Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/me0IlF1Vv8ZuvvY3_zF9jT3aec8.roa
File: me0IlF1Vv8ZuvvY3_zF9jT3aec8.roa (raw, json)
Hash identifier: M4ANsc8t8Xkjkjpt4zpjAfAVrNyUvcm5OJe+KEOdlJs=
Subject key identifier: 99:ED:08:94:5D:55:BF:C6:6E:BE:F6:37:FF:31:7D:8D:3D:DA:79:CF
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 019662AD5CE5CC7BEC7ADBFFDE718F1743C5
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/me0IlF1Vv8ZuvvY3_zF9jT3aec8.roa
Signing time: Wed 23 Apr 2025 12:44:10 +0000
ROA not before: Wed 23 Apr 2025 12:44:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 142299
IP address blocks: 45.141.26.0/23 maxlen: 24
89.38.101.0/24 maxlen: 24
185.241.210.0/24 maxlen: 24
188.212.158.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:62:ad:5c:e5:cc:7b:ec:7a:db:ff:de:71:8f:17:43:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 23 12:44:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=99ed08945d55bfc66ebef637ff317d8d3dda79cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:66:38:57:74:93:15:69:ae:aa:d6:f7:22:e6:
24:a5:d8:69:87:b3:ea:fd:44:ed:a6:45:96:1f:69:
23:10:e7:de:21:f4:42:fe:6c:fe:c9:15:89:17:d7:
67:e7:5b:6a:10:1a:04:07:e1:81:e8:d7:45:33:53:
a1:35:26:7d:af:c4:c2:58:1b:d8:66:45:f5:5b:66:
aa:16:6f:3d:5c:83:16:94:eb:1c:82:86:56:33:cc:
07:24:47:92:7e:62:ca:ae:71:d7:d1:62:b9:9a:87:
99:4a:ff:19:65:b7:22:2d:25:d8:ee:2d:44:77:58:
2b:95:73:f0:99:08:fb:24:d4:f8:9f:1b:08:9d:d0:
a0:ea:5a:90:29:29:a4:e1:9d:43:74:00:6e:80:0f:
58:61:83:bd:e1:31:41:b2:e8:42:6b:63:27:eb:78:
45:df:0e:ba:38:2b:e3:51:9f:bb:53:1b:8e:76:a7:
b0:71:e3:20:32:5f:2d:4c:d4:4b:b2:f2:dc:8a:c2:
a5:cb:1d:a7:1c:ca:20:f7:1d:13:54:96:ee:67:53:
fe:c5:52:0d:9a:0c:0e:a3:0d:67:3c:08:31:a6:d3:
b8:2a:4b:26:53:2e:5c:25:ee:84:dd:29:d6:71:9c:
9a:cb:4f:3e:88:29:03:99:16:af:8f:69:3c:d8:3f:
88:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:ED:08:94:5D:55:BF:C6:6E:BE:F6:37:FF:31:7D:8D:3D:DA:79:CF
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/me0IlF1Vv8ZuvvY3_zF9jT3aec8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.26.0/23
89.38.101.0/24
185.241.210.0/24
188.212.158.0/23
Signature Algorithm: sha256WithRSAEncryption
05:c1:30:2e:8f:dc:11:8c:9d:51:a7:0b:88:8d:72:08:a9:05:
d8:ea:79:34:04:52:b1:38:ff:05:1d:1f:34:a9:c2:a9:6a:89:
f3:cc:3b:23:3f:28:99:4e:3a:26:3c:59:10:39:86:91:d0:97:
d6:88:c5:aa:70:92:63:0a:db:c5:cc:55:ad:ee:85:26:97:bf:
4f:52:40:89:ce:eb:db:20:6a:80:57:aa:79:02:c9:4c:c0:77:
4c:a8:4a:9e:d6:28:1d:66:a7:d4:6e:33:6f:71:fd:8d:90:0f:
39:1a:78:37:09:ec:dd:3c:71:f6:b2:21:66:4d:4e:17:64:5c:
c0:d1:62:24:26:fa:64:5d:75:3a:69:ee:a4:a1:19:b9:40:c4:
92:e2:67:8a:df:38:7f:07:7e:12:99:35:04:8b:e0:b1:86:15:
b0:21:bf:03:5a:b9:9f:d0:ac:5b:fd:92:33:e8:d0:df:27:8a:
2d:dd:f6:44:a1:ca:9d:93:dc:07:9b:52:90:cf:c8:dc:d1:62:
37:48:dd:0e:f9:d4:d1:7f:bb:fc:ba:04:82:9e:53:9a:d6:b8:
08:22:ef:ed:43:2e:60:1d:78:47:00:3c:12:fc:e7:af:0e:04:
8e:8e:d6:89:6e:a8:07:84:ac:92:33:7a:c6:bd:9b:85:ba:c1:
f0:b3:3d:45
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZZirVzlzHvsetv/3nGPF0PFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjUwNDIzMTI0NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWVkMDg5NDVkNTViZmM2NmViZWY2MzdmZjMxN2Q4ZDNkZGE3OWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGY4V3STFWmuqtb3IuYkpdhph7Pq
/UTtpkWWH2kjEOfeIfRC/mz+yRWJF9dn51tqEBoEB+GB6NdFM1OhNSZ9r8TCWBvY
ZkX1W2aqFm89XIMWlOscgoZWM8wHJEeSfmLKrnHX0WK5moeZSv8ZZbciLSXY7i1E
d1grlXPwmQj7JNT4nxsIndCg6lqQKSmk4Z1DdABugA9YYYO94TFBsuhCa2Mn63hF
3w66OCvjUZ+7UxuOdqewceMgMl8tTNRLsvLcisKlyx2nHMog9x0TVJbuZ1P+xVIN
mgwOow1nPAgxptO4KksmUy5cJe6E3SnWcZyay08+iCkDmRavj2k82D+IAQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJntCJRdVb/Gbr72N/8xfY092nnPMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbWUwSWxGMVZ2OFp1dnZZM196RjlqVDNhZWM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLY0aAwQA
WSZlAwQAufHSAwQBvNSeMA0GCSqGSIb3DQEBCwUAA4IBAQAFwTAuj9wRjJ1RpwuI
jXIIqQXY6nk0BFKxOP8FHR80qcKpaonzzDsjPyiZTjomPFkQOYaR0JfWiMWqcJJj
CtvFzFWt7oUml79PUkCJzuvbIGqAV6p5AslMwHdMqEqe1igdZqfUbjNvcf2NkA85
Gng3CezdPHH2siFmTU4XZFzA0WIkJvpkXXU6ae6koRm5QMSS4meK3zh/B34SmTUE
i+CxhhWwIb8DWrmf0Kxb/ZIz6NDfJ4ot3fZEocqdk9wHm1KQz8jc0WI3SN0O+dTR
f7v8ugSCnlOa1rgIIu/tQy5gHXhHADwS/OevDgSOjtaJbqgHhKySM3rGvZuFusHw
sz1F
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:59:21 2025 by rpki-client