Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/A54XMgeqXZ28KgXVcDWv9oxGE0E.roa
File: A54XMgeqXZ28KgXVcDWv9oxGE0E.roa (raw, json)
Hash identifier: NnXzMVLfhy1fVfKaWA1h1cuB453trnHm0ShhBdMttbA=
Subject key identifier: 03:9E:17:32:07:AA:5D:9D:BC:2A:05:D5:70:35:AF:F6:8C:46:13:41
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 01973F7761949A4FB0770353E078283E7713
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/A54XMgeqXZ28KgXVcDWv9oxGE0E.roa
Signing time: Thu 05 Jun 2025 09:41:17 +0000
ROA not before: Thu 05 Jun 2025 09:41:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202759
IP address blocks: 45.151.72.0/24 maxlen: 24
83.172.139.0/24 maxlen: 24
89.40.104.0/24 maxlen: 24
93.113.98.0/24 maxlen: 24
93.113.214.0/24 maxlen: 24
95.156.206.0/24 maxlen: 24
185.122.185.0/24 maxlen: 24
185.193.49.0/24 maxlen: 24
188.214.32.0/24 maxlen: 24
188.214.36.0/24 maxlen: 24
188.214.37.0/24 maxlen: 24
2a03:f80:372::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.mft
rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3f:77:61:94:9a:4f:b0:77:03:53:e0:78:28:3e:77:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jun 5 09:41:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=039e173207aa5d9dbc2a05d57035aff68c461341
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ca:ab:d5:b1:49:d5:f7:5b:30:3f:89:6a:39:
e6:2e:6f:e5:0c:40:e2:2c:59:df:ab:db:fa:a7:72:
49:d1:c4:0c:c1:af:ca:53:b9:91:44:6b:7f:02:2d:
ec:1a:2e:23:42:ec:e6:8b:47:ea:5d:e3:2e:fa:62:
77:fe:96:34:cd:18:c5:89:93:e3:8d:dd:7c:95:f1:
8c:73:7f:c9:25:84:f5:16:fd:13:7d:60:a6:90:53:
bc:a8:a9:7b:f9:51:95:93:9f:86:d6:13:88:a5:3b:
fa:8a:fc:7a:20:0a:58:d8:12:31:8d:00:f9:ec:f1:
1c:d7:9c:f8:26:1f:d7:4e:2b:98:0c:15:a4:71:c1:
b5:56:21:b6:87:50:d1:f6:ae:4c:aa:42:27:59:c7:
3f:fb:66:54:b8:aa:39:f3:a1:57:31:1c:8c:f3:49:
da:54:04:5d:51:60:ff:cb:b4:d7:9a:63:22:d9:45:
e5:d2:ed:a2:33:4a:bc:3d:a0:2e:35:f3:44:48:8c:
b5:15:f5:b7:2f:0c:30:8a:46:77:44:50:8f:47:a9:
f8:df:0c:03:0f:6f:c9:d0:38:13:08:6a:25:e1:58:
20:4d:e9:3e:7d:d9:f4:92:af:d3:ab:34:e3:68:03:
50:d8:68:73:43:80:4d:32:84:ab:3a:9f:e3:b0:f7:
09:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:9E:17:32:07:AA:5D:9D:BC:2A:05:D5:70:35:AF:F6:8C:46:13:41
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/A54XMgeqXZ28KgXVcDWv9oxGE0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.72.0/24
83.172.139.0/24
89.40.104.0/24
93.113.98.0/24
