Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/PTnNClWHp1d--BUxbWLDjKFgR4k.roa
File: PTnNClWHp1d--BUxbWLDjKFgR4k.roa (raw, json)
Hash identifier: Yk+rKEpa0bWVY6yPPIw9uodRmdnQbnqYhCRKjGuB+uA=
Subject key identifier: 3D:39:CD:0A:55:87:A7:57:7E:F8:15:31:6D:62:C3:8C:A1:60:47:89
Certificate issuer: /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial: 0196AB1B8819F7EA4F34F4D60C8682E2AEF4
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/PTnNClWHp1d--BUxbWLDjKFgR4k.roa
Signing time: Wed 07 May 2025 14:17:10 +0000
ROA not before: Wed 07 May 2025 14:17:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214790
IP address blocks: 5.181.201.0/24 maxlen: 24
45.12.28.0/24 maxlen: 24
45.85.117.0/24 maxlen: 24
45.155.120.0/24 maxlen: 24
45.155.121.0/24 maxlen: 24
45.158.81.0/24 maxlen: 24
89.22.192.0/23 maxlen: 24
185.36.140.0/23 maxlen: 24
185.36.142.0/23 maxlen: 24
185.225.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 17:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ab:1b:88:19:f7:ea:4f:34:f4:d6:0c:86:82:e2:ae:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Validity
Not Before: May 7 14:17:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d39cd0a5587a7577ef815316d62c38ca1604789
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f1:37:5a:56:15:2c:57:69:91:fc:6b:a5:6a:
2e:37:0e:56:65:1c:14:8d:2b:0c:35:98:61:33:44:
bf:38:10:d1:64:3d:09:cd:e1:37:8c:ff:49:83:03:
41:bc:38:d5:84:b3:95:76:44:12:77:17:c6:75:fe:
47:c3:92:cc:3b:20:39:c1:5e:28:99:7b:73:57:24:
2a:aa:3c:8e:a4:7e:59:99:0c:89:01:ab:55:60:f2:
e6:8e:2a:ff:01:a0:06:0d:a0:77:ae:46:b0:36:bb:
1c:d9:fb:e7:34:a3:3a:75:a0:17:7d:43:2b:b7:cc:
a0:44:df:80:36:60:d1:74:20:1d:6f:cd:d7:6b:02:
2f:4b:8f:4b:3e:f7:a8:e9:0d:5d:f8:59:27:85:91:
e3:51:21:df:d5:f2:ac:54:75:ec:3e:88:da:76:5d:
f6:d1:2c:63:2a:14:2c:ce:63:c1:dd:c8:98:bb:3f:
05:2e:5b:dd:33:f7:f0:3e:1b:07:7f:25:c6:ab:93:
52:59:0a:d1:60:a9:af:e4:3c:db:17:3f:ff:b9:23:
0e:a6:da:c0:60:8d:f5:1c:9d:69:57:41:e6:41:0b:
9e:7e:df:63:0f:f5:d3:4d:69:54:a1:41:db:4e:69:
2b:5b:48:62:db:22:db:7d:dc:cf:a6:c7:d8:31:ed:
bd:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:39:CD:0A:55:87:A7:57:7E:F8:15:31:6D:62:C3:8C:A1:60:47:89
X509v3 Authority Key Identifier:
keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/PTnNClWHp1d--BUxbWLDjKFgR4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.201.0/24
45.12.28.0/24
45.85.117.0/24
45.155.120.0/23
