Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/L9ItX5UEl5Y25cmumLZk4osBOqo.roa
File: L9ItX5UEl5Y25cmumLZk4osBOqo.roa (raw, json)
Hash identifier: jzJME+L4zIMXGu54osHZKKvSE9/cscEc5d931MLewkY=
Subject key identifier: 2F:D2:2D:5F:95:04:97:96:36:E5:C9:AE:98:B6:64:E2:8B:01:3A:AA
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 019765A84D920B63DF495F17DC09645A4E7D
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/L9ItX5UEl5Y25cmumLZk4osBOqo.roa
Signing time: Thu 12 Jun 2025 19:40:18 +0000
ROA not before: Thu 12 Jun 2025 19:40:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215391
IP address blocks: 45.43.143.0/24 maxlen: 24
104.238.21.0/24 maxlen: 24
104.238.23.0/24 maxlen: 24
216.173.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Jun 2025 13:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:65:a8:4d:92:0b:63:df:49:5f:17:dc:09:64:5a:4e:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jun 12 19:40:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2fd22d5f9504979636e5c9ae98b664e28b013aaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:34:14:d5:0c:5d:0a:bb:36:3e:87:24:6e:c3:
7f:cd:94:28:16:f0:3a:81:58:5c:ee:b9:ec:53:69:
b5:30:48:c9:cf:28:21:03:36:7a:49:09:95:40:7d:
bd:0d:37:01:9a:db:5b:8b:97:3e:1e:a9:78:1c:70:
0c:28:58:54:2b:26:c1:73:40:22:9e:a3:04:7e:07:
75:e2:ce:7c:5a:a8:26:bc:92:a6:ee:cc:a5:57:c8:
98:3f:bb:cb:18:b3:22:09:67:53:13:7c:68:59:8c:
ac:c1:2c:40:d1:ce:9b:bc:50:ca:a5:f4:d4:65:8f:
e1:be:b8:60:96:69:5e:d0:6c:4c:f9:49:d5:c6:bd:
5a:b4:17:96:b7:e7:9c:06:9b:2b:6a:92:eb:61:5c:
2f:06:bc:80:c2:da:de:ea:eb:5e:32:d1:30:49:49:
ad:ca:5d:4d:6d:0b:df:5c:e9:52:2c:37:b8:31:b6:
5a:ec:75:4a:14:d3:18:48:d3:c5:7e:51:46:19:79:
48:13:d0:4c:b7:24:de:ac:3d:ca:6c:cd:f2:6e:56:
34:4b:62:22:32:95:96:e1:45:7f:1d:23:6b:41:3a:
c9:30:34:a7:6a:8f:d3:43:dd:b4:4e:1f:06:d1:da:
ad:0a:6b:65:50:df:80:bd:53:4d:2f:c1:7b:8d:fc:
18:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:D2:2D:5F:95:04:97:96:36:E5:C9:AE:98:B6:64:E2:8B:01:3A:AA
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/L9ItX5UEl5Y25cmumLZk4osBOqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.143.0/24
104.238.21.0/24
104.238.23.0/24
216.173.108.0/24
Signature Algorithm: sha256WithRSAEncryption
26:00:1b:8a:4e:b9:87:d1:c6:f6:dd:8c:54:ca:20:23:61:6c:
e3:86:4a:10:42:60:c9:60:9a:bb:51:c3:7b:cf:25:2c:95:16:
40:d0:19:d1:74:77:99:cf:a7:eb:6a:6e:1a:ee:c6:a2:57:8e:
a4:70:67:00:4d:82:24:ce:b4:66:2f:1f:41:1f:d4:72:37:47:
11:bc:98:a8:c1:bf:bd:7e:b1:57:3f:de:9c:60:76:08:02:90:
81:60:15:0a:c8:99:0b:39:ca:a1:03:77:b9:e0:97:16:40:4a:
9e:07:31:f0:79:9e:54:6e:e4:0b:6e:35:bb:32:7a:16:19:d7:
1d:a8:1d:f8:4e:61:0e:84:e2:9d:85:22:6c:87:f4:8f:f3:94:
7d:8f:a5:73:93:9e:4b:65:31:27:93:49:e0:81:b6:31:59:fc:
22:1d:97:d3:e2:54:e6:59:fa:7f:fc:ca:a7:68:bb:3b:6e:88:
c1:cd:8e:71:8e:ad:38:c2:2d:9a:79:0e:7e:bf:98:3b:20:0a:
b1:d4:76:1d:28:16:77:c7:2e:d7:44:e3:26:e1:46:46:7a:83:
65:75:a1:c8:5e:52:e7:23:13:ce:f4:ee:e9:f9:85:18:8a:13:
df:02:f6:30:bb:18:4e:0b:c6:70:dd:2f:67:a8:99:f7:f1:cb:
a5:7d:00:1b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZdlqE2SC2PfSV8X3AlkWk59MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwNjEyMTk0MDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmQyMmQ1Zjk1MDQ5Nzk2MzZlNWM5YWU5OGI2NjRlMjhiMDEzYWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzQU1QxdCrs2PockbsN/zZQoFvA6
gVhc7rnsU2m1MEjJzyghAzZ6SQmVQH29DTcBmttbi5c+Hql4HHAMKFhUKybBc0Ai
nqMEfgd14s58WqgmvJKm7sylV8iYP7vLGLMiCWdTE3xoWYyswSxA0c6bvFDKpfTU
ZY/hvrhglmle0GxM+UnVxr1atBeWt+ecBpsrapLrYVwvBryAwtre6uteMtEwSUmt
yl1NbQvfXOlSLDe4MbZa7HVKFNMYSNPFflFGGXlIE9BMtyTerD3KbM3yblY0S2Ii
MpWW4UV/HSNrQTrJMDSnao/TQ920Th8G0dqtCmtlUN+AvVNNL8F7jfwYLwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFC/SLV+VBJeWNuXJrpi2ZOKLATqqMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvTDlJdFg1VUVsNVkyNWNtdW1MWms0b3NCT3FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALSuPAwQA
aO4VAwQAaO4XAwQA2K1sMA0GCSqGSIb3DQEBCwUAA4IBAQAmABuKTrmH0cb23YxU
yiAjYWzjhkoQQmDJYJq7UcN7zyUslRZA0BnRdHeZz6fram4a7saiV46kcGcATYIk
zrRmLx9BH9RyN0cRvJiowb+9frFXP96cYHYIApCBYBUKyJkLOcqhA3e54JcWQEqe
BzHweZ5UbuQLbjW7MnoWGdcdqB34TmEOhOKdhSJsh/SP85R9j6Vzk55LZTEnk0ng
gbYxWfwiHZfT4lTmWfp//MqnaLs7bojBzY5xjq04wi2aeQ5+v5g7IAqx1HYdKBZ3
xy7XROMm4UZGeoNldaHIXlLnIxPO9O7p+YUYihPfAvYwuxhOC8Zw3S9nqJn38cul
fQAb
-----END CERTIFICATE-----
Generated at Mon Jun 16 16:49:53 2025 by rpki-client