Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/N-1ONOrnKWDhekonP5xdj9k7AVc.roa
File: N-1ONOrnKWDhekonP5xdj9k7AVc.roa (raw, json)
Hash identifier: zcDFEw78ivsEq5KSlNaEhpwiZKeZZ9h4SkAn5OtJi6g=
Subject key identifier: 37:ED:4E:34:EA:E7:29:60:E1:7A:4A:27:3F:9C:5D:8F:D9:3B:01:57
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 01973F10D8D44C7E5FFAE8C6AFCA8D3DF64E
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/N-1ONOrnKWDhekonP5xdj9k7AVc.roa
Signing time: Thu 05 Jun 2025 07:49:18 +0000
ROA not before: Thu 05 Jun 2025 07:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12541
IP address blocks: 45.83.50.0/23 maxlen: 23
45.83.50.0/24 maxlen: 24
45.83.51.0/24 maxlen: 24
80.66.112.0/23 maxlen: 23
80.66.114.0/24 maxlen: 24
80.66.115.0/24 maxlen: 24
80.66.117.0/24 maxlen: 24
80.66.118.0/24 maxlen: 24
80.66.119.0/24 maxlen: 24
80.66.120.0/23 maxlen: 23
80.66.120.0/24 maxlen: 24
80.66.121.0/24 maxlen: 24
80.66.122.0/24 maxlen: 24
80.66.123.0/24 maxlen: 24
80.66.124.0/24 maxlen: 24
80.66.125.0/24 maxlen: 24
80.66.126.0/24 maxlen: 24
80.66.127.0/24 maxlen: 24
89.42.70.0/24 maxlen: 24
89.44.150.0/24 maxlen: 24
89.44.151.0/24 maxlen: 24
89.45.208.0/24 maxlen: 24
91.132.28.0/23 maxlen: 23
91.132.31.0/24 maxlen: 24
94.198.47.0/24 maxlen: 24
178.19.34.0/24 maxlen: 24
178.19.35.0/24 maxlen: 24
178.19.44.0/24 maxlen: 24
178.19.45.0/24 maxlen: 24
178.19.46.0/24 maxlen: 24
178.19.47.0/24 maxlen: 24
185.71.28.0/24 maxlen: 24
185.203.21.0/24 maxlen: 24
185.203.22.0/24 maxlen: 24
185.203.23.0/24 maxlen: 24
185.229.215.0/24 maxlen: 24
185.242.175.0/24 maxlen: 24
193.178.212.0/24 maxlen: 24
193.178.218.0/24 maxlen: 24
193.186.1.0/24 maxlen: 24
193.186.11.0/24 maxlen: 24
194.15.140.0/24 maxlen: 24
194.15.146.0/24 maxlen: 24
194.15.182.0/24 maxlen: 24
194.15.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3f:10:d8:d4:4c:7e:5f:fa:e8:c6:af:ca:8d:3d:f6:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jun 5 07:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=37ed4e34eae72960e17a4a273f9c5d8fd93b0157
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f6:08:de:8c:a0:d0:b8:c4:0b:ee:04:a0:46:
7f:b0:82:4d:d0:ee:72:fb:26:8f:6a:2b:f0:4b:66:
dd:32:e9:54:68:75:7b:57:19:1c:2e:a4:ae:04:98:
32:72:f1:17:23:0d:74:8e:83:f0:78:f1:45:3d:0c:
cf:63:c6:a3:23:8c:18:4b:9f:79:dd:4b:c8:cf:71:
dc:3a:f0:18:6a:f2:07:79:a5:53:e0:f9:5c:cc:d2:
95:f7:4a:ce:01:75:b1:0b:98:99:5c:bf:44:9e:bf:
95:ce:30:14:c0:56:43:ce:53:d3:63:c6:66:03:03:
de:a9:cf:50:b6:41:a4:2f:e1:68:96:9b:cc:ff:75:
dd:0d:51:08:ac:5b:7d:30:0a:de:85:3d:3f:e1:23:
98:99:e7:49:b0:2a:d5:e1:43:57:32:72:98:19:f4:
58:2a:22:00:15:18:20:3b:7c:a1:3c:bb:a5:63:66:
ae:ef:85:f4:3c:27:05:92:23:7a:1f:d6:dc:57:a5:
d4:cc:d4:fd:72:cd:ab:49:fa:d4:d9:f9:a9:fe:11:
74:ed:67:41:56:0c:b0:a7:af:f1:e0:ef:65:9e:de:
8d:90:bf:64:bf:4d:79:ca:c9:48:b7:7f:b7:dd:d8:
3e:c2:2c:51:21:fd:04:e7:41:64:31:b7:0c:f2:52:
f9:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:ED:4E:34:EA:E7:29:60:E1:7A:4A:27:3F:9C:5D:8F:D9:3B:01:57
