4uI9s6hZ8i
86g2GEzT7a0WEwqpoOkTMnXS6OdL4bpFs0ZvzxhM1L1/qawy/bRDOA4Nz0FkTNQq
UaewMSHYZX20/5GjXd/zcbYLMfRDf67IBVkkjpIZVyqThzuT2+4V3tTcOxK/nI5k
eKN5y0wnNJiUjcteKeVEAaI83voknO6Gc1nNAoo4yw2XExLEDa/boZkK2nCR7w==
-----END CERTIFICATE-----
Generated at Sun May 11 15:06:41 2025 by rpki-client