Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/cjQzMFxVd-iqEhVM-o1DNZllV_0.roa
File: cjQzMFxVd-iqEhVM-o1DNZllV_0.roa (raw, json)
Hash identifier: 85nOtiPI0UFXyc2nAprk9yS+5gMOcb9EUZheWPhZTEk=
Subject key identifier: 72:34:33:30:5C:55:77:E8:AA:12:15:4C:FA:8D:43:35:99:65:57:FD
Certificate issuer: /CN=aedaeea9117a1d5ccc320222955a09faa0798fd9
Certificate serial: 0197322F1D945C3D8A708C226AB22EDFE5AB
Authority key identifier: AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/cjQzMFxVd-iqEhVM-o1DNZllV_0.roa
Signing time: Mon 02 Jun 2025 19:47:17 +0000
ROA not before: Mon 02 Jun 2025 19:47:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1828
IP address blocks: 45.15.192.0/22 maxlen: 22
45.15.192.0/24 maxlen: 24
45.15.193.0/24 maxlen: 24
45.15.194.0/24 maxlen: 24
45.15.195.0/24 maxlen: 24
45.133.80.0/22 maxlen: 22
45.133.80.0/24 maxlen: 24
45.133.81.0/24 maxlen: 24
45.133.82.0/24 maxlen: 24
95.172.66.0/23 maxlen: 23
95.172.68.0/22 maxlen: 22
185.92.120.0/24 maxlen: 24
185.92.121.0/24 maxlen: 24
185.92.122.0/24 maxlen: 24
185.92.123.0/24 maxlen: 24
185.175.12.0/24 maxlen: 24
185.175.13.0/24 maxlen: 24
2a02:b50:8000::/34 maxlen: 34
2a05:f240::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/rtruqRF6HVzMMgIilVoJ-qB5j9k.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/rtruqRF6HVzMMgIilVoJ-qB5j9k.mft
rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 10:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:32:2f:1d:94:5c:3d:8a:70:8c:22:6a:b2:2e:df:e5:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aedaeea9117a1d5ccc320222955a09faa0798fd9
Validity
Not Before: Jun 2 19:47:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=723433305c5577e8aa12154cfa8d4335996557fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:f7:b5:f9:ca:77:0f:26:69:f8:67:d9:7a:1a:
5d:db:ff:a8:f8:46:1c:f4:cc:be:c9:b1:97:90:06:
e1:e7:0a:be:93:84:e4:a6:4d:2b:b0:1c:50:55:d3:
62:be:c4:c0:94:a6:b0:e2:c3:db:5f:64:8e:4c:2e:
e7:a2:22:79:29:51:f4:ba:e1:85:65:04:07:95:77:
af:18:ca:8d:49:40:00:a9:a4:7f:63:3c:6d:6f:c7:
ab:a6:53:4e:4c:fe:f9:c0:e6:c9:77:f7:b0:11:71:
f8:12:e2:a9:ba:07:a6:71:e0:5f:74:a5:d3:53:53:
cb:a9:24:a2:28:cb:65:a3:2c:65:10:78:31:e3:c7:
4f:96:0c:ba:ae:99:4c:0a:db:1c:cc:b6:2f:37:5a:
a3:4c:92:30:01:86:49:9d:1c:5a:d2:0f:0f:23:5d:
35:d8:d0:98:63:64:51:1a:b0:f2:9c:9e:08:dc:49:
52:1f:4f:56:18:1b:c9:15:fb:53:d5:33:39:05:27:
4c:9b:67:48:bd:d4:84:54:32:e6:4a:7d:93:a1:2a:
a5:b5:db:63:8f:b4:28:9c:5f:c1:69:40:b9:1b:0b:
8e:94:1d:2f:f4:db:e6:3a:14:75:b0:e3:b6:41:b9:
3e:3d:e9:fb:5d:2f:7e:99:c0:9e:92:95:82:02:a7:
ad:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:34:33:30:5C:55:77:E8:AA:12:15:4C:FA:8D:43:35:99:65:57:FD
X509v3 Authority Key Identifier:
keyid:AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/cjQzMFxVd-iqEhVM-o1DNZllV_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/rtruqRF6HVzMMgIilVoJ-qB5j9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.192.0/22
