Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kOf_R9Qy1GVQ1glrjJm4uNqNh1g.roa
File: kOf_R9Qy1GVQ1glrjJm4uNqNh1g.roa (raw, json)
Hash identifier: aNoVCmKQ4VNgL/AQ07xn/ExPi8moeVmlmmFfwgj7rOw=
Subject key identifier: 90:E7:FF:47:D4:32:D4:65:50:D6:09:6B:8C:99:B8:B8:DA:8D:87:58
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 0196629B0CC94D0894C290EB868036FC53BD
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kOf_R9Qy1GVQ1glrjJm4uNqNh1g.roa
Signing time: Wed 23 Apr 2025 12:24:10 +0000
ROA not before: Wed 23 Apr 2025 12:24:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203020
IP address blocks: 5.154.174.0/24 maxlen: 24
45.10.192.0/24 maxlen: 32
45.10.193.0/24 maxlen: 32
45.95.24.0/22 maxlen: 32
45.144.88.0/22 maxlen: 24
45.149.28.0/22 maxlen: 24
45.153.157.0/24 maxlen: 24
45.153.158.0/23 maxlen: 32
45.156.224.0/22 maxlen: 32
80.246.30.0/24 maxlen: 32
86.105.183.0/24 maxlen: 32
87.239.255.0/24 maxlen: 32
89.35.249.0/24 maxlen: 32
89.40.24.0/24 maxlen: 32
89.44.205.0/24 maxlen: 32
91.228.216.0/24 maxlen: 24
94.46.206.0/24 maxlen: 32
103.21.52.0/24 maxlen: 32
103.71.60.0/24 maxlen: 32
103.204.222.0/23 maxlen: 32
104.36.50.0/24 maxlen: 32
185.36.254.0/24 maxlen: 32
185.96.162.0/24 maxlen: 32
185.108.104.0/24 maxlen: 32
185.108.105.0/24 maxlen: 32
185.147.140.0/22 maxlen: 32
185.152.36.0/22 maxlen: 32
185.152.248.0/22 maxlen: 32
185.153.151.0/24 maxlen: 32
185.160.44.0/22 maxlen: 32
185.166.84.0/24 maxlen: 32
185.184.228.0/24 maxlen: 32
185.188.61.0/24 maxlen: 24
185.201.188.0/24 maxlen: 24
185.217.64.0/22 maxlen: 22
185.242.217.0/24 maxlen: 24
188.119.154.0/24 maxlen: 32
193.36.89.0/24 maxlen: 32
195.47.194.0/24 maxlen: 32
199.249.223.0/24 maxlen: 32
2a01:4740::/32 maxlen: 32
2a05:28c0::/29 maxlen: 32
2a05:f4c0::/29 maxlen: 29
2a06:3040::/29 maxlen: 48
2a06:46c0::/29 maxlen: 32
2a06:4a00::/29 maxlen: 32
2a06:5000::/29 maxlen: 32
2a06:5700::/29 maxlen: 32
2a06:df80::/29 maxlen: 29
2a06:e480::/29 maxlen: 29
2a07:4780::/29 maxlen: 29
2a07:9c80::/29 maxlen: 29
2a07:f2c0::/29 maxlen: 29
2a0a:3080::/29 maxlen: 29
2a0b:3f40::/29 maxlen: 29
2a0c:d8c0::/29 maxlen: 29
2a0c:ec40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.mft
rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 15:42:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:62:9b:0c:c9:4d:08:94:c2:90:eb:86:80:36:fc:53:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Apr 23 12:24:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90e7ff47d432d46550d6096b8c99b8b8da8d8758
