Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/MZiHSobp59WQqC8uBm95hOdBXsI.roa
File: MZiHSobp59WQqC8uBm95hOdBXsI.roa (raw, json)
Hash identifier: fjadJjOlL1+6DsHUuKfvwBZj90/AlszWfNgb3uQbb9s=
Subject key identifier: 31:98:87:4A:86:E9:E7:D5:90:A8:2F:2E:06:6F:79:84:E7:41:5E:C2
Certificate issuer: /CN=9295b1f1dcd8fa6ac1ef788278c489e15eacae70
Certificate serial: 01969FCBB8D167744114B596D1CC0844FB09
Authority key identifier: 92:95:B1:F1:DC:D8:FA:6A:C1:EF:78:82:78:C4:89:E1:5E:AC:AE:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpWx8dzY-mrB73iCeMSJ4V6srnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/MZiHSobp59WQqC8uBm95hOdBXsI.roa
Signing time: Mon 05 May 2025 09:34:10 +0000
ROA not before: Mon 05 May 2025 09:34:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8560
IP address blocks: 5.250.176.0/20 maxlen: 24
46.16.72.0/21 maxlen: 24
78.137.96.0/21 maxlen: 24
81.173.112.0/22 maxlen: 24
82.165.0.0/16 maxlen: 24
85.184.248.0/22 maxlen: 24
87.106.0.0/16 maxlen: 24
157.97.104.0/21 maxlen: 24
157.97.104.0/24 maxlen: 32
157.97.105.0/24 maxlen: 32
185.48.116.0/22 maxlen: 24
194.126.206.0/24 maxlen: 24
194.164.4.0/22 maxlen: 24
194.164.8.0/22 maxlen: 24
194.164.16.0/20 maxlen: 24
194.164.48.0/20 maxlen: 24
194.164.88.0/21 maxlen: 24
194.164.120.0/21 maxlen: 24
194.164.160.0/20 maxlen: 24
194.164.192.0/20 maxlen: 24
195.20.224.0/19 maxlen: 24
212.132.64.0/18 maxlen: 24
212.227.0.0/16 maxlen: 24
213.165.64.0/19 maxlen: 24
213.165.65.0/24 maxlen: 24
213.165.69.0/24 maxlen: 24
213.165.70.0/23 maxlen: 23
213.165.70.0/24 maxlen: 24
213.165.71.0/24 maxlen: 24
213.165.74.0/24 maxlen: 24
213.165.79.0/24 maxlen: 24
213.165.80.0/23 maxlen: 23
213.165.80.0/24 maxlen: 24
213.165.81.0/24 maxlen: 24
213.165.82.0/23 maxlen: 23
213.165.84.0/24 maxlen: 24
213.165.85.0/24 maxlen: 24
213.165.86.0/23 maxlen: 23
213.165.88.0/22 maxlen: 22
213.165.92.0/24 maxlen: 24
213.165.93.0/24 maxlen: 24
213.165.94.0/23 maxlen: 23
213.244.192.0/24 maxlen: 24
217.72.192.0/20 maxlen: 24
217.154.0.0/21 maxlen: 24
217.154.8.0/22 maxlen: 24
217.154.13.0/24 maxlen: 24
217.154.14.0/23 maxlen: 24
217.154.16.0/21 maxlen: 24
217.154.50.0/23 maxlen: 24
217.154.52.0/22 maxlen: 24
217.154.56.0/21 maxlen: 24
217.154.64.0/21 maxlen: 24
217.154.74.0/23 maxlen: 24
217.154.76.0/22 maxlen: 24
217.154.80.0/21 maxlen: 24
217.154.88.0/23 maxlen: 24
217.154.91.0/24 maxlen: 24
217.154.92.0/22 maxlen: 24
217.154.240.0/22 maxlen: 24
217.154.248.0/24 maxlen: 24
217.160.0.0/16 maxlen: 24
217.160.124.0/23 maxlen: 24
217.160.150.0/23 maxlen: 32
2001:8d8::/32 maxlen: 48
