Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/9oS0jaYRAp1UlaAoufudaZyKsss.roa
File: 9oS0jaYRAp1UlaAoufudaZyKsss.roa (raw, json)
Hash identifier: TS2+TkZcpla9ECe61VpwcR8HgXzY93XCst6+EDAR6PI=
Subject key identifier: F6:84:B4:8D:A6:11:02:9D:54:95:A0:28:B9:FB:9D:69:9C:8A:B2:CB
Certificate issuer: /CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Certificate serial: 019744B7D50191BF2741D0D3ACBE08957C86
Authority key identifier: 26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/9oS0jaYRAp1UlaAoufudaZyKsss.roa
Signing time: Fri 06 Jun 2025 10:09:47 +0000
ROA not before: Fri 06 Jun 2025 10:09:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56971
IP address blocks: 45.156.22.0/24 maxlen: 32
45.156.23.0/24 maxlen: 32
45.156.24.0/24 maxlen: 32
45.156.25.0/24 maxlen: 32
45.156.27.0/24 maxlen: 32
178.255.222.0/24 maxlen: 32
185.92.180.0/24 maxlen: 32
185.92.181.0/24 maxlen: 32
185.92.182.0/24 maxlen: 32
185.92.183.0/24 maxlen: 32
193.176.153.0/24 maxlen: 32
193.176.158.0/24 maxlen: 32
193.176.179.0/24 maxlen: 32
193.176.190.0/24 maxlen: 32
194.36.170.0/24 maxlen: 32
194.36.171.0/24 maxlen: 32
194.36.209.0/24 maxlen: 32
194.113.245.0/24 maxlen: 32
194.116.214.0/24 maxlen: 32
194.116.215.0/24 maxlen: 32
194.116.216.0/23 maxlen: 23
194.116.216.0/24 maxlen: 32
194.116.217.0/24 maxlen: 32
194.120.24.0/24 maxlen: 32
194.120.116.0/24 maxlen: 32
213.232.204.0/24 maxlen: 32
2a13:7c00::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.mft
rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 16:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:44:b7:d5:01:91:bf:27:41:d0:d3:ac:be:08:95:7c:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Validity
Not Before: Jun 6 10:09:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f684b48da611029d5495a028b9fb9d699c8ab2cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:41:98:f0:27:dd:6d:56:a3:62:31:86:86:82:
82:cf:97:1c:f2:9b:6b:ae:3f:fe:44:9b:f7:cd:a7:
0e:ae:68:cc:17:29:e9:b9:93:95:a6:a2:29:91:16:
83:ff:4a:89:90:74:7e:66:63:95:66:3f:c0:62:3f:
37:17:b6:5e:d5:52:36:ef:e1:05:44:33:2f:e7:aa:
ee:b8:e6:41:37:fc:4f:3c:3b:81:11:7b:c6:f7:7c:
32:ff:a1:ef:16:c3:7b:50:e7:e8:db:3e:c9:d0:8c:
13:53:db:26:a3:91:49:f4:f1:74:43:93:36:f3:36:
7d:e8:26:8c:b8:d8:43:7d:b1:55:ca:78:fe:f5:24:
ae:a3:ea:e4:f1:e7:bb:d9:87:90:4b:11:74:bf:b2:
0a:f0:55:1e:cb:1a:72:5c:a5:cf:21:a6:b7:76:ef:
8d:75:0e:39:fd:85:44:59:15:3f:e0:d9:c8:b6:16:
66:c3:63:4b:74:46:61:76:00:4f:a0:0a:51:01:f3:
1e:4f:a3:a9:c4:fa:bc:ef:18:8c:50:2c:53:fc:29:
cb:a3:a3:5f:0d:13:67:9b:0a:14:9a:d2:49:1f:7a:
2e:fa:87:6b:62:57:8c:c3:73:24:c6:66:b0:d8:79:
00:b0:3c:49:4b:ac:b2:38:6d:9e:b2:d3:a7:6b:e4:
e6:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:84:B4:8D:A6:11:02:9D:54:95:A0:28:B9:FB:9D:69:9C:8A:B2:CB
X509v3 Authority Key Identifier:
keyid:26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/9oS0jaYRAp1UlaAoufudaZyKsss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.22.0-45.156.25.255
