Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/id5Fy_lzusV5iVqxrZAJr0sA6M0.roa
File: id5Fy_lzusV5iVqxrZAJr0sA6M0.roa (raw, json)
Hash identifier: ZUjEtPV1r0/cmu9QTSWZJLz+S6gSmqhFtO4J3Ll9JBQ=
Subject key identifier: 89:DE:45:CB:F9:73:BA:C5:79:89:5A:B1:AD:90:09:AF:4B:00:E8:CD
Certificate issuer: /CN=94948e5f2fa04b222a6e96883b840f7124531556
Certificate serial: 0196FC7D0965993BDD8257BD9A1E0DB5D2E1
Authority key identifier: 94:94:8E:5F:2F:A0:4B:22:2A:6E:96:88:3B:84:0F:71:24:53:15:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/id5Fy_lzusV5iVqxrZAJr0sA6M0.roa
Signing time: Fri 23 May 2025 09:32:54 +0000
ROA not before: Fri 23 May 2025 09:32:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60117
IP address blocks: 185.45.192.0/24 maxlen: 24
185.45.194.0/24 maxlen: 24
185.45.195.0/24 maxlen: 24
185.82.200.0/24 maxlen: 24
185.82.202.0/24 maxlen: 24
185.106.120.0/24 maxlen: 24
185.106.122.0/24 maxlen: 24
185.106.123.0/24 maxlen: 24
185.117.72.0/24 maxlen: 24
185.117.73.0/24 maxlen: 24
185.141.24.0/24 maxlen: 24
185.141.27.0/24 maxlen: 24
185.183.97.0/24 maxlen: 24
185.183.98.0/24 maxlen: 24
185.198.56.0/24 maxlen: 24
185.198.58.0/24 maxlen: 24
185.198.59.0/24 maxlen: 24
185.244.148.0/24 maxlen: 24
185.244.149.0/24 maxlen: 24
185.244.151.0/24 maxlen: 24
188.116.36.0/24 maxlen: 24
194.36.188.0/24 maxlen: 24
194.36.190.0/24 maxlen: 24
194.36.191.0/24 maxlen: 24
212.8.251.0/24 maxlen: 24
2a03:660::/32 maxlen: 32
2a04:dd00::/29 maxlen: 29
2a04:dd00::/32 maxlen: 32
2a04:dd01::/32 maxlen: 32
2a04:dd02::/32 maxlen: 32
2a05:9340::/29 maxlen: 29
2a05:9340::/32 maxlen: 32
2a05:9341::/32 maxlen: 32
2a05:9342::/32 maxlen: 32
2a06:3d80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/lJSOXy-gSyIqbpaIO4QPcSRTFVY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/lJSOXy-gSyIqbpaIO4QPcSRTFVY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fc:7d:09:65:99:3b:dd:82:57:bd:9a:1e:0d:b5:d2:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94948e5f2fa04b222a6e96883b840f7124531556
Validity
Not Before: May 23 09:32:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89de45cbf973bac579895ab1ad9009af4b00e8cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a8:b6:39:81:d1:2b:73:07:17:6d:c2:1b:62:
f2:ba:ae:95:5c:c4:ab:8e:47:0d:11:c8:d1:71:31:
ad:a1:11:c2:77:6d:f5:3b:7a:05:ac:68:2e:f7:63:
25:69:37:d3:bf:68:e7:cc:b1:99:8e:a2:17:3d:e3:
78:e4:e3:6a:06:b6:c2:e2:4f:bc:17:9b:14:3c:7f:
82:6e:f5:63:03:00:2e:fa:20:08:99:7c:ab:6b:0a:
11:0c:4e:e8:e5:e0:7d:ba:73:9c:4e:e9:e8:74:9e:
2b:5c:12:2a:fb:88:5f:27:17:19:1b:15:db:f2:a7:
1e:ec:42:78:62:48:68:4e:0c:b6:d0:cf:72:82:4d:
2e:85:17:c6:c8:8d:e6:a8:bf:e3:0a:03:45:27:96:
d3:b4:27:80:71:f7:f9:f1:67:de:1a:b4:87:02:24:
ae:c4:ea:df:fb:a2:93:1a:94:ed:b8:cb:f3:7f:3d:
f0:69:e2:3b:61:dc:ec:b3:fc:c8:5a:fd:31:c7:dc:
4e:58:f6:a6:1d:d5:6c:1e:aa:39:be:bd:1b:a3:f5:
3d:90:d4:b4:9d:de:3b:cb:cc:fb:de:94:33:6c:6a:
ca:b9:2b:21:9d:20:dc:20:c4:da:cd:d1:5f:a0:e4:
18:84:0c:2a:00:e4:5d:ca:81:f2:44:51:b0:e2:4d:
2d:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:DE:45:CB:F9:73:BA:C5:79:89:5A:B1:AD:90:09:AF:4B:00:E8:CD
X509v3 Authority Key Identifier:
