Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/D6BuuCBvS0ifXcDjT6WRsrcq70s.roa
File: D6BuuCBvS0ifXcDjT6WRsrcq70s.roa (raw, json)
Hash identifier: ptJOpDxyO/m3jrJSKBZtO8GNxAwRWnyd8IomG518yUA=
Subject key identifier: 0F:A0:6E:B8:20:6F:4B:48:9F:5D:C0:E3:4F:A5:91:B2:B7:2A:EF:4B
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01971296147297A9889C06F22C71D47E60AA
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/D6BuuCBvS0ifXcDjT6WRsrcq70s.roa
Signing time: Tue 27 May 2025 16:31:54 +0000
ROA not before: Tue 27 May 2025 16:31:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208959
IP address blocks: 45.9.118.0/24 maxlen: 24
45.12.61.0/24 maxlen: 24
45.142.28.0/24 maxlen: 24
45.152.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 13:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:12:96:14:72:97:a9:88:9c:06:f2:2c:71:d4:7e:60:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 27 16:31:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0fa06eb8206f4b489f5dc0e34fa591b2b72aef4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ec:59:84:1a:e0:d2:1a:9e:17:7e:6b:c6:02:
a5:a8:bc:4a:3f:61:18:00:03:a3:60:14:ed:f2:47:
67:3c:99:f1:c6:a4:f8:64:6e:fa:fa:14:ca:bf:30:
ac:6b:f5:7d:2d:55:3d:eb:b9:c8:63:a7:8c:d8:c5:
d7:cf:14:7a:e8:e0:9d:56:95:e8:2d:4a:87:a0:c8:
4c:38:5e:7b:d1:7a:ff:99:d7:d2:69:f2:59:23:a8:
74:59:52:31:c1:f3:ad:4e:b5:96:09:40:25:77:27:
d6:e8:73:54:6b:a6:b4:f6:7b:d3:40:66:3a:20:82:
66:43:c3:e1:a7:21:b9:ef:9d:57:44:04:d9:52:5c:
63:40:76:8c:7b:14:f2:dd:cf:86:fe:d7:82:7f:6b:
76:a7:ae:77:c7:4c:10:72:11:de:e3:a2:c7:c5:0c:
ff:fa:47:d5:b4:74:6a:d5:d4:5c:45:cc:d4:18:5c:
18:6a:be:fd:d0:c0:a3:7b:af:c8:5b:7a:0a:1e:6e:
2d:d0:1c:18:d5:41:8f:4c:64:3b:03:3e:1d:fc:bd:
09:be:48:65:7b:65:d0:05:ba:6c:35:ba:a5:12:5a:
fc:f5:84:97:ff:52:c8:d9:93:8c:69:9d:21:de:df:
5c:a5:fc:bd:35:5a:c2:c2:18:8d:d1:75:e2:01:49:
65:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:A0:6E:B8:20:6F:4B:48:9F:5D:C0:E3:4F:A5:91:B2:B7:2A:EF:4B
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/D6BuuCBvS0ifXcDjT6WRsrcq70s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.118.0/24
45.12.61.0/24
45.142.28.0/24
45.152.200.0/24
Signature Algorithm: sha256WithRSAEncryption
cd:58:d5:08:5d:d8:81:39:d4:9d:cd:43:0d:f5:e3:ee:d2:11:
70:f5:0f:7f:f9:4a:e5:65:79:d1:28:64:30:67:cd:de:76:31:
e3:f9:ec:5b:71:1d:eb:a6:f5:5c:ce:af:98:7a:43:d9:42:0e:
a0:5f:82:b8:4f:1e:83:4c:76:3a:62:b0:8d:11:1f:4e:17:a7:
af:95:74:d2:48:88:40:fc:0e:4b:50:82:de:c9:69:42:92:13:
31:5c:0a:93:00:23:4f:94:15:b6:89:3e:52:7e:98:49:c8:53:
1d:e2:d4:d4:c8:2a:ca:e5:e3:f1:f7:0e:d4:ba:2d:29:fb:54:
dd:98:0d:2b:bd:1f:5d:cc:b6:f7:c9:44:18:bd:dd:19:f4:72:
4c:ec:d5:24:63:42:4b:3d:c0:fb:de:fe:1d:b9:2e:a9:1b:59:
11:2a:eb:33:95:5a:de:86:89:4b:aa:72:d3:b3:06:ec:53:a9:
88:35:7c:d8:04:1a:99:cc:93:bf:2e:00:5b:30:88:13:0b:5c:
56:3a:30:25:c2:d7:e0:52:7e:a7:54:c9:12:3d:54:55:aa:00:
ed:e8:48:ca:f9:bb:cf:18:f6:8e:56:19:03:02:b9:3b:2d:e4:
3a:20:8b:9e:65:33:ec:5a:1a:c0:2f:cb:c4:58:6b:b9:35:ed:
6c:49:ef:7a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZcSlhRyl6mInAbyLHHUfmCqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNTI3MTYzMTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmEwNmViODIwNmY0YjQ4OWY1ZGMwZTM0ZmE1OTFiMmI3MmFlZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOxZhBrg0hqeF35rxgKlqLxKP2EY
AAOjYBTt8kdnPJnxxqT4ZG76+hTKvzCsa/V9LVU967nIY6eM2MXXzxR66OCdVpXo
LUqHoMhMOF570Xr/mdfSafJZI6h0WVIxwfOtTrWWCUAldyfW6HNUa6a09nvTQGY6
IIJmQ8PhpyG5751XRATZUlxjQHaMexTy3c+G/teCf2t2p653x0wQchHe46LHxQz/
+kfVtHRq1dRcRczUGFwYar790MCje6/IW3oKHm4t0BwY1UGPTGQ7Az4d/L0Jvkhl
e2XQBbpsNbqlElr89YSX/1LI2ZOMaZ0h3t9cpfy9NVrCwhiN0XXiAUllcQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFA+gbrggb0tIn13A40+lkbK3Ku9LMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvRDZCdXVDQnZTMGlmWGNEalQ2V1JzcmNxNzBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQl2AwQA
LQw9AwQALY4cAwQALZjIMA0GCSqGSIb3DQEBCwUAA4IBAQDNWNUIXdiBOdSdzUMN
9ePu0hFw9Q9/+UrlZXnRKGQwZ83edjHj+exbcR3rpvVczq+YekPZQg6gX4K4Tx6D
THY6YrCNER9OF6evlXTSSIhA/A5LUILeyWlCkhMxXAqTACNPlBW2iT5SfphJyFMd
4tTUyCrK5ePx9w7Uui0p+1TdmA0rvR9dzLb3yUQYvd0Z9HJM7NUkY0JLPcD73v4d
uS6pG1kRKuszlVreholLqnLTswbsU6mINXzYBBqZzJO/LgBbMIgTC1xWOjAlwtfg
Un6nVMkSPVRVqgDt6EjK+bvPGPaOVhkDArk7LeQ6IIueZTPsWhrAL8vEWGu5Ne1s
Se96
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:31:32 2025 by rpki-client