Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/1ICDnEfX5XD_UK1JwX-WloBKmSg.roa
File: 1ICDnEfX5XD_UK1JwX-WloBKmSg.roa (raw, json)
Hash identifier: CPg0BBYt0nzcpTqdRLj2ZwaHiFPO8aXCh3Gnavim9Ac=
Subject key identifier: D4:80:83:9C:47:D7:E5:70:FF:50:AD:49:C1:7F:96:96:80:4A:99:28
Certificate issuer: /CN=5e0ff8aaf7453114147028d54ae1c693a8a147bc
Certificate serial: 0196C317F9FAC23823C73F6527D73223070A
Authority key identifier: 5E:0F:F8:AA:F7:45:31:14:14:70:28:D5:4A:E1:C6:93:A8:A1:47:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/1ICDnEfX5XD_UK1JwX-WloBKmSg.roa
Signing time: Mon 12 May 2025 06:04:10 +0000
ROA not before: Mon 12 May 2025 06:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212165
IP address blocks: 45.87.245.0/24 maxlen: 24
45.87.246.0/24 maxlen: 24
45.87.247.0/24 maxlen: 24
45.129.142.0/24 maxlen: 24
45.129.143.0/24 maxlen: 24
185.224.212.0/24 maxlen: 24
195.245.249.0/24 maxlen: 24
2a10:9680::/32 maxlen: 32
2a10:9684::/32 maxlen: 32
2a10:9685::/32 maxlen: 32
2a11:e140::/32 maxlen: 32
2a12:6c40::/29 maxlen: 29
2a12:7f40::/29 maxlen: 29
2a12:92c0::/29 maxlen: 29
2a12:b3c0:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 11:44:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c3:17:f9:fa:c2:38:23:c7:3f:65:27:d7:32:23:07:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e0ff8aaf7453114147028d54ae1c693a8a147bc
Validity
Not Before: May 12 06:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d480839c47d7e570ff50ad49c17f9696804a9928
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c4:df:a1:4f:f0:13:80:85:35:00:e8:32:e0:
e1:4a:77:85:69:e1:52:d0:cc:e4:d1:4a:d0:4b:b9:
27:ad:1a:c3:37:ad:00:55:d4:9d:ce:23:51:42:ce:
23:61:cb:29:27:dc:ae:df:48:72:70:fb:ef:26:34:
2e:66:d8:fe:11:18:72:07:c2:49:a6:15:31:c2:f6:
ee:ac:ea:c6:ad:d9:02:15:06:10:a0:f3:b0:c9:8c:
72:5a:8b:50:80:b6:3e:6e:51:8c:75:09:2d:20:1c:
74:e0:95:a5:92:61:40:b5:b2:1c:75:17:04:1c:cf:
14:27:9c:74:93:67:bd:c5:26:63:c1:e1:b0:23:fa:
09:21:77:d5:c6:8a:13:df:86:03:dd:81:f5:7f:ba:
cd:de:bf:1e:7a:ea:fd:81:0e:2c:4a:39:f2:0c:57:
14:7a:77:6f:f9:62:f4:cb:15:ef:7d:a7:3e:07:45:
b2:9f:03:f4:29:f8:12:d0:c8:46:be:33:e0:9e:53:
52:49:f4:bf:00:34:3c:52:4f:f2:74:cd:e4:46:2f:
19:59:e1:0f:aa:94:17:e6:7e:e5:41:f8:65:81:2b:
ee:3a:2f:1e:a0:14:85:1c:b8:84:ba:9f:b6:41:cb:
59:12:6b:68:b5:29:64:18:d2:6a:e8:8d:e2:50:3e:
84:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:80:83:9C:47:D7:E5:70:FF:50:AD:49:C1:7F:96:96:80:4A:99:28
X509v3 Authority Key Identifier:
keyid:5E:0F:F8:AA:F7:45:31:14:14:70:28:D5:4A:E1:C6:93:A8:A1:47:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/1ICDnEfX5XD_UK1JwX-WloBKmSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.245.0-45.87.247.255
45.129.142.0/23
185.224.212.0/24
195.245.249.0/24
IPv6:
2a10:9680::/32