keyid:94:94:8E:5F:2F:A0:4B:22:2A:6E:96:88:3B:84:0F:71:24:53:15:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/id5Fy_lzusV5iVqxrZAJr0sA6M0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/lJSOXy-gSyIqbpaIO4QPcSRTFVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.45.192.0/24
185.45.194.0/23
185.82.200.0/24
185.82.202.0/24
185.106.120.0/24
185.106.122.0/23
185.117.72.0/23
185.141.24.0/24
185.141.27.0/24
185.183.97.0-185.183.98.255
185.198.56.0/24
185.198.58.0/23
185.244.148.0/23
185.244.151.0/24
188.116.36.0/24
194.36.188.0/24
194.36.190.0/23
212.8.251.0/24
IPv6:
2a03:660::/32
2a04:dd00::/29
2a05:9340::/29
2a06:3d80::/29
Signature Algorithm: sha256WithRSAEncryption
3b:4f:2d:08:f4:d1:f2:08:f8:46:cf:45:5a:ef:a4:f4:7d:de:
c9:68:e3:ce:de:7f:b9:53:ac:57:5c:28:1b:e2:05:b0:a1:46:
7a:30:b0:64:94:06:5e:dc:a4:42:c0:36:db:48:4e:19:96:a5:
d3:d0:41:9e:ac:a2:74:26:0f:dd:b3:b5:44:7a:03:13:ac:58:
0e:b0:e5:9c:93:80:e5:ea:60:df:fa:d3:18:c5:45:cd:1b:2a:
66:68:19:0c:9a:78:81:8f:2f:50:35:13:9b:54:8a:90:49:e4:
68:3c:34:fb:ba:d3:60:7d:53:92:f7:5b:35:ed:60:d1:56:01:
a6:88:5a:f9:56:3a:22:94:d5:0f:2c:e1:4e:45:7f:e5:fb:b2:
80:68:60:62:6e:69:b6:4c:82:1e:39:31:b1:48:69:02:ae:36:
7b:c1:1b:fa:a0:96:9a:c9:60:23:dc:61:06:c0:75:1e:53:74:
45:b0:41:36:b3:37:21:8a:43:ad:c0:b9:ab:0f:fc:88:2f:73:
94:02:88:f6:b3:92:fe:48:4e:b3:40:9a:70:29:a2:9b:fb:3f:
81:44:1e:2f:8a:4a:e7:06:18:20:28:a8:65:41:38:fe:8f:f3:
59:1c:a1:57:af:e9:f4:9c:c0:b1:4c:5d:21:99:bd:6a:84:ef:
fc:8a:b8:03
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAZb8fQllmTvdgle9mh4NtdLhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0OTQ4ZTVmMmZhMDRiMjIyYTZlOTY4ODNiODQwZjcxMjQ1
MzE1NTYwHhcNMjUwNTIzMDkzMjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWRlNDVjYmY5NzNiYWM1Nzk4OTVhYjFhZDkwMDlhZjRiMDBlOGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6i2OYHRK3MHF23CG2Lyuq6VXMSr
jkcNEcjRcTGtoRHCd231O3oFrGgu92MlaTfTv2jnzLGZjqIXPeN45ONqBrbC4k+8
F5sUPH+CbvVjAwAu+iAImXyrawoRDE7o5eB9unOcTunodJ4rXBIq+4hfJxcZGxXb
8qce7EJ4YkhoTgy20M9ygk0uhRfGyI3mqL/jCgNFJ5bTtCeAcff58WfeGrSHAiSu
xOrf+6KTGpTtuMvzfz3waeI7Ydzss/zIWv0xx9xOWPamHdVsHqo5vr0bo/U9kNS0
nd47y8z73pQzbGrKuSshnSDcIMTazdFfoOQYhAwqAORdyoHyRFGw4k0tBwIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFIneRcv5c7rFeYlasa2QCa9LAOjNMB8GA1UdIwQY
MBaAFJSUjl8voEsiKm6WiDuED3EkUxVWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEpTT1h5LWdTeUlxYnBhSU80UVBjU1JURlZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9lYzQ4YmUtOTI1MC00ZjdjLTljODct
NjQxYjhlNjBkM2UyLzEvaWQ1RnlfbHp1c1Y1aVZxeHJaQUpyMHNBNk0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9lYzQ4YmUtOTI1MC00ZjdjLTljODctNjQxYjhlNjBkM2Uy
LzEvbEpTT1h5LWdTeUlxYnBhSU80UVBjU1JURlZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDB6BAIAATB0AwQAuS3A
AwQBuS3CAwQAuVLIAwQAuVLKAwQAuWp4AwQBuWp6AwQBuXVIAwQAuY0YAwQAuY0b
MAwDBAC5t2EDBAC5t2IDBAC5xjgDBAG5xjoDBAG59JQDBAC59JcDBAC8dCQDBADC
JLwDBAHCJL4DBADUCPswIgQCAAIwHAMFACoDBmADBQMqBN0AAwUDKgWTQAMFAyoG
PYAwDQYJKoZIhvcNAQELBQADggEBADtPLQj00fII+EbPRVrvpPR93slo487ef7lT
rFdcKBviBbChRnowsGSUBl7cpELANttIThmWpdPQQZ6sonQmD92ztUR6AxOsWA6w
5ZyTgOXqYN/60xjFRc0bKmZoGQyaeIGPL1A1E5tUipBJ5Gg8NPu602B9U5L3WzXt
YNFWAaaIWvlWOiKU1Q8s4U5Ff+X7soBoYGJuabZMgh45MbFIaQKuNnvBG/qglprJ
YCPcYQbAdR5TdEWwQTazNyGKQ63AuasP/Igvc5QCiPazkv5ITrNAmnApopv7P4FE
Hi+KSucGGCAoqGVBOP6P81kcoVev6fScwLFMXSGZvWqE7/yKuAM=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:14:00 2025 by rpki-client