Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/a9H63KDwHNc5PBaKKH0EuKr29G8.roa
File: a9H63KDwHNc5PBaKKH0EuKr29G8.roa (raw, json)
Hash identifier: od2dSDazSL26UEnP1XhCc+FKmjLbt2dxlXJcGOJ/QIQ=
Subject key identifier: 6B:D1:FA:DC:A0:F0:1C:D7:39:3C:16:8A:28:7D:04:B8:AA:F6:F4:6F
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 01970C6CA0FADC74D88FE8E674E1F4E3A553
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/a9H63KDwHNc5PBaKKH0EuKr29G8.roa
Signing time: Mon 26 May 2025 11:48:54 +0000
ROA not before: Mon 26 May 2025 11:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199959
IP address blocks: 45.43.147.0/24 maxlen: 24
45.43.152.0/24 maxlen: 24
64.137.54.0/24 maxlen: 24
64.137.111.0/24 maxlen: 24
104.222.191.0/24 maxlen: 24
104.233.56.0/24 maxlen: 24
104.233.58.0/24 maxlen: 24
104.239.66.0/24 maxlen: 24
104.239.74.0/24 maxlen: 24
104.239.79.0/24 maxlen: 24
104.239.83.0/24 maxlen: 24
104.239.89.0/24 maxlen: 24
104.239.100.0/24 maxlen: 24
104.239.102.0/24 maxlen: 24
104.239.109.0/24 maxlen: 24
104.239.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0c:6c:a0:fa:dc:74:d8:8f:e8:e6:74:e1:f4:e3:a5:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: May 26 11:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6bd1fadca0f01cd7393c168a287d04b8aaf6f46f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:23:fd:30:50:15:67:2a:2e:bc:7a:2f:4c:e7:
43:77:a4:85:c8:cd:8f:c9:ab:92:3d:8d:e0:4b:fc:
59:50:72:8d:66:b5:4e:31:63:0c:72:45:3d:82:b5:
38:5d:0c:57:68:7f:73:2f:03:95:83:da:e2:bd:07:
21:2d:2d:c2:22:1a:2b:be:20:70:09:bf:fd:5e:0d:
06:ac:01:b1:0a:f2:8f:60:9b:e4:44:cc:87:6e:86:
a1:81:31:4e:4a:77:7f:bd:4c:a4:84:74:c1:91:a4:
e9:2f:57:3a:4e:93:91:bd:0d:79:2e:ad:05:f7:6b:
1e:8c:3c:a4:3d:3c:aa:e4:a6:61:eb:4e:36:e3:a7:
ab:8e:eb:24:58:45:a5:cb:ae:f4:bb:cc:33:91:f0:
95:98:8f:0f:bb:c4:80:d3:cd:39:c8:1b:ea:6f:5f:
b0:b3:ed:5f:af:37:8b:c3:3e:4a:9c:a0:aa:a0:55:
85:07:31:3d:b1:a6:5f:5f:8a:43:2f:84:1a:73:25:
cf:ea:24:4e:0b:e0:dc:25:a4:71:78:3a:57:e4:4f:
88:2d:c8:bf:f0:bf:ef:2f:8e:19:c4:71:0f:07:e9:
f4:d8:d9:f3:d8:97:bb:4d:9c:e5:c3:c4:9e:f3:26:
19:76:48:1a:a5:66:23:57:43:f4:15:93:43:b6:14:
5c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:D1:FA:DC:A0:F0:1C:D7:39:3C:16:8A:28:7D:04:B8:AA:F6:F4:6F
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/a9H63KDwHNc5PBaKKH0EuKr29G8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.147.0/24
45.43.152.0/24
64.137.54.0/24
64.137.111.0/24
104.222.191.0/24
