Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/M3fOEClsXKvLtAnTcn5Su0j9iMg.roa
File: M3fOEClsXKvLtAnTcn5Su0j9iMg.roa (raw, json)
Hash identifier: E6qGvNO+V5ltNH3cwyFEtJdp+n857np9BM5la+TV5nM=
Subject key identifier: 33:77:CE:10:29:6C:5C:AB:CB:B4:09:D3:72:7E:52:BB:48:FD:88:C8
Certificate issuer: /CN=72769d6e4a0fc2c98013b722eb2beb9e6e871fc6
Certificate serial: 0197A6CECDA98158D9B6C74DAF02A6C9201F
Authority key identifier: 72:76:9D:6E:4A:0F:C2:C9:80:13:B7:22:EB:2B:EB:9E:6E:87:1F:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cnadbkoPwsmAE7ci6yvrnm6HH8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/M3fOEClsXKvLtAnTcn5Su0j9iMg.roa
Signing time: Wed 25 Jun 2025 11:17:40 +0000
ROA not before: Wed 25 Jun 2025 11:17:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48448
IP address blocks: 45.85.73.0/24 maxlen: 24
87.236.32.0/24 maxlen: 24
95.175.141.0/24 maxlen: 24
202.14.113.0/24 maxlen: 24
203.33.38.0/24 maxlen: 24
2a0e:bb81::/48 maxlen: 48
2a0e:bb81:a1::/48 maxlen: 48
2a0e:bb81:a2::/48 maxlen: 48
2a0e:bb81:b1::/48 maxlen: 48
2a0e:bb81:b2::/48 maxlen: 48
2a0e:bb81:1000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/cnadbkoPwsmAE7ci6yvrnm6HH8Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/cnadbkoPwsmAE7ci6yvrnm6HH8Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/cnadbkoPwsmAE7ci6yvrnm6HH8Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 11:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a6:ce:cd:a9:81:58:d9:b6:c7:4d:af:02:a6:c9:20:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72769d6e4a0fc2c98013b722eb2beb9e6e871fc6
Validity
Not Before: Jun 25 11:17:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3377ce10296c5cabcbb409d3727e52bb48fd88c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6c:15:3a:83:5a:f0:65:c6:aa:0a:db:51:e8:
ad:1e:3e:db:12:60:9b:36:af:06:2f:4c:7c:35:da:
65:76:3b:cb:2f:0f:8b:76:71:14:2f:a0:3a:d5:14:
b3:2e:1d:99:f2:02:2f:40:1f:c4:58:29:7c:07:66:
65:ea:1f:4f:79:c0:7b:03:dc:c1:24:de:ab:1c:23:
0e:14:6c:4a:a5:ca:50:50:65:ef:da:ef:c6:bb:36:
79:0d:ff:50:4c:7a:46:06:df:92:7c:3c:2e:2e:a4:
fc:e5:fe:bd:1b:4a:bf:94:eb:95:3a:8d:00:4f:9b:
0f:bc:cd:d3:d3:b1:dd:c8:25:d9:8d:9d:28:6e:07:
76:07:9f:eb:03:b3:d4:cd:43:e3:61:7f:0a:95:f4:
92:73:ed:99:7c:c3:31:11:41:b4:3e:45:7c:16:3c:
0d:d2:24:81:50:c2:e9:95:7b:47:e2:52:9d:0e:7d:
b0:44:c9:62:b1:b5:d5:b7:82:8f:fd:0f:33:59:c7:
58:5a:fe:b9:c4:73:b8:6e:46:55:5c:50:71:93:a6:
21:0c:0f:ae:05:58:a6:b6:3b:02:d9:f6:7f:e8:54:
28:7d:b9:f4:92:0a:eb:27:08:20:89:d1:f8:b8:fd:
a7:c1:af:a8:1e:de:f7:3a:1d:66:59:17:9e:e8:dc:
1b:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:77:CE:10:29:6C:5C:AB:CB:B4:09:D3:72:7E:52:BB:48:FD:88:C8
X509v3 Authority Key Identifier:
keyid:72:76:9D:6E:4A:0F:C2:C9:80:13:B7:22:EB:2B:EB:9E:6E:87:1F:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cnadbkoPwsmAE7ci6yvrnm6HH8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/M3fOEClsXKvLtAnTcn5Su0j9iMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c67522-71c5-4061-a18b-6933a90c53fa/1/cnadbkoPwsmAE7ci6yvrnm6HH8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.73.0/24
