Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/0sv1ijqQEgjOtR_uE0lJ-9PBqOE.roa
File: 0sv1ijqQEgjOtR_uE0lJ-9PBqOE.roa (raw, json)
Hash identifier: XR3k3PYojbYrFnSIXh0RzCCScqTwyecARa8ZMN+oiQQ=
Subject key identifier: D2:CB:F5:8A:3A:90:12:08:CE:B5:1F:EE:13:49:49:FB:D3:C1:A8:E1
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 019952C04398693F185EED2DE6C8E0DB3AEC
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/0sv1ijqQEgjOtR_uE0lJ-9PBqOE.roa
Signing time: Tue 16 Sep 2025 13:39:15 +0000
ROA not before: Tue 16 Sep 2025 13:39:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199959
IP address blocks: 45.43.147.0/24 maxlen: 24
45.43.152.0/24 maxlen: 24
64.137.54.0/24 maxlen: 24
104.233.56.0/24 maxlen: 24
104.233.58.0/24 maxlen: 24
104.239.66.0/24 maxlen: 24
104.239.74.0/24 maxlen: 24
104.239.79.0/24 maxlen: 24
104.239.83.0/24 maxlen: 24
104.239.89.0/24 maxlen: 24
104.239.100.0/24 maxlen: 24
104.239.102.0/24 maxlen: 24
104.239.109.0/24 maxlen: 24
104.239.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 10:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:52:c0:43:98:69:3f:18:5e:ed:2d:e6:c8:e0:db:3a:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Sep 16 13:39:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d2cbf58a3a901208ceb51fee134949fbd3c1a8e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6b:f4:bd:6c:6d:04:e4:6f:10:03:a6:95:b7:
bc:e3:11:00:d2:e0:78:86:72:47:de:b9:de:8b:2c:
8b:2b:44:43:23:4b:ef:2c:b6:d3:59:27:bc:02:50:
b5:ea:c1:0e:47:0c:77:c9:c7:e8:a3:c1:01:ad:09:
2e:6d:af:11:d2:95:51:38:31:89:5a:94:7e:0f:64:
69:c8:da:24:e8:dd:3c:c0:ab:ba:3f:b7:24:5f:b4:
9a:ed:dd:ed:ec:bd:ea:bc:17:8a:93:40:65:94:78:
de:7e:83:41:43:7e:73:37:2b:92:67:4b:c8:61:f2:
a3:cb:96:5c:bc:29:cc:72:42:e9:c1:74:2f:14:80:
26:78:c0:e6:de:d1:79:b9:2c:14:5f:12:77:45:9f:
45:57:0c:2e:08:b7:a1:d0:22:20:d7:19:8b:7c:dd:
aa:d9:db:2c:94:e9:f3:a7:61:b8:db:81:bd:dc:0d:
75:35:2c:16:db:c7:03:39:2f:be:88:09:c3:ad:8a:
b8:e2:7d:44:29:67:41:4e:8f:ad:79:9a:f0:2b:10:
6d:7e:c3:24:58:2c:68:8f:c2:a8:2c:75:aa:d2:2d:
7e:c4:84:df:2a:4f:be:43:a9:50:70:b2:2c:e8:67:
72:3b:9b:93:1e:af:24:63:1d:63:9d:fd:fa:ce:9b:
63:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:CB:F5:8A:3A:90:12:08:CE:B5:1F:EE:13:49:49:FB:D3:C1:A8:E1
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/0sv1ijqQEgjOtR_uE0lJ-9PBqOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.147.0/24
45.43.152.0/24
64.137.54.0/24
104.233.56.0/24
