Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/f04658-fad7-423c-bb42-82fa3d260869/1/c_sMTj7v_tcLPK4ph9KiN4hyel8.roa
File: c_sMTj7v_tcLPK4ph9KiN4hyel8.roa (raw, json)
Hash identifier: WlGUEszKDgI/p0yTM/WRVaqPEPGJ8QjHZwVMfO6NE9k=
Subject key identifier: 73:FB:0C:4E:3E:EF:FE:D7:0B:3C:AE:29:87:D2:A2:37:88:72:7A:5F
Certificate issuer: /CN=220ab0d7ae01c7ba7da69d71a91472b390cd7091
Certificate serial: 01967C84F5CBC2ADB86EF336769CB5A54402
Authority key identifier: 22:0A:B0:D7:AE:01:C7:BA:7D:A6:9D:71:A9:14:72:B3:90:CD:70:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Igqw164Bx7p9pp1xqRRys5DNcJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/f04658-fad7-423c-bb42-82fa3d260869/1/c_sMTj7v_tcLPK4ph9KiN4hyel8.roa
Signing time: Mon 28 Apr 2025 13:10:10 +0000
ROA not before: Mon 28 Apr 2025 13:10:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50017
IP address blocks: 45.66.88.0/24 maxlen: 24
45.66.89.0/24 maxlen: 24
2a09:6644:2::/48 maxlen: 48
2a09:6644:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/f04658-fad7-423c-bb42-82fa3d260869/1/Igqw164Bx7p9pp1xqRRys5DNcJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/f04658-fad7-423c-bb42-82fa3d260869/1/Igqw164Bx7p9pp1xqRRys5DNcJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Igqw164Bx7p9pp1xqRRys5DNcJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Jun 2025 16:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7c:84:f5:cb:c2:ad:b8:6e:f3:36:76:9c:b5:a5:44:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=220ab0d7ae01c7ba7da69d71a91472b390cd7091
Validity
Not Before: Apr 28 13:10:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=73fb0c4e3eeffed70b3cae2987d2a23788727a5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ed:c8:bb:d9:aa:e7:59:ad:22:15:2b:67:f2:
4a:53:c8:c2:26:a5:e8:77:d9:d6:5b:68:cd:bf:eb:
e4:32:3c:b2:8d:ca:88:d1:3c:7d:8f:53:c4:ce:a1:
67:f0:82:d5:e9:33:7c:be:52:e7:23:89:76:33:71:
3f:09:5f:7f:04:29:86:ef:b4:ce:9c:fb:c7:0f:ae:
ce:6c:51:e4:42:db:a5:35:95:55:03:f9:aa:93:a9:
fe:9c:15:e7:cb:a3:8a:d4:f5:8e:3e:33:ff:7b:52:
c0:03:d2:fe:06:8e:39:5d:15:2f:cf:da:d8:f6:33:
b3:df:31:ba:90:53:08:6a:f8:64:c1:ef:48:0b:0e:
6c:df:d4:5d:b9:d4:87:ae:ef:7f:dd:02:a0:0e:43:
be:28:fd:30:88:ab:8a:d5:27:78:08:a7:99:8d:a9:
44:b5:8d:6e:84:12:b1:2f:ec:37:80:04:4a:07:e3:
d0:d2:b3:4f:3f:cf:b3:3f:4c:9a:1b:f6:76:b7:2a:
66:f0:c6:36:7b:f9:ee:be:ef:9f:8f:91:11:ec:e1:
29:6e:d6:28:b5:31:a4:eb:4b:e4:02:77:fb:1f:32:
90:69:cf:ea:00:67:f8:34:ac:ab:67:a2:72:3e:e7:
fd:cc:06:81:16:0d:98:a8:c3:6b:f6:92:73:e0:56:
4e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:FB:0C:4E:3E:EF:FE:D7:0B:3C:AE:29:87:D2:A2:37:88:72:7A:5F
X509v3 Authority Key Identifier:
