Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/NmyquLJX6GlnvGrGn6VjdrkSTBQ.roa
File: NmyquLJX6GlnvGrGn6VjdrkSTBQ.roa (raw, json)
Hash identifier: 0DjzvsYZrn7Mt4RZDiBNaWfIEcZ5nLW9RxS1pIlCaZ0=
Subject key identifier: 36:6C:AA:B8:B2:57:E8:69:67:BC:6A:C6:9F:A5:63:76:B9:12:4C:14
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 019883F7031752102638C56CA2E74A323154
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/NmyquLJX6GlnvGrGn6VjdrkSTBQ.roa
Signing time: Thu 07 Aug 2025 09:57:40 +0000
ROA not before: Thu 07 Aug 2025 09:57:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199959
IP address blocks: 45.43.147.0/24 maxlen: 24
45.43.152.0/24 maxlen: 24
64.137.54.0/24 maxlen: 24
64.137.111.0/24 maxlen: 24
104.233.56.0/24 maxlen: 24
104.233.58.0/24 maxlen: 24
104.239.66.0/24 maxlen: 24
104.239.74.0/24 maxlen: 24
104.239.79.0/24 maxlen: 24
104.239.83.0/24 maxlen: 24
104.239.89.0/24 maxlen: 24
104.239.100.0/24 maxlen: 24
104.239.102.0/24 maxlen: 24
104.239.109.0/24 maxlen: 24
104.239.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 23:01:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:83:f7:03:17:52:10:26:38:c5:6c:a2:e7:4a:32:31:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Aug 7 09:57:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=366caab8b257e86967bc6ac69fa56376b9124c14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:1b:8c:86:90:84:40:4d:ea:d6:a8:92:7c:2f:
6e:92:ee:05:3b:8b:71:5e:19:16:d2:0b:fe:26:5b:
e4:4f:c1:77:cf:ef:98:7d:e0:84:af:56:c1:2b:ad:
f3:ef:51:12:0f:14:a3:35:9d:d4:f0:54:c5:96:9b:
71:8c:34:c7:95:c1:d6:77:07:90:f2:09:64:d9:86:
90:5a:7a:10:4a:13:8e:ba:86:7f:40:d2:11:7f:04:
14:8d:9d:e0:ea:54:74:6b:9b:5e:b5:d9:76:c4:79:
06:28:40:fc:1d:bf:d0:31:cf:e7:39:98:c3:dc:b0:
55:ce:e2:eb:b2:fc:c6:37:ef:8d:fd:01:5f:c4:83:
07:87:8e:a9:ca:0c:c1:56:87:97:e8:52:96:61:c5:
2b:3d:a9:e3:0d:66:2a:fc:a7:19:42:44:06:cd:26:
6e:bd:62:b8:d5:82:cb:40:16:58:70:2a:fd:4c:be:
08:2e:fa:f6:ef:f4:f0:77:b5:e2:67:ff:2a:97:50:
bd:91:81:bd:31:f4:31:54:13:7c:03:85:f0:14:9d:
70:53:05:37:88:9e:be:10:20:cb:f8:a4:7c:37:17:
bb:b1:96:09:90:c7:3b:18:ae:d5:4b:0c:d2:9e:fd:
d2:16:4c:1d:02:fa:a4:84:06:c9:3f:b2:93:d1:c2:
4e:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:6C:AA:B8:B2:57:E8:69:67:BC:6A:C6:9F:A5:63:76:B9:12:4C:14
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/NmyquLJX6GlnvGrGn6VjdrkSTBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.147.0/24
45.43.152.0/24
64.137.54.0/24
64.137.111.0/24
