Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/SsIfjIWLfHbpW5CeBu8DIjNHvvU.roa
File: SsIfjIWLfHbpW5CeBu8DIjNHvvU.roa (raw, json)
Hash identifier: lGvYIAYdDA++7p8+vR2pR2wlyASxjoMdHWJO6Ehe/1A=
Subject key identifier: 4A:C2:1F:8C:85:8B:7C:76:E9:5B:90:9E:06:EF:03:22:33:47:BE:F5
Certificate issuer: /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial: 0196A04752AE714979DDAC62231D62DC99A8
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/SsIfjIWLfHbpW5CeBu8DIjNHvvU.roa
Signing time: Mon 05 May 2025 11:49:10 +0000
ROA not before: Mon 05 May 2025 11:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210976
IP address blocks: 78.40.216.0/24 maxlen: 24
85.193.92.0/24 maxlen: 24
85.193.93.0/24 maxlen: 24
85.193.95.0/24 maxlen: 24
87.249.50.0/24 maxlen: 24
89.191.228.0/24 maxlen: 24
90.156.228.0/24 maxlen: 24
90.156.231.0/24 maxlen: 24
94.228.122.0/24 maxlen: 24
176.57.212.0/24 maxlen: 24
176.57.221.0/24 maxlen: 24
185.104.112.0/24 maxlen: 24
185.104.115.0/24 maxlen: 24
185.247.16.0/24 maxlen: 24
185.247.18.0/24 maxlen: 24
185.247.19.0/24 maxlen: 24
188.225.14.0/24 maxlen: 24
188.225.60.0/24 maxlen: 24
194.35.116.0/24 maxlen: 24
194.35.117.0/24 maxlen: 24
194.35.118.0/24 maxlen: 24
194.35.119.0/24 maxlen: 24
217.25.91.0/24 maxlen: 24
217.25.95.0/24 maxlen: 24
217.151.229.0/24 maxlen: 24
217.151.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.mft
rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 17:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a0:47:52:ae:71:49:79:dd:ac:62:23:1d:62:dc:99:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Validity
Not Before: May 5 11:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ac21f8c858b7c76e95b909e06ef03223347bef5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:fd:12:82:be:4c:19:20:ee:87:38:70:62:c5:
fd:54:6b:68:1b:db:e5:76:ea:fc:89:52:f5:07:e5:
d8:c1:4d:51:51:94:77:0c:c6:82:19:f8:54:99:4e:
f1:67:d4:da:13:96:83:a0:64:9b:68:40:a0:28:e7:
55:42:77:69:94:e5:f3:76:78:d5:c9:3a:d4:84:e5:
33:a7:98:7d:96:10:1f:25:e9:84:9e:2e:cb:03:94:
9a:09:79:d0:2d:c4:1f:c6:d4:09:0c:9c:67:99:67:
49:a4:77:75:fb:0e:d4:6d:ab:20:9e:93:52:cf:a8:
d3:05:4d:d7:13:1d:b3:2b:19:2e:a7:11:01:82:4a:
63:16:ee:c7:fc:2a:fd:ee:d1:1e:0b:32:15:37:70:
13:b2:bc:c0:4e:a7:41:47:05:32:10:37:dc:43:92:
73:c9:39:fb:37:59:27:ad:69:4a:ab:a5:69:c5:91:
90:59:ed:4a:84:37:0a:d4:e0:b3:44:51:8a:fb:dc:
c8:6d:8b:fa:d5:77:ad:fb:1d:e5:7f:56:ba:88:82:
f6:94:9b:60:83:b6:71:6a:d6:28:83:3a:5f:2c:66:
aa:6c:43:aa:72:e2:a4:f0:99:fe:e1:23:5b:e3:79:
31:bc:0f:06:b5:78:4a:58:38:4c:69:97:51:62:ba:
61:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:C2:1F:8C:85:8B:7C:76:E9:5B:90:9E:06:EF:03:22:33:47:BE:F5
X509v3 Authority Key Identifier:
keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/SsIfjIWLfHbpW5CeBu8DIjNHvvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.216.0/24