keyid:22:0A:B0:D7:AE:01:C7:BA:7D:A6:9D:71:A9:14:72:B3:90:CD:70:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Igqw164Bx7p9pp1xqRRys5DNcJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/f04658-fad7-423c-bb42-82fa3d260869/1/c_sMTj7v_tcLPK4ph9KiN4hyel8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/f04658-fad7-423c-bb42-82fa3d260869/1/Igqw164Bx7p9pp1xqRRys5DNcJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.88.0/23
IPv6:
2a09:6644:2::/47
Signature Algorithm: sha256WithRSAEncryption
73:94:e8:ca:12:9c:7e:53:7a:81:f8:27:9b:df:25:31:7d:1c:
c0:63:35:cd:28:74:62:c4:ed:00:d3:38:91:91:20:d8:fd:80:
38:61:d2:6d:e3:57:1c:f6:5e:45:e8:11:4d:b3:54:18:5a:0f:
d4:0d:5f:84:9e:1e:41:6c:00:7f:9b:16:95:b6:25:76:b9:0d:
fa:bc:7e:ea:a0:08:12:0b:d7:04:1e:d5:75:85:97:39:81:c3:
eb:12:7f:e7:44:26:85:04:aa:c9:ee:fa:7d:ec:c7:3e:df:0b:
47:9a:7c:3a:98:7f:61:af:5a:ca:40:ae:5c:da:bd:65:2b:ed:
1b:4e:5e:af:03:69:1a:38:de:9c:83:7d:c1:da:a7:a7:15:e7:
31:7f:cd:5e:f0:dd:a2:59:db:6a:f7:7e:d7:a7:21:0c:e0:17:
99:c0:e5:9a:23:65:c2:f2:a1:af:a9:f5:f5:68:23:1c:f7:31:
85:2e:d1:9f:5b:36:00:f4:75:0b:4d:dc:e4:66:69:99:6d:b1:
c3:5c:2f:e3:60:01:e6:ad:12:c5:a6:7c:8f:c7:d3:2a:4c:f2:
ae:ba:14:32:ea:27:19:fb:e6:f7:c3:a7:8f:04:8d:2c:2a:6a:
9f:22:18:ec:fc:51:bf:d0:6f:94:84:8c:3f:57:fe:7c:e4:ac:
29:d0:29:49
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZZ8hPXLwq24bvM2dpy1pUQCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMGFiMGQ3YWUwMWM3YmE3ZGE2OWQ3MWE5MTQ3MmIzOTBj
ZDcwOTEwHhcNMjUwNDI4MTMxMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2ZiMGM0ZTNlZWZmZWQ3MGIzY2FlMjk4N2QyYTIzNzg4NzI3YTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiO3Iu9mq51mtIhUrZ/JKU8jCJqXo
d9nWW2jNv+vkMjyyjcqI0Tx9j1PEzqFn8ILV6TN8vlLnI4l2M3E/CV9/BCmG77TO
nPvHD67ObFHkQtulNZVVA/mqk6n+nBXny6OK1PWOPjP/e1LAA9L+Bo45XRUvz9rY
9jOz3zG6kFMIavhkwe9ICw5s39RdudSHru9/3QKgDkO+KP0wiKuK1Sd4CKeZjalE
tY1uhBKxL+w3gARKB+PQ0rNPP8+zP0yaG/Z2typm8MY2e/nuvu+fj5ER7OEpbtYo
tTGk60vkAnf7HzKQac/qAGf4NKyrZ6JyPuf9zAaBFg2YqMNr9pJz4FZOXQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHP7DE4+7/7XCzyuKYfSojeIcnpfMB8GA1UdIwQY
MBaAFCIKsNeuAce6faadcakUcrOQzXCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWdxdzE2NEJ4N3A5cHAxeHFSUnlzNUROY0pFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9mMDQ2NTgtZmFkNy00MjNjLWJiNDIt
ODJmYTNkMjYwODY5LzEvY19zTVRqN3ZfdGNMUEs0cGg5S2lONGh5ZWw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9mMDQ2NTgtZmFkNy00MjNjLWJiNDItODJmYTNkMjYwODY5
LzEvSWdxdzE2NEJ4N3A5cHAxeHFSUnlzNUROY0pFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBLUJYMA8E
AgACMAkDBwEqCWZEAAIwDQYJKoZIhvcNAQELBQADggEBAHOU6MoSnH5TeoH4J5vf
JTF9HMBjNc0odGLE7QDTOJGRINj9gDhh0m3jVxz2XkXoEU2zVBhaD9QNX4SeHkFs
AH+bFpW2JXa5Dfq8fuqgCBIL1wQe1XWFlzmBw+sSf+dEJoUEqsnu+n3sxz7fC0ea
fDqYf2GvWspArlzavWUr7RtOXq8DaRo43pyDfcHap6cV5zF/zV7w3aJZ22r3ften
IQzgF5nA5ZojZcLyoa+p9fVoIxz3MYUu0Z9bNgD0dQtN3ORmaZltscNcL+NgAeat
EsWmfI/H0ypM8q66FDLqJxn75vfDp48EjSwqap8iGOz8Ub/Qb5SEjD9X/nzkrCnQ
KUk=
-----END CERTIFICATE-----
Generated at Wed Jun 11 02:56:34 2025 by rpki-client