Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/vsJTJNJUt5vULQK53FxCdXmG5wk.roa
File: vsJTJNJUt5vULQK53FxCdXmG5wk.roa (raw, json)
Hash identifier: Tj8gi+0DcWqm3KQnTu0KBcAKSHrMVabVRmlaSv0QlNQ=
Subject key identifier: BE:C2:53:24:D2:54:B7:9B:D4:2D:02:B9:DC:5C:42:75:79:86:E7:09
Certificate issuer: /CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Certificate serial: 0196F86A3FAB004D6DC8D8AA6CF6E6C30138
Authority key identifier: 66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/vsJTJNJUt5vULQK53FxCdXmG5wk.roa
Signing time: Thu 22 May 2025 14:33:54 +0000
ROA not before: Thu 22 May 2025 14:33:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29075
IP address blocks: 45.10.224.0/23 maxlen: 23
45.10.226.0/24 maxlen: 24
45.94.124.0/22 maxlen: 22
45.94.128.0/22 maxlen: 22
45.94.128.0/23 maxlen: 23
45.94.130.0/23 maxlen: 23
85.118.32.0/19 maxlen: 19
91.109.176.0/20 maxlen: 20
128.204.224.0/20 maxlen: 20
141.255.144.0/20 maxlen: 20
178.20.48.0/21 maxlen: 21
185.10.252.0/22 maxlen: 24
185.10.252.0/24 maxlen: 24
185.10.254.0/24 maxlen: 24
185.10.255.0/24 maxlen: 24
185.118.0.0/22 maxlen: 22
185.123.24.0/22 maxlen: 22
185.177.180.0/22 maxlen: 22
188.121.224.0/19 maxlen: 19
188.121.227.0/24 maxlen: 24
212.85.144.0/20 maxlen: 20
2a00:1b88::/32 maxlen: 32
2a02:2178::/29 maxlen: 29
2a02:2178::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 02:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f8:6a:3f:ab:00:4d:6d:c8:d8:aa:6c:f6:e6:c3:01:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Validity
Not Before: May 22 14:33:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bec25324d254b79bd42d02b9dc5c42757986e709
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b3:50:02:72:a6:c6:31:a4:93:07:0f:84:62:
39:be:73:f1:81:92:33:1b:6a:15:f5:4e:b8:a6:78:
fd:22:dc:b4:1f:de:4c:fa:cc:27:63:3e:97:c1:37:
44:1a:46:5f:24:14:19:91:b8:aa:18:81:42:d4:49:
bc:da:dd:f8:32:f9:5f:2b:4a:81:8b:2c:b8:8f:8b:
4e:bf:60:b5:cc:51:84:06:56:de:0c:e2:c8:fd:61:
09:de:5f:62:9f:f2:62:30:1e:75:b0:a9:55:c7:6c:
dc:af:bf:b5:51:80:b7:13:a4:88:3a:2b:68:65:21:
1e:71:8f:3c:ae:d6:e0:41:3e:a4:dc:18:3a:a3:78:
01:2c:bd:45:49:0f:5c:4a:72:05:9e:08:9e:cd:ed:
b6:03:1d:84:57:6a:b6:d3:cb:53:72:0a:19:85:8f:
83:a2:ae:1f:a9:eb:3f:d6:05:01:50:16:85:ec:5a:
e3:a0:17:df:00:8f:17:cd:37:0a:4b:d7:e9:ac:37:
79:47:e6:f9:2b:af:51:9c:5d:97:d5:29:5f:be:ba:
1e:60:83:6e:ae:d7:5d:54:15:3d:07:d4:d7:4c:0c:
fb:1b:f6:48:85:ad:d4:21:71:76:75:2f:61:31:8b:
fd:e5:21:75:f3:c1:85:9b:bb:4c:85:82:3a:63:e1:
0d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:C2:53:24:D2:54:B7:9B:D4:2D:02:B9:DC:5C:42:75:79:86:E7:09
X509v3 Authority Key Identifier:
keyid:66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/vsJTJNJUt5vULQK53FxCdXmG5wk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.224.0-45.10.226.255
