Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/Sx4GrZjuWgu9iofcfquhW4vyGIs.roa
File: Sx4GrZjuWgu9iofcfquhW4vyGIs.roa (raw, json)
Hash identifier: Klrfo3hpXP5vl7y24egIgTTHUAXo1XLHGZTsrjfNBg8=
Subject key identifier: 4B:1E:06:AD:98:EE:5A:0B:BD:8A:87:DC:7E:AB:A1:5B:8B:F2:18:8B
Certificate issuer: /CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Certificate serial: 01971E47222952600EDD0DE9951410981D1A
Authority key identifier: 94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/Sx4GrZjuWgu9iofcfquhW4vyGIs.roa
Signing time: Thu 29 May 2025 23:01:07 +0000
ROA not before: Thu 29 May 2025 23:01:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62005
IP address blocks: 45.86.228.0/24 maxlen: 24
45.86.229.0/24 maxlen: 24
45.86.231.0/24 maxlen: 24
45.129.199.0/24 maxlen: 24
45.143.166.0/23 maxlen: 23
62.106.66.0/24 maxlen: 24
77.72.85.0/24 maxlen: 24
91.211.27.0/24 maxlen: 24
91.235.234.0/24 maxlen: 24
91.242.241.0/24 maxlen: 24
146.19.143.0/24 maxlen: 24
146.19.254.0/24 maxlen: 24
176.124.32.0/24 maxlen: 24
176.124.33.0/24 maxlen: 24
185.39.18.0/24 maxlen: 24
185.123.53.0/24 maxlen: 24
193.104.75.0/24 maxlen: 24
193.109.120.0/24 maxlen: 24
193.200.16.0/24 maxlen: 24
193.200.17.0/24 maxlen: 24
194.26.141.0/24 maxlen: 24
194.61.120.0/24 maxlen: 24
194.61.121.0/24 maxlen: 24
195.54.160.0/24 maxlen: 24
212.46.38.0/24 maxlen: 24
213.109.147.0/24 maxlen: 24
213.109.192.0/24 maxlen: 24
2a10:1fc0:1::/48 maxlen: 48
2a10:1fc0:2::/48 maxlen: 48
2a10:1fc0:3::/48 maxlen: 48
2a10:1fc0:4::/48 maxlen: 48
2a10:1fc0:5::/48 maxlen: 48
2a10:1fc0:6::/48 maxlen: 48
2a10:1fc0:8::/48 maxlen: 48
2a10:1fc0:9::/48 maxlen: 48
2a10:1fc0:b::/48 maxlen: 48
2a10:1fc0:c::/48 maxlen: 48
2a10:1fc0:d::/48 maxlen: 48
2a10:1fc0:e::/48 maxlen: 48
2a10:1fc0:f::/48 maxlen: 48
2a10:1fc0:10::/48 maxlen: 48
2a10:1fc0:11::/48 maxlen: 48
2a10:1fc0:12::/48 maxlen: 48
2a10:1fc0:13::/48 maxlen: 48
2a10:1fc0:14::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 21:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:1e:47:22:29:52:60:0e:dd:0d:e9:95:14:10:98:1d:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Validity
Not Before: May 29 23:01:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b1e06ad98ee5a0bbd8a87dc7eaba15b8bf2188b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:af:e0:e7:98:ab:f7:53:db:0e:5b:79:47:41:
e5:3c:d0:b9:26:a0:12:d3:4f:a2:22:cd:d3:6e:8a:
b1:89:84:3d:09:e5:6e:cc:bb:11:47:47:1b:95:4c:
0c:db:a2:4f:5e:fe:11:c5:7e:ac:6d:20:b1:a3:c4:
13:20:f5:a1:94:2b:da:0a:18:a9:4c:16:1e:94:95:
93:88:96:a0:01:b3:c4:03:32:00:a4:51:5b:e7:4c:
ac:e0:7d:14:5b:c7:58:04:66:3d:61:11:49:32:32:
cc:cd:dd:f6:6b:a9:15:74:a6:ee:fd:8a:07:e7:e4:
23:3f:0d:18:7a:2d:ab:cd:f8:12:25:23:83:fe:83:
f1:21:9f:25:93:0b:05:6f:5c:3e:32:03:92:52:a8:
77:62:5e:f2:4c:09:b1:76:06:60:e4:cf:51:ba:84:
31:b6:8a:d7:7f:d2:5b:6d:13:58:6f:3b:59:ff:93:
b2:0d:04:1e:81:7f:d4:8b:c3:64:c5:ed:f5:ad:89:
b7:98:4a:fa:bd:4e:8b:24:36:1b:61:0f:b7:a2:95:
8a:a8:34:93:70:0c:c3:b2:ed:c2:7a:82:db:1b:74:
cc:3a:b3:3b:9d:a7:9e:ff:ad:5c:9e:17:3f:c4:89:
4e:40:aa:04:b1:5e:de:f6:c7:db:37:aa:48:ae:ae:
ce:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:1E:06:AD:98:EE:5A:0B:BD:8A:87:DC:7E:AB:A1:5B:8B:F2:18:8B
X509v3 Authority Key Identifier:
