Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/y1QG8rNRxHH4G33_dAf5mFctTJc.roa
File: y1QG8rNRxHH4G33_dAf5mFctTJc.roa (raw, json)
Hash identifier: OIUUq3pDqUrl985i9SFZTK/n+FEDeMGsYB2+Lkw9VRM=
Subject key identifier: CB:54:06:F2:B3:51:C4:71:F8:1B:7D:FF:74:07:F9:98:57:2D:4C:97
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 01975DEFADAA595188E1B9CF9C3434534985
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/y1QG8rNRxHH4G33_dAf5mFctTJc.roa
Signing time: Wed 11 Jun 2025 07:41:17 +0000
ROA not before: Wed 11 Jun 2025 07:41:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
93.115.106.0/24 maxlen: 24
93.115.203.0/24 maxlen: 24
94.177.106.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
202.71.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 13:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5d:ef:ad:aa:59:51:88:e1:b9:cf:9c:34:34:53:49:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jun 11 07:41:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb5406f2b351c471f81b7dff7407f998572d4c97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:2c:7f:e0:1e:60:e7:61:c6:f0:b5:9e:60:c4:
40:8b:68:c4:64:be:19:27:76:91:32:5b:9c:0d:fe:
2d:a8:a9:b2:fc:ab:ee:6b:74:f7:59:d7:6d:56:38:
33:79:35:fb:73:73:47:97:62:3e:9e:0c:f6:c0:db:
79:50:d1:d2:d7:6d:d2:df:6d:11:15:3a:da:a6:cd:
6e:67:79:5d:70:e4:f8:34:99:62:df:7d:eb:78:5a:
5a:cd:9d:1c:04:90:01:ea:2f:cc:5e:c4:b9:20:52:
2d:05:b1:d6:79:85:34:d9:ec:22:53:6d:7f:9b:e8:
de:79:9e:61:b0:1b:5c:fd:fe:85:60:2a:60:96:2b:
d8:81:b9:b4:d3:11:7c:fc:7e:8f:dc:76:19:3e:5d:
4f:cb:b4:c0:1a:30:8f:e6:dd:84:f7:2c:32:69:27:
3b:fd:01:16:58:3b:57:8b:f1:23:10:f7:90:fa:d1:
ce:2e:e7:fd:40:0a:60:b0:08:7f:94:ab:44:86:ad:
d8:23:77:db:06:c1:4f:7b:b4:c8:84:00:7f:36:db:
ca:1e:d5:fc:ec:7a:68:96:b5:e6:99:f7:23:9b:55:
1a:5a:76:2b:71:9c:71:f9:ed:ea:50:f5:d9:67:2c:
15:7e:98:c8:e1:34:95:d9:07:60:2d:df:cf:72:99:
61:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:54:06:F2:B3:51:C4:71:F8:1B:7D:FF:74:07:F9:98:57:2D:4C:97
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/y1QG8rNRxHH4G33_dAf5mFctTJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
89.34.106.0/24
93.114.183.0/24
93.115.106.0/24
93.115.203.0/24
94.177.106.0/24
194.85.251.0/24
202.71.15.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:85:f9:4d:61:a4:64:70:ea:7d:0b:75:5d:c6:c2:15:32:41:
fc:4a:3e:6b:6a:e4:53:07:db:df:ac:70:52:c4:1c:38:4a:28:
2d:96:f4:c1:58:e6:d9:75:32:c1:bf:71:c2:dc:16:53:93:f5:
0b:f5:e0:83:ff:1b:8b:df:b7:8a:ee:a3:4b:26:a1:cf:f0:63:
8d:10:2f:a1:95:3f:91:55:b6:20:fe:ab:50:53:15:2c:1e:91:
44:4f:81:0e:17:30:8f:fa:48:1b:44:0d:c0:d4:15:4e:4b:af:
7b:b4:cf:b4:ad:68:aa:10:9d:20:ee:18:a2:81:6a:b1:65:85:
4c:00:9b:ab:3c:d0:bc:cf:fe:7b:0b:02:ba:81:c9:e7:5a:94:
19:e2:9e:52:c7:78:5b:cd:e6:ce:11:59:5a:5c:7d:c1:b5:38:
6e:e0:49:d6:b7:ff:8e:85:10:9a:f5:a1:23:c1:28:b4:8a:67:
21:8b:e7:be:0e:7e:59:8d:3d:66:1e:dc:97:4e:67:c1:12:2d:
64:91:56:3f:a9:74:17:b8:67:d3:f2:42:fd:62:63:28:08:27:
fc:20:be:65:de:d3:00:ca:75:d0:cd:34:61:22:7a:3b:bf:5d:
dd:cc:8e:73:40:1a:aa:20:78:02:94:b9:46:df:d2:6b:03:4d:
5f:60:cc:25
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZdd762qWVGI4bnPnDQ0U0mFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwNjExMDc0MTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjU0MDZmMmIzNTFjNDcxZjgxYjdkZmY3NDA3Zjk5ODU3MmQ0Yzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSx/4B5g52HG8LWeYMRAi2jEZL4Z
J3aRMlucDf4tqKmy/Kvua3T3WddtVjgzeTX7c3NHl2I+ngz2wNt5UNHS123S320R
FTraps1uZ3ldcOT4NJli333reFpazZ0cBJAB6i/MXsS5IFItBbHWeYU02ewiU21/
m+jeeZ5hsBtc/f6FYCpglivYgbm00xF8/H6P3HYZPl1Py7TAGjCP5t2E9ywyaSc7
/QEWWDtXi/EjEPeQ+tHOLuf9QApgsAh/lKtEhq3YI3fbBsFPe7TIhAB/NtvKHtX8
7HpolrXmmfcjm1UaWnYrcZxx+e3qUPXZZywVfpjI4TSV2QdgLd/Pcplh8QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFMtUBvKzUcRx+Bt9/3QH+ZhXLUyXMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEveTFRRzhyTlJ4SEg0RzMzX2RBZjVtRmN0VEpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBLYe2AwQA
WSJqAwQAXXK3AwQAXXNqAwQAXXPLAwQAXrFqAwQAwlX7AwQAykcPMA0GCSqGSIb3
DQEBCwUAA4IBAQBqhflNYaRkcOp9C3VdxsIVMkH8Sj5rauRTB9vfrHBSxBw4Sigt
lvTBWObZdTLBv3HC3BZTk/UL9eCD/xuL37eK7qNLJqHP8GONEC+hlT+RVbYg/qtQ
UxUsHpFET4EOFzCP+kgbRA3A1BVOS697tM+0rWiqEJ0g7hiigWqxZYVMAJurPNC8
z/57CwK6gcnnWpQZ4p5Sx3hbzebOEVlaXH3BtThu4EnWt/+OhRCa9aEjwSi0imch
i+e+Dn5ZjT1mHtyXTmfBEi1kkVY/qXQXuGfT8kL9YmMoCCf8IL5l3tMAynXQzTRh
Ino7v13dzI5zQBqqIHgClLlG39JrA01fYMwl
-----END CERTIFICATE-----
Generated at Sun Jun 15 23:12:17 2025 by rpki-client