104.233.56.0/24
104.233.58.0/24
104.239.66.0/24
104.239.74.0/24
104.239.79.0/24
104.239.83.0/24
104.239.89.0/24
104.239.100.0/24
104.239.102.0/24
104.239.109.0/24
104.239.127.0/24
Signature Algorithm: sha256WithRSAEncryption
50:b0:01:11:0d:c2:03:8c:f5:1f:f6:b6:a6:9f:2e:fd:ef:17:
21:44:47:92:b4:ee:2a:40:4c:45:af:f7:a5:a1:74:cb:2e:e4:
22:f2:cc:33:d5:b2:21:5e:b6:f5:70:68:c8:bc:77:79:c4:ae:
1e:aa:ae:8b:86:ee:fa:43:28:b0:c7:a0:45:88:d9:cd:84:fd:
24:d6:1d:7f:80:3a:47:68:7e:e7:2e:38:ef:a4:1c:78:ce:d5:
2d:de:82:ce:2d:24:70:8b:70:09:ab:3b:20:ec:5f:11:2c:ca:
fb:dc:c4:ae:39:9b:c7:b7:18:a4:38:8e:dc:1e:2f:e8:e1:ea:
62:3b:2b:2e:d1:9b:83:76:c0:34:45:c1:18:d2:5e:2c:3f:31:
c3:2c:6b:a0:99:7c:da:fe:4e:31:ca:12:04:87:e9:3d:66:0f:
10:08:a1:d8:56:87:dd:5e:7c:b6:e1:ea:c1:05:4f:f3:16:89:
2d:79:f7:f9:e6:6e:e4:38:4e:c3:73:4d:51:73:20:56:72:31:
03:07:07:5d:8c:a6:7c:22:4f:3c:53:4b:65:13:31:4d:da:9e:
c2:54:01:c4:45:d7:7a:6d:d4:82:b5:11:45:84:fd:2d:81:f2:
60:b6:72:81:6d:06:7c:a8:cd:fd:96:85:d7:7f:f7:0b:cf:b6:
ed:85:17:af
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZiD9wMXUhAmOMVsoudKMjFUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwODA3MDk1NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjZjYWFiOGIyNTdlODY5NjdiYzZhYzY5ZmE1NjM3NmI5MTI0YzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3RuMhpCEQE3q1qiSfC9uku4FO4tx
XhkW0gv+JlvkT8F3z++YfeCEr1bBK63z71ESDxSjNZ3U8FTFlptxjDTHlcHWdweQ
8glk2YaQWnoQShOOuoZ/QNIRfwQUjZ3g6lR0a5tetdl2xHkGKED8Hb/QMc/nOZjD
3LBVzuLrsvzGN++N/QFfxIMHh46pygzBVoeX6FKWYcUrPanjDWYq/KcZQkQGzSZu
vWK41YLLQBZYcCr9TL4ILvr27/Twd7XiZ/8ql1C9kYG9MfQxVBN8A4XwFJ1wUwU3
iJ6+ECDL+KR8Nxe7sZYJkMc7GK7VSwzSnv3SFkwdAvqkhAbJP7KT0cJO9wIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFDZsqriyV+hpZ7xqxp+lY3a5EkwUMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvTm15cXVMSlg2R2xudkdyR242VmpkcmtTVEJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQALSuTAwQA
LSuYAwQAQIk2AwQAQIlvAwQAaOk4AwQAaOk6AwQAaO9CAwQAaO9KAwQAaO9PAwQA
aO9TAwQAaO9ZAwQAaO9kAwQAaO9mAwQAaO9tAwQAaO9/MA0GCSqGSIb3DQEBCwUA
A4IBAQBQsAERDcIDjPUf9ramny797xchREeStO4qQExFr/eloXTLLuQi8swz1bIh
Xrb1cGjIvHd5xK4eqq6Lhu76Qyiwx6BFiNnNhP0k1h1/gDpHaH7nLjjvpBx4ztUt
3oLOLSRwi3AJqzsg7F8RLMr73MSuOZvHtxikOI7cHi/o4epiOysu0ZuDdsA0RcEY
0l4sPzHDLGugmXza/k4xyhIEh+k9Zg8QCKHYVofdXny24erBBU/zFokteff55m7k
OE7Dc01RcyBWcjEDBwddjKZ8Ik88U0tlEzFN2p7CVAHERdd6bdSCtRFFhP0tgfJg
tnKBbQZ8qM39loXXf/cLz7bthRev
-----END CERTIFICATE-----
Generated at Thu Aug 21 07:01:59 2025 by rpki-client