Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/yk3hphpJLiCKLV3SI7_6_xUDd3U.roa
File: yk3hphpJLiCKLV3SI7_6_xUDd3U.roa (raw, json)
Hash identifier: 3xzT8sNUhSTcHGn9AimzGczqHTxSrNzAtFY6ULbmku8=
Subject key identifier: CA:4D:E1:A6:1A:49:2E:20:8A:2D:5D:D2:23:BF:FA:FF:15:03:77:75
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 0196394CB44E57E4A042F1302B2394B99BE3
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/yk3hphpJLiCKLV3SI7_6_xUDd3U.roa
Signing time: Tue 15 Apr 2025 11:54:10 +0000
ROA not before: Tue 15 Apr 2025 11:54:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44477
IP address blocks: 5.181.20.0/24 maxlen: 32
5.181.21.0/24 maxlen: 32
5.181.22.0/24 maxlen: 32
5.181.23.0/24 maxlen: 32
45.14.244.0/24 maxlen: 24
45.14.245.0/24 maxlen: 24
45.14.246.0/24 maxlen: 24
45.14.247.0/24 maxlen: 24
45.91.52.0/22 maxlen: 32
45.140.146.0/24 maxlen: 32
45.140.147.0/24 maxlen: 32
45.140.166.0/24 maxlen: 32
45.140.167.0/24 maxlen: 32
45.144.28.0/24 maxlen: 32
45.144.29.0/24 maxlen: 32
45.150.65.0/24 maxlen: 32
45.150.67.0/24 maxlen: 32
45.155.52.0/22 maxlen: 32
91.194.11.0/24 maxlen: 24
138.124.180.0/24 maxlen: 24
138.124.183.0/24 maxlen: 24
138.124.184.0/24 maxlen: 24
146.19.230.0/24 maxlen: 24
185.33.24.0/24 maxlen: 24
185.74.222.0/24 maxlen: 24
185.234.247.0/24 maxlen: 32
195.16.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.mft
rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 17:20:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:39:4c:b4:4e:57:e4:a0:42:f1:30:2b:23:94:b9:9b:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Apr 15 11:54:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca4de1a61a492e208a2d5dd223bffaff15037775
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8a:c9:51:22:a1:37:eb:47:5b:a4:55:fe:a3:
48:96:a7:b7:9c:22:e6:f4:d2:b8:46:42:df:d6:97:
c4:6c:cb:ee:74:b8:75:ba:08:1a:e4:70:57:f5:be:
23:0a:ee:1e:5a:80:e7:9e:6c:2f:fc:a6:9a:3c:92:
fb:e6:ef:df:00:8e:4c:4a:36:c2:34:b8:f9:f9:7c:
c1:c0:b7:7c:0e:bf:a9:c1:02:3a:08:71:72:db:e7:
41:5c:b6:ee:b2:8c:7c:9c:c0:a0:54:c5:61:22:07:
dd:4c:82:61:b9:6f:5f:d3:e6:c6:56:cc:c2:7a:6b:
02:fb:82:54:65:c6:90:07:40:b3:51:8f:fc:fe:92:
65:9b:92:c9:f8:10:1c:05:f5:77:0e:c1:8a:44:8d:
31:df:9b:cf:23:35:26:d5:e7:38:91:69:12:c3:3b:
54:2c:53:6e:c4:f4:a2:8b:38:6a:1c:29:10:06:15:
a5:e3:fd:7b:17:8c:11:b6:e4:68:dc:01:e8:8a:aa:
31:33:f0:e0:70:b3:38:47:97:c4:5b:08:53:5a:bc:
38:ac:b5:d8:af:cc:c9:2e:04:71:6a:3f:48:ff:b9:
aa:1b:6d:63:85:36:81:6b:6e:46:1d:04:5f:e5:99:
95:22:80:d2:26:20:73:a3:87:bd:c6:ff:34:b2:af:
31:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:4D:E1:A6:1A:49:2E:20:8A:2D:5D:D2:23:BF:FA:FF:15:03:77:75
