Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/tVVPJt8BYRtl2dfGI34tW-1ncpU.roa
File: tVVPJt8BYRtl2dfGI34tW-1ncpU.roa (raw, json)
Hash identifier: eJCGFadx+OvG3OgK6PxfcX9iXCcThEI+1VCJ4h+/DrY=
Subject key identifier: B5:55:4F:26:DF:01:61:1B:65:D9:D7:C6:23:7E:2D:5B:ED:67:72:95
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0196D4194F092610BA7C2E3D291CF70694C7
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/tVVPJt8BYRtl2dfGI34tW-1ncpU.roa
Signing time: Thu 15 May 2025 13:19:10 +0000
ROA not before: Thu 15 May 2025 13:19:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 45.248.52.0/24 maxlen: 24
45.248.55.0/24 maxlen: 24
94.154.177.0/24 maxlen: 24
185.52.136.0/24 maxlen: 24
185.253.122.0/24 maxlen: 24
192.145.71.0/24 maxlen: 24
193.160.80.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 03:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d4:19:4f:09:26:10:ba:7c:2e:3d:29:1c:f7:06:94:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: May 15 13:19:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5554f26df01611b65d9d7c6237e2d5bed677295
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:91:42:72:7a:1d:4f:3c:50:ea:18:54:fe:2b:
12:9a:ed:fd:3c:00:5b:c4:a1:a7:97:84:0e:1e:44:
11:db:69:75:56:e4:e9:b7:93:de:20:cc:b4:09:cf:
d0:6c:be:3e:00:71:80:17:2c:4a:da:44:4e:1c:01:
60:06:e9:26:0f:4e:9d:c8:ae:55:6f:d8:db:5d:f7:
7d:a5:f4:56:fe:3a:9e:91:4e:2d:a2:1b:ba:de:9c:
00:14:8d:e8:b7:cd:ec:64:69:bf:19:55:f4:04:06:
6c:d9:90:8c:ad:c7:44:2f:a2:6d:a2:95:d4:41:8f:
66:5f:e2:a0:ea:90:81:d7:19:27:04:4b:26:75:68:
ed:6a:f4:a7:78:5e:2c:ef:e9:ba:c3:3a:22:7e:12:
59:c5:e6:34:9f:a3:a1:60:0b:ab:fb:45:25:79:71:
ba:3d:fb:ec:85:88:6b:e2:84:c6:49:ac:c1:01:e0:
a6:e1:06:9f:44:e2:93:c5:9c:51:6d:2b:bb:5a:79:
7d:a0:0c:b6:52:aa:a6:3a:c6:4b:51:16:04:d7:06:
fb:e6:a8:82:b6:88:55:0c:7a:97:f7:d3:8b:d8:81:
3b:5b:28:ac:8d:74:76:94:02:41:d6:35:58:18:61:
b2:52:35:bc:84:7e:8d:78:44:c5:05:49:e7:46:1a:
83:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:55:4F:26:DF:01:61:1B:65:D9:D7:C6:23:7E:2D:5B:ED:67:72:95
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/tVVPJt8BYRtl2dfGI34tW-1ncpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.248.52.0/24
45.248.55.0/24
94.154.177.0/24
185.52.136.0/24
185.253.122.0/24
192.145.71.0/24
193.160.80.0/22
Signature Algorithm: sha256WithRSAEncryption
94:42:dd:c5:df:31:8c:5f:60:db:9d:ae:fa:87:b1:2b:9a:e3:
10:53:22:88:43:60:e8:36:20:d3:e2:b9:cd:7c:0b:19:58:78:
bc:42:59:08:fe:30:5b:c7:cd:9a:6b:91:42:a7:30:44:1f:50:
45:e9:d8:e6:a9:d4:f2:99:58:cc:dd:4e:b7:a1:fd:e5:17:65:
ff:0d:03:e2:42:a0:0c:b3:50:e6:50:a4:79:b7:37:8e:50:68:
7a:26:09:76:b3:08:39:65:65:8e:2c:5f:55:d3:dd:a2:95:89:
a0:e5:1c:34:e0:d3:b0:9b:e3:54:b6:b8:12:69:42:f9:3a:58:
b3:de:91:d6:87:14:f3:7e:69:ac:d6:28:96:00:00:9f:39:57:
ba:f9:e9:7e:57:e4:55:4f:99:bc:58:2e:44:45:a5:cf:57:36:
2b:63:35:c3:c3:4e:45:5f:d9:4a:23:09:84:d9:09:c8:10:29:
c2:ac:a7:e2:b6:47:4e:1e:16:ef:21:68:50:b1:5f:48:da:76:
58:bf:45:47:32:31:36:4d:05:c9:95:2a:ef:f4:3b:78:58:c1:
84:9d:4f:d5:8e:ea:70:b8:e5:c0:76:9a:51:f0:64:3c:25:ac:
8b:d3:92:f5:d1:8d:66:47:f1:88:53:f5:6a:4b:e3:d4:98:82:
3d:6f:87:ce
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZbUGU8JJhC6fC49KRz3BpTHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUwNTE1MTMxOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTU1NGYyNmRmMDE2MTFiNjVkOWQ3YzYyMzdlMmQ1YmVkNjc3Mjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZFCcnodTzxQ6hhU/isSmu39PABb
xKGnl4QOHkQR22l1VuTpt5PeIMy0Cc/QbL4+AHGAFyxK2kROHAFgBukmD06dyK5V
b9jbXfd9pfRW/jqekU4tohu63pwAFI3ot83sZGm/GVX0BAZs2ZCMrcdEL6JtopXU
QY9mX+Kg6pCB1xknBEsmdWjtavSneF4s7+m6wzoifhJZxeY0n6OhYAur+0UleXG6
PfvshYhr4oTGSazBAeCm4QafROKTxZxRbSu7Wnl9oAy2UqqmOsZLURYE1wb75qiC
tohVDHqX99OL2IE7WyisjXR2lAJB1jVYGGGyUjW8hH6NeETFBUnnRhqD8QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFLVVTybfAWEbZdnXxiN+LVvtZ3KVMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvdFZWUEp0OEJZUnRsMmRmR0kzNHRXLTFuY3BVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALfg0AwQA
Lfg3AwQAXpqxAwQAuTSIAwQAuf16AwQAwJFHAwQCwaBQMA0GCSqGSIb3DQEBCwUA
A4IBAQCUQt3F3zGMX2Dbna76h7ErmuMQUyKIQ2DoNiDT4rnNfAsZWHi8QlkI/jBb
x82aa5FCpzBEH1BF6djmqdTymVjM3U63of3lF2X/DQPiQqAMs1DmUKR5tzeOUGh6
Jgl2swg5ZWWOLF9V092ilYmg5Rw04NOwm+NUtrgSaUL5Oliz3pHWhxTzfmms1iiW
AACfOVe6+el+V+RVT5m8WC5ERaXPVzYrYzXDw05FX9lKIwmE2QnIECnCrKfitkdO
HhbvIWhQsV9I2nZYv0VHMjE2TQXJlSrv9Dt4WMGEnU/VjupwuOXAdppR8GQ8JayL
05L10Y1mR/GIU/VqS+PUmII9b4fO
-----END CERTIFICATE-----
Generated at Sat Jun 7 12:38:41 2025 by rpki-client