Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/IfdUdkM_5ScEBaPG7l3GiRIWFuU.roa
File: IfdUdkM_5ScEBaPG7l3GiRIWFuU.roa (raw, json)
Hash identifier: R1YS3LmUUMRjG9wj9Vs3Bys5gjm8WufD0RLPEG4kcAw=
Subject key identifier: 21:F7:54:76:43:3F:E5:27:04:05:A3:C6:EE:5D:C6:89:12:16:16:E5
Certificate issuer: /CN=36c3c4565743ae57bd2aea9a363c2b3c3e250f72
Certificate serial: 01968CB58E4226ECC2F069FD5FE4321162B4
Authority key identifier: 36:C3:C4:56:57:43:AE:57:BD:2A:EA:9A:36:3C:2B:3C:3E:25:0F:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsPEVldDrle9KuqaNjwrPD4lD3I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/IfdUdkM_5ScEBaPG7l3GiRIWFuU.roa
Signing time: Thu 01 May 2025 16:37:10 +0000
ROA not before: Thu 01 May 2025 16:37:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203059
IP address blocks: 45.91.120.0/24 maxlen: 24
45.95.211.0/24 maxlen: 24
91.218.77.0/24 maxlen: 24
109.202.224.0/23 maxlen: 24
134.255.242.0/24 maxlen: 24
178.16.230.0/23 maxlen: 24
185.53.33.0/24 maxlen: 24
185.231.228.0/22 maxlen: 24
185.234.101.0/24 maxlen: 24
185.253.62.0/23 maxlen: 24
194.156.132.0/23 maxlen: 24
194.156.150.0/23 maxlen: 24
2a13:5080::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/NsPEVldDrle9KuqaNjwrPD4lD3I.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/NsPEVldDrle9KuqaNjwrPD4lD3I.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsPEVldDrle9KuqaNjwrPD4lD3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8c:b5:8e:42:26:ec:c2:f0:69:fd:5f:e4:32:11:62:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c3c4565743ae57bd2aea9a363c2b3c3e250f72
Validity
Not Before: May 1 16:37:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=21f75476433fe5270405a3c6ee5dc689121616e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:19:c2:4b:b8:b3:79:45:fb:20:d5:c8:22:96:
c0:ec:05:45:0b:ea:8e:74:c2:d2:71:d3:e2:31:d3:
4e:54:02:bd:08:d4:4a:0d:f9:f0:c1:59:80:ce:c7:
11:61:dc:d9:df:0d:16:85:52:13:52:fd:56:a0:70:
20:97:a1:8f:5f:93:50:3f:85:3d:60:f5:56:72:e1:
a6:63:66:b4:9a:18:f9:86:ba:aa:48:2e:56:8e:fb:
3f:d3:c6:5b:ab:6b:bb:c1:a2:b6:ad:3a:5a:c6:a2:
86:17:86:4c:bc:7f:e9:41:c7:a2:bd:d8:10:9c:e8:
08:21:07:11:6b:74:88:d3:01:4f:68:58:df:a5:01:
db:a2:2b:23:57:b8:bd:0f:ff:cb:db:bb:10:a0:b4:
fa:c0:ef:a1:a2:8a:bd:55:19:cd:20:22:0f:c2:4b:
b3:0a:09:8d:61:e4:c1:2d:37:a3:23:3f:7b:82:8d:
ef:0b:b6:22:c4:0e:0a:5c:25:20:bb:76:90:0d:e6:
e9:3c:d8:93:0d:f6:86:cd:41:d9:7d:81:56:97:f8:
1f:c0:ff:99:be:d7:43:3e:4d:66:36:6d:6f:ea:23:
c6:08:57:b9:52:64:58:d7:a0:17:c1:e4:66:bf:32:
a4:07:1f:6a:34:00:1d:3b:d8:c0:75:27:31:74:7c:
92:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:F7:54:76:43:3F:E5:27:04:05:A3:C6:EE:5D:C6:89:12:16:16:E5
X509v3 Authority Key Identifier:
keyid:36:C3:C4:56:57:43:AE:57:BD:2A:EA:9A:36:3C:2B:3C:3E:25:0F:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsPEVldDrle9KuqaNjwrPD4lD3I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/IfdUdkM_5ScEBaPG7l3GiRIWFuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/NsPEVldDrle9KuqaNjwrPD4lD3I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.120.0/24
