Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/5llNfw3DdSapOsyJYnmzbeTFhlo.roa
File: 5llNfw3DdSapOsyJYnmzbeTFhlo.roa (raw, json)
Hash identifier: B14HwPM3y7O0SrKisyUtOg7sy1yCTaSqcuDqtksEif0=
Subject key identifier: E6:59:4D:7F:0D:C3:75:26:A9:3A:CC:89:62:79:B3:6D:E4:C5:86:5A
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 0195A852BE92761F67D297221B4BCE845FB8
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/5llNfw3DdSapOsyJYnmzbeTFhlo.roa
Signing time: Tue 18 Mar 2025 08:15:49 +0000
ROA not before: Tue 18 Mar 2025 08:15:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 45.141.204.0/23 maxlen: 23
45.148.51.0/24 maxlen: 24
45.149.90.0/23 maxlen: 23
194.39.216.0/24 maxlen: 24
2a0c:9e06::/32 maxlen: 32
2a0e:a944::/32 maxlen: 32
2a0e:a945::/32 maxlen: 32
2a0e:a946::/32 maxlen: 32
2a0e:a947::/32 maxlen: 32
2a0f:3b80::/32 maxlen: 32
2a0f:3b81::/32 maxlen: 32
2a0f:3b82::/32 maxlen: 32
2a0f:3b83::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a8:52:be:92:76:1f:67:d2:97:22:1b:4b:ce:84:5f:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Mar 18 08:15:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e6594d7f0dc37526a93acc896279b36de4c5865a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a6:cd:0a:6d:d4:71:34:5e:9b:9a:93:9f:31:
2a:08:c1:19:0d:08:a9:3a:de:7a:fb:6d:e5:2e:78:
da:25:0d:ea:ca:b9:50:4b:0a:b2:a1:8c:7e:d8:1f:
bc:57:14:80:da:07:b6:1a:f6:c8:58:56:6e:43:1f:
f5:05:f4:8b:d9:35:ad:c5:2c:00:5e:d1:1a:da:d7:
cd:92:cc:c3:33:01:c2:62:6e:9f:fd:1c:4b:49:ac:
49:5c:73:89:2f:c8:2e:e5:20:3b:a2:11:07:13:85:
c2:c3:ee:bd:f1:98:93:2e:d0:5e:1e:c7:07:5d:52:
36:9b:e2:9d:1f:4a:e5:6f:3a:36:32:f3:49:4e:45:
de:f6:bc:05:46:9c:df:b7:06:fb:8c:40:c0:e9:45:
e2:c8:91:5d:02:b7:11:f7:73:29:28:2a:e9:54:8b:
e0:59:3e:63:06:5e:b8:15:e4:d3:2b:fe:4f:7d:db:
51:70:e5:66:cc:66:12:e5:1b:ab:9c:5f:6d:0b:4a:
17:29:54:92:26:77:08:25:a0:92:8b:de:58:e5:aa:
0e:cf:e2:83:83:d0:ea:c2:2f:15:e3:2f:7c:b8:b1:
b2:7f:52:78:57:f3:b4:5b:19:91:ab:10:f8:53:13:
62:3f:73:b7:08:e7:5a:ee:c2:aa:55:73:af:3a:a5:
4b:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:59:4D:7F:0D:C3:75:26:A9:3A:CC:89:62:79:B3:6D:E4:C5:86:5A
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/5llNfw3DdSapOsyJYnmzbeTFhlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.204.0/23
45.148.51.0/24
45.149.90.0/23