93.113.214.0/24
95.156.206.0/24
185.122.185.0/24
185.193.49.0/24
188.214.32.0/24
188.214.36.0/23
IPv6:
2a03:f80:372::/48
Signature Algorithm: sha256WithRSAEncryption
89:01:51:09:8a:69:c8:0a:a7:c7:5f:ce:4c:5b:56:1a:b7:58:
89:11:99:90:1a:09:32:e7:ba:b7:30:67:c1:d6:ee:7d:6f:93:
06:6f:6b:ad:5e:2b:d1:14:94:fd:e0:86:9b:22:69:0e:65:73:
a4:f1:0c:76:1d:40:16:0e:6f:d1:7b:ad:76:06:b6:67:f7:29:
d3:53:37:94:f5:fd:47:7d:a9:b5:e5:0d:43:f5:43:b0:fb:27:
86:ca:2a:8d:2b:a1:84:59:62:aa:e8:12:4b:f5:36:55:44:37:
9c:db:c3:fc:68:93:a9:c7:5d:60:18:45:a5:a7:f8:53:a5:6c:
5d:5a:ba:cc:74:87:df:9c:28:ef:9d:1d:5f:6c:1e:bc:71:fc:
10:4d:a0:ea:92:4c:69:98:08:46:b1:41:cc:d6:fa:a7:bb:5b:
94:04:83:8c:16:f4:02:e0:4e:94:b5:c4:a8:cb:47:e0:04:de:
92:f0:3c:c7:27:89:b1:dc:eb:98:84:9b:bb:01:55:9c:c2:d0:
6a:0c:f6:c4:bd:3c:57:f4:39:72:9a:35:3f:b1:19:c0:d6:5e:
38:bd:ca:f1:60:62:67:1d:a1:54:21:66:dd:43:1d:66:db:b3:
1e:dc:36:05:d5:ab:68:27:94:c4:84:25:90:3f:c9:0c:40:56:
87:93:bd:58
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZc/d2GUmk+wdwNT4HgoPncTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjUwNjA1MDk0MTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzllMTczMjA3YWE1ZDlkYmMyYTA1ZDU3MDM1YWZmNjhjNDYxMzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxcqr1bFJ1fdbMD+JajnmLm/lDEDi
LFnfq9v6p3JJ0cQMwa/KU7mRRGt/Ai3sGi4jQuzmi0fqXeMu+mJ3/pY0zRjFiZPj
jd18lfGMc3/JJYT1Fv0TfWCmkFO8qKl7+VGVk5+G1hOIpTv6ivx6IApY2BIxjQD5
7PEc15z4Jh/XTiuYDBWkccG1ViG2h1DR9q5MqkInWcc/+2ZUuKo586FXMRyM80na
VARdUWD/y7TXmmMi2UXl0u2iM0q8PaAuNfNESIy1FfW3LwwwikZ3RFCPR6n43wwD
D2/J0DgTCGol4VggTek+fdn0kq/TqzTjaANQ2GhzQ4BNMoSrOp/jsPcJlwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFAOeFzIHql2dvCoF1XA1r/aMRhNBMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvQTU0WE1nZXFYWjI4S2dYVmNEV3Y5b3hHRTBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBCBAIAATA8AwQALZdIAwQA
U6yLAwQAWShoAwQAXXFiAwQAXXHWAwQAX5zOAwQAuXq5AwQAucExAwQAvNYgAwQB
vNYkMA8EAgACMAkDBwAqAw+AA3IwDQYJKoZIhvcNAQELBQADggEBAIkBUQmKacgK
p8dfzkxbVhq3WIkRmZAaCTLnurcwZ8HW7n1vkwZva61eK9EUlP3ghpsiaQ5lc6Tx
DHYdQBYOb9F7rXYGtmf3KdNTN5T1/Ud9qbXlDUP1Q7D7J4bKKo0roYRZYqroEkv1
NlVEN5zbw/xok6nHXWAYRaWn+FOlbF1ausx0h9+cKO+dHV9sHrxx/BBNoOqSTGmY
CEaxQczW+qe7W5QEg4wW9ALgTpS1xKjLR+AE3pLwPMcnibHc65iEm7sBVZzC0GoM
9sS9PFf0OXKaNT+xGcDWXji9yvFgYmcdoVQhZt1DHWbbsx7cNgXVq2gnlMSEJZA/
yQxAVoeTvVg=
-----END CERTIFICATE-----
Generated at Sun Jun 8 21:44:28 2025 by rpki-client