Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/W9nb9WHmnYgntyo4011TLpmF5ek.roa
File: W9nb9WHmnYgntyo4011TLpmF5ek.roa (raw, json)
Hash identifier: bMFKKHrvXLldzj/TinGEv3lEPJh1AEQoI2NOLZ8knZY=
Subject key identifier: 5B:D9:DB:F5:61:E6:9D:88:27:B7:2A:38:D3:5D:53:2E:99:85:E5:E9
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019744EEC308F947B72F8A9D15F1D2BC9066
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/W9nb9WHmnYgntyo4011TLpmF5ek.roa
Signing time: Fri 06 Jun 2025 11:09:47 +0000
ROA not before: Fri 06 Jun 2025 11:09:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200740
IP address blocks: 45.9.72.0/24 maxlen: 24
45.138.73.0/24 maxlen: 24
46.17.105.0/24 maxlen: 24
80.76.32.0/23 maxlen: 23
80.76.34.0/23 maxlen: 23
91.217.76.0/24 maxlen: 24
92.118.8.0/23 maxlen: 23
94.142.136.0/23 maxlen: 23
94.142.136.0/24 maxlen: 24
94.142.137.0/24 maxlen: 24
95.214.9.0/24 maxlen: 24
95.214.10.0/23 maxlen: 23
95.214.10.0/24 maxlen: 24
95.214.11.0/24 maxlen: 24
185.40.7.0/24 maxlen: 24
185.58.204.0/24 maxlen: 24
185.94.164.0/23 maxlen: 23
185.94.164.0/24 maxlen: 24
185.94.165.0/24 maxlen: 24
185.102.136.0/24 maxlen: 24
185.114.72.0/23 maxlen: 23
185.114.72.0/24 maxlen: 24
185.114.73.0/24 maxlen: 24
185.117.116.0/24 maxlen: 24
185.117.119.0/24 maxlen: 24
185.200.190.0/24 maxlen: 24
185.232.170.0/23 maxlen: 23
185.233.80.0/23 maxlen: 23
185.233.82.0/24 maxlen: 24
185.233.202.0/23 maxlen: 23
185.252.144.0/24 maxlen: 24
193.124.182.0/24 maxlen: 24
193.124.183.0/24 maxlen: 24
193.124.188.0/23 maxlen: 23
193.124.190.0/24 maxlen: 24
193.239.160.0/23 maxlen: 23
193.239.166.0/23 maxlen: 23
194.36.178.0/23 maxlen: 23
2a04:5200:68::/48 maxlen: 48
2a04:5201:2::/48 maxlen: 48
2a04:5201:4::/48 maxlen: 48
2a04:5201:6::/48 maxlen: 48
2a04:5201:7::/48 maxlen: 48
2a04:5201:9::/48 maxlen: 48
2a04:5201:10::/48 maxlen: 48
2a04:5201:8018::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:44:ee:c3:08:f9:47:b7:2f:8a:9d:15:f1:d2:bc:90:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jun 6 11:09:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5bd9dbf561e69d8827b72a38d35d532e9985e5e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c5:e2:bb:a5:86:62:10:68:2f:5b:19:fa:0c:
f4:a0:da:ca:73:e8:3b:b0:36:8a:e5:8a:0a:e3:31:
57:dd:ef:c9:ca:6d:cc:71:34:8f:89:ae:cc:08:1a:
22:34:8d:e3:1a:ef:1a:e9:0c:c8:57:5a:f6:da:eb:
6c:a1:09:b6:3b:b2:76:44:a3:40:f3:8d:68:1c:9f:
6f:49:03:ae:43:79:45:02:2e:bf:fe:db:89:85:ba:
24:00:83:87:9c:f7:68:b9:5c:e6:9c:62:82:44:b0:
16:f2:5e:40:11:fa:16:e2:50:11:bf:e1:27:19:de:
de:6a:49:c2:5c:c8:97:3f:80:29:2a:ef:a5:6f:32:
b1:59:36:cb:f6:3d:d4:85:bc:57:8a:d1:33:a9:90:
05:f9:d9:3d:60:f4:b8:ef:a0:3e:af:b3:cb:da:b5:
23:a0:fe:5c:08:36:fb:68:ee:30:89:53:ec:c9:63:
c4:b8:08:8f:4c:23:9b:cd:1e:85:56:61:b2:e4:c9:
a9:ec:10:ff:60:ee:b6:d2:83:36:0f:eb:e1:f2:bc:
c2:a8:d8:18:9c:dc:f0:04:86:00:cb:f7:f6:27:d4:
f7:bb:69:0d:81:ca:da:54:ab:4b:9c:b2:1f:07:f8:
3e:33:62:8e:0c:64:63:cf:66:a9:d9:2f:28:c8:c4:
19:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:D9:DB:F5:61:E6:9D:88:27:B7:2A:38:D3:5D:53:2E:99:85:E5:E9
