Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/14T-yR595pYQLnI4P4fbXUmbkNI.roa
File: 14T-yR595pYQLnI4P4fbXUmbkNI.roa (raw, json)
Hash identifier: ujAl/ku+dkQ5mGeO+VIy0fpmzvNm5EBe8cbs1OH3tig=
Subject key identifier: D7:84:FE:C9:1E:7D:E6:96:10:2E:72:38:3F:87:DB:5D:49:9B:90:D2
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 0196FDADE8BC566E0953C9EF4CB801B95769
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/14T-yR595pYQLnI4P4fbXUmbkNI.roa
Signing time: Fri 23 May 2025 15:05:55 +0000
ROA not before: Fri 23 May 2025 15:05:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34984
IP address blocks: 45.10.148.0/24 maxlen: 24
185.169.181.0/24 maxlen: 24
185.174.22.0/24 maxlen: 24
185.174.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 17:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fd:ad:e8:bc:56:6e:09:53:c9:ef:4c:b8:01:b9:57:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: May 23 15:05:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d784fec91e7de696102e72383f87db5d499b90d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:9e:82:bf:81:05:6d:8f:8f:9d:ba:f0:5d:a9:
a6:bd:12:a9:06:47:c1:c7:f4:9b:80:48:ba:83:be:
5e:81:32:c0:02:97:b5:b4:d1:f8:7c:c3:fa:68:96:
6a:53:56:9e:3a:f3:ed:9a:30:17:95:5b:58:2c:01:
af:29:b8:4e:1f:22:5d:3f:f4:c9:e3:67:61:87:a9:
14:62:a5:e8:f6:0c:8f:48:63:4d:61:8e:85:08:d2:
15:94:48:69:b2:ce:a1:1c:49:63:0f:69:cf:61:de:
ee:63:7e:7d:53:bf:a0:fd:3d:40:ae:24:be:ee:ce:
39:36:ad:6c:32:1b:85:30:07:11:e9:05:de:8d:54:
2b:a8:e1:c2:e6:13:49:29:29:0b:be:65:f6:e4:8a:
2b:cc:33:f0:d2:f6:6a:73:bd:16:6b:c6:22:47:77:
0a:e5:ff:30:93:d5:a3:a8:35:5a:0d:9a:67:36:23:
0c:f7:1d:cd:2b:f9:45:53:ff:31:aa:56:b9:39:9b:
c7:61:5e:88:e5:4c:f7:24:aa:52:3d:90:5b:52:38:
90:45:b3:71:4f:bd:a7:66:3e:0d:6e:f9:51:9f:3a:
da:82:2f:12:b4:e8:cc:8c:97:de:19:5a:73:55:78:
3d:4c:56:16:3d:f6:a2:46:f0:5e:26:24:c6:0e:58:
67:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:84:FE:C9:1E:7D:E6:96:10:2E:72:38:3F:87:DB:5D:49:9B:90:D2
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/14T-yR595pYQLnI4P4fbXUmbkNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.148.0/24
185.169.181.0/24
185.174.22.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:af:ee:06:17:b9:14:6b:54:a9:87:61:97:4b:33:d7:23:31:
d4:8f:68:7a:35:e5:7a:eb:e7:78:76:58:8c:38:98:69:aa:90:
cb:fe:ef:83:fd:03:f2:3e:a2:d8:4f:79:56:22:0e:af:cd:55:
78:ce:db:f3:fe:1e:e3:d6:0a:47:75:0f:38:21:dc:70:82:07:
b8:38:b4:25:01:03:ae:03:2c:62:30:86:d0:8d:6a:53:90:00:
87:6d:68:4b:63:23:e6:3a:72:02:99:04:a4:34:03:4d:a2:e6:
fc:11:a0:20:61:01:22:d6:99:16:30:50:d1:e9:02:0e:64:29:
46:eb:1f:24:9b:d9:a9:98:10:2f:0c:7d:cf:b2:ae:bc:c5:90:
68:7e:3a:d4:ce:7e:5a:c7:5c:2d:0d:da:63:f2:50:57:94:ec:
40:de:39:a6:09:9e:82:f4:ee:c2:0d:0c:cb:b7:20:7e:eb:3c:
a7:d4:3c:25:65:8d:78:a8:ad:ce:4b:9c:04:df:94:ac:7a:bc:
c2:c7:c0:38:9a:e9:2d:81:8c:59:b5:52:9a:d7:f8:ba:99:55:
f2:b8:e9:44:94:0a:8d:82:a3:a9:d2:62:8f:e0:01:3c:29:d3:
23:95:00:60:c6:b3:45:fd:5b:6f:f6:62:aa:a5:f7:06:91:03:
4c:8a:d7:fe
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZb9rei8Vm4JU8nvTLgBuVdpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjUwNTIzMTUwNTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzg0ZmVjOTFlN2RlNjk2MTAyZTcyMzgzZjg3ZGI1ZDQ5OWI5MGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZ6Cv4EFbY+PnbrwXammvRKpBkfB
x/SbgEi6g75egTLAApe1tNH4fMP6aJZqU1aeOvPtmjAXlVtYLAGvKbhOHyJdP/TJ
42dhh6kUYqXo9gyPSGNNYY6FCNIVlEhpss6hHEljD2nPYd7uY359U7+g/T1AriS+
7s45Nq1sMhuFMAcR6QXejVQrqOHC5hNJKSkLvmX25IorzDPw0vZqc70Wa8YiR3cK
5f8wk9WjqDVaDZpnNiMM9x3NK/lFU/8xqla5OZvHYV6I5Uz3JKpSPZBbUjiQRbNx
T72nZj4NbvlRnzragi8StOjMjJfeGVpzVXg9TFYWPfaiRvBeJiTGDlhnKwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNeE/skefeaWEC5yOD+H211Jm5DSMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvMTRULXlSNTk1cFlRTG5JNFA0ZmJYVW1ia05JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQqUAwQA
uam1AwQBua4WMA0GCSqGSIb3DQEBCwUAA4IBAQBOr+4GF7kUa1Sph2GXSzPXIzHU
j2h6NeV66+d4dliMOJhpqpDL/u+D/QPyPqLYT3lWIg6vzVV4ztvz/h7j1gpHdQ84
Idxwgge4OLQlAQOuAyxiMIbQjWpTkACHbWhLYyPmOnICmQSkNANNoub8EaAgYQEi
1pkWMFDR6QIOZClG6x8km9mpmBAvDH3Psq68xZBofjrUzn5ax1wtDdpj8lBXlOxA
3jmmCZ6C9O7CDQzLtyB+6zyn1DwlZY14qK3OS5wE35SserzCx8A4muktgYxZtVKa
1/i6mVXyuOlElAqNgqOp0mKP4AE8KdMjlQBgxrNF/Vtv9mKqpfcGkQNMitf+
-----END CERTIFICATE-----
Generated at Sun Jun 8 23:28:30 2025 by rpki-client