Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/d15xz2wDYoFUwdFtDFCYutWPOZE.roa
File: d15xz2wDYoFUwdFtDFCYutWPOZE.roa (raw, json)
Hash identifier: iUtxP8YPi9EAjdDD2kqSiWotelk+W31zZ06ojPLu7Ao=
Subject key identifier: 77:5E:71:CF:6C:03:62:81:54:C1:D1:6D:0C:50:98:BA:D5:8F:39:91
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 0196C4778A25722D2DFC6C661A6E67D4FD5D
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/d15xz2wDYoFUwdFtDFCYutWPOZE.roa
Signing time: Mon 12 May 2025 12:28:10 +0000
ROA not before: Mon 12 May 2025 12:28:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208485
IP address blocks: 45.133.39.0/24 maxlen: 24
185.148.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 09:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c4:77:8a:25:72:2d:2d:fc:6c:66:1a:6e:67:d4:fd:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: May 12 12:28:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=775e71cf6c03628154c1d16d0c5098bad58f3991
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f1:56:e9:f4:a6:17:75:e0:af:84:6c:c5:62:
50:6e:45:d0:de:11:74:57:ee:91:aa:fa:0d:a4:f4:
fd:91:5c:82:96:e8:29:ba:fe:27:1c:45:55:a1:96:
38:87:2d:df:58:07:82:b2:f6:98:6b:f7:7a:48:af:
f1:20:d4:e0:22:ee:14:1b:09:45:5c:a6:b9:ce:f3:
37:af:6c:cf:3e:0a:a0:2a:fc:0a:c5:94:fa:06:52:
0a:e7:85:44:f0:5a:77:2d:4a:26:39:0e:3d:07:23:
b3:29:e1:43:81:df:96:4e:23:96:ff:9b:3f:13:9b:
5a:05:d0:cf:e3:fb:0e:59:bc:23:20:54:96:a2:e4:
14:1e:cf:39:bf:c7:49:d0:52:89:88:2f:ae:af:9c:
7f:b7:80:b1:89:06:be:04:4a:3b:77:18:c0:45:bb:
c9:2c:27:ed:64:08:fd:6e:eb:ed:d4:64:20:cf:ba:
44:c1:55:9c:2e:a9:2a:61:13:f1:4c:67:aa:e6:e3:
f8:6d:40:a5:98:43:9a:45:9a:5f:bb:d8:a2:68:63:
da:4e:47:6e:63:22:a4:e1:00:b3:95:03:4e:f3:42:
43:ed:0e:d5:67:04:c4:e4:44:ac:8b:ca:71:9c:8a:
16:d9:d3:6c:38:07:0b:2d:2b:80:7d:e4:cb:9e:e8:
72:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:5E:71:CF:6C:03:62:81:54:C1:D1:6D:0C:50:98:BA:D5:8F:39:91
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/d15xz2wDYoFUwdFtDFCYutWPOZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.39.0/24
185.148.243.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:8a:37:c1:97:29:ff:8a:1a:f8:9f:f6:ab:47:f9:48:43:80:
ba:90:08:43:ba:90:da:56:a5:3f:22:c0:8b:5b:61:46:9b:64:
1b:0c:1e:b3:3b:4c:a3:6f:c9:ac:74:c3:d9:7d:f2:3b:e8:71:
5a:42:fb:12:a4:68:dd:03:8b:47:5e:dc:e8:7d:42:77:61:46:
83:ba:9a:50:08:90:0d:27:b7:33:77:fb:46:a8:44:23:90:ef:
74:b2:37:72:5c:bb:69:90:01:a7:da:2f:8c:c3:db:93:71:71:
8c:37:2f:14:38:56:bb:6c:24:be:40:04:d4:fe:84:74:75:2d:
df:c3:a9:76:c7:53:9b:23:62:92:bc:9a:69:cd:38:a4:4f:d9:
92:84:4b:bd:06:d5:3b:56:41:72:e3:a0:c6:69:60:11:2d:d9:
57:a4:18:22:5e:ac:15:f8:65:47:62:c4:83:77:07:8c:77:54:
26:37:cf:0c:db:74:94:a4:f6:5a:cf:30:33:97:85:15:22:b2:
11:c9:28:49:72:af:71:21:af:1c:48:8f:ad:30:25:1a:8e:4e:
5c:76:97:66:d9:32:f7:2a:7e:d4:a8:b5:02:24:b0:8b:dd:64:
9a:c6:8a:0a:e6:f0:d2:e8:65:36:1a:4b:a0:05:ef:cf:43:78:
be:3f:83:37
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZbEd4olci0t/GxmGm5n1P1dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjUwNTEyMTIyODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzVlNzFjZjZjMDM2MjgxNTRjMWQxNmQwYzUwOThiYWQ1OGYzOTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfFW6fSmF3Xgr4RsxWJQbkXQ3hF0
V+6RqvoNpPT9kVyClugpuv4nHEVVoZY4hy3fWAeCsvaYa/d6SK/xINTgIu4UGwlF
XKa5zvM3r2zPPgqgKvwKxZT6BlIK54VE8Fp3LUomOQ49ByOzKeFDgd+WTiOW/5s/
E5taBdDP4/sOWbwjIFSWouQUHs85v8dJ0FKJiC+ur5x/t4CxiQa+BEo7dxjARbvJ
LCftZAj9buvt1GQgz7pEwVWcLqkqYRPxTGeq5uP4bUClmEOaRZpfu9iiaGPaTkdu
YyKk4QCzlQNO80JD7Q7VZwTE5ESsi8pxnIoW2dNsOAcLLSuAfeTLnuhyZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHdecc9sA2KBVMHRbQxQmLrVjzmRMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvZDE1eHoyd0RZb0ZVd2RGdERGQ1l1dFdQT1pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYUnAwQA
uZTzMA0GCSqGSIb3DQEBCwUAA4IBAQArijfBlyn/ihr4n/arR/lIQ4C6kAhDupDa
VqU/IsCLW2FGm2QbDB6zO0yjb8msdMPZffI76HFaQvsSpGjdA4tHXtzofUJ3YUaD
uppQCJANJ7czd/tGqEQjkO90sjdyXLtpkAGn2i+Mw9uTcXGMNy8UOFa7bCS+QATU
/oR0dS3fw6l2x1ObI2KSvJppzTikT9mShEu9BtU7VkFy46DGaWARLdlXpBgiXqwV
+GVHYsSDdweMd1QmN88M23SUpPZazzAzl4UVIrIRyShJcq9xIa8cSI+tMCUajk5c
dpdm2TL3Kn7UqLUCJLCL3WSaxooK5vDS6GU2GkugBe/PQ3i+P4M3
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:17:54 2025 by rpki-client