Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/J2u3TZi8Qj3U0_q66Y3J09uW1DE.roa
File: J2u3TZi8Qj3U0_q66Y3J09uW1DE.roa (raw, json)
Hash identifier: B34l2mLrkGW3Y2RvPFHOhdY4qVx60VEHwnemI8kQDNo=
Subject key identifier: 27:6B:B7:4D:98:BC:42:3D:D4:D3:FA:BA:E9:8D:C9:D3:DB:96:D4:31
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 01973547F689A66DAC07028E3AC4124A1204
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/J2u3TZi8Qj3U0_q66Y3J09uW1DE.roa
Signing time: Tue 03 Jun 2025 10:13:17 +0000
ROA not before: Tue 03 Jun 2025 10:13:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47690
IP address blocks: 45.43.148.0/24 maxlen: 24
45.43.149.0/24 maxlen: 24
45.43.150.0/24 maxlen: 24
45.43.151.0/24 maxlen: 24
45.43.154.0/24 maxlen: 24
45.43.158.0/24 maxlen: 24
45.43.161.0/24 maxlen: 24
104.222.176.0/24 maxlen: 24
104.222.178.0/24 maxlen: 24
104.222.179.0/24 maxlen: 24
104.222.180.0/24 maxlen: 24
104.222.181.0/24 maxlen: 24
104.222.182.0/24 maxlen: 24
104.222.183.0/24 maxlen: 24
104.222.189.0/24 maxlen: 24
104.233.8.0/24 maxlen: 24
104.233.9.0/24 maxlen: 24
104.233.59.0/24 maxlen: 24
104.238.6.0/24 maxlen: 24
104.238.11.0/24 maxlen: 24
104.238.12.0/24 maxlen: 24
104.238.13.0/24 maxlen: 24
104.239.8.0/24 maxlen: 24
104.239.12.0/24 maxlen: 24
104.239.14.0/24 maxlen: 24
104.239.29.0/24 maxlen: 24
104.239.55.0/24 maxlen: 24
104.239.56.0/24 maxlen: 24
104.239.58.0/24 maxlen: 24
104.239.59.0/24 maxlen: 24
104.239.60.0/24 maxlen: 24
104.239.61.0/24 maxlen: 24
104.239.62.0/24 maxlen: 24
104.239.63.0/24 maxlen: 24
104.249.8.0/24 maxlen: 24
104.249.9.0/24 maxlen: 24
104.249.10.0/24 maxlen: 24
104.249.11.0/24 maxlen: 24
104.249.12.0/24 maxlen: 24
104.249.13.0/24 maxlen: 24
104.249.14.0/24 maxlen: 24
104.249.15.0/24 maxlen: 24
104.249.17.0/24 maxlen: 24
104.249.19.0/24 maxlen: 24
104.249.20.0/24 maxlen: 24
104.249.21.0/24 maxlen: 24
104.249.22.0/24 maxlen: 24
104.249.23.0/24 maxlen: 24
104.249.42.0/24 maxlen: 24
104.249.43.0/24 maxlen: 24
104.249.44.0/24 maxlen: 24
104.249.45.0/24 maxlen: 24
104.249.46.0/24 maxlen: 24
104.249.47.0/24 maxlen: 24
104.249.48.0/24 maxlen: 24
104.249.49.0/24 maxlen: 24
104.249.50.0/24 maxlen: 24
104.249.51.0/24 maxlen: 24
104.249.52.0/24 maxlen: 24
104.249.53.0/24 maxlen: 24
104.249.54.0/24 maxlen: 24
216.173.90.0/24 maxlen: 24
216.173.91.0/24 maxlen: 24
216.173.92.0/24 maxlen: 24
216.173.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 21:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:35:47:f6:89:a6:6d:ac:07:02:8e:3a:c4:12:4a:12:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jun 3 10:13:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=276bb74d98bc423dd4d3fabae98dc9d3db96d431
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e3:81:7b:51:c9:9c:18:16:c9:ab:b9:4a:d8:
2d:b7:1c:e4:d3:d1:3d:91:c5:ea:67:4c:8c:97:56:
87:47:87:cf:57:32:8c:43:40:97:c1:ed:88:35:d8:
7a:78:fd:cb:98:ce:34:40:b7:6b:a4:78:6a:cc:d4:
91:4f:89:10:24:79:7f:ed:0a:e0:9e:98:49:57:7c:
7b:0b:4e:01:6b:86:04:80:0b:d7:5f:9d:39:c6:af:
a1:43:f5:5c:5e:3f:b8:a0:6d:9d:ef:78:36:4d:e0:
80:9a:dd:71:32:a7:e4:16:39:2d:22:be:8d:e7:ff:
95:62:0a:6d:8b:74:71:0a:30:31:14:76:c2:61:a3:
24:04:90:a6:d3:e9:66:c3:e1:c0:84:c4:5a:4a:2c:
3d:4b:69:e8:0b:43:a8:df:59:72:02:40:c6:50:3f:
fb:47:cc:87:8f:bf:b7:a6:75:11:de:a2:0b:69:da:
1c:d6:52:e3:dc:4d:0a:26:93:d3:1e:ba:b7:f6:04:
50:b8:d9:6e:66:1d:69:e7:07:25:10:1a:d7:c7:de:
3e:1c:e6:44:a0:23:73:f0:92:39:c2:ac:a3:fb:c9:
fa:12:b4:b5:98:c9:a9:08:7e:61:99:7d:2d:b4:a7:
cc:dc:6f:5c:9a:57:8e:62:a1:75:dc:bc:8a:6c:67:
17:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:6B:B7:4D:98:BC:42:3D:D4:D3:FA:BA:E9:8D:C9:D3:DB:96:D4:31
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/J2u3TZi8Qj3U0_q66Y3J09uW1DE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.148.0/22
45.43.154.0/24
45.43.158.0/24
45.43.161.0/24
104.222.176.0/24
104.222.178.0-104.222.183.255
104.222.189.0/24
104.233.8.0/23
104.233.59.0/24
104.238.6.0/24
104.238.11.0-104.238.13.255
104.239.8.0/24
104.239.12.0/24
104.239.14.0/24
104.239.29.0/24
104.239.55.0-104.239.56.255
104.239.58.0-104.239.63.255
104.249.8.0/21
104.249.17.0/24
104.249.19.0-104.249.23.255
104.249.42.0-104.249.54.255
216.173.90.0-216.173.93.255
Signature Algorithm: sha256WithRSAEncryption
6d:d7:40:7b:48:67:af:b7:fa:4a:c9:d7:60:c6:80:27:cf:11:
5c:88:54:82:1b:8d:94:ae:ba:5d:75:d0:01:04:21:01:b7:2a:
72:65:27:fa:fb:cc:61:49:bb:dd:1c:74:6a:c8:4f:79:aa:5a:
9f:f2:24:66:23:0f:42:1c:2e:c5:bc:bf:ac:86:7b:11:09:a4:
9e:3b:b9:ce:8b:d9:55:3b:d0:a1:ef:e5:34:79:6a:7f:ec:1b:
3e:3f:e0:e6:f0:7b:85:4f:67:2b:6d:37:8d:0b:d7:cf:6d:c0:
2c:6e:66:13:d2:8e:4a:7a:42:0e:47:ff:53:26:9e:96:6c:9b:
9c:85:fa:04:2a:c7:2b:9f:96:88:56:bb:90:b3:40:bb:2c:d7:
90:24:e5:d0:ef:08:b1:00:43:0f:6a:da:df:fc:f5:bd:11:b3:
75:91:80:8c:8f:12:22:24:a5:37:c4:18:58:49:23:9b:77:44:
97:4b:17:e0:9f:7c:21:6e:b9:6a:62:63:03:61:9f:d7:75:d2:
ac:9e:77:24:66:1e:4b:d5:e6:4f:1e:6c:dd:61:69:54:1b:46:
07:b3:ba:27:56:d7:f5:2e:9e:c9:10:c7:0a:44:f0:cd:47:a9:
a2:0a:05:34:ab:db:ff:44:e3:e2:0f:33:aa:0c:18:0c:ad:3b:
71:58:13:43
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgISAZc1R/aJpm2sBwKOOsQSShIEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwNjAzMTAxMzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzZiYjc0ZDk4YmM0MjNkZDRkM2ZhYmFlOThkYzlkM2RiOTZkNDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+OBe1HJnBgWyau5Stgttxzk09E9
kcXqZ0yMl1aHR4fPVzKMQ0CXwe2INdh6eP3LmM40QLdrpHhqzNSRT4kQJHl/7Qrg
nphJV3x7C04Ba4YEgAvXX505xq+hQ/VcXj+4oG2d73g2TeCAmt1xMqfkFjktIr6N
5/+VYgpti3RxCjAxFHbCYaMkBJCm0+lmw+HAhMRaSiw9S2noC0Oo31lyAkDGUD/7
R8yHj7+3pnUR3qILadoc1lLj3E0KJpPTHrq39gRQuNluZh1p5wclEBrXx94+HOZE
oCNz8JI5wqyj+8n6ErS1mMmpCH5hmX0ttKfM3G9cmleOYqF13LyKbGcXYwIDAQAB
o4ICxDCCAsAwHQYDVR0OBBYEFCdrt02YvEI91NP6uumNydPbltQxMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvSjJ1M1RaaThRajNVMF9xNjZZM0owOXVXMURFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHZBggrBgEFBQcBBwEB/wSByTCBxjCBwwQCAAEwgbwDBAIt
K5QDBAAtK5oDBAAtK54DBAAtK6EDBABo3rAwDAMEAWjesgMEA2jesAMEAGjevQME
AWjpCAMEAGjpOwMEAGjuBjAMAwQAaO4LAwQBaO4MAwQAaO8IAwQAaO8MAwQAaO8O
AwQAaO8dMAwDBABo7zcDBABo7zgwDAMEAWjvOgMEBmjvAAMEA2j5CAMEAGj5ETAM
AwQAaPkTAwQDaPkQMAwDBAFo+SoDBABo+TYwDAMEAditWgMEAditXDANBgkqhkiG
9w0BAQsFAAOCAQEAbddAe0hnr7f6SsnXYMaAJ88RXIhUghuNlK66XXXQAQQhAbcq
cmUn+vvMYUm73Rx0ashPeapan/IkZiMPQhwuxby/rIZ7EQmknju5zovZVTvQoe/l
NHlqf+wbPj/g5vB7hU9nK203jQvXz23ALG5mE9KOSnpCDkf/UyaelmybnIX6BCrH
K5+WiFa7kLNAuyzXkCTl0O8IsQBDD2ra3/z1vRGzdZGAjI8SIiSlN8QYWEkjm3dE
l0sX4J98IW65amJjA2Gf13XSrJ53JGYeS9XmTx5s3WFpVBtGB7O6J1bX9S6eyRDH
CkTwzUepogoFNKvb/0Tj4g8zqgwYDK07cVgTQw==
-----END CERTIFICATE-----
Generated at Mon Jun 9 07:02:52 2025 by rpki-client