45.94.124.0-45.94.131.255
85.118.32.0/19
91.109.176.0/20
128.204.224.0/20
141.255.144.0/20
178.20.48.0/21
185.10.252.0/22
185.118.0.0/22
185.123.24.0/22
185.177.180.0/22
188.121.224.0/19
212.85.144.0/20
IPv6:
2a00:1b88::/32
2a02:2178::/29
Signature Algorithm: sha256WithRSAEncryption
5f:72:94:2b:5c:d4:8d:a4:f7:30:93:72:b8:b4:bb:77:93:c8:
ea:c3:fb:07:6e:25:fb:51:97:95:af:b1:91:6e:41:e4:9a:5d:
8f:96:10:f5:1d:d8:18:48:9f:f2:83:81:20:e2:d3:3b:ba:92:
d9:6c:c7:bd:27:eb:bc:0c:b9:97:a6:a7:1d:e7:a3:ba:83:2e:
06:a5:3b:ec:24:41:ce:10:36:31:a3:26:40:ad:89:7c:b3:3b:
49:dc:6b:1c:6f:44:d6:a6:62:30:b6:f0:ce:9e:d9:9c:87:a2:
92:9c:9f:e6:60:a8:fc:01:44:37:1e:f5:07:12:c9:fd:1b:b7:
4c:86:1d:d3:ec:2e:43:29:bf:02:56:6a:d1:db:32:80:63:af:
80:d4:26:e5:e2:4d:2b:f4:b9:0e:1c:6e:43:dd:b8:6a:47:20:
f9:ab:9b:3c:ad:b2:95:cc:84:5a:be:97:28:41:8c:3c:a9:46:
52:5a:1e:7b:8a:fa:65:2d:03:9f:6b:2c:91:03:71:4a:5a:a4:
3f:a7:92:2a:9e:a8:3b:ae:8b:2b:88:ad:b7:b2:97:9b:99:65:
63:b5:40:ee:3e:b7:17:28:55:d6:66:f8:9d:8c:f2:3e:51:15:
e0:8b:65:db:f9:ff:86:33:27:00:2e:5c:a3:71:c4:f1:0c:d8:
5f:37:f0:91
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAZb4aj+rAE1tyNiqbPbmwwE4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGUxZDlkY2RiMjVjMWU1MzJjNWM5YjY5ZGZhNzU3ZTMw
NjIxMGUwHhcNMjUwNTIyMTQzMzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWMyNTMyNGQyNTRiNzliZDQyZDAyYjlkYzVjNDI3NTc5ODZlNzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7NQAnKmxjGkkwcPhGI5vnPxgZIz
G2oV9U64pnj9Ity0H95M+swnYz6XwTdEGkZfJBQZkbiqGIFC1Em82t34MvlfK0qB
iyy4j4tOv2C1zFGEBlbeDOLI/WEJ3l9in/JiMB51sKlVx2zcr7+1UYC3E6SIOito
ZSEecY88rtbgQT6k3Bg6o3gBLL1FSQ9cSnIFngieze22Ax2EV2q208tTcgoZhY+D
oq4fqes/1gUBUBaF7FrjoBffAI8XzTcKS9fprDd5R+b5K69RnF2X1SlfvroeYINu
rtddVBU9B9TXTAz7G/ZIha3UIXF2dS9hMYv95SF188GFm7tMhYI6Y+ENxQIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFL7CUyTSVLeb1C0CudxcQnV5hucJMB8GA1UdIwQY
MBaAFGbeHZ3NslweUyxcm2nfp1fjBiEOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYt
NDA0Nzk4NzA5NzZlLzEvdnNKVEpOSlV0NXZVTFFLNTNGeENkWG1HNXdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYtNDA0Nzk4NzA5NzZl
LzEvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwZAQCAAEwXjAMAwQFLQrg
AwQALQriMAwDBAItXnwDBAItXoADBAVVdiADBARbbbADBASAzOADBASN/5ADBAOy
FDADBAK5CvwDBAK5dgADBAK5exgDBAK5sbQDBAW8eeADBATUVZAwFAQCAAIwDgMF
ACoAG4gDBQMqAiF4MA0GCSqGSIb3DQEBCwUAA4IBAQBfcpQrXNSNpPcwk3K4tLt3
k8jqw/sHbiX7UZeVr7GRbkHkml2PlhD1HdgYSJ/yg4Eg4tM7upLZbMe9J+u8DLmX
pqcd56O6gy4GpTvsJEHOEDYxoyZArYl8sztJ3Gscb0TWpmIwtvDOntmch6KSnJ/m
YKj8AUQ3HvUHEsn9G7dMhh3T7C5DKb8CVmrR2zKAY6+A1Cbl4k0r9LkOHG5D3bhq
RyD5q5s8rbKVzIRavpcoQYw8qUZSWh57ivplLQOfayyRA3FKWqQ/p5Iqnqg7rosr
iK23spebmWVjtUDuPrcXKFXWZvidjPI+URXgi2Xb+f+GMycALlyjccTxDNhfN/CR
-----END CERTIFICATE-----
Generated at Sun Jun 8 11:34:43 2025 by rpki-client