Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/trwS0Djy3-DBvJLRM0_h1Q-jkSk.roa
File: trwS0Djy3-DBvJLRM0_h1Q-jkSk.roa (raw, json)
Hash identifier: VgMqF4LTDXrAvbh6QWvDDTArLibfx4WzHRhBxhiqQeY=
Subject key identifier: B6:BC:12:D0:38:F2:DF:E0:C1:BC:92:D1:33:4F:E1:D5:0F:A3:91:29
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0196FD7F377B687470EE929CA0C131A372C2
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/trwS0Djy3-DBvJLRM0_h1Q-jkSk.roa
Signing time: Fri 23 May 2025 14:14:54 +0000
ROA not before: Fri 23 May 2025 14:14:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20326
IP address blocks: 45.86.15.0/24 maxlen: 24
45.129.124.0/24 maxlen: 24
45.135.36.0/24 maxlen: 24
185.214.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fd:7f:37:7b:68:74:70:ee:92:9c:a0:c1:31:a3:72:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 23 14:14:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b6bc12d038f2dfe0c1bc92d1334fe1d50fa39129
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:8a:77:6e:13:43:88:90:d6:cf:4e:04:fc:0a:
fa:eb:b5:d6:35:57:6b:c2:90:af:3b:ff:a3:05:02:
88:25:be:5f:3c:42:72:1c:e0:9d:21:9c:98:84:ee:
53:a5:dc:d6:62:bf:d0:f9:f8:8b:fe:2f:a9:61:70:
4f:8b:51:49:c4:a1:bc:e1:a7:96:9c:b4:af:ec:8c:
1c:d1:79:78:35:2c:28:ca:e0:c5:8c:ab:67:40:5f:
67:f6:6c:e3:14:60:e8:35:d2:3a:3e:99:a9:e6:bd:
78:e8:20:82:a4:8d:3a:a3:0b:b6:a0:ab:d4:14:8f:
8c:06:25:c8:3f:bc:ac:f6:06:54:ef:1a:9c:66:a6:
8e:59:e4:41:e2:88:b9:3a:7f:76:d0:b3:bf:68:cc:
aa:c4:7c:07:3f:4b:0f:38:68:da:7f:03:e9:fb:17:
a8:74:f3:5e:42:e5:33:12:45:4d:32:91:d8:32:43:
2d:cc:ee:e4:ed:9d:d8:9c:a7:24:33:a7:09:e3:78:
5e:55:5c:50:c4:09:a5:f6:b3:c7:73:f8:42:17:12:
74:b4:94:79:7e:e0:a1:be:e7:6c:c8:49:cf:45:49:
36:4e:bc:83:53:9b:5a:e6:62:d8:1a:3f:ca:db:7f:
49:a4:48:82:ec:09:96:60:99:1e:78:e3:95:e7:3a:
11:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:BC:12:D0:38:F2:DF:E0:C1:BC:92:D1:33:4F:E1:D5:0F:A3:91:29
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/trwS0Djy3-DBvJLRM0_h1Q-jkSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.15.0/24
45.129.124.0/24
45.135.36.0/24
185.214.74.0/24
Signature Algorithm: sha256WithRSAEncryption
98:fa:99:51:ca:2d:90:9f:26:59:e5:70:8e:f5:a0:a1:de:c7:
c9:2f:b6:aa:be:ac:83:e1:08:e0:73:86:c1:bf:3a:7c:6b:72:
d9:b0:6c:a1:1a:0d:4c:65:a5:00:fa:57:7e:49:5f:3b:3c:26:
97:85:af:81:75:8d:f6:a3:a2:09:55:00:a6:b7:3e:91:39:9b:
ce:1c:7c:b3:66:c0:1a:0d:51:82:46:90:75:da:c9:1b:c2:da:
a2:01:85:4f:0b:6b:e2:8b:b0:6f:86:c4:ae:16:20:5b:d3:4c:
fd:d1:22:59:5e:c7:c3:b1:42:29:6c:a6:fd:2c:f6:3d:86:65:
54:9d:53:c7:98:19:48:76:b5:ed:f5:95:c8:c0:4c:21:5f:b9:
2c:d8:67:d8:b4:f3:00:3c:3a:61:bb:20:93:b7:35:85:15:3c:
4c:62:49:5b:a9:5f:3b:42:59:5d:8f:2a:ab:f2:b0:c5:be:a8:
9b:3a:5f:42:00:39:50:e1:a7:38:e8:60:7f:ba:bf:f9:41:70:
3e:be:04:b6:d9:57:00:1e:0e:3a:66:af:6b:1a:36:ac:03:33:
36:a8:5f:75:51:95:60:64:f1:15:6e:b7:a3:c8:1c:12:84:a6:
89:dc:39:64:dc:61:11:29:e9:69:7e:3e:11:ed:4c:4a:e4:e6:
03:17:c8:08
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZb9fzd7aHRw7pKcoMExo3LCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNTIzMTQxNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmJjMTJkMDM4ZjJkZmUwYzFiYzkyZDEzMzRmZTFkNTBmYTM5MTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoop3bhNDiJDWz04E/Ar667XWNVdr
wpCvO/+jBQKIJb5fPEJyHOCdIZyYhO5TpdzWYr/Q+fiL/i+pYXBPi1FJxKG84aeW
nLSv7Iwc0Xl4NSwoyuDFjKtnQF9n9mzjFGDoNdI6Ppmp5r146CCCpI06owu2oKvU
FI+MBiXIP7ys9gZU7xqcZqaOWeRB4oi5On920LO/aMyqxHwHP0sPOGjafwPp+xeo
dPNeQuUzEkVNMpHYMkMtzO7k7Z3YnKckM6cJ43heVVxQxAml9rPHc/hCFxJ0tJR5
fuChvudsyEnPRUk2TryDU5ta5mLYGj/K239JpEiC7AmWYJkeeOOV5zoR3QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLa8EtA48t/gwbyS0TNP4dUPo5EpMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvdHJ3UzBEankzLURCdkpMUk0wX2gxUS1qa1NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVYPAwQA
LYF8AwQALYckAwQAudZKMA0GCSqGSIb3DQEBCwUAA4IBAQCY+plRyi2QnyZZ5XCO
9aCh3sfJL7aqvqyD4Qjgc4bBvzp8a3LZsGyhGg1MZaUA+ld+SV87PCaXha+BdY32
o6IJVQCmtz6ROZvOHHyzZsAaDVGCRpB12skbwtqiAYVPC2vii7BvhsSuFiBb00z9
0SJZXsfDsUIpbKb9LPY9hmVUnVPHmBlIdrXt9ZXIwEwhX7ks2GfYtPMAPDphuyCT
tzWFFTxMYklbqV87Qlldjyqr8rDFvqibOl9CADlQ4ac46GB/ur/5QXA+vgS22VcA
Hg46Zq9rGjasAzM2qF91UZVgZPEVbrejyBwShKaJ3Dlk3GERKelpfj4R7UxK5OYD
F8gI
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:57:50 2025 by rpki-client