104.233.56.0/24
104.233.58.0/24
104.239.66.0/24
104.239.74.0/24
104.239.79.0/24
104.239.83.0/24
104.239.89.0/24
104.239.100.0/24
104.239.102.0/24
104.239.109.0/24
104.239.127.0/24
Signature Algorithm: sha256WithRSAEncryption
75:13:97:a1:38:85:65:36:a6:18:cb:e7:05:83:8d:cf:22:a1:
4d:b3:26:09:41:31:c5:37:2c:92:72:16:31:95:db:fd:cb:ae:
ab:95:8b:c7:f8:54:3d:24:fe:a9:33:1f:5a:b0:e5:90:eb:4d:
f1:a0:40:94:d2:48:0f:8c:3e:00:f1:cb:43:17:55:01:b0:2c:
f4:02:5e:6b:1b:bc:17:6d:89:a3:ad:5c:dc:09:07:dd:35:67:
50:08:72:f1:a2:cf:37:aa:7d:84:b7:9e:37:7a:e5:62:1d:c8:
6c:dd:78:68:eb:98:ea:90:36:ad:8f:f0:39:d9:b0:33:bb:5f:
6e:71:3f:30:77:58:d9:c1:a4:f9:7f:78:3d:94:5c:ba:b4:cd:
e5:78:4f:30:42:53:7f:8e:00:23:74:5f:58:f5:eb:2c:94:cb:
21:75:f2:df:21:bc:ca:b1:c1:9c:e3:93:dc:8c:dc:63:71:dd:
6a:66:4e:91:5a:9b:9c:cb:98:e6:2e:ce:57:26:45:9d:27:d6:
dd:0b:98:a0:f3:0a:64:31:7d:35:96:b4:ed:fd:39:f9:c4:0b:
7b:14:3b:d9:c8:7b:c9:88:d9:f8:76:44:6e:7a:f3:32:14:1a:
1f:ee:cd:d3:6a:8c:44:41:01:78:19:09:5a:c7:48:a9:a0:fe:
ae:89:2d:d3
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZcMbKD63HTYj+jmdOH046VTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwNTI2MTE0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmQxZmFkY2EwZjAxY2Q3MzkzYzE2OGEyODdkMDRiOGFhZjZmNDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCP9MFAVZyouvHovTOdDd6SFyM2P
yauSPY3gS/xZUHKNZrVOMWMMckU9grU4XQxXaH9zLwOVg9rivQchLS3CIhorviBw
Cb/9Xg0GrAGxCvKPYJvkRMyHboahgTFOSnd/vUykhHTBkaTpL1c6TpORvQ15Lq0F
92sejDykPTyq5KZh604246erjuskWEWly670u8wzkfCVmI8Pu8SA0805yBvqb1+w
s+1frzeLwz5KnKCqoFWFBzE9saZfX4pDL4QacyXP6iROC+DcJaRxeDpX5E+ILci/
8L/vL44ZxHEPB+n02Nnz2Je7TZzlw8Se8yYZdkgapWYjV0P0FZNDthRc6QIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFGvR+tyg8BzXOTwWiih9BLiq9vRvMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvYTlINjNLRHdITmM1UEJhS0tIMEV1S3IyOUc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQALSuTAwQA
LSuYAwQAQIk2AwQAQIlvAwQAaN6/AwQAaOk4AwQAaOk6AwQAaO9CAwQAaO9KAwQA
aO9PAwQAaO9TAwQAaO9ZAwQAaO9kAwQAaO9mAwQAaO9tAwQAaO9/MA0GCSqGSIb3
DQEBCwUAA4IBAQB1E5ehOIVlNqYYy+cFg43PIqFNsyYJQTHFNyySchYxldv9y66r
lYvH+FQ9JP6pMx9asOWQ603xoECU0kgPjD4A8ctDF1UBsCz0Al5rG7wXbYmjrVzc
CQfdNWdQCHLxos83qn2Et543euViHchs3Xho65jqkDatj/A52bAzu19ucT8wd1jZ
waT5f3g9lFy6tM3leE8wQlN/jgAjdF9Y9esslMshdfLfIbzKscGc45PcjNxjcd1q
Zk6RWpucy5jmLs5XJkWdJ9bdC5ig8wpkMX01lrTt/Tn5xAt7FDvZyHvJiNn4dkRu
evMyFBof7s3TaoxEQQF4GQlax0ipoP6uiS3T
-----END CERTIFICATE-----
Generated at Fri Jun 6 19:44:07 2025 by rpki-client