Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/bl5s7yjO6wFF7H4gJsLkCPiKdRo.roa
File: bl5s7yjO6wFF7H4gJsLkCPiKdRo.roa (raw, json)
Hash identifier: y4L6igfmX/HJTya2s6qgxOKkOmPxE5RcyjkaP86hn1w=
Subject key identifier: 6E:5E:6C:EF:28:CE:EB:01:45:EC:7E:20:26:C2:E4:08:F8:8A:75:1A
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01973B38A728FFF55E10CFD455AAB8422C69
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/bl5s7yjO6wFF7H4gJsLkCPiKdRo.roa
Signing time: Wed 04 Jun 2025 13:54:17 +0000
ROA not before: Wed 04 Jun 2025 13:54:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 45.90.19.0/24 maxlen: 24
185.36.204.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.218.22.0/24 maxlen: 24
185.239.140.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
185.246.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 05:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3b:38:a7:28:ff:f5:5e:10:cf:d4:55:aa:b8:42:2c:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 4 13:54:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e5e6cef28ceeb0145ec7e2026c2e408f88a751a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:42:fb:a5:9b:79:36:ab:56:84:b5:ce:c2:6c:
75:3d:b6:7c:e2:26:42:4a:3a:35:20:5f:b0:46:d4:
d0:28:7a:20:de:29:09:d2:b8:97:c5:88:58:cb:98:
59:30:38:e1:5c:a1:76:60:dc:d9:88:80:ae:0a:12:
2d:38:2d:b2:52:57:b9:eb:a7:f7:e9:56:f1:9c:4e:
0f:44:03:64:1e:9c:8c:be:4a:70:d6:ca:ab:43:00:
6b:fe:04:04:c5:da:d4:a0:25:d1:da:b4:a0:a2:75:
c4:ef:38:d8:9b:a3:46:c0:4e:0a:3b:57:e4:87:de:
32:25:5e:0c:0e:55:b8:e3:bd:12:f5:cf:7c:fc:80:
b3:a0:44:6d:b8:dd:5c:f9:5b:91:1b:6d:78:22:2a:
6a:a8:0c:f9:f1:0c:67:39:21:30:e3:08:c1:f5:e2:
f3:fe:92:dd:71:04:ce:85:08:30:e0:5f:81:a6:22:
48:79:aa:fd:99:a3:47:7c:8d:63:20:a6:f1:88:dd:
38:17:2a:9a:24:80:fb:18:f5:e5:ff:24:79:31:21:
3b:85:f7:e3:9e:ec:78:0c:e6:16:3b:68:92:a7:06:
4b:14:da:ca:7b:72:9d:b0:cc:e4:2a:21:36:78:ac:
c1:de:e2:a1:95:77:5a:6b:0d:e0:dc:70:4b:a4:62:
92:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:5E:6C:EF:28:CE:EB:01:45:EC:7E:20:26:C2:E4:08:F8:8A:75:1A
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/bl5s7yjO6wFF7H4gJsLkCPiKdRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.19.0/24
185.36.204.0/24
185.206.248.0/24
185.218.22.0/24
185.239.140.0/24
185.240.120.0/23
185.246.115.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:76:f7:63:f1:8b:0c:5c:84:55:90:22:82:3e:81:9f:b7:6e:
35:03:ae:7a:82:22:22:78:8a:d4:e1:a7:9d:de:c9:e8:f2:09:
7c:30:41:9a:cf:ff:fd:61:37:a5:61:9e:bb:fb:c3:38:f3:58:
1f:6b:fe:2e:25:03:25:08:f6:b2:bb:a7:42:a5:dc:34:79:40:
29:d4:f9:a2:e2:38:67:e4:38:24:1a:e3:f1:b8:12:94:e6:e1:
be:5b:ed:cf:a9:e5:5b:56:8f:7a:76:31:62:07:e7:54:08:b6:
06:23:50:df:ca:06:4f:6a:e2:c8:63:2f:0a:9d:44:47:03:87:
27:c7:ad:2c:3c:45:65:c9:c8:f2:ba:27:93:4b:82:ca:3c:98:
fd:14:4c:83:11:0d:7d:b3:7d:d4:68:3c:42:54:b2:68:6a:2a:
23:bd:73:23:f8:f5:e3:76:da:f5:22:9d:b2:e8:85:61:46:ce:
12:02:e1:4d:a3:9d:d0:8f:72:a8:6b:ae:d4:66:e4:c4:d1:bb:
9a:35:0d:39:db:a0:67:17:8e:69:b9:6f:2a:ef:4b:ca:bd:28:
0a:23:73:78:34:09:b8:d2:3e:b5:75:b5:c8:46:f1:1d:9e:08:
a7:84:5a:ef:ff:c8:ab:49:71:15:c3:3f:32:4a:61:d9:7f:b6:
7b:8b:49:fb
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZc7OKco//VeEM/UVaq4QixpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwNjA0MTM1NDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTVlNmNlZjI4Y2VlYjAxNDVlYzdlMjAyNmMyZTQwOGY4OGE3NTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUL7pZt5NqtWhLXOwmx1PbZ84iZC
Sjo1IF+wRtTQKHog3ikJ0riXxYhYy5hZMDjhXKF2YNzZiICuChItOC2yUle566f3
6VbxnE4PRANkHpyMvkpw1sqrQwBr/gQExdrUoCXR2rSgonXE7zjYm6NGwE4KO1fk
h94yJV4MDlW4470S9c98/ICzoERtuN1c+VuRG214IipqqAz58QxnOSEw4wjB9eLz
/pLdcQTOhQgw4F+BpiJIear9maNHfI1jIKbxiN04FyqaJID7GPXl/yR5MSE7hffj
nux4DOYWO2iSpwZLFNrKe3KdsMzkKiE2eKzB3uKhlXdaaw3g3HBLpGKSHwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFG5ebO8ozusBRex+ICbC5Aj4inUaMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvYmw1czd5ak82d0ZGN0g0Z0pzTGtDUGlLZFJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALVoTAwQA
uSTMAwQAuc74AwQAudoWAwQAue+MAwQBufB4AwQAufZzMA0GCSqGSIb3DQEBCwUA
A4IBAQBMdvdj8YsMXIRVkCKCPoGft241A656giIieIrU4aed3sno8gl8MEGaz//9
YTelYZ67+8M481gfa/4uJQMlCPayu6dCpdw0eUAp1Pmi4jhn5DgkGuPxuBKU5uG+
W+3PqeVbVo96djFiB+dUCLYGI1DfygZPauLIYy8KnURHA4cnx60sPEVlycjyuieT
S4LKPJj9FEyDEQ19s33UaDxCVLJoaiojvXMj+PXjdtr1Ip2y6IVhRs4SAuFNo53Q
j3Koa67UZuTE0buaNQ0526BnF45puW8q70vKvSgKI3N4NAm40j61dbXIRvEdngin
hFrv/8irSXEVwz8ySmHZf7Z7i0n7
-----END CERTIFICATE-----
Generated at Sat Jun 7 10:42:37 2025 by rpki-client