104.233.58.0/24
104.239.66.0/24
104.239.74.0/24
104.239.79.0/24
104.239.83.0/24
104.239.89.0/24
104.239.100.0/24
104.239.102.0/24
104.239.109.0/24
104.239.127.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:03:9b:ef:c3:18:de:2e:e3:c5:49:10:d1:45:c0:1a:47:aa:
54:3c:fa:50:e0:42:46:b1:02:bd:16:1a:0a:2c:24:7a:2c:f8:
a1:f0:3d:53:87:f0:28:ef:f2:27:57:e8:23:7e:ba:c9:29:5e:
15:63:a7:0f:80:ef:d0:96:d2:1d:5f:73:78:ac:7b:89:67:7a:
3d:a2:88:d4:4c:13:bd:fb:0b:30:db:ca:34:a7:7b:8c:99:39:
30:36:53:4b:b1:cf:ab:e0:08:d1:e2:19:ae:ef:ca:75:72:e0:
c2:a8:be:59:f2:df:ac:e0:86:c1:cf:fe:9c:d3:31:a4:8e:b1:
de:98:68:e1:5a:8d:7b:a0:be:c1:b3:a6:61:ce:0e:c0:46:2b:
1f:93:4d:97:06:94:4d:90:72:ef:9c:3e:e1:4d:cd:e5:36:7a:
05:d2:d8:c6:a2:6a:0c:f2:f1:a6:b8:14:c8:bb:ef:4b:16:2d:
a7:6b:2f:78:f3:fb:72:47:98:a3:11:aa:a9:b9:a1:f8:2e:9f:
3f:f8:0b:94:9b:50:97:13:f7:46:5e:6c:30:e0:b1:89:d8:89:
99:00:f2:23:62:30:b1:0b:dc:3a:f7:04:2e:43:c9:53:fe:bd:
15:98:ad:b4:39:7b:0e:af:0b:59:ee:18:f5:fd:f5:2f:4e:d4:
a8:e5:fb:f1
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZlSwEOYaT8YXu0t5sjg2zrsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwOTE2MTMzOTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmNiZjU4YTNhOTAxMjA4Y2ViNTFmZWUxMzQ5NDlmYmQzYzFhOGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2v0vWxtBORvEAOmlbe84xEA0uB4
hnJH3rneiyyLK0RDI0vvLLbTWSe8AlC16sEORwx3ycfoo8EBrQkuba8R0pVRODGJ
WpR+D2RpyNok6N08wKu6P7ckX7Sa7d3t7L3qvBeKk0BllHjefoNBQ35zNyuSZ0vI
YfKjy5ZcvCnMckLpwXQvFIAmeMDm3tF5uSwUXxJ3RZ9FVwwuCLeh0CIg1xmLfN2q
2dsslOnzp2G424G93A11NSwW28cDOS++iAnDrYq44n1EKWdBTo+teZrwKxBtfsMk
WCxoj8KoLHWq0i1+xITfKk++Q6lQcLIs6GdyO5uTHq8kYx1jnf36zptjswIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFNLL9Yo6kBIIzrUf7hNJSfvTwajhMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvMHN2MWlqcVFFZ2pPdFJfdUUwbEotOVBCcU9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQALSuTAwQA
LSuYAwQAQIk2AwQAaOk4AwQAaOk6AwQAaO9CAwQAaO9KAwQAaO9PAwQAaO9TAwQA
aO9ZAwQAaO9kAwQAaO9mAwQAaO9tAwQAaO9/MA0GCSqGSIb3DQEBCwUAA4IBAQB/
A5vvwxjeLuPFSRDRRcAaR6pUPPpQ4EJGsQK9FhoKLCR6LPih8D1Th/Ao7/InV+gj
frrJKV4VY6cPgO/QltIdX3N4rHuJZ3o9oojUTBO9+wsw28o0p3uMmTkwNlNLsc+r
4AjR4hmu78p1cuDCqL5Z8t+s4IbBz/6c0zGkjrHemGjhWo17oL7Bs6Zhzg7ARisf
k02XBpRNkHLvnD7hTc3lNnoF0tjGomoM8vGmuBTIu+9LFi2nay948/tyR5ijEaqp
uaH4Lp8/+AuUm1CXE/dGXmww4LGJ2ImZAPIjYjCxC9w69wQuQ8lT/r0VmK20OXsO
rwtZ7hj1/fUvTtSo5fvx
-----END CERTIFICATE-----
Generated at Thu Sep 18 16:31:15 2025 by rpki-client