87.236.32.0/24
95.175.141.0/24
202.14.113.0/24
203.33.38.0/24
IPv6:
2a0e:bb81::/48
2a0e:bb81:a1::-2a0e:bb81:a2:ffff:ffff:ffff:ffff:ffff
2a0e:bb81:b1::-2a0e:bb81:b2:ffff:ffff:ffff:ffff:ffff
2a0e:bb81:1000::/48
Signature Algorithm: sha256WithRSAEncryption
94:97:dc:36:dd:e2:82:3d:05:08:06:80:1b:30:bb:d1:88:ab:
c3:df:5f:b7:9f:be:28:27:2a:24:f0:73:ba:95:b0:e0:ac:dd:
2c:33:c3:69:c5:33:d1:2f:c5:8c:b1:98:2a:d5:d0:f2:e5:98:
56:cc:6e:9c:c9:c0:a1:ba:01:c2:c8:13:35:2a:ae:fc:4a:b4:
bb:4b:ba:31:78:63:76:6a:02:2d:e4:e4:38:0f:b2:83:87:8f:
e3:44:27:67:f5:2c:4c:19:eb:56:e7:dc:99:70:ef:0a:05:f7:
d3:11:a2:1d:aa:42:0c:38:2c:8c:76:21:cd:48:76:1e:9c:db:
b7:eb:74:5a:c7:37:84:85:9b:fe:de:8f:c3:1f:10:2b:94:7c:
26:92:7b:cc:05:f9:9a:12:f1:18:f0:64:89:92:91:ab:8b:6c:
42:07:a9:4c:0b:13:25:20:16:83:45:75:0b:c8:70:1e:68:aa:
68:22:51:5f:4c:54:19:b0:87:ae:cd:bb:b1:31:25:f5:2f:a7:
ea:66:02:8d:a8:d9:8d:04:90:26:c7:3b:0e:00:f6:14:a1:dc:
53:a1:7c:aa:fc:72:a9:45:f0:e8:6a:cf:46:cc:34:73:0b:0f:
b0:fb:be:a0:a1:2b:eb:b7:cd:34:79:10:d5:52:3a:2a:77:17:
c4:3a:00:2e
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZemzs2pgVjZtsdNrwKmySAfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNzY5ZDZlNGEwZmMyYzk4MDEzYjcyMmViMmJlYjllNmU4
NzFmYzYwHhcNMjUwNjI1MTExNzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzc3Y2UxMDI5NmM1Y2FiY2JiNDA5ZDM3MjdlNTJiYjQ4ZmQ4OGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGwVOoNa8GXGqgrbUeitHj7bEmCb
Nq8GL0x8NdpldjvLLw+LdnEUL6A61RSzLh2Z8gIvQB/EWCl8B2Zl6h9PecB7A9zB
JN6rHCMOFGxKpcpQUGXv2u/GuzZ5Df9QTHpGBt+SfDwuLqT85f69G0q/lOuVOo0A
T5sPvM3T07HdyCXZjZ0obgd2B5/rA7PUzUPjYX8KlfSSc+2ZfMMxEUG0PkV8FjwN
0iSBUMLplXtH4lKdDn2wRMlisbXVt4KP/Q8zWcdYWv65xHO4bkZVXFBxk6YhDA+u
BVimtjsC2fZ/6FQofbn0kgrrJwggidH4uP2nwa+oHt73Oh1mWRee6NwbeQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFDN3zhApbFyry7QJ03J+UrtI/YjIMB8GA1UdIwQY
MBaAFHJ2nW5KD8LJgBO3Iusr655uhx/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY25hZGJrb1B3c21BRTdjaTZ5dnJubTZISDhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9jNjc1MjItNzFjNS00MDYxLWExOGIt
NjkzM2E5MGM1M2ZhLzEvTTNmT0VDbHNYS3ZMdEFuVGNuNVN1MGo5aU1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9jNjc1MjItNzFjNS00MDYxLWExOGItNjkzM2E5MGM1M2Zh
LzEvY25hZGJrb1B3c21BRTdjaTZ5dnJubTZISDhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDAkBAIAATAeAwQALVVJAwQA
V+wgAwQAX6+NAwQAyg5xAwQAyyEmMEAEAgACMDoDBwAqDruBAAAwEgMHACoOu4EA
oQMHACoOu4EAojASAwcAKg67gQCxAwcAKg67gQCyAwcAKg67gRAAMA0GCSqGSIb3
DQEBCwUAA4IBAQCUl9w23eKCPQUIBoAbMLvRiKvD31+3n74oJyok8HO6lbDgrN0s
M8NpxTPRL8WMsZgq1dDy5ZhWzG6cycChugHCyBM1Kq78SrS7S7oxeGN2agIt5OQ4
D7KDh4/jRCdn9SxMGetW59yZcO8KBffTEaIdqkIMOCyMdiHNSHYenNu363RaxzeE
hZv+3o/DHxArlHwmknvMBfmaEvEY8GSJkpGri2xCB6lMCxMlIBaDRXULyHAeaKpo
IlFfTFQZsIeuzbuxMSX1L6fqZgKNqNmNBJAmxzsOAPYUodxToXyq/HKpRfDoas9G
zDRzCw+w+76goSvrt800eRDVUjoqdxfEOgAu
-----END CERTIFICATE-----
Generated at Fri Aug 8 20:57:26 2025 by rpki-client