Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/mPonHoCydsOGr01E22oka6BcXT0.roa
File: mPonHoCydsOGr01E22oka6BcXT0.roa (raw, json)
Hash identifier: GJfUwRg4MNl3k8rRbzJmpQbqCiIEORMvPGmurKyyn6w=
Subject key identifier: 98:FA:27:1E:80:B2:76:C3:86:AF:4D:44:DB:6A:24:6B:A0:5C:5D:3D
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 01973F25E7A42001926680EEBD1FCC72A895
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/mPonHoCydsOGr01E22oka6BcXT0.roa
Signing time: Thu 05 Jun 2025 08:12:18 +0000
ROA not before: Thu 05 Jun 2025 08:12:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202766
IP address blocks: 45.80.80.0/24 maxlen: 24
45.83.50.0/23 maxlen: 23
45.83.50.0/24 maxlen: 24
45.83.51.0/24 maxlen: 24
80.66.112.0/20 maxlen: 20
80.66.112.0/23 maxlen: 23
80.66.114.0/24 maxlen: 24
80.66.115.0/24 maxlen: 24
80.66.117.0/24 maxlen: 24
80.66.118.0/24 maxlen: 24
80.66.119.0/24 maxlen: 24
80.66.120.0/23 maxlen: 23
80.66.120.0/24 maxlen: 24
80.66.121.0/24 maxlen: 24
80.66.122.0/24 maxlen: 24
80.66.123.0/24 maxlen: 24
80.66.124.0/24 maxlen: 24
80.66.125.0/24 maxlen: 24
80.66.126.0/24 maxlen: 24
80.66.127.0/24 maxlen: 24
89.42.70.0/24 maxlen: 24
89.44.150.0/24 maxlen: 24
89.44.151.0/24 maxlen: 24
91.132.28.0/23 maxlen: 23
91.132.31.0/24 maxlen: 24
94.198.47.0/24 maxlen: 24
178.19.44.0/24 maxlen: 24
178.19.47.0/24 maxlen: 24
185.203.20.0/22 maxlen: 22
185.203.20.0/24 maxlen: 24
185.203.21.0/24 maxlen: 24
185.203.22.0/24 maxlen: 24
185.203.23.0/24 maxlen: 24
185.229.212.0/24 maxlen: 24
185.229.213.0/24 maxlen: 24
185.229.214.0/24 maxlen: 24
185.229.215.0/24 maxlen: 24
185.242.175.0/24 maxlen: 24
193.178.212.0/24 maxlen: 24
193.178.218.0/24 maxlen: 24
193.186.1.0/24 maxlen: 24
193.186.11.0/24 maxlen: 24
194.15.146.0/24 maxlen: 24
194.15.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 20:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3f:25:e7:a4:20:01:92:66:80:ee:bd:1f:cc:72:a8:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jun 5 08:12:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98fa271e80b276c386af4d44db6a246ba05c5d3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:7d:1e:33:63:74:cb:45:e3:21:2a:d8:b9:b6:
9b:9a:d5:c5:a7:25:5d:da:ca:a2:06:e7:d6:1b:51:
fa:2a:8a:f3:ce:58:eb:57:72:53:b7:b7:b6:2a:cf:
fd:d7:2c:a2:db:78:c5:45:da:ed:72:2e:67:42:d6:
49:7d:04:ed:92:59:c3:5e:5d:10:d6:92:0e:ae:ad:
e6:55:dc:17:3d:39:e7:bc:81:6c:bc:e0:c6:ed:02:
ab:11:aa:ab:4d:5e:15:9a:43:56:6e:28:8f:f8:99:
ac:75:f5:8b:c8:b4:ea:16:02:02:6a:28:51:8d:dc:
b1:36:49:6e:31:f2:28:6a:c9:01:9a:f9:7e:eb:dd:
73:7e:12:c5:4c:f9:cf:5e:92:51:f2:73:cc:e0:84:
99:b1:b0:ef:64:38:89:c5:c2:d9:d3:d3:df:ae:eb:
20:0e:6b:49:c9:db:b2:fa:8a:17:5c:14:93:a0:d8:
49:bc:91:6e:f2:e6:1d:6e:14:fb:00:e9:48:9a:c5:
13:b4:bf:56:32:10:92:d4:23:68:54:ee:ba:e3:c6:
11:7a:3d:ac:a7:99:83:14:58:92:7c:5e:47:ed:e1:
d2:0a:21:46:90:03:74:f2:1c:3f:cf:4d:aa:32:e4:
34:4e:43:b4:b3:3b:6a:10:4f:4d:02:af:16:1d:50:
dc:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:FA:27:1E:80:B2:76:C3:86:AF:4D:44:DB:6A:24:6B:A0:5C:5D:3D
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/mPonHoCydsOGr01E22oka6BcXT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.80.0/24
45.83.50.0/23
80.66.112.0/20
89.42.70.0/24
89.44.150.0/23
91.132.28.0/23
91.132.31.0/24
94.198.47.0/24
178.19.44.0/24
178.19.47.0/24
185.203.20.0/22
185.229.212.0/22
185.242.175.0/24
193.178.212.0/24
193.178.218.0/24
193.186.1.0/24
193.186.11.0/24
194.15.146.0/24
194.15.195.0/24
Signature Algorithm: sha256WithRSAEncryption
27:0f:28:7e:eb:cf:6e:10:10:fd:48:32:c9:24:09:b9:09:30:
85:b4:f7:6c:a2:e5:b8:7e:98:8d:0f:77:53:5c:78:1c:4f:40:
a4:33:5e:d0:dc:11:9c:45:57:0a:6c:3c:4e:23:1a:83:be:c1:
dd:48:0a:e3:1f:8c:3d:cc:e3:58:cf:f9:3c:a9:d1:3c:3b:fd:
fd:d8:4f:12:14:b6:4d:0c:08:c0:66:bb:31:7e:de:6b:c9:df:
90:43:6c:84:22:e8:6a:bf:dc:ea:bf:98:5d:69:a7:1f:7a:71:
4d:68:30:63:2e:8e:c4:e1:08:53:51:04:17:91:61:54:5c:cd:
d7:cb:a6:11:b8:f2:88:5f:77:92:32:7d:01:fa:72:88:75:08:
d6:fa:13:6f:18:a9:94:63:d4:82:9e:05:88:58:dc:33:c3:cf:
18:36:e9:8d:7c:c0:16:69:d4:9c:76:78:56:1a:f8:f2:27:f7:
64:82:ae:54:b5:22:0c:06:17:11:c5:ac:78:05:4c:fe:4d:ab:
13:33:cb:b3:1b:a7:8c:87:59:ed:7f:d6:96:b6:45:4b:bc:35:
b6:90:d0:f1:1a:8f:fc:59:2d:8a:ba:3c:c0:7b:dd:d8:28:90:
c1:a4:d6:e1:48:4a:85:20:d9:8b:2e:77:d0:13:9c:f5:e3:2c:
31:42:d5:60
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZc/JeekIAGSZoDuvR/McqiVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwNjA1MDgxMjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGZhMjcxZTgwYjI3NmMzODZhZjRkNDRkYjZhMjQ2YmEwNWM1ZDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1n0eM2N0y0XjISrYubabmtXFpyVd
2sqiBufWG1H6KorzzljrV3JTt7e2Ks/91yyi23jFRdrtci5nQtZJfQTtklnDXl0Q
1pIOrq3mVdwXPTnnvIFsvODG7QKrEaqrTV4VmkNWbiiP+JmsdfWLyLTqFgICaihR
jdyxNkluMfIoaskBmvl+691zfhLFTPnPXpJR8nPM4ISZsbDvZDiJxcLZ09Pfrusg
DmtJyduy+ooXXBSToNhJvJFu8uYdbhT7AOlImsUTtL9WMhCS1CNoVO6648YRej2s
p5mDFFiSfF5H7eHSCiFGkAN08hw/z02qMuQ0TkO0sztqEE9NAq8WHVDcfQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFJj6Jx6AsnbDhq9NRNtqJGugXF09MB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvbVBvbkhvQ3lkc09HcjAxRTIyb2thNkJjWFQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAC1QUAME
AS1TMgMEBFBCcAMEAFkqRgMEAVkslgMEAVuEHAMEAFuEHwMEAF7GLwMEALITLAME
ALITLwMEArnLFAMEArnl1AMEALnyrwMEAMGy1AMEAMGy2gMEAMG6AQMEAMG6CwME
AMIPkgMEAMIPwzANBgkqhkiG9w0BAQsFAAOCAQEAJw8ofuvPbhAQ/UgyySQJuQkw
hbT3bKLluH6YjQ93U1x4HE9ApDNe0NwRnEVXCmw8TiMag77B3UgK4x+MPczjWM/5
PKnRPDv9/dhPEhS2TQwIwGa7MX7ea8nfkENshCLoar/c6r+YXWmnH3pxTWgwYy6O
xOEIU1EEF5FhVFzN18umEbjyiF93kjJ9AfpyiHUI1voTbxiplGPUgp4FiFjcM8PP
GDbpjXzAFmnUnHZ4Vhr48if3ZIKuVLUiDAYXEcWseAVM/k2rEzPLsxunjIdZ7X/W
lrZFS7w1tpDQ8RqP/Fktiro8wHvd2CiQwaTW4UhKhSDZiy530BOc9eMsMULVYA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:32:45 2025 by rpki-client