Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/FRXpMM1QH5vqvihTd8xwJyQTguY.roa
File: FRXpMM1QH5vqvihTd8xwJyQTguY.roa (raw, json)
Hash identifier: QnRSzxnn72mLZyOxAX1iMUFWm0igalSQ24SUtq1V/bc=
Subject key identifier: 15:15:E9:30:CD:50:1F:9B:EA:BE:28:53:77:CC:70:27:24:13:82:E6
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019744EEC347328902C1B63739427A7A9339
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/FRXpMM1QH5vqvihTd8xwJyQTguY.roa
Signing time: Fri 06 Jun 2025 11:09:47 +0000
ROA not before: Fri 06 Jun 2025 11:09:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205090
IP address blocks: 45.9.73.0/24 maxlen: 24
45.9.75.0/24 maxlen: 24
45.89.65.0/24 maxlen: 24
45.90.216.0/24 maxlen: 24
45.90.217.0/24 maxlen: 24
45.90.218.0/24 maxlen: 24
45.90.219.0/24 maxlen: 24
45.95.202.0/24 maxlen: 24
45.95.203.0/24 maxlen: 24
45.132.255.0/24 maxlen: 24
84.252.73.0/24 maxlen: 24
84.252.74.0/24 maxlen: 24
84.252.75.0/24 maxlen: 24
85.209.2.0/24 maxlen: 24
185.102.139.0/24 maxlen: 24
185.103.109.0/24 maxlen: 24
185.104.251.0/24 maxlen: 24
185.112.101.0/24 maxlen: 24
185.112.102.0/24 maxlen: 24
185.112.103.0/24 maxlen: 24
185.128.105.0/24 maxlen: 24
185.128.106.0/24 maxlen: 24
185.128.107.0/24 maxlen: 24
185.217.198.0/24 maxlen: 24
185.217.199.0/24 maxlen: 24
185.221.162.0/24 maxlen: 24
185.232.169.0/24 maxlen: 24
185.233.83.0/24 maxlen: 24
185.233.200.0/24 maxlen: 24
193.162.143.0/24 maxlen: 24
193.168.227.0/24 maxlen: 24
2a09:5302::/32 maxlen: 32
2a09:5302:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 20:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:44:ee:c3:47:32:89:02:c1:b6:37:39:42:7a:7a:93:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jun 6 11:09:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1515e930cd501f9beabe285377cc7027241382e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:fb:c1:d7:3f:d9:07:59:13:df:d0:cf:bc:9f:
8e:24:22:cd:b0:b3:bf:13:23:68:b6:2b:c9:69:19:
8f:4f:65:59:46:cc:1b:38:ad:f3:53:49:c1:9f:4c:
25:2b:53:cd:86:17:3d:7a:44:e2:d2:2f:03:d1:61:
b2:fa:f6:25:69:49:29:a6:7a:9d:50:7f:9a:05:a9:
07:7f:1a:c1:92:20:85:17:ac:45:28:7f:97:ad:3a:
6e:60:10:bb:ff:43:7a:02:35:79:2e:39:59:e9:13:
ac:54:b8:26:3c:60:e0:79:81:77:19:cb:ea:48:95:
e6:fa:77:18:02:af:72:47:76:93:28:f4:64:26:c3:
97:03:c8:65:80:39:8e:f7:2b:e1:c7:4c:4e:5e:ef:
b7:f1:3d:b9:85:62:98:3c:8d:73:98:78:5f:88:12:
ba:cd:dc:1a:bb:1d:4a:74:d5:6f:77:cb:86:28:37:
5d:25:cb:6c:ee:16:fa:1b:28:49:df:62:38:ea:36:
0e:16:3f:75:21:29:7c:e0:ff:8f:3e:1a:23:0f:5b:
78:a5:81:53:ea:1f:2a:f4:8f:64:cd:43:1a:8a:9a:
5a:bb:7a:6c:34:d8:68:9f:da:5d:b7:f2:65:df:a2:
ff:a9:e5:f7:20:5f:dc:69:b7:dd:d5:e4:b6:e4:fd:
f6:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:15:E9:30:CD:50:1F:9B:EA:BE:28:53:77:CC:70:27:24:13:82:E6