194.39.216.0/24
IPv6:
2a0c:9e06::/32
2a0e:a944::/30
2a0f:3b80::/30
Signature Algorithm: sha256WithRSAEncryption
29:73:6a:eb:47:82:32:3e:ee:d4:f3:44:79:bf:4c:e4:e5:f6:
b6:23:04:3b:40:8e:d9:23:16:5f:d3:e8:0b:c8:07:93:72:6b:
6b:0a:cd:02:f2:f6:dd:2a:1f:d4:c0:94:89:b1:72:3e:b1:f3:
e1:25:f3:82:a5:88:a1:ce:73:5f:1c:d7:de:18:18:36:e6:86:
9f:d4:8c:ec:85:dd:92:a6:b5:56:23:b4:66:b2:7d:22:5a:1d:
be:24:4c:7f:2e:cd:e8:38:e3:0d:d6:ad:b5:54:01:31:73:cc:
df:c9:02:61:58:07:4c:07:d0:a7:9c:d3:5c:18:d4:e3:3d:bb:
11:ca:20:c2:76:66:75:b8:2e:8a:75:6f:92:c8:9c:a7:b5:7c:
2b:d5:fe:2e:f4:a2:50:d1:a8:89:e7:be:e8:bd:ec:ef:ad:d7:
62:5b:e9:12:4c:f4:f9:59:60:d9:28:31:dc:dc:55:91:93:df:
b7:ad:fd:9d:3d:fd:72:43:b5:6e:9b:ee:41:fe:c1:2a:1a:a0:
63:5f:99:93:5b:3e:9c:67:65:60:32:f2:d7:22:fd:dc:53:14:
5f:ab:b0:e3:85:29:5b:fc:6e:19:ae:1f:7d:e7:c8:07:b2:53:
6b:c5:64:8d:76:0f:0b:3a:5e:5c:df:da:a0:c1:91:41:10:74:
a8:86:b0:40
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZWoUr6Sdh9n0pciG0vOhF+4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjUwMzE4MDgxNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjU5NGQ3ZjBkYzM3NTI2YTkzYWNjODk2Mjc5YjM2ZGU0YzU4NjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6bNCm3UcTRem5qTnzEqCMEZDQip
Ot56+23lLnjaJQ3qyrlQSwqyoYx+2B+8VxSA2ge2GvbIWFZuQx/1BfSL2TWtxSwA
XtEa2tfNkszDMwHCYm6f/RxLSaxJXHOJL8gu5SA7ohEHE4XCw+698ZiTLtBeHscH
XVI2m+KdH0rlbzo2MvNJTkXe9rwFRpzftwb7jEDA6UXiyJFdArcR93MpKCrpVIvg
WT5jBl64FeTTK/5PfdtRcOVmzGYS5RurnF9tC0oXKVSSJncIJaCSi95Y5aoOz+KD
g9Dqwi8V4y98uLGyf1J4V/O0WxmRqxD4UxNiP3O3COda7sKqVXOvOqVLqwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFOZZTX8Nw3UmqTrMiWJ5s23kxYZaMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvNWxsTmZ3M0RkU2FwT3N5SllubXpiZVRGaGxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAeBAIAATAYAwQBLY3MAwQA
LZQzAwQBLZVaAwQAwifYMBsEAgACMBUDBQAqDJ4GAwUCKg6pRAMFAioPO4AwDQYJ
KoZIhvcNAQELBQADggEBAClzautHgjI+7tTzRHm/TOTl9rYjBDtAjtkjFl/T6AvI
B5Nya2sKzQLy9t0qH9TAlImxcj6x8+El84KliKHOc18c194YGDbmhp/UjOyF3ZKm
tVYjtGayfSJaHb4kTH8uzeg44w3WrbVUATFzzN/JAmFYB0wH0Kec01wY1OM9uxHK
IMJ2ZnW4Lop1b5LInKe1fCvV/i70olDRqInnvui97O+t12Jb6RJM9PlZYNkoMdzc
VZGT37et/Z09/XJDtW6b7kH+wSoaoGNfmZNbPpxnZWAy8tci/dxTFF+rsOOFKVv8
bhmuH33nyAeyU2vFZI12Dws6Xlzf2qDBkUEQdKiGsEA=
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:38:05 2025 by rpki-client