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:59:f6:fe:51:ff:00:1b:2d:d5:09:bc:2b:02:
da:4c:e2:2b:6f:3f:02:a7:c1:b6:3a:9e:71:b1:60:
68:f0:5e:0b:53:e5:df:45:a1:ad:7b:7f:fb:68:17:
32:eb:6f:60:50:f7:69:d0:b1:d4:0b:cf:4d:4f:02:
70:83:fc:c6:88:e6:2e:9b:97:e2:e1:19:82:70:5e:
8d:9d:46:91:13:cc:7a:8e:93:48:00:9c:6a:52:f0:
7d:0e:1a:71:01:6c:9b:c3:2f:4d:bb:cc:d3:ab:22:
cb:40:fc:36:4c:4c:8a:c4:37:75:69:64:a0:b4:64:
99:02:61:f8:0b:1c:d9:12:81:e4:12:5c:b3:e0:0c:
29:9a:ff:5d:ef:20:3b:a5:ae:c3:3a:29:cc:78:73:
0c:db:b0:98:3f:70:93:af:5b:c2:43:c7:7c:66:d6:
3c:57:d1:70:5b:50:92:f8:7e:73:f0:6f:0e:4b:c7:
c4:82:2d:4c:fe:10:db:87:32:cd:95:72:c7:cb:fb:
84:35:c0:e2:4c:cd:7b:50:3e:b4:96:18:6b:bb:50:
7c:9d:e8:f5:15:74:ac:e4:b4:aa:1a:0a:1b:38:db:
a4:fd:a7:bc:0d:84:50:11:e6:35:db:39:92:b7:80:
02:19:8f:49:66:b8:c9:c1:89:5d:53:07:a0:ba:b2:
ab:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:E7:FF:47:D4:32:D4:65:50:D6:09:6B:8C:99:B8:B8:DA:8D:87:58
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kOf_R9Qy1GVQ1glrjJm4uNqNh1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.174.0/24
45.10.192.0/23
45.95.24.0/22
45.144.88.0/22
45.149.28.0/22
45.153.157.0-45.153.159.255
45.156.224.0/22
80.246.30.0/24
86.105.183.0/24
87.239.255.0/24
89.35.249.0/24
89.40.24.0/24
89.44.205.0/24
91.228.216.0/24
94.46.206.0/24
103.21.52.0/24
103.71.60.0/24
103.204.222.0/23
104.36.50.0/24
185.36.254.0/24
185.96.162.0/24
185.108.104.0/23
185.147.140.0/22
185.152.36.0/22
185.152.248.0/22
185.153.151.0/24
185.160.44.0/22
185.166.84.0/24
185.184.228.0/24
185.188.61.0/24
185.201.188.0/24
185.217.64.0/22
185.242.217.0/24
188.119.154.0/24
193.36.89.0/24
195.47.194.0/24
199.249.223.0/24
IPv6:
2a01:4740::/32
2a05:28c0::/29
2a05:f4c0::/29
2a06:3040::/29
2a06:46c0::/29
2a06:4a00::/29
2a06:5000::/29
2a06:5700::/29
2a06:df80::/29
2a06:e480::/29
2a07:4780::/29
2a07:9c80::/29
2a07:f2c0::/29
2a0a:3080::/29
2a0b:3f40::/29
2a0c:d8c0::/29
2a0c:ec40::/29
Signature Algorithm: sha256WithRSAEncryption
06:80:3d:09:8c:04:d4:1f:67:61:32:85:97:79:c1:de:fe:71:
b5:b2:7e:98:c8:f0:e6:05:60:d4:74:a3:86:42:e8:39:4b:01:
9d:9c:36:a2:86:17:2c:49:e7:ea:c2:b0:2a:5d:77:a9:19:60:
55:76:35:72:a1:6e:0d:c0:de:84:9d:8b:b0:33:79:10:8c:8e:
bb:59:83:95:f0:0e:f0:b9:45:b6:2a:77:e6:4f:38:01:5d:90:
6e:ad:69:c2:f0:46:96:12:0b:31:bf:33:11:58:2a:2b:25:b7:
df:75:a7:85:2d:9b:53:3e:e2:8b:a6:d7:e4:12:63:98:9a:78:
d3:49:51:8d:bc:b9:98:06:f9:9b:17:ca:92:f3:a5:bd:a3:88:
d5:b6:13:12:69:b8:06:e0:39:92:2f:2a:4e:c4:f4:9e:44:9b:
a2:14:bb:6a:98:87:58:c2:1a:15:1b:9b:90:1e:85:d9:56:a6:
8b:2d:86:70:50:f6:5e:0b:48:74:30:97:da:2a:98:26:41:c0:
56:5c:0e:8b:9e:cc:f6:35:3d:a0:cc:ae:b3:36:9e:80:25:ae:
13:0f:bd:dd:d1:a9:83:1f:0d:2b:19:4a:f5:ad:38:eb:0a:17:
6e:bc:77:6c:c2:24:24:22:cc:c8:7f:aa:ed:b5:9f:9a:95:a9:
a0:b1:2f:22
-----BEGIN CERTIFICATE-----
MIIGZDCCBUygAwIBAgISAZZimwzJTQiUwpDrhoA2/FO9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjUwNDIzMTIyNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGU3ZmY0N2Q0MzJkNDY1NTBkNjA5NmI4Yzk5YjhiOGRhOGQ4NzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFn2/lH/ABst1Qm8KwLaTOIrbz8C
p8G2Op5xsWBo8F4LU+XfRaGte3/7aBcy629gUPdp0LHUC89NTwJwg/zGiOYum5fi
4RmCcF6NnUaRE8x6jpNIAJxqUvB9DhpxAWybwy9Nu8zTqyLLQPw2TEyKxDd1aWSg
tGSZAmH4CxzZEoHkElyz4Awpmv9d7yA7pa7DOinMeHMM27CYP3CTr1vCQ8d8ZtY8
V9FwW1CS+H5z8G8OS8fEgi1M/hDbhzLNlXLHy/uENcDiTM17UD60lhhru1B8nej1
FXSs5LSqGgobONuk/ae8DYRQEeY12zmSt4ACGY9JZrjJwYldUwegurKrdQIDAQAB
o4IDcDCCA2wwHQYDVR0OBBYEFJDn/0fUMtRlUNYJa4yZuLjajYdYMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEva09mX1I5UXkxR1ZRMWdscmpKbTR1TnFOaDFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBhAYIKwYBBQUHAQcBAf8EggFzMIIBbzCB7QQCAAEwgeYD
BAAFmq4DBAEtCsADBAItXxgDBAItkFgDBAItlRwwDAMEAC2ZnQMEBS2ZgAMEAi2c
4AMEAFD2HgMEAFZptwMEAFfv/wMEAFkj+QMEAFkoGAMEAFkszQMEAFvk2AMEAF4u
zgMEAGcVNAMEAGdHPAMEAWfM3gMEAGgkMgMEALkk/gMEALlgogMEAblsaAMEArmT
jAMEArmYJAMEArmY+AMEALmZlwMEArmgLAMEALmmVAMEALm45AMEALm8PQMEALnJ
vAMEArnZQAMEALny2QMEALx3mgMEAMEkWQMEAMMvwgMEAMf53zB9BAIAAjB3AwUA
KgFHQAMFAyoFKMADBQMqBfTAAwUDKgYwQAMFAyoGRsADBQMqBkoAAwUDKgZQAAMF
AyoGVwADBQMqBt+AAwUDKgbkgAMFAyoHR4ADBQMqB5yAAwUDKgfywAMFAyoKMIAD
BQMqCz9AAwUDKgzYwAMFAyoM7EAwDQYJKoZIhvcNAQELBQADggEBAAaAPQmMBNQf
Z2EyhZd5wd7+cbWyfpjI8OYFYNR0o4ZC6DlLAZ2cNqKGFyxJ5+rCsCpdd6kZYFV2
NXKhbg3A3oSdi7AzeRCMjrtZg5XwDvC5RbYqd+ZPOAFdkG6tacLwRpYSCzG/MxFY
Kislt991p4Utm1M+4oum1+QSY5iaeNNJUY28uZgG+ZsXypLzpb2jiNW2ExJpuAbg
OZIvKk7E9J5Em6IUu2qYh1jCGhUbm5AehdlWposthnBQ9l4LSHQwl9oqmCZBwFZc
DouezPY1PaDMrrM2noAlrhMPvd3RqYMfDSsZSvWtOOsKF268d2zCJCQizMh/qu21
n5qVqaCxLyI=
-----END CERTIFICATE-----
Generated at Fri May 9 00:41:24 2025 by rpki-client