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/W9nb9WHmnYgntyo4011TLpmF5ek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.72.0/24
45.138.73.0/24
46.17.105.0/24
80.76.32.0/22
91.217.76.0/24
92.118.8.0/23
94.142.136.0/23
95.214.9.0-95.214.11.255
185.40.7.0/24
185.58.204.0/24
185.94.164.0/23
185.102.136.0/24
185.114.72.0/23
185.117.116.0/24
185.117.119.0/24
185.200.190.0/24
185.232.170.0/23
185.233.80.0-185.233.82.255
185.233.202.0/23
185.252.144.0/24
193.124.182.0/23
193.124.188.0-193.124.190.255
193.239.160.0/23
193.239.166.0/23
194.36.178.0/23
IPv6:
2a04:5200:68::/48
2a04:5201:2::/48
2a04:5201:4::/48
2a04:5201:6::/47
2a04:5201:9::/48
2a04:5201:10::/48
2a04:5201:8018::/48
Signature Algorithm: sha256WithRSAEncryption
64:b6:c5:0d:eb:4e:5c:3a:8a:53:92:bc:03:12:f7:d8:63:4d:
8d:51:15:46:6d:56:a7:f3:1c:f4:4f:76:6e:32:b7:3d:7d:a7:
71:e2:b5:27:28:43:f8:b9:23:e8:94:0c:8b:0a:46:70:30:d7:
57:e5:b3:ef:54:65:8f:4c:e4:a8:90:43:48:0d:1f:7d:18:a5:
22:90:da:90:74:7c:f2:28:44:19:41:a3:24:ca:73:eb:d7:66:
a0:b3:3f:0c:cb:09:16:a2:d1:69:37:43:b2:98:f8:1c:44:6a:
23:b7:99:e8:c2:11:49:b6:e3:06:86:37:c2:9a:a7:fd:b8:da:
ba:c5:68:52:51:3a:fb:85:f5:11:f6:e2:a6:60:5e:f6:eb:1c:
5e:5b:25:0c:b8:41:5f:02:d7:c0:da:73:49:d4:9d:91:98:4d:
f0:56:2a:d2:85:c6:6a:87:48:c3:fe:f6:63:97:dc:33:3e:fa:
1d:a3:2a:48:5e:5d:2c:fd:11:ef:89:de:1b:4d:4b:cb:2d:98:
2d:6d:a8:93:2f:08:6f:c6:3d:fb:8f:d7:b7:15:97:13:4c:d2:
99:67:9c:50:ae:89:eb:94:a6:bf:f0:5a:52:d5:5e:8d:4c:51:
20:ee:b0:5f:56:a0:87:29:04:f6:a5:58:16:17:f1:28:4a:aa:
1c:74:a8:ad
-----BEGIN CERTIFICATE-----
MIIF8zCCBNugAwIBAgISAZdE7sMI+Ue3L4qdFfHSvJBmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwNjA2MTEwOTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmQ5ZGJmNTYxZTY5ZDg4MjdiNzJhMzhkMzVkNTMyZTk5ODVlNWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsXiu6WGYhBoL1sZ+gz0oNrKc+g7
sDaK5YoK4zFX3e/Jym3McTSPia7MCBoiNI3jGu8a6QzIV1r22utsoQm2O7J2RKNA
841oHJ9vSQOuQ3lFAi6//tuJhbokAIOHnPdouVzmnGKCRLAW8l5AEfoW4lARv+En
Gd7eaknCXMiXP4ApKu+lbzKxWTbL9j3UhbxXitEzqZAF+dk9YPS476A+r7PL2rUj
oP5cCDb7aO4wiVPsyWPEuAiPTCObzR6FVmGy5Mmp7BD/YO620oM2D+vh8rzCqNgY
nNzwBIYAy/f2J9T3u2kNgcraVKtLnLIfB/g+M2KODGRjz2ap2S8oyMQZywIDAQAB
o4IC/zCCAvswHQYDVR0OBBYEFFvZ2/Vh5p2IJ7cqONNdUy6ZheXpMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvVzluYjlXSG1uWWdudHlvNDAxMVRMcG1GNWVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBEwYIKwYBBQUHAQcBAf8EggECMIH/MIG1BAIAATCBrgME
AC0JSAMEAC2KSQMEAC4RaQMEAlBMIAMEAFvZTAMEAVx2CAMEAV6OiDAMAwQAX9YJ
AwQCX9YIAwQAuSgHAwQAuTrMAwQBuV6kAwQAuWaIAwQBuXJIAwQAuXV0AwQAuXV3
AwQAuci+AwQBueiqMAwDBAS56VADBAC56VIDBAG56coDBAC5/JADBAHBfLYwDAME
AsF8vAMEAMF8vgMEAcHvoAMEAcHvpgMEAcIksjBFBAIAAjA/AwcAKgRSAABoAwcA
KgRSAQACAwcAKgRSAQAEAwcBKgRSAQAGAwcAKgRSAQAJAwcAKgRSAQAQAwcAKgRS
AYAYMA0GCSqGSIb3DQEBCwUAA4IBAQBktsUN605cOopTkrwDEvfYY02NURVGbVan
8xz0T3ZuMrc9fadx4rUnKEP4uSPolAyLCkZwMNdX5bPvVGWPTOSokENIDR99GKUi
kNqQdHzyKEQZQaMkynPr12agsz8MywkWotFpN0OymPgcRGojt5nowhFJtuMGhjfC
mqf9uNq6xWhSUTr7hfUR9uKmYF726xxeWyUMuEFfAtfA2nNJ1J2RmE3wVirShcZq
h0jD/vZjl9wzPvodoypIXl0s/RHvid4bTUvLLZgtbaiTLwhvxj37j9e3FZcTTNKZ
Z5xQronrlKa/8FpS1V6NTFEg7rBfVqCHKQT2pVgWF/EoSqocdKit
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:36:34 2025 by rpki-client