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/FRXpMM1QH5vqvihTd8xwJyQTguY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.73.0/24
45.9.75.0/24
45.89.65.0/24
45.90.216.0/22
45.95.202.0/23
45.132.255.0/24
84.252.73.0-84.252.75.255
85.209.2.0/24
185.102.139.0/24
185.103.109.0/24
185.104.251.0/24
185.112.101.0-185.112.103.255
185.128.105.0-185.128.107.255
185.217.198.0/23
185.221.162.0/24
185.232.169.0/24
185.233.83.0/24
185.233.200.0/24
193.162.143.0/24
193.168.227.0/24
IPv6:
2a09:5302::/32
Signature Algorithm: sha256WithRSAEncryption
14:b1:e4:6e:5d:42:97:c1:21:04:70:4c:ef:14:bf:4e:37:a7:
24:e6:77:d7:41:43:85:13:e4:9a:80:51:d5:cf:0d:24:d6:85:
49:c9:a7:d2:74:bb:56:a1:74:da:1f:8c:3a:e0:42:2a:6a:65:
85:79:c5:53:9b:6f:13:99:fc:aa:3d:30:e1:6b:b2:43:ee:b4:
f0:8e:24:79:5e:77:30:9b:4c:aa:1b:c0:d4:14:bb:9c:f3:b8:
a5:57:69:4a:2d:28:f7:bd:f7:0b:50:69:bf:ac:d1:06:38:65:
74:eb:36:e9:d1:d9:8c:85:56:92:4b:8c:22:25:5f:c5:55:c6:
5c:83:77:7b:45:5c:c6:9b:e1:b4:be:2f:7c:e3:5d:65:7a:0a:
61:46:d2:a7:02:e3:cd:6d:a0:be:0a:2d:59:6b:56:a2:d5:c0:
59:49:90:51:3b:4e:d9:c0:d6:cc:7d:1e:db:80:4c:2d:dc:1d:
72:07:e7:86:cb:9b:71:20:dd:3f:20:01:ec:10:d1:3e:6c:8f:
d1:1a:74:c8:c0:28:d0:71:32:d6:36:b1:e4:d9:1f:30:07:fd:
83:4c:1b:31:e9:ba:d8:14:d8:37:b0:e2:c0:f2:a7:af:86:17:
b6:bd:ec:b6:af:4d:51:43:04:18:5a:c9:4d:37:c3:1f:6c:94:
85:f1:10:f7
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgISAZdE7sNHMokCwbY3OUJ6epM5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwNjA2MTEwOTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTE1ZTkzMGNkNTAxZjliZWFiZTI4NTM3N2NjNzAyNzI0MTM4MmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfvB1z/ZB1kT39DPvJ+OJCLNsLO/
EyNotivJaRmPT2VZRswbOK3zU0nBn0wlK1PNhhc9ekTi0i8D0WGy+vYlaUkppnqd
UH+aBakHfxrBkiCFF6xFKH+XrTpuYBC7/0N6AjV5LjlZ6ROsVLgmPGDgeYF3Gcvq
SJXm+ncYAq9yR3aTKPRkJsOXA8hlgDmO9yvhx0xOXu+38T25hWKYPI1zmHhfiBK6
zdwaux1KdNVvd8uGKDddJcts7hb6GyhJ32I46jYOFj91ISl84P+PPhojD1t4pYFT
6h8q9I9kzUMaippau3psNNhon9pdt/Jl36L/qeX3IF/cabfd1eS25P32sQIDAQAB
o4ICpzCCAqMwHQYDVR0OBBYEFBUV6TDNUB+b6r4oU3fMcCckE4LmMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvRlJYcE1NMVFINXZxdmloVGQ4eHdKeVFUZ3VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG8BggrBgEFBQcBBwEB/wSBrDCBqTCBlwQCAAEwgZADBAAt
CUkDBAAtCUsDBAAtWUEDBAItWtgDBAEtX8oDBAAthP8wDAMEAFT8SQMEAlT8SAME
AFXRAgMEALlmiwMEALlnbQMEALlo+zAMAwQAuXBlAwQDuXBgMAwDBAC5gGkDBAK5
gGgDBAG52cYDBAC53aIDBAC56KkDBAC56VMDBAC56cgDBADBoo8DBADBqOMwDQQC
AAIwBwMFACoJUwIwDQYJKoZIhvcNAQELBQADggEBABSx5G5dQpfBIQRwTO8Uv043
pyTmd9dBQ4UT5JqAUdXPDSTWhUnJp9J0u1ahdNofjDrgQipqZYV5xVObbxOZ/Ko9
MOFrskPutPCOJHledzCbTKobwNQUu5zzuKVXaUotKPe99wtQab+s0QY4ZXTrNunR
2YyFVpJLjCIlX8VVxlyDd3tFXMab4bS+L3zjXWV6CmFG0qcC481toL4KLVlrVqLV
wFlJkFE7TtnA1sx9HtuATC3cHXIH54bLm3Eg3T8gAewQ0T5sj9EadMjAKNBxMtY2
seTZHzAH/YNMGzHputgU2Dew4sDyp6+GF7a97LavTVFDBBhayU03wx9slIXxEPc=
-----END CERTIFICATE-----
Generated at Sat Jun 7 03:40:35 2025 by rpki-client