Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/al8xo4H-n3X2NgXadSDPRguk1cM.roa
File: al8xo4H-n3X2NgXadSDPRguk1cM.roa (raw, json)
Hash identifier: dBz7KEP3cmoul/TCuitIdp3hKFZPRg9ZXbUh+BIvrmA=
Subject key identifier: 6A:5F:31:A3:81:FE:9F:75:F6:36:05:DA:75:20:CF:46:0B:A4:D5:C3
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 01968B97E8CCF31452B262FA1B1F9A0FD9EB
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/al8xo4H-n3X2NgXadSDPRguk1cM.roa
Signing time: Thu 01 May 2025 11:25:10 +0000
ROA not before: Thu 01 May 2025 11:25:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34665
IP address blocks: 45.137.52.0/24 maxlen: 24
45.137.55.0/24 maxlen: 24
45.137.191.0/24 maxlen: 24
45.139.28.0/24 maxlen: 24
45.139.31.0/24 maxlen: 24
45.140.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 03 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8b:97:e8:cc:f3:14:52:b2:62:fa:1b:1f:9a:0f:d9:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: May 1 11:25:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a5f31a381fe9f75f63605da7520cf460ba4d5c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:72:f1:f7:21:14:86:e7:f9:c4:1b:8e:0f:05:
e5:7a:8f:e5:78:3e:38:de:b1:c3:24:10:1c:c1:1e:
f7:10:d1:25:fb:17:ca:fd:d5:76:1f:10:c5:88:74:
d7:34:52:3e:03:3a:a6:1e:e6:f5:f4:c3:47:90:05:
fb:c6:33:aa:6b:42:8d:3e:bb:d4:5c:cb:e3:9e:b0:
6d:cf:7b:de:50:d6:16:29:7d:c3:c5:c5:d8:25:97:
bd:01:ad:63:96:df:18:27:e5:31:d8:89:cd:ff:86:
0a:97:14:ed:aa:3c:33:8b:58:89:8f:08:ca:e2:d5:
5b:af:bc:44:ff:45:b7:58:54:8a:c1:bd:ce:90:80:
c6:21:3d:c4:7d:b9:f6:b1:2c:b5:c3:82:97:30:9e:
24:f3:4b:cb:4a:89:b3:9a:aa:2d:d3:0a:4b:b4:d2:
34:2b:16:0a:ec:e8:0d:72:11:7c:2d:c5:6a:be:f1:
88:85:8a:27:f8:f5:55:24:47:cf:de:17:6a:5b:a0:
4c:d6:b1:99:1a:78:a9:af:89:63:1b:9d:32:16:47:
9e:6d:4b:f5:3e:5a:58:c8:8e:e6:3c:6c:2c:f9:98:
70:f3:c1:2a:ba:1f:08:d2:81:17:5f:7e:36:3c:f3:
e8:65:a8:a2:27:8e:d0:a7:12:14:7e:6b:45:53:7c:
b8:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:5F:31:A3:81:FE:9F:75:F6:36:05:DA:75:20:CF:46:0B:A4:D5:C3
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/al8xo4H-n3X2NgXadSDPRguk1cM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.52.0/24
45.137.55.0/24
45.137.191.0/24
45.139.28.0/24
45.139.31.0/24
45.140.171.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:b1:21:99:d0:ef:18:b0:35:ff:df:ff:f0:5f:c1:e9:2a:b7:
0f:79:e0:a8:7c:2c:02:2a:21:75:de:d5:e9:08:06:c9:c6:47:
5e:9e:45:f9:b7:90:90:74:38:75:69:87:35:7d:e2:a9:65:ae:
15:c2:58:13:8e:c6:69:0d:67:1f:7e:b7:83:2a:c9:b7:e8:c9:
f7:a5:00:17:25:4d:fd:4d:e0:b7:75:d0:de:92:0a:30:19:28:
8f:65:7c:84:01:c9:29:bf:12:06:44:f9:61:c0:7e:4f:44:9c:
b6:a1:ff:e3:2f:f5:ce:13:db:36:35:62:82:48:a6:30:84:c9:
e9:64:bc:a7:6b:5c:ef:a8:76:35:fd:1c:83:ef:b7:03:af:84:
23:f8:bb:91:5a:ef:e8:b4:b4:cc:67:67:eb:68:9f:9d:ba:4c:
72:03:e6:90:2c:c4:c7:17:31:e8:27:31:39:67:ef:10:d0:7c:
a1:5a:73:45:e8:44:e9:f3:4f:9d:36:39:77:8e:19:93:06:56:
ef:98:d3:21:9a:5b:c4:b9:80:8b:bb:82:a0:2a:be:99:bc:10:
c5:fb:ea:56:74:a2:41:45:83:8b:88:ab:fa:95:54:4b:fa:c1:
0b:fe:b6:e4:a8:65:17:ad:63:b3:56:1b:0d:15:a1:f9:bf:77:
90:30:0f:85
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZaLl+jM8xRSsmL6Gx+aD9nrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjUwNTAxMTEyNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTVmMzFhMzgxZmU5Zjc1ZjYzNjA1ZGE3NTIwY2Y0NjBiYTRkNWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnLx9yEUhuf5xBuODwXleo/leD44
3rHDJBAcwR73ENEl+xfK/dV2HxDFiHTXNFI+AzqmHub19MNHkAX7xjOqa0KNPrvU
XMvjnrBtz3veUNYWKX3DxcXYJZe9Aa1jlt8YJ+Ux2InN/4YKlxTtqjwzi1iJjwjK
4tVbr7xE/0W3WFSKwb3OkIDGIT3Efbn2sSy1w4KXMJ4k80vLSomzmqot0wpLtNI0
KxYK7OgNchF8LcVqvvGIhYon+PVVJEfP3hdqW6BM1rGZGnipr4ljG50yFkeebUv1
PlpYyI7mPGws+Zhw88Equh8I0oEXX342PPPoZaiiJ47QpxIUfmtFU3y44QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGpfMaOB/p919jYF2nUgz0YLpNXDMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvYWw4eG80SC1uM1gyTmdYYWRTRFBSZ3VrMWNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALYk0AwQA
LYk3AwQALYm/AwQALYscAwQALYsfAwQALYyrMA0GCSqGSIb3DQEBCwUAA4IBAQBs
sSGZ0O8YsDX/3//wX8HpKrcPeeCofCwCKiF13tXpCAbJxkdenkX5t5CQdDh1aYc1
feKpZa4VwlgTjsZpDWcffreDKsm36Mn3pQAXJU39TeC3ddDekgowGSiPZXyEAckp
vxIGRPlhwH5PRJy2of/jL/XOE9s2NWKCSKYwhMnpZLyna1zvqHY1/RyD77cDr4Qj
+LuRWu/otLTMZ2fraJ+dukxyA+aQLMTHFzHoJzE5Z+8Q0HyhWnNF6ETp80+dNjl3
jhmTBlbvmNMhmlvEuYCLu4KgKr6ZvBDF++pWdKJBRYOLiKv6lVRL+sEL/rbkqGUX
rWOzVhsNFaH5v3eQMA+F
-----END CERTIFICATE-----
Generated at Fri May 2 12:11:07 2025 by rpki-client