Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/55jPKsyDX-BIqjFV31CvcLJ9DVo.roa
File: 55jPKsyDX-BIqjFV31CvcLJ9DVo.roa (raw, json)
Hash identifier: VL6rECPoBksnZZAbS1ccvrbdoPoKp3z1byYwCM9tolA=
Subject key identifier: E7:98:CF:2A:CC:83:5F:E0:48:AA:31:55:DF:50:AF:70:B2:7D:0D:5A
Certificate issuer: /CN=c1d369e66cdbe30d7b3aff6081f20c17a98fdc5b
Certificate serial: 01976970ECE2795D5CD3AE1E07B9FFC6032A
Authority key identifier: C1:D3:69:E6:6C:DB:E3:0D:7B:3A:FF:60:81:F2:0C:17:A9:8F:DC:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/55jPKsyDX-BIqjFV31CvcLJ9DVo.roa
Signing time: Fri 13 Jun 2025 13:18:17 +0000
ROA not before: Fri 13 Jun 2025 13:18:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204601
IP address blocks: 45.88.78.0/24 maxlen: 24
81.91.176.0/24 maxlen: 24
81.91.177.0/24 maxlen: 24
81.91.178.0/24 maxlen: 24
95.215.205.0/24 maxlen: 24
103.246.144.0/24 maxlen: 24
103.246.145.0/24 maxlen: 24
103.246.146.0/24 maxlen: 24
103.246.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Jun 2025 01:01:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:69:70:ec:e2:79:5d:5c:d3:ae:1e:07:b9:ff:c6:03:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1d369e66cdbe30d7b3aff6081f20c17a98fdc5b
Validity
Not Before: Jun 13 13:18:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e798cf2acc835fe048aa3155df50af70b27d0d5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a6:9e:4e:d2:1c:7f:75:a8:3b:4b:24:8a:87:
80:3f:84:94:42:84:78:c3:ee:c9:fa:7c:94:19:7d:
20:b6:5e:60:a6:c5:49:a6:56:4e:0c:ad:09:c0:8e:
19:c6:33:1d:3a:3d:10:f3:26:5e:46:a4:d0:49:ee:
d7:94:ce:de:c3:50:2c:f0:4a:4a:44:e6:ff:13:75:
67:70:a2:4d:f3:ea:d3:f6:99:b5:04:95:71:59:cc:
8c:b3:99:8f:51:d9:67:ca:ce:ff:f7:0c:ea:8b:5c:
ed:19:2e:ba:fb:1c:59:c0:87:b9:33:c0:8e:34:9a:
8c:39:6b:0a:ab:d8:6d:59:1f:1f:83:49:ab:d9:ed:
05:21:3b:a5:5b:40:d5:87:d1:e3:51:50:f3:9a:0b:
47:11:3e:7d:40:09:1d:d7:78:c6:46:b4:a4:13:9e:
ae:fa:9b:72:23:df:8f:0c:68:5b:bb:e1:18:af:43:
66:25:4c:4c:45:5c:ff:ed:09:86:7f:fc:a9:37:e2:
b5:9a:97:96:00:bd:34:41:91:9a:e4:88:e6:ec:65:
93:6c:a4:5e:b2:38:8c:b9:5d:6d:3d:5c:2f:46:0d:
3e:ef:32:17:c2:ab:02:24:aa:d4:fe:f3:03:71:10:
73:4c:09:c6:7d:6a:cd:f8:82:7c:fb:bf:f2:12:b1:
0b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:98:CF:2A:CC:83:5F:E0:48:AA:31:55:DF:50:AF:70:B2:7D:0D:5A
X509v3 Authority Key Identifier:
keyid:C1:D3:69:E6:6C:DB:E3:0D:7B:3A:FF:60:81:F2:0C:17:A9:8F:DC:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/55jPKsyDX-BIqjFV31CvcLJ9DVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.78.0/24
81.91.176.0-81.91.178.255
95.215.205.0/24
