Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/d40773-cf2d-4198-8b3f-727ab6d07ff2/1/a3gHziW8P1fHttGC9Ex68BgcGK4.roa
File: a3gHziW8P1fHttGC9Ex68BgcGK4.roa (raw, json)
Hash identifier: 5EwUldHPQ4hQYwe5t3ER6qcsrkPeWX9lX5322mclP1s=
Subject key identifier: 6B:78:07:CE:25:BC:3F:57:C7:B6:D1:82:F4:4C:7A:F0:18:1C:18:AE
Certificate issuer: /CN=cc01833c7ee5f343ff093b6c4e6151d0e3645768
Certificate serial: 019736208C8F93BC5515E9C9F1446B582CF7
Authority key identifier: CC:01:83:3C:7E:E5:F3:43:FF:09:3B:6C:4E:61:51:D0:E3:64:57:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zAGDPH7l80P_CTtsTmFR0ONkV2g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/d40773-cf2d-4198-8b3f-727ab6d07ff2/1/a3gHziW8P1fHttGC9Ex68BgcGK4.roa
Signing time: Tue 03 Jun 2025 14:09:52 +0000
ROA not before: Tue 03 Jun 2025 14:09:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34828
IP address blocks: 45.15.22.0/24 maxlen: 24
93.95.26.0/24 maxlen: 24
185.210.92.0/24 maxlen: 24
185.210.93.0/24 maxlen: 24
185.210.94.0/24 maxlen: 24
185.210.95.0/24 maxlen: 24
2a0b:5540::/33 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/d40773-cf2d-4198-8b3f-727ab6d07ff2/1/zAGDPH7l80P_CTtsTmFR0ONkV2g.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/d40773-cf2d-4198-8b3f-727ab6d07ff2/1/zAGDPH7l80P_CTtsTmFR0ONkV2g.mft
rsync://rpki.ripe.net/repository/DEFAULT/zAGDPH7l80P_CTtsTmFR0ONkV2g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 22:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:36:20:8c:8f:93:bc:55:15:e9:c9:f1:44:6b:58:2c:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc01833c7ee5f343ff093b6c4e6151d0e3645768
Validity
Not Before: Jun 3 14:09:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b7807ce25bc3f57c7b6d182f44c7af0181c18ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:5e:50:bc:75:4a:c7:42:26:04:8d:46:da:d8:
63:cd:16:b8:fd:05:d8:a5:92:f5:0b:32:0e:46:ca:
84:44:d7:14:83:7f:1b:29:1e:a4:18:b9:a2:d0:6e:
47:77:cd:d4:66:2e:3a:dc:f7:89:7a:4c:7c:85:54:
f6:e2:a2:e3:cc:11:f1:8b:1b:3c:6f:b0:19:c5:ba:
2e:1a:96:d2:48:09:9b:df:07:24:31:99:91:b1:49:
61:d8:af:0d:d8:31:3c:81:10:7e:7f:61:36:a0:df:
88:d2:09:0b:86:55:2a:f6:85:8b:17:28:1a:88:53:
df:01:5c:89:48:13:a5:6e:78:58:bf:93:d5:7d:4c:
73:a2:d4:eb:ba:48:21:11:bc:6a:d9:45:fd:b9:ed:
82:76:e3:e1:a6:66:3f:b2:a8:57:9f:49:e1:39:d6:
03:dd:91:1c:20:5f:0d:95:fb:f3:ab:38:8f:9b:82:
a6:ba:0c:00:9e:6c:2d:aa:99:4c:74:b0:9c:6e:32:
d4:ef:40:97:2b:eb:8c:98:ad:a7:9b:9e:38:b8:dc:
1c:53:03:0e:13:14:98:13:cd:13:4f:16:13:84:da:
6e:67:82:1a:fe:e6:88:4d:bd:66:02:8c:9f:12:f1:
e1:8b:a3:0f:f7:b4:91:d9:9c:93:36:72:cb:70:a6:
43:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:78:07:CE:25:BC:3F:57:C7:B6:D1:82:F4:4C:7A:F0:18:1C:18:AE
X509v3 Authority Key Identifier:
keyid:CC:01:83:3C:7E:E5:F3:43:FF:09:3B:6C:4E:61:51:D0:E3:64:57:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zAGDPH7l80P_CTtsTmFR0ONkV2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/d40773-cf2d-4198-8b3f-727ab6d07ff2/1/a3gHziW8P1fHttGC9Ex68BgcGK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/d40773-cf2d-4198-8b3f-727ab6d07ff2/1/zAGDPH7l80P_CTtsTmFR0ONkV2g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.22.0/24
93.95.26.0/24
185.210.92.0/22
IPv6:
2a0b:5540::/33
Signature Algorithm: sha256WithRSAEncryption
ad:ac:54:51:06:37:95:dc:1a:c5:a8:bf:21:cd:6e:96:4e:de:
70:5b:c5:e4:01:3c:ac:3b:1c:f8:0f:b9:3d:86:da:88:e2:2d:
17:80:3a:79:96:04:86:2e:0a:6e:cc:64:10:d5:f7:c9:71:59:
fc:f4:0e:d2:32:49:93:a3:8f:be:54:0b:3a:d9:fa:99:06:fb:
28:6d:df:cd:58:8f:8b:62:e5:c2:b6:96:2c:1c:af:fd:19:7c:
03:ca:13:ea:0c:03:e0:0d:7d:72:7b:93:f9:ff:dd:b7:63:19:
a6:d5:66:0a:5c:94:97:d2:a8:2f:04:82:35:67:85:5f:5c:17:
f6:fc:21:a4:de:51:a6:a1:69:e7:45:89:65:e3:7e:b1:55:1a:
0b:f4:04:66:35:a7:8a:28:b0:48:d3:1a:22:1d:ac:0b:20:93:
74:11:09:2f:32:9f:8a:83:72:9c:26:ce:4a:37:65:aa:45:43:
fa:70:3c:4d:8a:da:2c:ff:6c:df:e8:14:2f:2d:87:64:0f:c4:
2e:de:e6:61:37:e0:e5:b6:ef:37:44:b2:33:ae:bb:44:d7:18:
4f:08:7f:f7:0a:d9:4a:99:b6:de:70:c7:ce:92:fb:eb:4e:2e:
0d:ca:fa:61:f1:03:cc:bc:52:59:3f:2e:50:e7:95:7a:5c:e8:
6b:06:29:06
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZc2IIyPk7xVFenJ8URrWCz3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMDE4MzNjN2VlNWYzNDNmZjA5M2I2YzRlNjE1MWQwZTM2
NDU3NjgwHhcNMjUwNjAzMTQwOTUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yjc4MDdjZTI1YmMzZjU3YzdiNmQxODJmNDRjN2FmMDE4MWMxOGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp15QvHVKx0ImBI1G2thjzRa4/QXY
pZL1CzIORsqERNcUg38bKR6kGLmi0G5Hd83UZi463PeJekx8hVT24qLjzBHxixs8
b7AZxbouGpbSSAmb3wckMZmRsUlh2K8N2DE8gRB+f2E2oN+I0gkLhlUq9oWLFyga
iFPfAVyJSBOlbnhYv5PVfUxzotTrukghEbxq2UX9ue2CduPhpmY/sqhXn0nhOdYD
3ZEcIF8NlfvzqziPm4KmugwAnmwtqplMdLCcbjLU70CXK+uMmK2nm544uNwcUwMO
ExSYE80TTxYThNpuZ4Ia/uaITb1mAoyfEvHhi6MP97SR2ZyTNnLLcKZDJwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFGt4B84lvD9Xx7bRgvRMevAYHBiuMB8GA1UdIwQY
MBaAFMwBgzx+5fND/wk7bE5hUdDjZFdoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekFHRFBIN2w4MFBfQ1R0c1RtRlIwT05rVjJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9kNDA3NzMtY2YyZC00MTk4LThiM2Yt
NzI3YWI2ZDA3ZmYyLzEvYTNnSHppVzhQMWZIdHRHQzlFeDY4QmdjR0s0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9kNDA3NzMtY2YyZC00MTk4LThiM2YtNzI3YWI2ZDA3ZmYy
LzEvekFHRFBIN2w4MFBfQ1R0c1RtRlIwT05rVjJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQALQ8WAwQA
XV8aAwQCudJcMA4EAgACMAgDBgcqC1VAADANBgkqhkiG9w0BAQsFAAOCAQEAraxU
UQY3ldwaxai/Ic1ulk7ecFvF5AE8rDsc+A+5PYbaiOItF4A6eZYEhi4KbsxkENX3
yXFZ/PQO0jJJk6OPvlQLOtn6mQb7KG3fzViPi2LlwraWLByv/Rl8A8oT6gwD4A19
cnuT+f/dt2MZptVmClyUl9KoLwSCNWeFX1wX9vwhpN5RpqFp50WJZeN+sVUaC/QE
ZjWniiiwSNMaIh2sCyCTdBEJLzKfioNynCbOSjdlqkVD+nA8TYraLP9s3+gULy2H
ZA/ELt7mYTfg5bbvN0SyM667RNcYTwh/9wrZSpm23nDHzpL7604uDcr6YfEDzLxS
WT8uUOeVelzoawYpBg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:12:43 2025 by rpki-client