keyid:94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/Sx4GrZjuWgu9iofcfquhW4vyGIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.228.0/23
45.86.231.0/24
45.129.199.0/24
45.143.166.0/23
62.106.66.0/24
77.72.85.0/24
91.211.27.0/24
91.235.234.0/24
91.242.241.0/24
146.19.143.0/24
146.19.254.0/24
176.124.32.0/23
185.39.18.0/24
185.123.53.0/24
193.104.75.0/24
193.109.120.0/24
193.200.16.0/23
194.26.141.0/24
194.61.120.0/23
195.54.160.0/24
212.46.38.0/24
213.109.147.0/24
213.109.192.0/24
IPv6:
2a10:1fc0:1::-2a10:1fc0:6:ffff:ffff:ffff:ffff:ffff
2a10:1fc0:8::/47
2a10:1fc0:b::-2a10:1fc0:14:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
56:14:3c:fc:c0:7e:d4:77:38:6c:e2:25:86:ef:ed:76:9f:19:
7e:f7:79:d3:a3:f2:81:82:ab:a1:15:12:e0:b8:6c:4f:78:81:
25:91:7a:89:61:3c:a0:35:1f:02:0a:69:f0:5a:2f:c3:3d:21:
66:dd:aa:27:59:8d:33:61:2c:d0:5b:27:15:bd:77:9e:f5:d8:
92:a0:1f:a5:0a:78:a2:8a:74:0c:1f:7a:89:d0:1c:d9:f9:00:
20:7e:8b:08:47:f1:2d:b5:07:53:8e:ee:a0:0c:2f:97:27:6f:
dd:6e:ae:e5:2c:e8:9c:47:26:02:4b:12:11:99:3b:78:31:5d:
1d:db:32:6a:30:9b:ec:9d:cc:5e:6e:be:96:65:76:8b:1a:37:
91:6f:a1:90:73:2c:97:8a:be:68:ed:e7:6b:d2:5b:3b:8f:78:
c8:ab:f9:6f:bc:11:62:07:3f:c7:1e:99:a4:9e:d0:09:a5:2a:
b8:54:f0:c4:8e:c5:a6:c2:39:10:dd:fb:48:70:a3:f9:03:f2:
5c:4b:34:73:d2:30:53:5a:b3:04:10:0f:8c:1a:ec:66:3e:af:
f7:b1:e3:1b:3b:de:2b:df:54:98:a1:15:40:14:a8:9b:60:dd:
fd:d7:41:7a:b9:d2:72:e5:25:61:cf:46:fd:51:1d:bd:57:8c:
d7:e0:7a:b8
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgISAZceRyIpUmAO3Q3plRQQmB0aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzMyMGQwMzA5MzAxNzhlNmY3Y2VlZjkxZDJhYjg3ODRk
M2RjMTYwHhcNMjUwNTI5MjMwMTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjFlMDZhZDk4ZWU1YTBiYmQ4YTg3ZGM3ZWFiYTE1YjhiZjIxODhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2q/g55ir91PbDlt5R0HlPNC5JqAS
00+iIs3TboqxiYQ9CeVuzLsRR0cblUwM26JPXv4RxX6sbSCxo8QTIPWhlCvaChip
TBYelJWTiJagAbPEAzIApFFb50ys4H0UW8dYBGY9YRFJMjLMzd32a6kVdKbu/YoH
5+QjPw0Yei2rzfgSJSOD/oPxIZ8lkwsFb1w+MgOSUqh3Yl7yTAmxdgZg5M9RuoQx
torXf9JbbRNYbztZ/5OyDQQegX/Ui8Nkxe31rYm3mEr6vU6LJDYbYQ+3opWKqDST
cAzDsu3CeoLbG3TMOrM7naee/61cnhc/xIlOQKoEsV7e9sfbN6pIrq7OVQIDAQAB
o4ICyzCCAscwHQYDVR0OBBYEFEseBq2Y7loLvYqH3H6roVuL8hiLMB8GA1UdIwQY
MBaAFJRzINAwkwF45vfO75HSq4eE09wWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEt
OGFjNGEyMTkzOGI0LzEvU3g0R3JaanVXZ3U5aW9mY2ZxdWhXNHZ5R0lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEtOGFjNGEyMTkzOGI0
LzEvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHgBggrBgEFBQcBBwEB/wSB0DCBzTCBkQQCAAEwgYoDBAEt
VuQDBAAtVucDBAAtgccDBAEtj6YDBAA+akIDBABNSFUDBABb0xsDBABb6+oDBABb
8vEDBACSE48DBACSE/4DBAGwfCADBAC5JxIDBAC5ezUDBADBaEsDBADBbXgDBAHB
yBADBADCGo0DBAHCPXgDBADDNqADBADULiYDBADVbZMDBADVbcAwNwQCAAIwMTAS
AwcAKhAfwAABAwcAKhAfwAAGAwcBKhAfwAAIMBIDBwAqEB/AAAsDBwAqEB/AABQw
DQYJKoZIhvcNAQELBQADggEBAFYUPPzAftR3OGziJYbv7XafGX73edOj8oGCq6EV
EuC4bE94gSWReolhPKA1HwIKafBaL8M9IWbdqidZjTNhLNBbJxW9d5712JKgH6UK
eKKKdAwfeonQHNn5ACB+iwhH8S21B1OO7qAML5cnb91uruUs6JxHJgJLEhGZO3gx
XR3bMmowm+ydzF5uvpZldosaN5FvoZBzLJeKvmjt52vSWzuPeMir+W+8EWIHP8ce
maSe0AmlKrhU8MSOxabCORDd+0hwo/kD8lxLNHPSMFNaswQQD4wa7GY+r/ex4xs7
3ivfVJihFUAUqJtg3f3XQXq50nLlJWHPRv1RHb1XjNfgerg=
-----END CERTIFICATE-----
Generated at Fri Jun 6 07:07:44 2025 by rpki-client