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/yk3hphpJLiCKLV3SI7_6_xUDd3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.20.0/22
45.14.244.0/22
45.91.52.0/22
45.140.146.0/23
45.140.166.0/23
45.144.28.0/23
45.150.65.0/24
45.150.67.0/24
45.155.52.0/22
91.194.11.0/24
138.124.180.0/24
138.124.183.0-138.124.184.255
146.19.230.0/24
185.33.24.0/24
185.74.222.0/24
185.234.247.0/24
195.16.74.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:f1:be:68:a5:aa:54:96:e3:b0:df:51:61:93:ac:f3:00:93:
22:48:ae:d5:d4:a9:1c:7c:04:03:6d:68:c3:b5:95:ca:38:04:
d6:4e:a1:2d:6f:33:06:af:c2:1f:2f:7b:d4:bb:93:ef:62:b2:
79:ba:9f:44:79:6d:f1:9b:26:5c:57:49:dd:10:04:1d:5a:ca:
32:8e:5a:24:f3:2c:b2:f0:1a:79:37:2d:db:0a:62:a7:7f:5d:
53:fe:49:f6:12:d3:a4:05:16:10:ed:12:1f:6c:6a:29:0c:d9:
52:74:15:7e:f5:30:e5:b0:74:17:bd:e8:05:2b:52:eb:f5:14:
b6:32:50:f4:46:2c:ad:e0:da:05:41:63:bf:35:4f:08:35:4a:
1e:cd:6a:d7:20:f1:e0:f5:0e:96:e5:f4:da:44:eb:55:98:cd:
b8:22:44:e4:0f:bb:6b:88:64:00:c8:1c:41:7f:7e:6b:be:1f:
28:ce:b5:98:fe:31:cb:f0:7f:43:da:7e:6e:83:63:8b:f9:a5:
21:bd:3e:00:a0:1e:76:22:ac:ea:20:11:18:f8:39:9e:4d:4b:
ec:dc:4a:f9:b1:f2:c9:e8:97:ac:0a:d8:f6:46:43:fb:eb:ef:
36:c9:ca:65:a5:30:fe:76:ca:4b:38:86:d4:28:ef:c5:27:a7:
9d:c4:9e:bc
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAZY5TLROV+SgQvEwKyOUuZvjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjUwNDE1MTE1NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTRkZTFhNjFhNDkyZTIwOGEyZDVkZDIyM2JmZmFmZjE1MDM3Nzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuorJUSKhN+tHW6RV/qNIlqe3nCLm
9NK4RkLf1pfEbMvudLh1ugga5HBX9b4jCu4eWoDnnmwv/KaaPJL75u/fAI5MSjbC
NLj5+XzBwLd8Dr+pwQI6CHFy2+dBXLbusox8nMCgVMVhIgfdTIJhuW9f0+bGVszC
emsC+4JUZcaQB0CzUY/8/pJlm5LJ+BAcBfV3DsGKRI0x35vPIzUm1ec4kWkSwztU
LFNuxPSiizhqHCkQBhWl4/17F4wRtuRo3AHoiqoxM/DgcLM4R5fEWwhTWrw4rLXY
r8zJLgRxaj9I/7mqG21jhTaBa25GHQRf5ZmVIoDSJiBzo4e9xv80sq8xNQIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFMpN4aYaSS4gii1d0iO/+v8VA3d1MB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEveWszaHBocEpMaUNLTFYzU0k3XzZfeFVEZDNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAgW1FAME
Ai0O9AMEAi1bNAMEAS2MkgMEAS2MpgMEAS2QHAMEAC2WQQMEAC2WQwMEAi2bNAME
AFvCCwMEAIp8tDAMAwQAiny3AwQAiny4AwQAkhPmAwQAuSEYAwQAuUreAwQAuer3
AwQAwxBKMA0GCSqGSIb3DQEBCwUAA4IBAQCt8b5opapUluOw31Fhk6zzAJMiSK7V
1KkcfAQDbWjDtZXKOATWTqEtbzMGr8IfL3vUu5PvYrJ5up9EeW3xmyZcV0ndEAQd
Wsoyjlok8yyy8Bp5Ny3bCmKnf11T/kn2EtOkBRYQ7RIfbGopDNlSdBV+9TDlsHQX
vegFK1Lr9RS2MlD0Riyt4NoFQWO/NU8INUoezWrXIPHg9Q6W5fTaROtVmM24IkTk
D7triGQAyBxBf35rvh8ozrWY/jHL8H9D2n5ug2OL+aUhvT4AoB52IqzqIBEY+Dme
TUvs3Er5sfLJ6JesCtj2RkP76+82ycplpTD+dspLOIbUKO/FJ6edxJ68
-----END CERTIFICATE-----
Generated at Sun Apr 27 02:17:44 2025 by rpki-client