Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/T9b3CGSu9TwHQys6esNNigNs-MM.roa
File: T9b3CGSu9TwHQys6esNNigNs-MM.roa (raw, json)
Hash identifier: 4HiH8CIapMTS2W3MG0LdLW7D9+NiWrCqVdKHuPMfhB4=
Subject key identifier: 4F:D6:F7:08:64:AE:F5:3C:07:43:2B:3A:7A:C3:4D:8A:03:6C:F8:C3
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 019647D6539BF91F7ADF1DD13665F7720FCA
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/T9b3CGSu9TwHQys6esNNigNs-MM.roa
Signing time: Fri 18 Apr 2025 07:39:10 +0000
ROA not before: Fri 18 Apr 2025 07:39:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 45.141.204.0/23 maxlen: 23
45.148.51.0/24 maxlen: 24
194.39.216.0/24 maxlen: 24
2a0c:9e06::/32 maxlen: 32
2a0e:a944::/32 maxlen: 32
2a0e:a945::/32 maxlen: 32
2a0e:a946::/32 maxlen: 32
2a0e:a947::/32 maxlen: 32
2a0f:3b80::/32 maxlen: 32
2a0f:3b81::/32 maxlen: 32
2a0f:3b82::/32 maxlen: 32
2a0f:3b83::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 06:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:47:d6:53:9b:f9:1f:7a:df:1d:d1:36:65:f7:72:0f:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Apr 18 07:39:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4fd6f70864aef53c07432b3a7ac34d8a036cf8c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:47:ce:28:90:10:14:26:f5:95:92:03:02:f6:
9c:89:0f:9f:b9:7b:a8:f3:87:d0:51:5c:c6:80:e1:
6c:ce:d6:3b:9e:c6:93:06:d2:48:31:a8:14:8e:eb:
b2:a2:f5:c3:71:1d:f1:17:03:bf:06:f1:34:df:63:
0b:1e:dd:7d:55:e9:54:18:e4:c6:61:4f:76:9b:3b:
38:d1:fc:ae:27:ad:b3:f6:65:39:8c:c4:24:e2:09:
f1:36:aa:d5:08:22:33:11:04:1a:4f:1a:82:ee:cf:
67:66:d9:54:e6:01:dc:c2:bb:e5:e1:d8:51:f4:a7:
7a:27:2a:00:86:24:b5:a0:22:6c:8c:7b:e0:ba:85:
00:64:90:96:27:48:94:5c:37:f3:3b:50:2b:53:71:
72:a6:7c:ec:07:95:dd:5c:4e:27:db:7f:0d:22:ec:
30:51:9e:da:7b:6e:37:14:d5:c3:27:5a:4c:ee:c6:
e9:2a:b9:fb:1f:68:f3:b0:56:5a:31:c0:00:ad:1b:
b4:04:b1:12:8c:76:16:88:aa:7c:ae:01:ec:42:6c:
a4:bc:99:dd:83:f3:27:63:4d:65:66:f6:7a:6f:8d:
46:56:9c:96:40:43:58:be:0c:33:31:d4:4f:ff:0a:
2d:d0:02:1c:5d:39:d0:cb:a9:d3:a8:5d:c2:5f:24:
b6:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:D6:F7:08:64:AE:F5:3C:07:43:2B:3A:7A:C3:4D:8A:03:6C:F8:C3
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/T9b3CGSu9TwHQys6esNNigNs-MM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.204.0/23
45.148.51.0/24
194.39.216.0/24
IPv6:
2a0c:9e06::/32
2a0e:a944::/30
2a0f:3b80::/30
Signature Algorithm: sha256WithRSAEncryption
57:ff:86:12:7b:42:2b:59:ec:60:c6:15:14:ee:77:2c:7d:d8:
21:6f:00:a2:4d:38:88:4e:11:20:5b:2b:80:70:fb:b8:f8:f1:
83:30:c5:1b:50:78:4e:49:0d:4b:b3:bb:e1:50:8d:76:8e:bb:
aa:62:03:89:f0:4f:82:9d:c7:79:35:59:ac:d1:a0:a2:4e:71:
43:eb:88:df:00:10:f1:a5:4b:4d:b8:69:ac:0e:9b:42:8b:22:
f8:ea:dc:95:65:da:1a:94:33:d8:31:29:fb:6c:f6:fd:cb:34:
17:2c:a4:57:9b:45:4c:67:d6:fe:38:bc:cc:27:10:2c:23:d3:
fe:3b:a2:12:9e:fd:cc:cc:ad:dc:ee:ff:9a:8c:26:c6:d7:b5:
80:68:d7:d9:64:1c:94:f8:c0:02:4d:b1:67:0c:6f:7b:c6:c3:
c2:fc:0f:16:2a:4e:3e:59:2a:7e:54:69:9a:f7:fa:2b:26:cc:
5f:15:db:f3:96:22:b7:92:93:ec:64:66:9a:a2:a0:18:aa:78:
6d:55:bb:9b:ad:60:de:97:ec:78:f3:9e:bf:eb:de:c6:db:d8:
b3:a0:f6:85:b6:54:b9:fa:ec:83:45:f6:8d:01:65:d2:82:72:
b1:42:dd:65:8e:f5:4b:9d:c1:fe:cc:f5:68:39:ee:06:0f:1b:
0b:c8:ea:68
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZZH1lOb+R963x3RNmX3cg/KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjUwNDE4MDczOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmQ2ZjcwODY0YWVmNTNjMDc0MzJiM2E3YWMzNGQ4YTAzNmNmOGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkfOKJAQFCb1lZIDAvaciQ+fuXuo
84fQUVzGgOFsztY7nsaTBtJIMagUjuuyovXDcR3xFwO/BvE032MLHt19VelUGOTG
YU92mzs40fyuJ62z9mU5jMQk4gnxNqrVCCIzEQQaTxqC7s9nZtlU5gHcwrvl4dhR
9Kd6JyoAhiS1oCJsjHvguoUAZJCWJ0iUXDfzO1ArU3FypnzsB5XdXE4n238NIuww
UZ7ae243FNXDJ1pM7sbpKrn7H2jzsFZaMcAArRu0BLESjHYWiKp8rgHsQmykvJnd
g/MnY01lZvZ6b41GVpyWQENYvgwzMdRP/wot0AIcXTnQy6nTqF3CXyS2pQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFE/W9whkrvU8B0MrOnrDTYoDbPjDMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvVDliM0NHU3U5VHdIUXlzNmVzTk5pZ05zLU1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQBLY3MAwQA
LZQzAwQAwifYMBsEAgACMBUDBQAqDJ4GAwUCKg6pRAMFAioPO4AwDQYJKoZIhvcN
AQELBQADggEBAFf/hhJ7QitZ7GDGFRTudyx92CFvAKJNOIhOESBbK4Bw+7j48YMw
xRtQeE5JDUuzu+FQjXaOu6piA4nwT4Kdx3k1WazRoKJOcUPriN8AEPGlS024aawO
m0KLIvjq3JVl2hqUM9gxKfts9v3LNBcspFebRUxn1v44vMwnECwj0/47ohKe/czM
rdzu/5qMJsbXtYBo19lkHJT4wAJNsWcMb3vGw8L8DxYqTj5ZKn5UaZr3+ismzF8V
2/OWIreSk+xkZpqioBiqeG1Vu5utYN6X7Hjznr/r3sbb2LOg9oW2VLn67INF9o0B
ZdKCcrFC3WWO9Uudwf7M9Wg57gYPGwvI6mg=
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:34:12 2025 by rpki-client