Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/0u8R5GqDVT-upvFW26ujaR__IhA.roa
File: 0u8R5GqDVT-upvFW26ujaR__IhA.roa (raw, json)
Hash identifier: EuhU7TS9vErhaDWhpDPVP1E4eRWrnT1O09hctimv/9k=
Subject key identifier: D2:EF:11:E4:6A:83:55:3F:AE:A6:F1:56:DB:AB:A3:69:1F:FF:22:10
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0196CF4AD74AF97AF517161A8058B36E9D65
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/0u8R5GqDVT-upvFW26ujaR__IhA.roa
Signing time: Wed 14 May 2025 14:55:10 +0000
ROA not before: Wed 14 May 2025 14:55:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58061
IP address blocks: 45.88.14.0/24 maxlen: 24
45.88.15.0/24 maxlen: 24
62.192.152.0/24 maxlen: 24
77.81.182.0/24 maxlen: 24
79.110.227.0/24 maxlen: 24
85.204.18.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
89.35.129.0/24 maxlen: 24
89.37.192.0/24 maxlen: 24
89.40.36.0/24 maxlen: 24
89.40.215.0/24 maxlen: 24
89.45.35.0/24 maxlen: 24
89.47.36.0/24 maxlen: 24
93.115.107.0/24 maxlen: 24
93.118.36.0/24 maxlen: 24
93.119.154.0/24 maxlen: 24
94.198.171.0/24 maxlen: 24
128.0.41.0/24 maxlen: 24
176.223.188.0/24 maxlen: 24
185.198.233.0/24 maxlen: 24
188.241.221.0/24 maxlen: 24
193.178.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 09:42:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:cf:4a:d7:4a:f9:7a:f5:17:16:1a:80:58:b3:6e:9d:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: May 14 14:55:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d2ef11e46a83553faea6f156dbaba3691fff2210
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:43:72:94:d6:91:39:bf:ee:a1:70:80:e0:97:
29:13:4e:cb:b9:78:4d:52:ae:51:f8:2b:f8:92:58:
24:c8:9e:e1:60:71:b2:1e:8e:f0:0c:69:73:b0:68:
47:35:2f:e4:58:4d:8f:cd:cc:0f:ca:f0:30:c4:7e:
fe:55:df:e8:e5:1f:6b:79:89:97:9e:e4:3a:01:41:
53:3a:b7:dd:60:77:13:49:61:a5:44:92:60:80:56:
b8:b1:92:31:63:46:6b:f9:f1:f4:53:41:43:3b:7f:
31:f2:6b:81:9d:44:a1:c3:5d:ea:c2:bd:be:f7:72:
bc:bd:74:7d:a5:f4:4c:a3:6c:cd:39:c4:ba:30:a9:
2d:d0:e1:0f:d7:29:7c:a6:35:7a:df:8c:c1:c5:0f:
5b:39:f0:cc:49:3a:1e:ba:c9:4c:a0:dc:5b:4c:01:
72:a7:a2:cd:e8:4f:62:17:1e:d4:9c:fb:bc:19:22:
6d:42:3c:1a:e2:0e:63:2f:84:ba:84:7a:21:5d:ea:
9a:bb:2b:5e:28:b8:ac:ed:f9:41:85:43:e1:96:58:
ff:af:c1:c3:3f:12:5c:29:67:a9:cb:4a:68:a0:de:
28:49:b3:d7:ed:55:4d:11:ea:d4:74:2f:fc:00:ca:
fb:0b:bf:98:55:f6:08:87:2b:a4:21:ac:ac:e8:f7:
f0:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:EF:11:E4:6A:83:55:3F:AE:A6:F1:56:DB:AB:A3:69:1F:FF:22:10
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/0u8R5GqDVT-upvFW26ujaR__IhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.14.0/23
62.192.152.0/24
