Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/2c57e5-402b-4896-929f-54341cd13a9d/1/aCQkmSTzEflyT6Hwko3Tmkp5YgM.roa
File: aCQkmSTzEflyT6Hwko3Tmkp5YgM.roa (raw, json)
Hash identifier: cY38nbBebmnJBkoepfEX2AZ8X9a8BlXKUlC0CLvNiCU=
Subject key identifier: 68:24:24:99:24:F3:11:F9:72:4F:A1:F0:92:8D:D3:9A:4A:79:62:03
Certificate issuer: /CN=edee25a78a816bde362c40c86e39b947d0ee2ff3
Certificate serial: 0196C991FE22A9C87BE4900C384CB8057504
Authority key identifier: ED:EE:25:A7:8A:81:6B:DE:36:2C:40:C8:6E:39:B9:47:D0:EE:2F:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7e4lp4qBa942LEDIbjm5R9DuL_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/2c57e5-402b-4896-929f-54341cd13a9d/1/aCQkmSTzEflyT6Hwko3Tmkp5YgM.roa
Signing time: Tue 13 May 2025 12:15:10 +0000
ROA not before: Tue 13 May 2025 12:15:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201800
IP address blocks: 45.159.104.0/22 maxlen: 24
45.159.104.0/24 maxlen: 24
45.159.105.0/24 maxlen: 24
45.159.106.0/24 maxlen: 24
45.159.107.0/24 maxlen: 24
188.68.188.0/24 maxlen: 24
188.68.191.0/24 maxlen: 24
2a0f:7580::/36 maxlen: 36
2a0f:7580:1000::/36 maxlen: 36
2a0f:7580:2000::/36 maxlen: 36
2a0f:7580:4000::/36 maxlen: 36
2a0f:7581::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/2c57e5-402b-4896-929f-54341cd13a9d/1/7e4lp4qBa942LEDIbjm5R9DuL_M.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/2c57e5-402b-4896-929f-54341cd13a9d/1/7e4lp4qBa942LEDIbjm5R9DuL_M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7e4lp4qBa942LEDIbjm5R9DuL_M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c9:91:fe:22:a9:c8:7b:e4:90:0c:38:4c:b8:05:75:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edee25a78a816bde362c40c86e39b947d0ee2ff3
Validity
Not Before: May 13 12:15:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6824249924f311f9724fa1f0928dd39a4a796203
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b4:c3:b9:68:3e:4a:74:59:8b:82:0d:57:3e:
7c:6e:63:a6:a0:0d:a5:05:e9:b7:9b:5e:8f:e4:d2:
5a:93:02:99:66:2e:ec:3e:ea:97:90:3d:6d:de:f2:
c4:ff:91:d4:bc:a3:a2:48:98:72:01:bf:1b:29:75:
93:72:8b:e4:9f:59:19:4c:10:81:e3:69:e7:7d:5e:
96:e1:4d:61:b2:bb:b0:37:be:9d:fa:4c:e8:da:fb:
05:58:d4:22:02:83:1c:ff:2d:f1:61:f3:b0:ef:d6:
e9:0f:47:d2:1f:ca:ed:bb:dd:e0:31:20:c0:00:ee:
78:15:02:fc:f0:d4:81:e0:c2:a2:9b:98:c9:fa:8c:
84:67:e7:b9:a3:e7:23:dd:88:8a:15:d3:21:a6:89:
6c:04:04:8d:5b:45:d8:19:59:d0:62:e3:85:0a:0e:
25:ca:fc:c4:9e:d4:90:e1:c5:f9:67:49:50:f1:20:
b0:55:a1:29:8f:7d:13:f9:2f:e6:ab:94:4e:2b:7c:
c3:2b:18:ed:72:b0:77:db:e4:ff:9e:52:af:3c:c5:
0c:d7:da:04:2b:57:9c:d7:98:7f:92:04:6e:ee:4a:
2b:eb:f8:f2:7d:e1:f5:e5:2b:af:30:9e:54:ac:25:
b5:7e:84:ba:1b:bd:d7:ae:d2:94:75:bc:e5:90:37:
79:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:24:24:99:24:F3:11:F9:72:4F:A1:F0:92:8D:D3:9A:4A:79:62:03
X509v3 Authority Key Identifier:
keyid:ED:EE:25:A7:8A:81:6B:DE:36:2C:40:C8:6E:39:B9:47:D0:EE:2F:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e4lp4qBa942LEDIbjm5R9DuL_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/2c57e5-402b-4896-929f-54341cd13a9d/1/aCQkmSTzEflyT6Hwko3Tmkp5YgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/2c57e5-402b-4896-929f-54341cd13a9d/1/7e4lp4qBa942LEDIbjm5R9DuL_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.104.0/22
188.68.188.0/24
188.68.191.0/24
IPv6:
2a0f:7580::-2a0f:7580:2fff:ffff:ffff:ffff:ffff:ffff
2a0f:7580:4000::/36
2a0f:7581::/32
Signature Algorithm: sha256WithRSAEncryption
05:3d:06:3d:9c:f1:c0:1f:39:a6:05:7f:96:6a:06:23:23:8a:
cc:e2:29:4e:ab:6b:f6:25:8b:02:62:ea:1d:3c:ac:c9:7b:f2:
28:ca:45:4f:5f:e4:4f:cd:a8:ed:56:12:67:a8:d5:41:67:45:
3c:7a:d9:f4:c9:60:3e:2b:9a:f0:77:e6:5f:dd:4a:ab:d6:29:
41:89:e3:e7:b1:54:af:6f:a6:7e:b8:02:b1:aa:3f:37:38:b8:
43:5c:26:73:61:c1:0f:ec:f7:d5:28:ff:72:74:ae:e8:49:22:
ca:3b:f0:8e:8a:3b:10:26:5b:ff:e5:a5:4c:8c:34:88:3a:48:
a6:28:3a:ab:23:6a:86:0b:b1:a7:57:9e:ea:02:53:0e:f0:97:
77:49:fa:3e:2c:a2:bd:0c:c9:59:67:19:03:f5:4d:6b:98:2d:
b3:fa:b4:96:20:55:72:ea:f2:16:3d:e3:de:1c:a3:39:fb:0c:
78:75:a9:46:34:2c:02:e0:fd:10:de:3d:12:8d:c7:d0:0d:0e:
82:7a:d0:ce:72:1d:b3:c5:74:70:a1:a7:00:7a:a3:76:82:f6:
fc:ba:73:d4:94:5e:2d:8c:62:b4:24:f6:55:62:66:c3:7f:06:
48:1e:81:48:37:02:6a:65:3d:e2:4b:32:0a:51:94:a4:16:eb:
15:f4:d8:6f
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZbJkf4iqch75JAMOEy4BXUEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkZWUyNWE3OGE4MTZiZGUzNjJjNDBjODZlMzliOTQ3ZDBl
ZTJmZjMwHhcNMjUwNTEzMTIxNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODI0MjQ5OTI0ZjMxMWY5NzI0ZmExZjA5MjhkZDM5YTRhNzk2MjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbTDuWg+SnRZi4INVz58bmOmoA2l
Bem3m16P5NJakwKZZi7sPuqXkD1t3vLE/5HUvKOiSJhyAb8bKXWTcovkn1kZTBCB
42nnfV6W4U1hsruwN76d+kzo2vsFWNQiAoMc/y3xYfOw79bpD0fSH8rtu93gMSDA
AO54FQL88NSB4MKim5jJ+oyEZ+e5o+cj3YiKFdMhpolsBASNW0XYGVnQYuOFCg4l
yvzEntSQ4cX5Z0lQ8SCwVaEpj30T+S/mq5ROK3zDKxjtcrB32+T/nlKvPMUM19oE
K1ec15h/kgRu7kor6/jyfeH15SuvMJ5UrCW1foS6G73XrtKUdbzlkDd5jQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFGgkJJkk8xH5ck+h8JKN05pKeWIDMB8GA1UdIwQY
MBaAFO3uJaeKgWveNixAyG45uUfQ7i/zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2U0bHA0cUJhOTQyTEVESWJqbTVSOUR1TF9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8yYzU3ZTUtNDAyYi00ODk2LTkyOWYt
NTQzNDFjZDEzYTlkLzEvYUNRa21TVHpFZmx5VDZId2tvM1Rta3A1WWdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8yYzU3ZTUtNDAyYi00ODk2LTkyOWYtNTQzNDFjZDEzYTlk
LzEvN2U0bHA0cUJhOTQyTEVESWJqbTVSOUR1TF9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAYBAIAATASAwQCLZ9oAwQA
vES8AwQAvES/MCYEAgACMCAwDwMFByoPdYADBgQqD3WAIAMGBCoPdYBAAwUAKg91
gTANBgkqhkiG9w0BAQsFAAOCAQEABT0GPZzxwB85pgV/lmoGIyOKzOIpTqtr9iWL
AmLqHTysyXvyKMpFT1/kT82o7VYSZ6jVQWdFPHrZ9MlgPiua8HfmX91Kq9YpQYnj
57FUr2+mfrgCsao/Nzi4Q1wmc2HBD+z31Sj/cnSu6Ekiyjvwjoo7ECZb/+WlTIw0
iDpIpig6qyNqhguxp1ee6gJTDvCXd0n6PiyivQzJWWcZA/VNa5gts/q0liBVcury
Fj3j3hyjOfsMeHWpRjQsAuD9EN49Eo3H0A0OgnrQznIds8V0cKGnAHqjdoL2/Lpz
1JReLYxitCT2VWJmw38GSB6BSDcCamU94ksyClGUpBbrFfTYbw==
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:16:55 2025 by rpki-client