Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/5da375-99a9-4329-9d29-cec8931ce631/1/8O6pLoVX5MOhxRX0NAMWUCXkJ60.roa
File: 8O6pLoVX5MOhxRX0NAMWUCXkJ60.roa (raw, json)
Hash identifier: OO8XZDvw+dAnLvMz7bhHaxqvBWh2QRq24DPVyPxT+c4=
Subject key identifier: F0:EE:A9:2E:85:57:E4:C3:A1:C5:15:F4:34:03:16:50:25:E4:27:AD
Certificate issuer: /CN=ad5c2e74c6d46cc73c98a4c16087a8a3b3a6f759
Certificate serial: 01972F9C7F3936C576BF72CDDB43734BC494
Authority key identifier: AD:5C:2E:74:C6:D4:6C:C7:3C:98:A4:C1:60:87:A8:A3:B3:A6:F7:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rVwudMbUbMc8mKTBYIeoo7Om91k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/5da375-99a9-4329-9d29-cec8931ce631/1/8O6pLoVX5MOhxRX0NAMWUCXkJ60.roa
Signing time: Mon 02 Jun 2025 07:47:54 +0000
ROA not before: Mon 02 Jun 2025 07:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211440
IP address blocks: 45.94.238.0/24 maxlen: 24
45.148.44.0/24 maxlen: 24
45.148.45.0/24 maxlen: 24
45.148.46.0/24 maxlen: 24
45.148.47.0/24 maxlen: 24
193.3.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/5da375-99a9-4329-9d29-cec8931ce631/1/rVwudMbUbMc8mKTBYIeoo7Om91k.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/5da375-99a9-4329-9d29-cec8931ce631/1/rVwudMbUbMc8mKTBYIeoo7Om91k.mft
rsync://rpki.ripe.net/repository/DEFAULT/rVwudMbUbMc8mKTBYIeoo7Om91k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 21:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2f:9c:7f:39:36:c5:76:bf:72:cd:db:43:73:4b:c4:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad5c2e74c6d46cc73c98a4c16087a8a3b3a6f759
Validity
Not Before: Jun 2 07:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f0eea92e8557e4c3a1c515f43403165025e427ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:50:47:32:9c:6d:8d:a7:db:82:af:dd:94:e3:
d3:11:37:9e:11:4d:fd:50:74:d9:31:7b:5d:06:cb:
0c:0a:ce:9e:1e:93:19:ed:bc:69:64:06:14:e4:70:
f4:7b:be:1f:dc:34:36:78:4e:31:6a:1f:8d:23:52:
50:30:04:2e:58:98:21:71:32:ad:23:c8:de:29:db:
f1:ba:33:07:64:e0:ac:96:5d:ae:5e:55:cb:12:e2:
1b:87:96:bb:80:de:e5:15:c3:b1:a1:6a:39:5d:2d:
5c:6d:58:b0:b0:9d:1c:6f:60:4c:76:13:4d:f0:3b:
8d:7d:97:35:34:4e:27:0f:b7:8d:d0:d2:b6:59:40:
b0:79:d5:f2:e5:95:7b:78:b7:d1:13:3a:d3:7c:7a:
b0:9e:99:ea:df:2c:b9:73:30:7e:2a:fb:91:76:f7:
e5:02:13:12:b8:45:0f:83:ac:f4:da:73:18:32:e7:
fe:1e:0b:94:d0:99:57:3e:57:c0:c3:77:9b:5c:86:
41:c0:da:eb:e3:7c:79:a9:bd:64:f4:e3:91:ff:6c:
23:58:07:06:0c:c1:19:78:a9:62:ba:a1:e0:d2:27:
34:fb:51:9d:c4:bb:e3:95:8b:b9:11:39:76:26:3a:
ed:3b:2d:58:bd:87:ed:d9:1f:cb:f6:d9:b0:cf:6e:
8e:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:EE:A9:2E:85:57:E4:C3:A1:C5:15:F4:34:03:16:50:25:E4:27:AD
X509v3 Authority Key Identifier:
keyid:AD:5C:2E:74:C6:D4:6C:C7:3C:98:A4:C1:60:87:A8:A3:B3:A6:F7:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rVwudMbUbMc8mKTBYIeoo7Om91k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/5da375-99a9-4329-9d29-cec8931ce631/1/8O6pLoVX5MOhxRX0NAMWUCXkJ60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/5da375-99a9-4329-9d29-cec8931ce631/1/rVwudMbUbMc8mKTBYIeoo7Om91k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.238.0/24
45.148.44.0/22
193.3.176.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:fe:fc:b6:5e:ad:25:f9:ac:35:36:34:9c:d9:a2:0e:42:a5:
44:e0:f0:aa:d8:d8:6f:d8:7c:2c:36:27:75:57:f6:97:38:5a:
d0:50:8f:c7:fd:46:83:32:61:57:3d:51:c5:8a:24:33:98:4b:
75:57:43:5f:f8:7d:d4:9c:58:62:6f:12:07:e2:7c:bc:eb:e5:
c6:09:c4:c4:1d:0a:ef:90:26:d6:2d:3a:25:59:d4:fa:02:16:
1e:da:04:0b:49:81:aa:33:b3:de:55:56:3d:42:a8:ec:94:10:
ee:aa:30:70:d5:8a:0e:14:3f:26:99:29:dc:91:36:6f:23:5b:
80:b8:3d:78:df:21:b0:7e:6b:ab:c9:8e:32:47:a8:36:e2:bd:
1c:b8:21:cc:00:1e:2d:9a:75:b6:bc:dc:6c:fe:a7:8c:c7:9a:
46:33:61:47:25:7f:d2:8c:b7:8e:2b:48:38:26:64:46:97:25:
ac:3a:b8:0b:66:84:9d:14:e2:79:cb:8c:db:54:dc:ec:ef:37:
4b:fd:52:fc:9b:d8:15:cd:77:40:e7:92:45:8c:96:1e:3a:f6:
3e:33:93:0b:cf:7b:2e:11:5d:3b:db:ef:1e:1b:0f:62:b4:d9:
c8:6f:96:10:b4:c1:c3:3d:57:89:1e:6d:d8:6f:cf:f6:91:97:
7d:2d:40:28
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZcvnH85NsV2v3LN20NzS8SUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNWMyZTc0YzZkNDZjYzczYzk4YTRjMTYwODdhOGEzYjNh
NmY3NTkwHhcNMjUwNjAyMDc0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGVlYTkyZTg1NTdlNGMzYTFjNTE1ZjQzNDAzMTY1MDI1ZTQyN2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlBHMpxtjafbgq/dlOPTETeeEU39
UHTZMXtdBssMCs6eHpMZ7bxpZAYU5HD0e74f3DQ2eE4xah+NI1JQMAQuWJghcTKt
I8jeKdvxujMHZOCsll2uXlXLEuIbh5a7gN7lFcOxoWo5XS1cbViwsJ0cb2BMdhNN
8DuNfZc1NE4nD7eN0NK2WUCwedXy5ZV7eLfREzrTfHqwnpnq3yy5czB+KvuRdvfl
AhMSuEUPg6z02nMYMuf+HguU0JlXPlfAw3ebXIZBwNrr43x5qb1k9OOR/2wjWAcG
DMEZeKliuqHg0ic0+1GdxLvjlYu5ETl2JjrtOy1YvYft2R/L9tmwz26OvwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPDuqS6FV+TDocUV9DQDFlAl5CetMB8GA1UdIwQY
MBaAFK1cLnTG1GzHPJikwWCHqKOzpvdZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclZ3dWRNYlViTWM4bUtUQllJZW9vN09tOTFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC81ZGEzNzUtOTlhOS00MzI5LTlkMjkt
Y2VjODkzMWNlNjMxLzEvOE82cExvVlg1TU9oeFJYME5BTVdVQ1hrSjYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC81ZGEzNzUtOTlhOS00MzI5LTlkMjktY2VjODkzMWNlNjMx
LzEvclZ3dWRNYlViTWM4bUtUQllJZW9vN09tOTFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALV7uAwQC
LZQsAwQAwQOwMA0GCSqGSIb3DQEBCwUAA4IBAQAL/vy2Xq0l+aw1NjSc2aIOQqVE
4PCq2Nhv2HwsNid1V/aXOFrQUI/H/UaDMmFXPVHFiiQzmEt1V0Nf+H3UnFhibxIH
4ny86+XGCcTEHQrvkCbWLTolWdT6AhYe2gQLSYGqM7PeVVY9QqjslBDuqjBw1YoO
FD8mmSnckTZvI1uAuD143yGwfmuryY4yR6g24r0cuCHMAB4tmnW2vNxs/qeMx5pG
M2FHJX/SjLeOK0g4JmRGlyWsOrgLZoSdFOJ5y4zbVNzs7zdL/VL8m9gVzXdA55JF
jJYeOvY+M5MLz3suEV072+8eGw9itNnIb5YQtMHDPVeJHm3Yb8/2kZd9LUAo
-----END CERTIFICATE-----
Generated at Mon Jun 9 03:31:35 2025 by rpki-client