Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/ORNMojAtbSSAjNR1l3RG9S5bUiI.roa
File: ORNMojAtbSSAjNR1l3RG9S5bUiI.roa (raw, json)
Hash identifier: d+acqwqasIRUArYwjVRu4nVRUuYgDK2GqeAXFWewnM4=
Subject key identifier: 39:13:4C:A2:30:2D:6D:24:80:8C:D4:75:97:74:46:F5:2E:5B:52:22
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019763670AF4734B2C94245AFCCE90CCA2FB
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/ORNMojAtbSSAjNR1l3RG9S5bUiI.roa
Signing time: Thu 12 Jun 2025 09:09:46 +0000
ROA not before: Thu 12 Jun 2025 09:09:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35196
IP address blocks: 45.9.73.179/32 maxlen: 32
45.9.73.184/32 maxlen: 32
45.9.73.236/32 maxlen: 32
45.89.65.0/24 maxlen: 24
45.89.66.0/24 maxlen: 24
45.89.67.0/24 maxlen: 24
45.128.176.0/24 maxlen: 24
45.128.177.0/24 maxlen: 24
45.128.178.0/24 maxlen: 24
45.128.179.0/24 maxlen: 24
91.217.80.0/24 maxlen: 24
94.142.136.0/21 maxlen: 21
94.142.136.67/32 maxlen: 32
94.142.139.0/24 maxlen: 24
185.5.248.0/22 maxlen: 22
185.5.248.0/23 maxlen: 23
185.5.250.0/23 maxlen: 23
185.5.250.0/24 maxlen: 24
185.58.204.0/22 maxlen: 22
185.105.116.0/24 maxlen: 24
185.105.117.0/24 maxlen: 24
185.125.216.0/22 maxlen: 22
185.125.218.0/23 maxlen: 23
185.125.229.0/24 maxlen: 24
185.125.231.0/24 maxlen: 24
194.67.192.0/19 maxlen: 19
194.67.194.0/23 maxlen: 23
194.67.196.0/22 maxlen: 22
194.67.200.0/21 maxlen: 21
194.67.202.0/24 maxlen: 24
194.67.203.0/24 maxlen: 24
194.67.204.0/22 maxlen: 22
194.67.208.0/20 maxlen: 20
195.47.250.0/24 maxlen: 24
2a09:5302:ffff::/48 maxlen: 48
2a0a:9300:1000::/48 maxlen: 48
2a0a:9301::/48 maxlen: 48
2a0a:9301:1::/48 maxlen: 48
2a0a:9301:2::/48 maxlen: 48
2a0a:9302::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:63:67:0a:f4:73:4b:2c:94:24:5a:fc:ce:90:cc:a2:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jun 12 09:09:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=39134ca2302d6d24808cd475977446f52e5b5222
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:09:f3:4f:78:d3:98:50:5d:f5:e1:d4:2c:90:
9a:7c:e1:16:15:58:f9:ee:24:20:72:67:06:d1:9c:
bd:78:d8:18:5a:6f:8e:dd:fd:b7:b9:67:f2:8a:be:
8c:9a:2b:f7:c8:a2:a0:e5:b4:9c:87:6f:26:b1:82:
d6:8a:93:ba:31:e3:86:6d:af:0e:5e:fa:e4:ef:b2:
be:6e:fe:11:36:95:31:33:46:a7:29:32:38:9e:b2:
29:9a:e6:44:a2:7e:4e:84:a4:32:5f:c8:7d:f6:74:
72:da:fc:9f:8b:8e:48:d6:c5:d2:2e:e5:e7:0e:eb:
a1:bd:dd:d8:06:36:1b:12:9b:ee:22:37:8d:f1:00:
90:d6:03:0f:ff:e6:85:4f:2a:3a:78:88:a0:f2:cf:
53:47:40:9e:6c:7b:33:1a:98:43:60:09:5e:09:78:
c7:c3:79:75:90:42:0f:2d:89:d9:9e:4e:6c:e5:00:
07:3e:0f:be:41:ae:7e:2e:74:3e:37:2b:a8:3e:76:
ad:c1:e8:ca:3f:cc:91:b5:9b:24:6e:96:1f:c1:fb:
f7:f7:18:00:b2:06:42:24:92:0d:0d:98:3d:bf:ed:
33:ba:6f:93:eb:c5:88:97:88:67:19:37:8b:d8:e9:
90:04:d5:26:5a:c9:e2:52:f3:cc:b4:24:00:1e:5a:
66:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:13:4C:A2:30:2D:6D:24:80:8C:D4:75:97:74:46:F5:2E:5B:52:22