85.193.92.0/23
85.193.95.0/24
87.249.50.0/24
89.191.228.0/24
90.156.228.0/24
90.156.231.0/24
94.228.122.0/24
176.57.212.0/24
176.57.221.0/24
185.104.112.0/24
185.104.115.0/24
185.247.16.0/24
185.247.18.0/23
188.225.14.0/24
188.225.60.0/24
194.35.116.0/22
217.25.91.0/24
217.25.95.0/24
217.151.229.0/24
217.151.231.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:af:39:da:d3:ff:e6:f5:c9:9b:8f:fa:67:4c:1b:9f:3d:04:
0a:53:92:a5:a5:1d:fc:09:34:36:54:a7:08:e7:35:08:39:c8:
e6:8d:cc:1f:b3:b4:fd:39:6a:3a:3b:05:7f:45:b8:4e:2f:e1:
a3:10:3a:a7:5d:3b:a6:14:80:27:15:37:04:50:2b:3c:ba:04:
37:0a:61:a6:4a:e7:f3:0d:a6:14:4d:7e:db:4f:cd:cf:b9:5f:
7d:dc:17:db:83:45:c4:db:af:fc:3a:ba:60:48:56:ec:89:43:
12:19:fc:27:78:a7:78:47:49:81:0e:ab:51:a1:8e:f3:3d:7c:
2e:63:00:1a:71:cd:65:38:22:09:ab:48:37:ee:4b:b7:51:0b:
ff:68:c9:d2:08:e7:91:c3:2c:68:d4:2b:f0:4d:74:03:dd:82:
1d:14:3e:c2:80:11:45:c2:82:92:92:67:0a:b7:21:d4:8d:47:
52:69:70:ee:f4:6d:39:38:fc:95:4f:cc:45:d1:78:b8:9b:37:
8b:55:7d:5f:73:b1:9c:0b:b8:6c:24:ff:24:5b:ec:6c:36:8b:
12:58:2c:af:ab:df:d5:eb:e3:38:c9:af:ee:45:87:46:13:31:
ad:39:f6:3e:7d:21:4b:1b:7c:ce:a0:e5:93:7d:b9:e6:21:5c:
44:3d:ef:db
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZagR1KucUl53axiIx1i3JmoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNjBiMmIxYzgyOWQ4ODkzNmIxYWRhZWVjOTdmZGQxYjQw
ZDQxZTUwHhcNMjUwNTA1MTE0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWMyMWY4Yzg1OGI3Yzc2ZTk1YjkwOWUwNmVmMDMyMjMzNDdiZWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjP0Sgr5MGSDuhzhwYsX9VGtoG9vl
dur8iVL1B+XYwU1RUZR3DMaCGfhUmU7xZ9TaE5aDoGSbaECgKOdVQndplOXzdnjV
yTrUhOUzp5h9lhAfJemEni7LA5SaCXnQLcQfxtQJDJxnmWdJpHd1+w7UbasgnpNS
z6jTBU3XEx2zKxkupxEBgkpjFu7H/Cr97tEeCzIVN3ATsrzATqdBRwUyEDfcQ5Jz
yTn7N1knrWlKq6VpxZGQWe1KhDcK1OCzRFGK+9zIbYv61Xet+x3lf1a6iIL2lJtg
g7ZxatYogzpfLGaqbEOqcuKk8Jn+4SNb43kxvA8GtXhKWDhMaZdRYrphXwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFErCH4yFi3x26VuQngbvAyIzR771MB8GA1UdIwQY
MBaAFCFgsrHIKdiJNrGtruyX/dG0DUHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEt
M2RmN2ZhZjM1MzVkLzEvU3NJZmpJV0xmSGJwVzVDZUJ1OERJak5IdnZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEtM2RmN2ZhZjM1MzVk
LzEvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAE4o
2AMEAVXBXAMEAFXBXwMEAFf5MgMEAFm/5AMEAFqc5AMEAFqc5wMEAF7kegMEALA5
1AMEALA53QMEALlocAMEALlocwMEALn3EAMEAbn3EgMEALzhDgMEALzhPAMEAsIj
dAMEANkZWwMEANkZXwMEANmX5QMEANmX5zANBgkqhkiG9w0BAQsFAAOCAQEAP685
2tP/5vXJm4/6Z0wbnz0EClOSpaUd/Ak0NlSnCOc1CDnI5o3MH7O0/TlqOjsFf0W4
Ti/hoxA6p107phSAJxU3BFArPLoENwphpkrn8w2mFE1+20/Nz7lffdwX24NFxNuv
/Dq6YEhW7IlDEhn8J3ineEdJgQ6rUaGO8z18LmMAGnHNZTgiCatIN+5Lt1EL/2jJ
0gjnkcMsaNQr8E10A92CHRQ+woARRcKCkpJnCrch1I1HUmlw7vRtOTj8lU/MRdF4
uJs3i1V9X3OxnAu4bCT/JFvsbDaLElgsr6vf1evjOMmv7kWHRhMxrTn2Pn0hSxt8
zqDlk3255iFcRD3v2w==
-----END CERTIFICATE-----
Generated at Sun May 11 02:12:54 2025 by rpki-client