Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/JdDltbvPppZyi9VKpeUkg5fPs4w.roa
File: JdDltbvPppZyi9VKpeUkg5fPs4w.roa (raw, json)
Hash identifier: DMnZ0Zx1sBhsw/PQXY0i/U0lx1JkIFVV02Wk66jN988=
Subject key identifier: 25:D0:E5:B5:BB:CF:A6:96:72:8B:D5:4A:A5:E5:24:83:97:CF:B3:8C
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0197400F5CF909555526C6C44EB486B77E34
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/JdDltbvPppZyi9VKpeUkg5fPs4w.roa
Signing time: Thu 05 Jun 2025 12:27:18 +0000
ROA not before: Thu 05 Jun 2025 12:27:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49791
IP address blocks: 45.43.137.0/24 maxlen: 24
45.43.159.0/24 maxlen: 24
64.137.9.0/24 maxlen: 24
104.222.177.0/24 maxlen: 24
104.238.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Jun 2025 10:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:40:0f:5c:f9:09:55:55:26:c6:c4:4e:b4:86:b7:7e:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jun 5 12:27:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25d0e5b5bbcfa696728bd54aa5e5248397cfb38c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ab:c4:5e:6d:31:a5:3e:54:bf:7c:06:5f:25:
25:51:a3:dc:aa:d9:60:45:eb:cc:35:53:07:3a:24:
f2:60:5d:03:0b:ff:d0:07:6d:dc:19:0f:ed:88:53:
80:44:aa:a3:f3:b6:df:1c:82:e6:da:aa:39:8e:cb:
79:05:ca:de:b9:b3:6a:9c:09:28:cf:e1:1a:8e:ce:
21:91:53:c1:c4:cd:f9:08:7d:83:8c:43:a6:1c:42:
7f:aa:2f:3f:a6:b5:05:b9:fc:ab:4d:ac:51:56:1c:
20:d0:14:8e:a8:44:63:72:ca:0f:49:79:d4:1c:32:
4b:1e:35:5f:cf:44:6d:12:06:e9:82:c6:87:6f:a4:
dd:c1:29:2a:9e:03:cd:a6:49:50:a7:91:eb:cf:e5:
fc:4b:10:23:60:6b:11:b2:6c:1a:34:ea:1a:c8:65:
1c:15:15:29:95:6d:bf:17:6e:03:e2:dd:fd:cd:c0:
cf:83:e8:8b:0e:cc:84:9e:bf:76:95:09:74:d9:bb:
8d:91:39:18:9b:0e:b2:95:65:e3:07:7c:01:92:e3:
6c:63:a1:9d:32:00:ab:85:88:72:f9:63:77:86:7a:
3a:a8:5b:95:bf:40:7f:fc:55:19:21:c3:af:99:06:
35:af:c8:f4:fd:39:db:15:d4:12:46:65:cc:17:19:
cb:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:D0:E5:B5:BB:CF:A6:96:72:8B:D5:4A:A5:E5:24:83:97:CF:B3:8C
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/JdDltbvPppZyi9VKpeUkg5fPs4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.137.0/24
45.43.159.0/24
64.137.9.0/24
104.222.177.0/24
104.238.24.0/24
Signature Algorithm: sha256WithRSAEncryption
32:23:61:4d:5e:ca:41:24:ce:77:cd:8d:2b:f5:33:ae:89:9b:
8f:e1:55:25:70:8f:72:c0:f1:29:09:7e:60:5f:1e:22:6f:4a:
88:ae:df:a4:23:08:6a:6c:55:c5:b1:44:ce:cd:24:5c:fc:07:
a1:59:40:2e:45:e9:a7:53:f3:20:49:8b:30:06:b8:5d:c7:35:
c0:36:1f:8a:f2:98:7a:db:bd:82:7b:c8:87:67:69:2f:8d:b2:
b3:55:6c:8a:50:78:63:66:56:2b:6f:79:62:d5:1a:ed:98:b0:
ac:c7:a7:e1:00:de:98:16:dc:07:e2:93:40:8d:09:fd:94:83:
89:7e:07:d8:3a:21:f3:cd:7f:75:4f:d4:09:5a:d9:b7:16:a0:
5f:0c:ef:fa:b3:20:af:59:41:38:a9:04:a8:0f:27:bd:42:36:
8b:17:9b:b6:75:9d:86:b9:23:07:cb:0c:51:ba:a0:e4:20:f0:
8b:64:c3:df:3f:c8:69:7c:89:5b:5b:c1:4b:19:2f:93:9c:d6:
05:8c:86:20:b2:5f:3c:10:d2:46:34:e8:d7:25:a6:5c:5e:b9:
06:3e:4a:a8:05:a5:bf:01:94:37:f3:bd:79:c6:fe:42:00:53:
7d:23:4e:0a:e2:13:95:69:53:b9:92:d8:b3:34:e0:93:e6:93:
45:8b:31:aa
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZdAD1z5CVVVJsbETrSGt340MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwNjA1MTIyNzE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWQwZTViNWJiY2ZhNjk2NzI4YmQ1NGFhNWU1MjQ4Mzk3Y2ZiMzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0avEXm0xpT5Uv3wGXyUlUaPcqtlg
RevMNVMHOiTyYF0DC//QB23cGQ/tiFOARKqj87bfHILm2qo5jst5BcreubNqnAko
z+Eajs4hkVPBxM35CH2DjEOmHEJ/qi8/prUFufyrTaxRVhwg0BSOqERjcsoPSXnU
HDJLHjVfz0RtEgbpgsaHb6TdwSkqngPNpklQp5Hrz+X8SxAjYGsRsmwaNOoayGUc
FRUplW2/F24D4t39zcDPg+iLDsyEnr92lQl02buNkTkYmw6ylWXjB3wBkuNsY6Gd
MgCrhYhy+WN3hno6qFuVv0B//FUZIcOvmQY1r8j0/TnbFdQSRmXMFxnLYwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCXQ5bW7z6aWcovVSqXlJIOXz7OMMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvSmREbHRidlBwcFp5aTlWS3BlVWtnNWZQczR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALSuJAwQA
LSufAwQAQIkJAwQAaN6xAwQAaO4YMA0GCSqGSIb3DQEBCwUAA4IBAQAyI2FNXspB
JM53zY0r9TOuiZuP4VUlcI9ywPEpCX5gXx4ib0qIrt+kIwhqbFXFsUTOzSRc/Aeh
WUAuRemnU/MgSYswBrhdxzXANh+K8ph6272Ce8iHZ2kvjbKzVWyKUHhjZlYrb3li
1RrtmLCsx6fhAN6YFtwH4pNAjQn9lIOJfgfYOiHzzX91T9QJWtm3FqBfDO/6syCv
WUE4qQSoDye9QjaLF5u2dZ2GuSMHywxRuqDkIPCLZMPfP8hpfIlbW8FLGS+TnNYF
jIYgsl88ENJGNOjXJaZcXrkGPkqoBaW/AZQ38715xv5CAFN9I04K4hOVaVO5ktiz
NOCT5pNFizGq
-----END CERTIFICATE-----
Generated at Wed Jun 18 19:35:35 2025 by rpki-client