45.95.211.0/24
91.218.77.0/24
109.202.224.0/23
134.255.242.0/24
178.16.230.0/23
185.53.33.0/24
185.231.228.0/22
185.234.101.0/24
185.253.62.0/23
194.156.132.0/23
194.156.150.0/23
IPv6:
2a13:5080::/29
Signature Algorithm: sha256WithRSAEncryption
14:df:17:83:e2:3e:47:15:0e:1f:59:38:fc:21:27:32:1f:1f:
ad:02:81:f5:40:8e:dd:3c:e4:7a:08:ff:58:8f:01:d8:79:1a:
04:d4:bf:3e:9c:34:fc:c6:f2:3c:e0:40:8c:99:a4:85:b2:b5:
5e:53:c2:53:71:ac:f3:6e:60:5d:47:39:6e:e0:e1:2e:66:d3:
d7:45:4e:4f:77:0b:84:ee:d9:15:68:b0:53:56:06:2b:46:21:
4a:5a:42:a0:82:6a:05:a6:f7:45:ef:b8:4b:77:10:7e:c8:51:
08:03:e0:fc:f5:a0:45:84:32:dc:8e:64:11:30:07:ab:c4:7f:
16:ad:66:5e:47:3e:45:39:f0:4e:14:4a:f7:ef:71:8d:4e:61:
93:58:71:e9:19:69:65:34:45:8e:dc:01:3a:a6:12:f3:80:cb:
4a:4a:e3:95:60:e6:90:30:af:83:f7:93:fa:30:12:1d:15:4a:
4a:25:3f:cc:84:ea:de:64:5f:39:85:a9:3d:db:ed:41:c8:ef:
6e:d3:95:a0:9c:5f:a4:a4:6c:1d:96:6a:8a:2c:c7:4a:37:92:
d5:7e:a3:44:10:05:5a:b4:e2:80:7f:7e:2a:46:c6:60:93:61:
e8:6e:bd:f6:56:ff:a0:4c:2b:af:58:49:bf:1a:83:88:81:fe:
0f:bb:fc:df
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZaMtY5CJuzC8Gn9X+QyEWK0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzNjNDU2NTc0M2FlNTdiZDJhZWE5YTM2M2MyYjNjM2Uy
NTBmNzIwHhcNMjUwNTAxMTYzNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWY3NTQ3NjQzM2ZlNTI3MDQwNWEzYzZlZTVkYzY4OTEyMTYxNmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhnCS7izeUX7INXIIpbA7AVFC+qO
dMLScdPiMdNOVAK9CNRKDfnwwVmAzscRYdzZ3w0WhVITUv1WoHAgl6GPX5NQP4U9
YPVWcuGmY2a0mhj5hrqqSC5Wjvs/08Zbq2u7waK2rTpaxqKGF4ZMvH/pQceivdgQ
nOgIIQcRa3SI0wFPaFjfpQHboisjV7i9D//L27sQoLT6wO+hooq9VRnNICIPwkuz
CgmNYeTBLTejIz97go3vC7YixA4KXCUgu3aQDebpPNiTDfaGzUHZfYFWl/gfwP+Z
vtdDPk1mNm1v6iPGCFe5UmRY16AXweRmvzKkBx9qNAAdO9jAdScxdHySGQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFCH3VHZDP+UnBAWjxu5dxokSFhblMB8GA1UdIwQY
MBaAFDbDxFZXQ65XvSrqmjY8Kzw+JQ9yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNQRVZsZERybGU5S3VxYU5qd3JQRDRsRDNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8wMTYxNTYtMDkzZS00MDViLTliMmQt
YTU3NDlkMjM0NmU3LzEvSWZkVWRrTV81U2NFQmFQRzdsM0dpUklXRnVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8wMTYxNTYtMDkzZS00MDViLTliMmQtYTU3NDlkMjM0NmU3
LzEvTnNQRVZsZERybGU5S3VxYU5qd3JQRDRsRDNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQALVt4AwQA
LV/TAwQAW9pNAwQBbcrgAwQAhv/yAwQBshDmAwQAuTUhAwQCuefkAwQAueplAwQB
uf0+AwQBwpyEAwQBwpyWMA0EAgACMAcDBQMqE1CAMA0GCSqGSIb3DQEBCwUAA4IB
AQAU3xeD4j5HFQ4fWTj8IScyHx+tAoH1QI7dPOR6CP9YjwHYeRoE1L8+nDT8xvI8
4ECMmaSFsrVeU8JTcazzbmBdRzlu4OEuZtPXRU5PdwuE7tkVaLBTVgYrRiFKWkKg
gmoFpvdF77hLdxB+yFEIA+D89aBFhDLcjmQRMAerxH8WrWZeRz5FOfBOFEr373GN
TmGTWHHpGWllNEWO3AE6phLzgMtKSuOVYOaQMK+D95P6MBIdFUpKJT/MhOreZF85
hak92+1ByO9u05WgnF+kpGwdlmqKLMdKN5LVfqNEEAVatOKAf34qRsZgk2Hobr32
Vv+gTCuvWEm/GoOIgf4Pu/zf
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:13:27 2025 by rpki-client