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/ORNMojAtbSSAjNR1l3RG9S5bUiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.73.179/32
45.9.73.184/32
45.9.73.236/32
45.89.65.0-45.89.67.255
45.128.176.0/22
91.217.80.0/24
94.142.136.0/21
185.5.248.0/22
185.58.204.0/22
185.105.116.0/23
185.125.216.0/22
185.125.229.0/24
185.125.231.0/24
194.67.192.0/19
195.47.250.0/24
IPv6:
2a09:5302:ffff::/48
2a0a:9300:1000::/48
2a0a:9301::-2a0a:9301:2:ffff:ffff:ffff:ffff:ffff
2a0a:9302::/32
Signature Algorithm: sha256WithRSAEncryption
97:88:05:b5:5e:5e:82:c2:b6:9d:ea:ab:4a:77:d8:de:d2:fb:
07:76:63:cf:8c:c6:fd:ef:8c:72:9f:92:c3:1b:a5:27:e6:a6:
9f:70:3a:c6:4c:24:0d:0f:29:c4:b5:15:a2:1e:9c:84:81:37:
10:ee:92:a1:7f:c8:9d:64:f3:ea:74:e4:85:b5:fb:d0:f9:7b:
8d:10:cd:10:a4:4d:18:05:31:e8:04:d5:60:db:e4:19:f4:b1:
6f:a0:d7:36:fc:fd:a6:1c:98:98:71:c4:b4:00:29:4b:d3:62:
63:c0:07:e6:e8:5a:e9:50:3b:b9:a2:1d:27:b5:73:07:d3:ec:
f7:1d:23:66:9a:47:99:21:79:be:cc:b9:7b:47:9a:fc:cb:5d:
cf:6c:f4:71:ea:72:b2:84:00:42:ae:99:14:43:20:d0:96:d4:
f6:df:7b:3a:b3:bd:f7:fc:b9:1c:ed:a8:21:78:51:91:a2:00:
c6:f2:43:6f:7c:61:21:17:54:57:ad:43:84:43:95:e2:64:5b:
e4:9c:ca:f4:a4:c8:9b:3a:f5:e1:05:29:e2:e9:c8:71:c1:f3:
4d:7c:bb:5f:51:b1:8a:8d:bc:28:6f:7c:eb:d9:95:f3:0a:c9:
64:5e:e3:31:5b:23:b4:e7:f1:21:76:bf:ec:e3:5a:46:1d:da:
3e:5a:b8:9b
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAZdjZwr0c0sslCRa/M6QzKL7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwNjEyMDkwOTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTEzNGNhMjMwMmQ2ZDI0ODA4Y2Q0NzU5Nzc0NDZmNTJlNWI1MjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQnzT3jTmFBd9eHULJCafOEWFVj5
7iQgcmcG0Zy9eNgYWm+O3f23uWfyir6Mmiv3yKKg5bSch28msYLWipO6MeOGba8O
Xvrk77K+bv4RNpUxM0anKTI4nrIpmuZEon5OhKQyX8h99nRy2vyfi45I1sXSLuXn
Duuhvd3YBjYbEpvuIjeN8QCQ1gMP/+aFTyo6eIig8s9TR0CebHszGphDYAleCXjH
w3l1kEIPLYnZnk5s5QAHPg++Qa5+LnQ+NyuoPnatwejKP8yRtZskbpYfwfv39xgA
sgZCJJINDZg9v+0zum+T68WIl4hnGTeL2OmQBNUmWsniUvPMtCQAHlpmuQIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFDkTTKIwLW0kgIzUdZd0RvUuW1IiMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvT1JOTW9qQXRiU1NBak5SMWwzUkc5UzViVWlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDBrBAIAATBlAwUALQlJ
swMFAC0JSbgDBQAtCUnsMAwDBAAtWUEDBAItWUADBAItgLADBABb2VADBANejogD
BAK5BfgDBAK5OswDBAG5aXQDBAK5fdgDBAC5feUDBAC5fecDBAXCQ8ADBADDL/ow
MQQCAAIwKwMHACoJUwL//wMHACoKkwAQADAQAwUAKgqTAQMHACoKkwEAAgMFACoK
kwIwDQYJKoZIhvcNAQELBQADggEBAJeIBbVeXoLCtp3qq0p32N7S+wd2Y8+Mxv3v
jHKfksMbpSfmpp9wOsZMJA0PKcS1FaIenISBNxDukqF/yJ1k8+p05IW1+9D5e40Q
zRCkTRgFMegE1WDb5Bn0sW+g1zb8/aYcmJhxxLQAKUvTYmPAB+boWulQO7miHSe1
cwfT7PcdI2aaR5kheb7MuXtHmvzLXc9s9HHqcrKEAEKumRRDINCW1Pbfezqzvff8
uRztqCF4UZGiAMbyQ298YSEXVFetQ4RDleJkW+ScyvSkyJs69eEFKeLpyHHB8018
u19RsYqNvChvfOvZlfMKyWRe4zFbI7Tn8SF2v+zjWkYd2j5auJs=
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:11:29 2025 by rpki-client