2a02:2478::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/kpWx8dzY-mrB73iCeMSJ4V6srnA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/kpWx8dzY-mrB73iCeMSJ4V6srnA.mft
rsync://rpki.ripe.net/repository/DEFAULT/kpWx8dzY-mrB73iCeMSJ4V6srnA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:9f:cb:b8:d1:67:74:41:14:b5:96:d1:cc:08:44:fb:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9295b1f1dcd8fa6ac1ef788278c489e15eacae70
Validity
Not Before: May 5 09:34:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3198874a86e9e7d590a82f2e066f7984e7415ec2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d4:00:ad:6a:77:4d:ec:0e:12:4f:62:f2:dc:
68:44:fb:76:85:f4:69:77:6e:0b:26:a6:bf:fe:dd:
1c:80:ba:85:e0:d7:d2:dd:fe:9f:43:aa:03:05:35:
93:8b:05:94:a7:05:ca:27:56:ff:40:79:df:9a:a5:
77:ec:2d:42:19:2a:21:93:30:f7:2a:72:2d:87:81:
2d:b7:51:33:1d:16:8f:f5:f8:73:d2:3a:31:60:12:
a4:eb:a8:6a:b9:11:39:66:57:41:a1:09:c8:e5:0f:
10:12:ea:35:21:51:6b:21:15:f1:6b:0c:52:27:cd:
11:e2:dc:d4:45:d2:7b:f1:95:7b:84:22:01:f0:92:
54:84:95:53:02:32:17:0d:dd:fc:b5:5f:b3:24:a5:
26:8e:e6:a1:92:9e:ee:d6:c7:35:a0:47:4d:f1:ee:
32:6d:b3:49:46:cf:af:39:6f:7e:e0:4f:79:b6:e6:
87:c9:9e:17:8f:58:d5:a4:c0:2e:ae:ed:bc:96:25:
5d:57:e5:bb:b1:94:03:24:71:bf:02:94:3c:a6:01:
ef:7a:63:10:5e:70:34:88:3d:eb:fc:80:40:e7:19:
27:54:35:e0:71:34:9b:5b:3f:f7:1e:6f:9a:02:3e:
5c:ba:85:8e:c8:b7:42:3d:de:02:72:76:a6:8d:cb:
7f:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:98:87:4A:86:E9:E7:D5:90:A8:2F:2E:06:6F:79:84:E7:41:5E:C2
X509v3 Authority Key Identifier:
keyid:92:95:B1:F1:DC:D8:FA:6A:C1:EF:78:82:78:C4:89:E1:5E:AC:AE:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpWx8dzY-mrB73iCeMSJ4V6srnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/MZiHSobp59WQqC8uBm95hOdBXsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/kpWx8dzY-mrB73iCeMSJ4V6srnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.250.176.0/20
46.16.72.0/21
78.137.96.0/21
81.173.112.0/22
82.165.0.0/16
85.184.248.0/22
87.106.0.0/16
157.97.104.0/21
185.48.116.0/22
194.126.206.0/24
194.164.4.0-194.164.11.255
194.164.16.0/20
194.164.48.0/20
194.164.88.0/21
194.164.120.0/21
194.164.160.0/20
194.164.192.0/20
195.20.224.0/19
212.132.64.0/18
212.227.0.0/16
213.165.64.0/19
213.244.192.0/24
217.72.192.0/20
217.154.0.0-217.154.11.255
217.154.13.0-217.154.23.255
217.154.50.0-217.154.71.255
217.154.74.0-217.154.89.255
217.154.91.0-217.154.95.255
217.154.240.0/22
217.154.248.0/24
217.160.0.0/16
IPv6:
2001:8d8::/32
2a02:2478::/29
Signature Algorithm: sha256WithRSAEncryption
46:9a:f7:50:0b:26:a6:90:ad:66:3d:fc:0a:9d:c9:c4:51:f5:
3c:fb:34:c1:43:e7:59:06:ff:f5:eb:24:d6:96:c8:10:d8:46:
29:1f:dc:0b:77:53:f4:7d:b7:bf:a0:a6:4c:45:c3:e3:9c:79:
04:8f:35:c2:d7:08:93:83:31:ad:d6:92:6d:ac:98:5a:b9:44:
44:77:06:df:af:79:1d:d8:63:b8:1d:70:cd:1b:ab:a2:ae:a3:
ac:04:b8:6c:97:49:42:05:c2:92:ab:77:ca:53:b4:92:03:15:
27:a1:87:73:fd:64:b9:78:a8:46:b2:34:5b:4f:ab:c7:89:d7:
96:47:23:b6:72:87:42:1d:5d:2e:1e:9b:e1:65:8a:ef:ee:cb:
aa:9c:f0:3e:a2:1b:7e:9d:d6:6e:92:ea:a4:d4:53:d5:d4:1f:
b7:cc:9e:6e:2d:81:36:c6:ed:b5:22:0c:8d:9e:3f:5a:8a:34:
ac:38:f9:e2:c1:24:ad:22:94:0e:a4:b5:97:8c:2e:c3:26:19:
4f:71:e4:bf:e3:47:7d:56:ee:2d:fd:5a:d3:56:18:e4:0e:9c:
02:dc:c2:12:67:3f:cc:8e:35:29:8a:d2:14:55:3b:30:39:33:
3f:fe:c9:d5:c9:d9:b9:92:de:db:c2:27:c2:a7:93:1d:17:88:
69:fc:fa:62
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgISAZafy7jRZ3RBFLWW0cwIRPsJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTViMWYxZGNkOGZhNmFjMWVmNzg4Mjc4YzQ4OWUxNWVh
Y2FlNzAwHhcNMjUwNTA1MDkzNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTk4ODc0YTg2ZTllN2Q1OTBhODJmMmUwNjZmNzk4NGU3NDE1ZWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtQArWp3TewOEk9i8txoRPt2hfRp
d24LJqa//t0cgLqF4NfS3f6fQ6oDBTWTiwWUpwXKJ1b/QHnfmqV37C1CGSohkzD3
KnIth4Ett1EzHRaP9fhz0joxYBKk66hquRE5ZldBoQnI5Q8QEuo1IVFrIRXxawxS
J80R4tzURdJ78ZV7hCIB8JJUhJVTAjIXDd38tV+zJKUmjuahkp7u1sc1oEdN8e4y
bbNJRs+vOW9+4E95tuaHyZ4Xj1jVpMAuru28liVdV+W7sZQDJHG/ApQ8pgHvemMQ
XnA0iD3r/IBA5xknVDXgcTSbWz/3Hm+aAj5cuoWOyLdCPd4Ccnamjct/AwIDAQAB
o4IDBjCCAwIwHQYDVR0OBBYEFDGYh0qG6efVkKgvLgZveYTnQV7CMB8GA1UdIwQY
MBaAFJKVsfHc2Ppqwe94gnjEieFerK5wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BXeDhkelktbXJCNzNpQ2VNU0o0VjZzcm5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZmJjMmUtZmQ4OC00ZGYyLWFhZTMt
OWViNDBjYzVmNjhiLzEvTVppSFNvYnA1OVdRcUM4dUJtOTVoT2RCWHNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZmJjMmUtZmQ4OC00ZGYyLWFhZTMtOWViNDBjYzVmNjhi
LzEva3BXeDhkelktbXJCNzNpQ2VNU0o0VjZzcm5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGgYIKwYBBQUHAQcBAf8EggEJMIIBBTCB7AQCAAEwgeUD
BAQF+rADBAMuEEgDBANOiWADBAJRrXADAwBSpQMEAlW4+AMDAFdqAwQDnWFoAwQC
uTB0AwQAwn7OMAwDBALCpAQDBALCpAgDBATCpBADBATCpDADBAPCpFgDBAPCpHgD
BATCpKADBATCpMADBAXDFOADBAbUhEADAwDU4wMEBdWlQAMEANX0wAMEBNlIwDAL
AwMB2ZoDBALZmggwDAMEANmaDQMEA9maEDAMAwQB2ZoyAwQD2ZpAMAwDBAHZmkoD
BAHZmlgwDAMEANmaWwMEBdmaQAMEAtma8AMEANma+AMDANmgMBQEAgACMA4DBQAg
AQjYAwUDKgIkeDANBgkqhkiG9w0BAQsFAAOCAQEARpr3UAsmppCtZj38Cp3JxFH1
PPs0wUPnWQb/9esk1pbIENhGKR/cC3dT9H23v6CmTEXD45x5BI81wtcIk4MxrdaS
bayYWrlERHcG3695HdhjuB1wzRuroq6jrAS4bJdJQgXCkqt3ylO0kgMVJ6GHc/1k
uXioRrI0W0+rx4nXlkcjtnKHQh1dLh6b4WWK7+7LqpzwPqIbfp3WbpLqpNRT1dQf
t8yebi2BNsbttSIMjZ4/Woo0rDj54sEkrSKUDqS1l4wuwyYZT3Hkv+NHfVbuLf1a
01YY5A6cAtzCEmc/zI41KYrSFFU7MDkzP/7J1cnZuZLe28InwqeTHReIafz6Yg==
-----END CERTIFICATE-----
Generated at Thu May 8 12:12:34 2025 by rpki-client