103.246.144.0/22
Signature Algorithm: sha256WithRSAEncryption
95:82:82:3d:7e:e3:c4:7f:98:aa:9d:4c:6b:6f:20:e1:85:45:
1c:7b:9b:da:02:49:b7:df:f7:8b:71:f1:07:9e:6e:61:e4:d0:
c7:27:b8:16:00:19:d3:22:ac:ce:39:9d:ec:3b:38:c5:0f:58:
c8:77:f5:4a:e4:68:ba:90:fa:21:7a:fb:30:ad:a8:8f:e9:90:
56:09:52:b2:ef:fa:6b:84:6e:9d:19:88:d4:57:aa:1a:5e:07:
b2:60:bf:4b:26:68:87:50:b7:9e:7b:bd:09:37:bc:e0:ea:37:
8a:d9:4b:77:a4:b6:b8:7a:bf:58:98:c0:89:e1:d0:da:e8:14:
23:e2:0c:d7:97:86:e6:ed:60:1a:f9:85:e0:7c:18:fd:30:c1:
16:8d:9a:49:06:ed:8a:02:dc:1e:a1:5a:cb:5c:ec:cf:a6:16:
59:fb:63:c9:33:07:06:27:71:01:c9:cd:0f:87:f9:a1:b8:69:
68:70:18:43:83:fe:a5:bf:1a:7e:37:87:2b:eb:6c:9c:8e:14:
24:77:65:3f:23:15:c5:16:a1:03:a5:6a:7d:59:9e:fc:9c:c7:
be:47:b9:d1:f2:8a:f1:a2:1e:bb:65:83:df:bc:f4:e7:12:0d:
33:31:2c:37:d2:4d:7c:e8:20:d6:ae:cc:1e:ef:89:a2:77:cc:
68:d0:05:04
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZdpcOzieV1c064eB7n/xgMqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZDM2OWU2NmNkYmUzMGQ3YjNhZmY2MDgxZjIwYzE3YTk4
ZmRjNWIwHhcNMjUwNjEzMTMxODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzk4Y2YyYWNjODM1ZmUwNDhhYTMxNTVkZjUwYWY3MGIyN2QwZDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmaaeTtIcf3WoO0skioeAP4SUQoR4
w+7J+nyUGX0gtl5gpsVJplZODK0JwI4ZxjMdOj0Q8yZeRqTQSe7XlM7ew1As8EpK
ROb/E3VncKJN8+rT9pm1BJVxWcyMs5mPUdlnys7/9wzqi1ztGS66+xxZwIe5M8CO
NJqMOWsKq9htWR8fg0mr2e0FITulW0DVh9HjUVDzmgtHET59QAkd13jGRrSkE56u
+ptyI9+PDGhbu+EYr0NmJUxMRVz/7QmGf/ypN+K1mpeWAL00QZGa5Ijm7GWTbKRe
sjiMuV1tPVwvRg0+7zIXwqsCJKrU/vMDcRBzTAnGfWrN+IJ8+7/yErELuwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOeYzyrMg1/gSKoxVd9Qr3CyfQ1aMB8GA1UdIwQY
MBaAFMHTaeZs2+MNezr/YIHyDBepj9xbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2ROcDVtemI0dzE3T3Y5Z2dmSU1GNm1QM0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yMjQzNTEtM2E0Ny00MDE0LWIzOTUt
YTYzNDc5NjEwOTY4LzEvNTVqUEtzeURYLUJJcWpGVjMxQ3ZjTEo5RFZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yMjQzNTEtM2E0Ny00MDE0LWIzOTUtYTYzNDc5NjEwOTY4
LzEvd2ROcDVtemI0dzE3T3Y5Z2dmSU1GNm1QM0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALVhOMAwD
BARRW7ADBABRW7IDBABf180DBAJn9pAwDQYJKoZIhvcNAQELBQADggEBAJWCgj1+
48R/mKqdTGtvIOGFRRx7m9oCSbff94tx8QeebmHk0McnuBYAGdMirM45new7OMUP
WMh39UrkaLqQ+iF6+zCtqI/pkFYJUrLv+muEbp0ZiNRXqhpeB7Jgv0smaIdQt557
vQk3vODqN4rZS3ektrh6v1iYwInh0NroFCPiDNeXhubtYBr5heB8GP0wwRaNmkkG
7YoC3B6hWstc7M+mFln7Y8kzBwYncQHJzQ+H+aG4aWhwGEOD/qW/Gn43hyvrbJyO
FCR3ZT8jFcUWoQOlan1Znvycx75HudHyivGiHrtlg9+89OcSDTMxLDfSTXzoINau
zB7viaJ3zGjQBQQ=
-----END CERTIFICATE-----
Generated at Sat Jun 21 10:32:25 2025 by rpki-client