45.158.81.0/24
89.22.192.0/23
185.36.140.0/22
185.225.205.0/24
Signature Algorithm: sha256WithRSAEncryption
10:e6:9e:b2:b2:7e:3c:d0:98:6a:d5:12:c7:3e:75:57:7f:7f:
29:91:c6:63:ac:62:6b:23:70:19:09:e1:0c:85:32:b4:35:7c:
4b:70:d6:38:31:4c:ef:12:cb:09:f6:04:52:07:04:6b:6b:4a:
dc:5a:16:0f:aa:66:9c:01:d3:d7:55:01:a7:78:4e:95:b3:df:
a5:e4:a2:06:9e:53:6f:66:d0:09:59:f6:bb:8d:57:6f:c5:ad:
4b:df:ee:19:71:a5:bf:e2:02:55:e1:cd:80:84:ba:fc:db:37:
3f:39:16:c0:3f:16:6f:b7:f9:44:d6:28:b5:de:90:b6:13:84:
33:a4:91:63:ec:43:61:62:e7:7e:d6:a2:d0:62:99:83:41:7f:
25:b8:e9:fb:3a:68:46:c9:f9:8f:04:31:9b:e2:9b:e4:55:e3:
94:c0:5d:60:22:47:40:8b:7b:60:be:6b:ba:39:e0:64:e7:0f:
4f:5a:e0:cc:67:d0:df:2b:be:3f:bf:c8:33:3a:13:59:60:f3:
df:6a:49:6a:1a:3e:ca:bd:d8:a8:2e:89:1c:63:e8:0b:72:b8:
27:64:78:af:aa:cf:f5:29:82:b6:13:51:cf:9a:31:8f:21:8d:
fc:29:f6:61:3f:17:55:1b:58:99:e0:2e:dd:5c:93:28:41:ab:
e7:05:92:fa
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZarG4gZ9+pPNPTWDIaC4q70MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy
NTFkYWQwHhcNMjUwNTA3MTQxNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDM5Y2QwYTU1ODdhNzU3N2VmODE1MzE2ZDYyYzM4Y2ExNjA0Nzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PE3WlYVLFdpkfxrpWouNw5WZRwU
jSsMNZhhM0S/OBDRZD0JzeE3jP9JgwNBvDjVhLOVdkQSdxfGdf5Hw5LMOyA5wV4o
mXtzVyQqqjyOpH5ZmQyJAatVYPLmjir/AaAGDaB3rkawNrsc2fvnNKM6daAXfUMr
t8ygRN+ANmDRdCAdb83XawIvS49LPveo6Q1d+FknhZHjUSHf1fKsVHXsPojadl32
0SxjKhQszmPB3ciYuz8FLlvdM/fwPhsHfyXGq5NSWQrRYKmv5DzbFz//uSMOptrA
YI31HJ1pV0HmQQueft9jD/XTTWlUoUHbTmkrW0hi2yLbfdzPpsfYMe29RQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFD05zQpVh6dXfvgVMW1iw4yhYEeJMB8GA1UdIwQY
MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt
YjdjNTc4Yjc0ZTM1LzEvUFRuTkNsV0hwMWQtLUJVeGJXTERqS0ZnUjRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1
LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQABbXJAwQA
LQwcAwQALVV1AwQBLZt4AwQALZ5RAwQBWRbAAwQCuSSMAwQAueHNMA0GCSqGSIb3
DQEBCwUAA4IBAQAQ5p6ysn480Jhq1RLHPnVXf38pkcZjrGJrI3AZCeEMhTK0NXxL
cNY4MUzvEssJ9gRSBwRra0rcWhYPqmacAdPXVQGneE6Vs9+l5KIGnlNvZtAJWfa7
jVdvxa1L3+4ZcaW/4gJV4c2AhLr82zc/ORbAPxZvt/lE1ii13pC2E4QzpJFj7ENh
Yud+1qLQYpmDQX8luOn7OmhGyfmPBDGb4pvkVeOUwF1gIkdAi3tgvmu6OeBk5w9P
WuDMZ9DfK74/v8gzOhNZYPPfaklqGj7KvdioLokcY+gLcrgnZHivqs/1KYK2E1HP
mjGPIY38KfZhPxdVG1iZ4C7dXJMoQavnBZL6
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:03:43 2025 by rpki-client