Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/0SqzGu12mDjFCGhzy8gHIULllqg.roa
File: 0SqzGu12mDjFCGhzy8gHIULllqg.roa (raw, json)
Hash identifier: q/N5B3QV4KYlMCuam0x9LaRBbkHiisoMmXCRQH3slec=
Subject key identifier: D1:2A:B3:1A:ED:76:98:38:C5:08:68:73:CB:C8:07:21:42:E5:96:A8
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 0197B015B705AC1B82932A197D731E5208C4
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/0SqzGu12mDjFCGhzy8gHIULllqg.roa
Signing time: Fri 27 Jun 2025 06:31:42 +0000
ROA not before: Fri 27 Jun 2025 06:31:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214922
IP address blocks: 45.94.213.0/24 maxlen: 24
45.94.214.0/24 maxlen: 24
45.94.215.0/24 maxlen: 24
89.44.240.0/24 maxlen: 24
89.44.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 16:21:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b0:15:b7:05:ac:1b:82:93:2a:19:7d:73:1e:52:08:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jun 27 06:31:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d12ab31aed769838c5086873cbc8072142e596a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:1c:26:eb:04:7e:d6:8f:7a:27:8b:d4:b7:77:
3d:21:f9:d2:fa:cf:e5:0d:6b:d0:0d:7c:73:61:e0:
91:a1:20:20:71:dc:42:b3:83:ea:10:35:d7:88:2e:
df:b5:62:11:58:82:e2:59:cc:14:67:31:8e:f2:1a:
f1:bd:50:b8:9f:3c:01:c2:86:59:bb:97:5a:64:eb:
71:2a:5b:2a:be:28:bb:88:b6:7c:64:31:73:f0:9c:
3b:c4:89:cb:7c:83:38:5c:63:a5:1c:e4:25:b3:cd:
cd:8e:81:f0:9d:de:35:dd:18:04:f3:ce:a6:b2:78:
c7:10:bc:d2:90:32:04:19:b5:ad:3d:4e:15:03:46:
6f:da:28:b3:59:00:16:d3:90:65:f0:49:4b:56:0b:
15:10:6d:50:6a:25:9c:0b:3a:36:a9:e0:80:18:bb:
94:ce:0c:0d:ae:b4:26:96:c4:ab:96:e1:eb:da:1b:
a5:d5:24:e9:62:ed:87:38:c3:b4:61:f5:35:d5:27:
bb:9a:fb:f5:34:30:30:b6:df:15:12:c1:20:dd:02:
8f:da:2c:c7:7e:78:25:39:66:c9:11:e8:ce:c7:bc:
16:ee:f1:16:60:80:3a:2e:5d:b9:06:10:e4:3c:1d:
d7:f1:7b:80:f0:cb:91:ac:f7:4d:a3:18:ac:16:40:
3a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:2A:B3:1A:ED:76:98:38:C5:08:68:73:CB:C8:07:21:42:E5:96:A8
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/0SqzGu12mDjFCGhzy8gHIULllqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.213.0-45.94.215.255
89.44.240.0/23
Signature Algorithm: sha256WithRSAEncryption
a6:2e:4c:31:07:6a:ca:e3:1d:a0:32:14:3b:c2:1d:28:04:0f:
ff:34:0c:f9:80:f0:2d:06:51:2f:d4:0a:b2:e0:9d:7c:92:30:
20:32:94:b2:fe:b8:93:18:e1:db:3c:16:c0:6d:80:f8:99:e6:
9e:be:54:6f:af:b9:ad:1e:ce:bd:1d:ca:64:63:ab:9a:c2:f3:
1a:84:e5:9d:e5:16:28:51:b3:60:92:13:da:8d:5f:45:dc:64:
d5:ea:01:28:ee:5f:ac:b1:e9:9d:af:54:0f:b7:20:90:a2:81:
b3:6b:18:10:78:d0:b8:c6:fa:81:b3:17:4f:53:bd:34:a4:a5:
7f:88:e7:3b:fb:79:db:54:36:75:54:db:ee:80:68:c2:d1:6c:
d8:93:bc:f0:c2:24:1a:21:45:52:70:4b:fb:59:fe:68:86:23:
f3:61:a7:96:0a:c7:36:8f:72:e9:aa:e4:e9:1d:58:16:dc:2c:
fe:5d:4e:bd:b7:e3:bc:f4:6d:60:34:de:cb:fb:c3:dd:29:ba:
55:3d:a4:41:d2:5e:42:b1:ce:d2:b2:9d:27:c5:30:7d:c5:19:
00:51:64:0d:35:6f:0a:27:d1:db:10:b7:c9:dd:db:e7:b7:84:
ba:23:73:cd:fd:54:3a:0b:4a:e3:05:46:6f:c2:72:ed:4f:72:
ec:28:41:46
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZewFbcFrBuCkyoZfXMeUgjEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjUwNjI3MDYzMTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTJhYjMxYWVkNzY5ODM4YzUwODY4NzNjYmM4MDcyMTQyZTU5NmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxwm6wR+1o96J4vUt3c9IfnS+s/l
DWvQDXxzYeCRoSAgcdxCs4PqEDXXiC7ftWIRWILiWcwUZzGO8hrxvVC4nzwBwoZZ
u5daZOtxKlsqvii7iLZ8ZDFz8Jw7xInLfIM4XGOlHOQls83NjoHwnd413RgE886m
snjHELzSkDIEGbWtPU4VA0Zv2iizWQAW05Bl8ElLVgsVEG1QaiWcCzo2qeCAGLuU
zgwNrrQmlsSrluHr2hul1STpYu2HOMO0YfU11Se7mvv1NDAwtt8VEsEg3QKP2izH
fnglOWbJEejOx7wW7vEWYIA6Ll25BhDkPB3X8XuA8MuRrPdNoxisFkA6xwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNEqsxrtdpg4xQhoc8vIByFC5ZaoMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvMFNxekd1MTJtRGpGQ0doenk4Z0hJVUxsbHFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAAtXtUD
BAMtXtADBAFZLPAwDQYJKoZIhvcNAQELBQADggEBAKYuTDEHasrjHaAyFDvCHSgE
D/80DPmA8C0GUS/UCrLgnXySMCAylLL+uJMY4ds8FsBtgPiZ5p6+VG+vua0ezr0d
ymRjq5rC8xqE5Z3lFihRs2CSE9qNX0XcZNXqASjuX6yx6Z2vVA+3IJCigbNrGBB4
0LjG+oGzF09TvTSkpX+I5zv7edtUNnVU2+6AaMLRbNiTvPDCJBohRVJwS/tZ/miG
I/Nhp5YKxzaPcumq5OkdWBbcLP5dTr2347z0bWA03sv7w90pulU9pEHSXkKxztKy
nSfFMH3FGQBRZA01bwon0dsQt8nd2+e3hLojc839VDoLSuMFRm/Ccu1PcuwoQUY=
-----END CERTIFICATE-----
Generated at Mon Jul 21 01:58:58 2025 by rpki-client