45.133.80.0/22
95.172.66.0-95.172.71.255
185.92.120.0/22
185.175.12.0/23
IPv6:
2a02:b50:8000::/34
2a05:f240::/29
Signature Algorithm: sha256WithRSAEncryption
8c:16:72:d4:d3:2d:fb:14:68:4f:f8:c7:bd:cc:1d:77:f8:87:
c9:a8:16:34:89:45:c2:ed:4e:de:d6:43:ec:69:cf:e1:aa:af:
2a:ef:60:70:0c:44:22:b6:4a:b7:1d:81:ca:ca:39:2a:7e:83:
1f:6c:67:29:e5:2e:bf:3c:b7:9d:8e:30:41:72:33:c3:69:5b:
eb:4e:f7:ab:48:e1:24:67:4f:70:2c:30:95:7c:ed:66:64:71:
9d:bf:29:3d:17:e9:55:22:31:cd:58:6c:72:7e:ea:93:28:0b:
15:5a:a6:b9:09:67:9f:ad:2e:c7:d7:9f:66:a7:bd:ec:e1:92:
b9:7a:4a:f7:a9:ba:6a:3f:0a:eb:1c:56:c4:f8:9d:66:46:2b:
d4:6d:b6:d3:13:0f:df:a9:8c:2f:0c:dc:a1:b1:a5:77:56:38:
d6:6a:c0:b1:a9:96:4b:94:37:2f:90:38:97:fb:a0:63:c1:8e:
3e:7b:7f:5d:83:f3:80:f5:a0:95:a7:6b:00:1e:79:3c:a7:24:
cb:08:ff:da:72:8d:c2:0e:17:42:80:17:83:db:b5:d3:d6:3c:
a4:95:9d:01:ad:ec:d6:ba:33:98:1b:0f:a1:21:b2:9c:31:0f:
d2:fd:d1:29:62:36:a0:c0:e5:e1:b0:23:9b:2a:49:ab:13:3b:
b8:0a:36:43
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAZcyLx2UXD2KcIwiarIu3+WrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZGFlZWE5MTE3YTFkNWNjYzMyMDIyMjk1NWEwOWZhYTA3
OThmZDkwHhcNMjUwNjAyMTk0NzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjM0MzMzMDVjNTU3N2U4YWExMjE1NGNmYThkNDMzNTk5NjU1N2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ve1+cp3DyZp+GfZehpd2/+o+EYc
9My+ybGXkAbh5wq+k4Tkpk0rsBxQVdNivsTAlKaw4sPbX2SOTC7noiJ5KVH0uuGF
ZQQHlXevGMqNSUAAqaR/Yzxtb8erplNOTP75wObJd/ewEXH4EuKpugemceBfdKXT
U1PLqSSiKMtloyxlEHgx48dPlgy6rplMCtsczLYvN1qjTJIwAYZJnRxa0g8PI101
2NCYY2RRGrDynJ4I3ElSH09WGBvJFftT1TM5BSdMm2dIvdSEVDLmSn2ToSqltdtj
j7QonF/BaUC5GwuOlB0v9NvmOhR1sOO2Qbk+Pen7XS9+mcCekpWCAqetgwIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFHI0MzBcVXfoqhIVTPqNQzWZZVf9MB8GA1UdIwQY
MBaAFK7a7qkReh1czDICIpVaCfqgeY/ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnRydXFSRjZIVnpNTWdJaWxWb0otcUI1ajlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hMTNiMDEtNDE1My00ZWE1LWJmMjEt
OTk4NjhjNTEzMjlhLzEvY2pRek1GeFZkLWlxRWhWTS1vMUROWmxsVl8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hMTNiMDEtNDE1My00ZWE1LWJmMjEtOTk4NjhjNTEzMjlh
LzEvcnRydXFSRjZIVnpNTWdJaWxWb0otcUI1ajlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAsBAIAATAmAwQCLQ/AAwQC
LYVQMAwDBAFfrEIDBANfrEADBAK5XHgDBAG5rwwwFQQCAAIwDwMGBioCC1CAAwUD
KgXyQDANBgkqhkiG9w0BAQsFAAOCAQEAjBZy1NMt+xRoT/jHvcwdd/iHyagWNIlF
wu1O3tZD7GnP4aqvKu9gcAxEIrZKtx2Byso5Kn6DH2xnKeUuvzy3nY4wQXIzw2lb
6073q0jhJGdPcCwwlXztZmRxnb8pPRfpVSIxzVhscn7qkygLFVqmuQlnn60ux9ef
Zqe97OGSuXpK96m6aj8K6xxWxPidZkYr1G220xMP36mMLwzcobGld1Y41mrAsamW
S5Q3L5A4l/ugY8GOPnt/XYPzgPWgladrAB55PKckywj/2nKNwg4XQoAXg9u109Y8
pJWdAa3s1rozmBsPoSGynDEP0v3RKWI2oMDl4bAjmypJqxM7uAo2Qw==
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:13:54 2025 by rpki-client