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/N-1ONOrnKWDhekonP5xdj9k7AVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.50.0/23
80.66.112.0/22
80.66.117.0-80.66.127.255
89.42.70.0/24
89.44.150.0/23
89.45.208.0/24
91.132.28.0/23
91.132.31.0/24
94.198.47.0/24
178.19.34.0/23
178.19.44.0/22
185.71.28.0/24
185.203.21.0-185.203.23.255
185.229.215.0/24
185.242.175.0/24
193.178.212.0/24
193.178.218.0/24
193.186.1.0/24
193.186.11.0/24
194.15.140.0/24
194.15.146.0/24
194.15.182.0/24
194.15.195.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:de:d5:a6:b7:64:89:ce:44:61:42:43:3e:5b:4d:23:8a:c0:
1e:08:ee:c6:d5:5a:27:af:09:bb:f6:7b:0f:ec:26:47:6a:e8:
38:cd:be:bd:72:b2:3e:a2:19:e9:82:58:7a:f5:f3:77:df:a4:
95:ec:e8:9a:10:33:05:f2:98:6e:46:32:a3:5f:ce:ae:1c:43:
f1:40:16:e8:5c:a6:c4:38:36:25:43:06:03:07:5c:b6:fa:bb:
7a:b5:38:c2:ad:cf:b9:05:26:47:2e:c4:9e:49:08:2b:75:06:
d8:b7:bc:8a:7b:a4:de:f6:52:6f:3d:6a:98:70:56:aa:a5:2f:
b3:df:fd:3f:be:3e:74:b3:5c:0e:22:12:b6:2e:1c:b3:6e:ec:
ee:21:2c:1d:6b:dc:8f:ab:5c:a3:b3:2f:dd:9e:b6:c0:df:8b:
c8:6c:75:44:a6:b6:21:c5:7e:4a:1e:92:ed:fa:9b:55:b3:f9:
7a:c9:2a:81:bf:1c:b8:c2:d8:b3:40:24:f8:1d:b5:4e:c8:50:
50:79:f2:8a:8b:9e:e6:79:5e:59:9a:25:7b:18:80:da:3d:13:
49:19:30:cc:17:51:9c:2f:4e:cd:80:49:05:34:67:60:fd:ac:
8b:0e:45:73:0c:d3:5f:d2:d3:dc:8f:48:e5:ca:49:15:5e:ae:
c3:0c:3d:18
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAZc/ENjUTH5f+ujGr8qNPfZOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwNjA1MDc0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2VkNGUzNGVhZTcyOTYwZTE3YTRhMjczZjljNWQ4ZmQ5M2IwMTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPYI3oyg0LjEC+4EoEZ/sIJN0O5y
+yaPaivwS2bdMulUaHV7VxkcLqSuBJgycvEXIw10joPwePFFPQzPY8ajI4wYS595
3UvIz3HcOvAYavIHeaVT4PlczNKV90rOAXWxC5iZXL9Enr+VzjAUwFZDzlPTY8Zm
AwPeqc9QtkGkL+FolpvM/3XdDVEIrFt9MArehT0/4SOYmedJsCrV4UNXMnKYGfRY
KiIAFRggO3yhPLulY2au74X0PCcFkiN6H9bcV6XUzNT9cs2rSfrU2fmp/hF07WdB
Vgywp6/x4O9lnt6NkL9kv015yslIt3+33dg+wixRIf0E50FkMbcM8lL5IQIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFDftTjTq5ylg4XpKJz+cXY/ZOwFXMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvTi0xT05Pcm5LV0RoZWtvblA1eGRqOWs3QVZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAEwgZoDBAEt
UzIDBAJQQnAwDAMEAFBCdQMEB1BCAAMEAFkqRgMEAVkslgMEAFkt0AMEAVuEHAME
AFuEHwMEAF7GLwMEAbITIgMEArITLAMEALlHHDAMAwQAucsVAwQDucsQAwQAueXX
AwQAufKvAwQAwbLUAwQAwbLaAwQAwboBAwQAwboLAwQAwg+MAwQAwg+SAwQAwg+2
AwQAwg/DMA0GCSqGSIb3DQEBCwUAA4IBAQC23tWmt2SJzkRhQkM+W00jisAeCO7G
1Vonrwm79nsP7CZHaug4zb69crI+ohnpglh69fN336SV7OiaEDMF8phuRjKjX86u
HEPxQBboXKbEODYlQwYDB1y2+rt6tTjCrc+5BSZHLsSeSQgrdQbYt7yKe6Te9lJv
PWqYcFaqpS+z3/0/vj50s1wOIhK2LhyzbuzuISwda9yPq1yjsy/dnrbA34vIbHVE
prYhxX5KHpLt+ptVs/l6ySqBvxy4wtizQCT4HbVOyFBQefKKi57meV5ZmiV7GIDa
PRNJGTDMF1GcL07NgEkFNGdg/ayLDkVzDNNf0tPcj0jlykkVXq7DDD0Y
-----END CERTIFICATE-----
Generated at Sat Jun 7 16:10:57 2025 by rpki-client