77.81.182.0/24
79.110.227.0/24
85.204.18.0/24
89.34.106.0/24
89.35.129.0/24
89.37.192.0/24
89.40.36.0/24
89.40.215.0/24
89.45.35.0/24
89.47.36.0/24
93.115.107.0/24
93.118.36.0/24
93.119.154.0/24
94.198.171.0/24
128.0.41.0/24
176.223.188.0/24
185.198.233.0/24
188.241.221.0/24
193.178.134.0/24
Signature Algorithm: sha256WithRSAEncryption
28:47:4e:83:fe:19:ae:7f:cf:74:b2:ba:ab:4e:32:ce:0f:1b:
e9:fa:cc:e2:8b:cc:a4:53:88:1b:f1:26:5e:62:0d:6c:0c:42:
cc:11:d7:06:fe:fc:34:2e:55:51:2d:29:e8:12:fa:02:4c:4f:
1c:a2:38:be:f2:9b:e7:d4:c1:c7:c6:5b:4e:31:1a:ac:ae:1f:
04:9a:db:d4:54:cf:31:59:3d:ef:f7:d7:4c:54:a4:b4:ec:7b:
ab:dc:8c:f0:7d:33:d3:0e:83:e3:c2:9f:4e:35:41:b6:eb:87:
b6:35:30:26:58:50:b7:50:1b:a0:bc:d6:b1:e9:c9:ce:b8:cb:
96:d5:71:89:c0:c7:ad:5e:9e:48:06:06:eb:f6:37:25:9c:46:
36:0c:04:d3:9d:7c:04:80:37:87:c8:f0:1d:fa:c9:6d:08:4b:
1e:11:99:e0:23:af:c1:84:82:a7:ce:87:bb:58:ed:2c:75:04:
2d:91:6a:ee:34:80:3c:44:1f:39:ca:5c:64:d8:83:8c:97:74:
f8:31:2c:91:65:c5:02:0f:cf:4d:50:da:86:5a:f0:e3:45:60:
82:a3:75:48:84:2a:f5:b3:32:46:09:45:0b:bb:fc:c4:ce:c9:
b1:24:e1:d1:18:8e:53:19:ea:d1:39:db:82:80:5e:1c:2e:73:
84:9c:61:94
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZbPStdK+Xr1FxYagFizbp1lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwNTE0MTQ1NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmVmMTFlNDZhODM1NTNmYWVhNmYxNTZkYmFiYTM2OTFmZmYyMjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUNylNaROb/uoXCA4JcpE07LuXhN
Uq5R+Cv4klgkyJ7hYHGyHo7wDGlzsGhHNS/kWE2PzcwPyvAwxH7+Vd/o5R9reYmX
nuQ6AUFTOrfdYHcTSWGlRJJggFa4sZIxY0Zr+fH0U0FDO38x8muBnUShw13qwr2+
93K8vXR9pfRMo2zNOcS6MKkt0OEP1yl8pjV634zBxQ9bOfDMSToeuslMoNxbTAFy
p6LN6E9iFx7UnPu8GSJtQjwa4g5jL4S6hHohXeqauyteKLis7flBhUPhllj/r8HD
PxJcKWepy0pooN4oSbPX7VVNEerUdC/8AMr7C7+YVfYIhyukIays6PfwvQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFNLvEeRqg1U/rqbxVturo2kf/yIQMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvMHU4UjVHcURWVC11cHZGVzI2dWphUl9fSWhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAS1Y
DgMEAD7AmAMEAE1RtgMEAE9u4wMEAFXMEgMEAFkiagMEAFkjgQMEAFklwAMEAFko
JAMEAFko1wMEAFktIwMEAFkvJAMEAF1zawMEAF12JAMEAF13mgMEAF7GqwMEAIAA
KQMEALDfvAMEALnG6QMEALzx3QMEAMGyhjANBgkqhkiG9w0BAQsFAAOCAQEAKEdO
g/4Zrn/PdLK6q04yzg8b6frM4ovMpFOIG/EmXmINbAxCzBHXBv78NC5VUS0p6BL6
AkxPHKI4vvKb59TBx8ZbTjEarK4fBJrb1FTPMVk97/fXTFSktOx7q9yM8H0z0w6D
48KfTjVBtuuHtjUwJlhQt1AboLzWsenJzrjLltVxicDHrV6eSAYG6/Y3JZxGNgwE
0518BIA3h8jwHfrJbQhLHhGZ4COvwYSCp86Hu1jtLHUELZFq7jSAPEQfOcpcZNiD
jJd0+DEskWXFAg/PTVDahlrw40VggqN1SIQq9bMyRglFC7v8xM7JsSTh0RiOUxnq
0TnbgoBeHC5zhJxhlA==
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:34:19 2025 by rpki-client