45.156.27.0/24
178.255.222.0/24
185.92.180.0/22
193.176.153.0/24
193.176.158.0/24
193.176.179.0/24
193.176.190.0/24
194.36.170.0/23
194.36.209.0/24
194.113.245.0/24
194.116.214.0-194.116.217.255
194.120.24.0/24
194.120.116.0/24
213.232.204.0/24
IPv6:
2a13:7c00::/32
Signature Algorithm: sha256WithRSAEncryption
66:62:74:35:6b:48:28:b0:46:ab:7a:4b:af:14:92:1b:14:90:
56:2f:36:70:03:8b:5f:59:d9:63:d9:09:38:15:1e:13:87:6c:
3a:4c:3b:73:b8:1c:97:91:f4:0e:b3:36:eb:0a:4f:52:df:8f:
af:97:bc:bc:e1:2b:9c:27:7f:a7:84:f0:81:f3:ba:3d:e2:f9:
3d:0b:e1:31:10:97:8a:06:01:28:3e:37:d1:52:d4:8f:82:0f:
17:b0:bb:fd:ce:fe:7c:33:bb:89:da:e6:c4:f9:7e:b4:fe:d4:
d6:bd:16:b3:e3:92:79:71:d2:cb:6e:16:d6:18:62:4d:49:b1:
0f:38:3e:2d:c6:98:fb:b1:65:86:66:bb:07:85:94:de:6b:fa:
15:fe:7c:b5:24:95:95:9c:de:66:52:54:f5:b9:24:f5:db:39:
9a:89:8c:6f:59:1a:fd:02:cb:f1:19:74:b5:a0:85:ad:38:77:
71:e8:d7:3e:93:8b:d6:38:22:48:31:2e:1e:70:1d:50:9a:1b:
13:d2:d1:62:a4:7f:41:0a:e5:b0:cb:57:54:dc:dd:95:9a:fd:
91:6f:87:9d:d9:24:7d:cd:f7:5a:13:8f:26:30:d2:fe:c2:25:
30:7d:10:f7:e9:c6:46:eb:6e:03:67:5a:07:c3:b3:b2:dd:f9:
ad:21:38:a5
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZdEt9UBkb8nQdDTrL4IlXyGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NzJiOWZiNTQ2YjM2NWUzMjMyMzBkY2VhOWJhOGM5ZmJl
ZGZlYjgwHhcNMjUwNjA2MTAwOTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjg0YjQ4ZGE2MTEwMjlkNTQ5NWEwMjhiOWZiOWQ2OTljOGFiMmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2EGY8CfdbVajYjGGhoKCz5cc8ptr
rj/+RJv3zacOrmjMFynpuZOVpqIpkRaD/0qJkHR+ZmOVZj/AYj83F7Ze1VI27+EF
RDMv56ruuOZBN/xPPDuBEXvG93wy/6HvFsN7UOfo2z7J0IwTU9smo5FJ9PF0Q5M2
8zZ96CaMuNhDfbFVynj+9SSuo+rk8ee72YeQSxF0v7IK8FUeyxpyXKXPIaa3du+N
dQ45/YVEWRU/4NnIthZmw2NLdEZhdgBPoApRAfMeT6OpxPq87xiMUCxT/CnLo6Nf
DRNnmwoUmtJJH3ou+odrYleMw3Mkxmaw2HkAsDxJS6yyOG2estOna+TmbwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFPaEtI2mEQKdVJWgKLn7nWmcirLLMB8GA1UdIwQY
MBaAFCZyuftUazZeMjIw3OqbqMn77f64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYt
YTcwZGI1ODI4MGZjLzEvOW9TMGphWVJBcDFVbGFBb3VmdWRhWnlLc3NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYtYTcwZGI1ODI4MGZj
LzEvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBwBAIAATBqMAwDBAEt
nBYDBAEtnBgDBAAtnBsDBACy/94DBAK5XLQDBADBsJkDBADBsJ4DBADBsLMDBADB
sL4DBAHCJKoDBADCJNEDBADCcfUwDAMEAcJ01gMEAcJ02AMEAMJ4GAMEAMJ4dAME
ANXozDANBAIAAjAHAwUAKhN8ADANBgkqhkiG9w0BAQsFAAOCAQEAZmJ0NWtIKLBG
q3pLrxSSGxSQVi82cAOLX1nZY9kJOBUeE4dsOkw7c7gcl5H0DrM26wpPUt+Pr5e8
vOErnCd/p4TwgfO6PeL5PQvhMRCXigYBKD430VLUj4IPF7C7/c7+fDO7idrmxPl+
tP7U1r0Ws+OSeXHSy24W1hhiTUmxDzg+LcaY+7Flhma7B4WU3mv6Ff58tSSVlZze
ZlJU9bkk9ds5momMb1ka/QLL8Rl0taCFrTh3cejXPpOL1jgiSDEuHnAdUJobE9LR
YqR/QQrlsMtXVNzdlZr9kW+Hndkkfc33WhOPJjDS/sIlMH0Q9+nGRutuA2daB8Oz
st35rSE4pQ==
-----END CERTIFICATE-----
Generated at Mon Jun 9 02:29:59 2025 by rpki-client