2a10:9684::/31
2a11:e140::/32
2a12:6c40::/29
2a12:7f40::/29
2a12:92c0::/29
2a12:b3c0:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
45:c6:b1:f0:58:8c:01:87:68:a9:31:d4:c4:78:88:03:cc:68:
74:6a:35:6f:11:e9:27:f0:0e:61:b3:72:74:f9:18:53:62:98:
a1:93:0c:e5:ec:5d:7d:a9:54:73:74:6c:17:f6:b9:0e:1f:bd:
f5:c5:5e:ea:1c:79:c6:af:c0:44:46:39:eb:f5:83:b3:2c:41:
5a:2a:a5:11:5b:49:c4:16:7b:a6:18:df:c1:f8:22:e8:36:a5:
f4:3c:c7:c2:22:44:b7:3c:19:7e:39:ef:4f:1f:86:39:2f:3f:
45:87:44:c9:e8:dc:bf:bb:63:49:c8:b6:3c:9b:58:d7:13:26:
25:ef:24:e7:f6:c6:39:f0:ff:e7:11:af:5e:9a:af:c1:a8:f1:
3f:ec:61:08:91:f6:06:a6:e2:50:bb:2b:53:f5:a2:72:9e:11:
a2:bd:09:93:57:67:a8:2b:46:3d:0f:5d:cb:8d:72:64:84:90:
74:49:8b:d4:fc:59:01:f0:09:6a:ce:cf:ff:e6:06:1c:31:af:
d0:fd:5e:ad:31:3c:00:7a:e2:8b:fe:5b:7c:b9:ee:b3:da:c9:
59:28:f0:97:ff:df:e9:58:a2:c1:e2:ff:57:77:de:92:35:48:
d5:dc:7e:09:24:d7:ea:7d:fd:30:80:80:ef:37:98:d0:e3:b0:
a4:04:f2:60
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAZbDF/n6wjgjxz9lJ9cyIwcKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMGZmOGFhZjc0NTMxMTQxNDcwMjhkNTRhZTFjNjkzYThh
MTQ3YmMwHhcNMjUwNTEyMDYwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDgwODM5YzQ3ZDdlNTcwZmY1MGFkNDljMTdmOTY5NjgwNGE5OTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcTfoU/wE4CFNQDoMuDhSneFaeFS
0Mzk0UrQS7knrRrDN60AVdSdziNRQs4jYcspJ9yu30hycPvvJjQuZtj+ERhyB8JJ
phUxwvburOrGrdkCFQYQoPOwyYxyWotQgLY+blGMdQktIBx04JWlkmFAtbIcdRcE
HM8UJ5x0k2e9xSZjweGwI/oJIXfVxooT34YD3YH1f7rN3r8eeur9gQ4sSjnyDFcU
endv+WL0yxXvfac+B0WynwP0KfgS0MhGvjPgnlNSSfS/ADQ8Uk/ydM3kRi8ZWeEP
qpQX5n7lQfhlgSvuOi8eoBSFHLiEup+2QctZEmtotSlkGNJq6I3iUD6EJwIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFNSAg5xH1+Vw/1CtScF/lpaASpkoMB8GA1UdIwQY
MBaAFF4P+Kr3RTEUFHAo1UrhxpOooUe8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGdfNHF2ZEZNUlFVY0NqVlN1SEdrNmloUjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9kZDZlMWQtYWJjOS00NzNiLWE5MWEt
ZDg3MjEzNzU2NDRhLzEvMUlDRG5FZlg1WERfVUsxSndYLVdsb0JLbVNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9kZDZlMWQtYWJjOS00NzNiLWE5MWEtZDg3MjEzNzU2NDRh
LzEvWGdfNHF2ZEZNUlFVY0NqVlN1SEdrNmloUjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzAmBAIAATAgMAwDBAAtV/UD
BAMtV/ADBAEtgY4DBAC54NQDBADD9fkwOQQCAAIwMwMFACoQloADBQEqEJaEAwUA
KhHhQAMFAyoSbEADBQMqEn9AAwUDKhKSwAMHACoSs8D//zANBgkqhkiG9w0BAQsF
AAOCAQEARcax8FiMAYdoqTHUxHiIA8xodGo1bxHpJ/AOYbNydPkYU2KYoZMM5exd
falUc3RsF/a5Dh+99cVe6hx5xq/AREY56/WDsyxBWiqlEVtJxBZ7phjfwfgi6Dal
9DzHwiJEtzwZfjnvTx+GOS8/RYdEyejcv7tjSci2PJtY1xMmJe8k5/bGOfD/5xGv
XpqvwajxP+xhCJH2BqbiULsrU/Wicp4Ror0Jk1dnqCtGPQ9dy41yZISQdEmL1PxZ
AfAJas7P/+YGHDGv0P1erTE8AHrii/5bfLnus9rJWSjwl//f6ViiweL/V3fekjVI
1dx+CSTX6n39MICA7zeY0OOwpATyYA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:58:26 2025 by rpki-client