Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/jT8TtCFNTlKwPMmqlrycg4pd3Ks.roa
File: jT8TtCFNTlKwPMmqlrycg4pd3Ks.roa (raw, json)
Hash identifier: Z/6XZMJC3dE7VsH6nt9a6dKmCPvrRaks+OkbIUHxD+w=
Subject key identifier: 8D:3F:13:B4:21:4D:4E:52:B0:3C:C9:AA:96:BC:9C:83:8A:5D:DC:AB
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 0196B533263C3A09668CDCCCA55F4CA654FE
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/jT8TtCFNTlKwPMmqlrycg4pd3Ks.roa
Signing time: Fri 09 May 2025 13:19:10 +0000
ROA not before: Fri 09 May 2025 13:19:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136787
IP address blocks: 36.255.188.0/24 maxlen: 24
36.255.189.0/24 maxlen: 24
36.255.190.0/24 maxlen: 24
36.255.191.0/24 maxlen: 24
45.143.68.0/24 maxlen: 24
45.143.69.0/24 maxlen: 24
45.143.70.0/24 maxlen: 24
45.143.71.0/24 maxlen: 24
45.157.124.0/22 maxlen: 24
45.157.124.0/24 maxlen: 24
45.157.125.0/24 maxlen: 24
45.157.126.0/24 maxlen: 24
45.157.127.0/24 maxlen: 24
83.150.240.0/24 maxlen: 24
83.150.241.0/24 maxlen: 24
83.150.242.0/24 maxlen: 24
83.150.243.0/24 maxlen: 24
87.239.254.0/24 maxlen: 24
95.181.216.0/24 maxlen: 24
95.181.217.0/24 maxlen: 24
95.181.218.0/24 maxlen: 24
95.181.219.0/24 maxlen: 24
103.225.200.0/24 maxlen: 24
103.225.201.0/24 maxlen: 24
103.225.202.0/24 maxlen: 24
103.225.203.0/24 maxlen: 24
171.22.252.0/24 maxlen: 24
185.46.116.0/24 maxlen: 24
185.46.117.0/24 maxlen: 24
185.46.240.0/24 maxlen: 24
185.46.241.0/24 maxlen: 24
185.46.242.0/24 maxlen: 24
185.46.243.0/24 maxlen: 24
185.75.208.0/24 maxlen: 24
185.75.209.0/24 maxlen: 24
185.75.210.0/24 maxlen: 24
185.75.211.0/24 maxlen: 24
185.201.190.0/24 maxlen: 24
185.253.68.0/24 maxlen: 24
185.253.69.0/24 maxlen: 24
185.253.70.0/24 maxlen: 24
185.253.71.0/24 maxlen: 24
193.108.242.0/24 maxlen: 24
193.108.243.0/24 maxlen: 24
193.201.248.0/24 maxlen: 24
193.201.249.0/24 maxlen: 24
193.201.250.0/24 maxlen: 24
193.201.251.0/24 maxlen: 24
194.36.96.0/24 maxlen: 24
194.36.97.0/24 maxlen: 24
194.36.98.0/24 maxlen: 24
194.36.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.mft
rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b5:33:26:3c:3a:09:66:8c:dc:cc:a5:5f:4c:a6:54:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: May 9 13:19:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8d3f13b4214d4e52b03cc9aa96bc9c838a5ddcab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:29:54:f6:1b:47:2f:7c:1b:df:1e:8b:24:d8:
48:53:3d:1b:cd:df:e7:99:1b:34:30:ab:e8:5c:d7:
8b:e6:14:32:36:6d:52:0e:be:62:2d:e9:2c:3b:3b:
39:80:77:16:4f:e8:e8:90:55:aa:a1:09:21:88:0f:
da:bb:b3:35:c6:76:41:55:f7:cd:7d:40:00:ad:fe:
59:28:be:e4:21:9b:a0:29:21:48:36:76:b5:b9:c4:
1b:32:95:7c:f6:3f:53:9e:cf:76:fb:bf:b1:69:2c:
20:fa:38:5a:0f:34:71:59:5c:59:79:12:ac:93:bf:
e5:85:af:a9:3c:ba:b7:f1:60:fd:d1:bb:79:a4:07:
12:4c:8b:c9:06:89:41:d1:bf:75:36:b6:4f:ed:c4:
7d:26:da:1b:25:a3:41:a0:82:90:95:91:ba:03:b7:
2f:13:a5:24:ff:ab:c2:58:87:75:5d:7f:ce:bd:47:
5b:7e:68:1d:4e:6b:27:1c:7c:d5:cd:2f:f8:e5:6e:
a1:01:53:7d:b1:bf:09:6d:34:7b:f2:5d:92:96:77:
e0:e3:fa:6e:a9:e7:a6:01:ec:4c:9c:b9:9f:a8:96:
18:1f:fc:e6:70:c2:2f:0a:5c:bc:bc:6a:d7:24:5e:
f6:8c:07:6f:dc:4a:c1:1a:52:51:3a:5e:3d:47:02:
bf:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:3F:13:B4:21:4D:4E:52:B0:3C:C9:AA:96:BC:9C:83:8A:5D:DC:AB
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/jT8TtCFNTlKwPMmqlrycg4pd3Ks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
36.255.188.0/22
45.143.68.0/22
45.157.124.0/22
83.150.240.0/22
87.239.254.0/24
95.181.216.0/22
103.225.200.0/22
171.22.252.0/24
185.46.116.0/23
185.46.240.0/22
185.75.208.0/22
185.201.190.0/24
185.253.68.0/22
193.108.242.0/23
193.201.248.0/22
194.36.96.0/22
Signature Algorithm: sha256WithRSAEncryption
40:39:fd:21:30:8c:06:62:e0:40:5c:a6:dd:5c:04:55:a3:00:
1c:96:ab:76:dc:ae:94:c0:9f:64:47:18:d4:03:d8:51:76:00:
6f:41:7e:53:18:96:4b:0a:12:a8:f4:98:94:e4:94:b9:d1:a6:
0e:98:b9:6b:c3:84:b8:f1:ad:60:b3:be:8f:ef:4f:67:dd:24:
aa:f9:e3:41:cb:ad:eb:9d:11:64:27:57:2f:af:ac:61:35:fb:
ba:38:59:85:75:41:7e:78:2a:c2:00:64:c5:59:19:fb:f8:40:
2a:00:1d:2c:09:64:16:fc:8a:00:45:f1:94:9e:fa:c6:a8:89:
6d:96:4d:04:32:3e:99:81:9f:22:a1:45:7c:a7:ed:fb:22:fd:
69:96:cd:c2:b2:c7:43:29:bd:d6:22:5e:bb:3f:6a:4c:6e:59:
f7:a3:7c:0a:35:7d:50:fa:0f:d0:da:36:d3:8e:87:71:63:46:
47:03:d7:2a:b7:a2:f6:91:50:bd:1a:ca:18:ac:46:0d:11:6e:
1c:3d:12:f4:96:cd:18:23:13:bd:d1:d3:1c:8b:1c:fd:e3:48:
72:2a:b4:0f:1d:e0:5c:32:14:77:cd:36:f2:55:23:be:c2:d4:
01:6d:53:6d:5c:e7:50:15:7f:ef:0b:fa:0c:4f:3e:7e:45:b0:
b6:ce:70:7a
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZa1MyY8OglmjNzMpV9MplT+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjUwNTA5MTMxOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDNmMTNiNDIxNGQ0ZTUyYjAzY2M5YWE5NmJjOWM4MzhhNWRkY2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiClU9htHL3wb3x6LJNhIUz0bzd/n
mRs0MKvoXNeL5hQyNm1SDr5iLeksOzs5gHcWT+jokFWqoQkhiA/au7M1xnZBVffN
fUAArf5ZKL7kIZugKSFINna1ucQbMpV89j9Tns92+7+xaSwg+jhaDzRxWVxZeRKs
k7/lha+pPLq38WD90bt5pAcSTIvJBolB0b91NrZP7cR9JtobJaNBoIKQlZG6A7cv
E6Uk/6vCWId1XX/OvUdbfmgdTmsnHHzVzS/45W6hAVN9sb8JbTR78l2Slnfg4/pu
qeemAexMnLmfqJYYH/zmcMIvCly8vGrXJF72jAdv3ErBGlJROl49RwK/lwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFI0/E7QhTU5SsDzJqpa8nIOKXdyrMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvalQ4VHRDRk5UbEt3UE1tcWxyeWNnNHBkM0tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQCJP+8AwQC
LY9EAwQCLZ18AwQCU5bwAwQAV+/+AwQCX7XYAwQCZ+HIAwQAqxb8AwQBuS50AwQC
uS7wAwQCuUvQAwQAucm+AwQCuf1EAwQBwWzyAwQCwcn4AwQCwiRgMA0GCSqGSIb3
DQEBCwUAA4IBAQBAOf0hMIwGYuBAXKbdXARVowAclqt23K6UwJ9kRxjUA9hRdgBv
QX5TGJZLChKo9JiU5JS50aYOmLlrw4S48a1gs76P709n3SSq+eNBy63rnRFkJ1cv
r6xhNfu6OFmFdUF+eCrCAGTFWRn7+EAqAB0sCWQW/IoARfGUnvrGqIltlk0EMj6Z
gZ8ioUV8p+37Iv1pls3CssdDKb3WIl67P2pMbln3o3wKNX1Q+g/Q2jbTjodxY0ZH
A9cqt6L2kVC9GsoYrEYNEW4cPRL0ls0YIxO90dMcixz940hyKrQPHeBcMhR3zTby
VSO+wtQBbVNtXOdQFX/vC/oMTz5+RbC2znB6
-----END CERTIFICATE-----
Generated at Sun May 11 06:36:20 2025 by rpki-client