Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/3Z_l4D8fM4dF-eEMSN8FIsAym1g.roa
File: 3Z_l4D8fM4dF-eEMSN8FIsAym1g.roa (raw, json)
Hash identifier: AqJxnuGbHtlNaibqVDPQEF4SdtmBWQBqpVBgzsH6re0=
Subject key identifier: DD:9F:E5:E0:3F:1F:33:87:45:F9:E1:0C:48:DF:05:22:C0:32:9B:58
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 019749F2CBFCEC4FBA061798486700827275
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/3Z_l4D8fM4dF-eEMSN8FIsAym1g.roa
Signing time: Sat 07 Jun 2025 10:32:18 +0000
ROA not before: Sat 07 Jun 2025 10:32:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 45.67.136.0/24 maxlen: 24
45.92.218.0/24 maxlen: 24
45.134.36.0/24 maxlen: 24
45.142.105.0/24 maxlen: 24
45.151.56.0/24 maxlen: 24
45.152.162.0/23 maxlen: 23
92.118.204.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 20:59:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:49:f2:cb:fc:ec:4f:ba:06:17:98:48:67:00:82:72:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jun 7 10:32:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd9fe5e03f1f338745f9e10c48df0522c0329b58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a5:3f:b8:d8:9d:6e:2a:15:27:d6:51:ef:0a:
fc:30:98:c6:bf:83:31:36:96:74:c6:68:d5:82:7f:
3d:76:01:25:78:49:2d:1d:19:c4:bb:3c:b5:26:10:
df:ab:83:f5:34:c4:03:2c:cb:a0:53:5a:be:de:d4:
d3:c7:cb:17:ac:da:43:81:19:64:73:3e:24:73:68:
82:fd:7c:ea:ac:84:bb:95:b8:67:d8:9f:1a:f8:3d:
3f:c6:2e:66:da:78:c6:6c:a6:06:fa:d9:49:15:12:
43:ca:dc:21:2c:9a:cc:f0:2b:ba:cf:22:b2:81:b1:
ed:b0:8c:89:9f:44:c6:e3:b2:f6:68:5b:5a:49:3f:
6e:91:71:d0:79:b6:fc:53:de:e9:ca:ab:99:37:3c:
60:1e:93:11:05:4b:83:d0:51:75:a0:cd:dc:5d:dd:
55:5c:3a:d2:49:11:78:00:2c:6b:2f:11:1d:d2:7a:
92:56:ec:88:94:b8:1a:92:40:f9:00:b3:79:22:fc:
49:42:f2:99:6e:51:19:da:71:ea:58:5c:f5:8c:d2:
1d:52:85:70:ae:4c:34:2b:51:f5:8c:02:e6:a8:9d:
ca:cc:e4:93:16:db:fc:60:f7:03:83:05:e8:9b:f1:
7e:28:9b:32:57:bd:d9:7c:79:ad:bf:22:79:15:24:
2a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:9F:E5:E0:3F:1F:33:87:45:F9:E1:0C:48:DF:05:22:C0:32:9B:58
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/3Z_l4D8fM4dF-eEMSN8FIsAym1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.136.0/24
45.92.218.0/24
45.134.36.0/24
45.142.105.0/24
45.151.56.0/24
45.152.162.0/23
92.118.204.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:3a:2c:3e:a5:fb:7e:98:07:b1:e6:69:f0:df:02:93:94:a8:
55:1b:8a:f6:a6:3f:88:d0:cb:01:6b:e8:3a:3a:1f:8d:5c:9a:
38:4e:f4:03:b4:e2:73:0c:6c:06:36:c8:18:2e:e3:45:0f:db:
61:71:de:f9:ef:7c:12:c8:54:41:c1:76:f0:4e:e7:54:2a:9b:
04:3e:e5:0c:42:c3:a9:04:0a:de:02:44:f0:b7:e3:ab:68:1b:
02:81:67:63:b4:99:62:10:36:f8:39:2e:59:8c:f9:ff:aa:12:
3f:c0:6d:71:8a:41:83:c8:44:68:7b:18:d7:09:74:ab:c2:e0:
11:05:fb:a6:91:1e:ee:82:d4:44:f2:8d:b2:8e:64:71:be:48:
35:1c:6d:38:c8:6c:45:fa:7e:e5:31:37:6a:f7:df:48:f6:df:
94:fa:0e:ff:c3:bb:f4:e9:04:12:b4:25:63:0e:d6:a8:61:f2:
eb:82:50:ca:5b:0f:d6:5a:42:20:a9:54:83:55:2f:69:c1:2f:
43:7d:3e:ee:c2:d0:95:66:17:04:1c:74:93:8f:7e:a9:80:b0:
12:77:f2:5f:85:a9:f4:d1:ad:bd:f3:e2:3d:3c:54:8d:6d:c0:
39:ae:70:89:38:04:57:30:21:46:07:6d:1f:a4:a5:58:30:94:
e0:75:3d:12
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZdJ8sv87E+6BheYSGcAgnJ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjUwNjA3MTAzMjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDlmZTVlMDNmMWYzMzg3NDVmOWUxMGM0OGRmMDUyMmMwMzI5YjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6U/uNidbioVJ9ZR7wr8MJjGv4Mx
NpZ0xmjVgn89dgEleEktHRnEuzy1JhDfq4P1NMQDLMugU1q+3tTTx8sXrNpDgRlk
cz4kc2iC/XzqrIS7lbhn2J8a+D0/xi5m2njGbKYG+tlJFRJDytwhLJrM8Cu6zyKy
gbHtsIyJn0TG47L2aFtaST9ukXHQebb8U97pyquZNzxgHpMRBUuD0FF1oM3cXd1V
XDrSSRF4ACxrLxEd0nqSVuyIlLgakkD5ALN5IvxJQvKZblEZ2nHqWFz1jNIdUoVw
rkw0K1H1jALmqJ3KzOSTFtv8YPcDgwXom/F+KJsyV73ZfHmtvyJ5FSQqAQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFN2f5eA/HzOHRfnhDEjfBSLAMptYMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvM1pfbDREOGZNNGRGLWVFTVNOOEZJc0F5bTFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALUOIAwQA
LVzaAwQALYYkAwQALY5pAwQALZc4AwQBLZiiAwQCXHbMMA0GCSqGSIb3DQEBCwUA
A4IBAQCcOiw+pft+mAex5mnw3wKTlKhVG4r2pj+I0MsBa+g6Oh+NXJo4TvQDtOJz
DGwGNsgYLuNFD9thcd7573wSyFRBwXbwTudUKpsEPuUMQsOpBAreAkTwt+OraBsC
gWdjtJliEDb4OS5ZjPn/qhI/wG1xikGDyERoexjXCXSrwuARBfumkR7ugtRE8o2y
jmRxvkg1HG04yGxF+n7lMTdq999I9t+U+g7/w7v06QQStCVjDtaoYfLrglDKWw/W
WkIgqVSDVS9pwS9DfT7uwtCVZhcEHHSTj36pgLASd/Jfhan00a298+I9PFSNbcA5
rnCJOARXMCFGB20fpKVYMJTgdT0S
-----END CERTIFICATE-----
Generated at Mon Jun 16 04:40:08 2025 by rpki-client