Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/cNYk85hNoYtPZuzuDFUFNVy2av8.roa
File: cNYk85hNoYtPZuzuDFUFNVy2av8.roa (raw, json)
Hash identifier: nIrqx6JZnAqORN+dZNBqZhQ+O1zjlZ/X02ZpwsqMFyM=
Subject key identifier: 70:D6:24:F3:98:4D:A1:8B:4F:66:EC:EE:0C:55:05:35:5C:B6:6A:FF
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019763670B8CAF85DA83DD4BF6F5DB052217
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/cNYk85hNoYtPZuzuDFUFNVy2av8.roa
Signing time: Thu 12 Jun 2025 09:09:46 +0000
ROA not before: Thu 12 Jun 2025 09:09:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205090
IP address blocks: 45.9.73.0/24 maxlen: 24
45.9.75.0/24 maxlen: 24
45.89.65.0/24 maxlen: 24
45.90.216.0/24 maxlen: 24
45.90.217.0/24 maxlen: 24
45.90.218.0/24 maxlen: 24
45.90.219.0/24 maxlen: 24
45.95.202.0/24 maxlen: 24
45.95.203.0/24 maxlen: 24
45.132.255.0/24 maxlen: 24
84.252.73.0/24 maxlen: 24
84.252.74.0/24 maxlen: 24
84.252.75.0/24 maxlen: 24
85.209.2.0/24 maxlen: 24
185.102.139.0/24 maxlen: 24
185.103.109.0/24 maxlen: 24
185.104.251.0/24 maxlen: 24
185.112.101.0/24 maxlen: 24
185.112.102.0/24 maxlen: 24
185.112.103.0/24 maxlen: 24
185.217.198.0/24 maxlen: 24
185.217.199.0/24 maxlen: 24
185.221.162.0/24 maxlen: 24
185.232.169.0/24 maxlen: 24
185.233.83.0/24 maxlen: 24
185.233.200.0/24 maxlen: 24
193.162.143.0/24 maxlen: 24
193.168.227.0/24 maxlen: 24
2a09:5302::/32 maxlen: 32
2a09:5302:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 18 Jun 2025 18:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:63:67:0b:8c:af:85:da:83:dd:4b:f6:f5:db:05:22:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jun 12 09:09:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70d624f3984da18b4f66ecee0c5505355cb66aff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:95:15:b2:25:37:d8:83:7d:38:58:18:ad:3f:
62:7b:bd:0d:8b:76:cb:96:f7:8d:56:c4:34:f9:74:
9d:07:65:8d:2d:0d:a5:41:b8:09:a7:d2:72:8e:6e:
a4:6f:2f:51:9f:cf:bd:01:93:2c:ef:69:83:50:02:
49:a7:4c:fd:71:7e:60:5f:82:40:b6:1c:ac:e6:d1:
81:81:5c:75:77:c9:bb:a4:4c:11:c5:05:98:1e:f6:
43:67:b1:01:a8:fb:66:f6:a6:ba:f3:0e:e0:b4:f8:
c5:aa:a6:8a:96:0b:5e:76:0a:27:2f:8a:61:8a:f8:
6a:4c:f5:b4:55:05:1b:82:a0:2b:99:0a:00:8a:1e:
93:4a:f0:a0:45:41:e0:1b:4b:72:28:fc:fe:b9:cf:
d9:96:9b:ab:aa:37:80:12:ec:fb:a4:08:8a:6f:fb:
d8:95:a1:46:45:ea:53:d7:ab:2b:2e:f3:fa:f8:11:
33:5b:b3:6c:85:8d:8f:95:f9:09:65:42:78:07:03:
69:46:4b:59:20:5c:51:b3:77:75:09:ba:49:f2:9b:
d1:dd:aa:6f:62:e5:da:ec:7d:20:19:6a:a4:99:81:
32:9a:60:aa:35:5f:8e:75:b2:f5:23:b3:58:87:f2:
82:30:60:a3:98:f8:e0:45:a2:4f:a8:ac:4a:7e:91:
9f:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:D6:24:F3:98:4D:A1:8B:4F:66:EC:EE:0C:55:05:35:5C:B6:6A:FF
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/cNYk85hNoYtPZuzuDFUFNVy2av8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.73.0/24
45.9.75.0/24
45.89.65.0/24
45.90.216.0/22
45.95.202.0/23
45.132.255.0/24
84.252.73.0-84.252.75.255
85.209.2.0/24
185.102.139.0/24
185.103.109.0/24
185.104.251.0/24
185.112.101.0-185.112.103.255
185.217.198.0/23
185.221.162.0/24
185.232.169.0/24
185.233.83.0/24
185.233.200.0/24
193.162.143.0/24
193.168.227.0/24
IPv6:
2a09:5302::/32
Signature Algorithm: sha256WithRSAEncryption
6b:3e:ed:73:ee:04:d0:46:64:d1:2f:14:bd:a2:d2:a5:18:8e:
a7:52:4a:83:d9:e1:b0:6e:fb:c2:ab:ba:29:61:ee:d2:a7:c7:
ca:94:0b:85:1e:fe:f0:17:7a:41:9d:ca:7e:65:c0:d7:c1:f6:
22:4b:f8:a3:7c:75:1a:4b:7c:51:62:28:9b:b7:3e:16:47:08:
63:b9:f8:16:b6:f5:de:c1:c5:73:f0:c4:5d:ed:48:d2:b2:07:
6a:c7:a9:18:bd:df:58:4f:24:27:4f:c4:1d:28:21:ba:d4:02:
ec:02:dd:07:8d:0c:9d:93:a6:ad:fe:da:6d:36:82:ac:73:41:
b9:2c:0e:63:06:2d:6e:d4:99:a5:9e:9d:b4:a2:d5:d8:e3:43:
0e:a6:42:66:a8:2b:94:a8:a4:5e:61:df:7c:59:1d:fd:f2:c3:
32:99:86:18:8d:5e:87:6c:74:84:eb:90:59:84:b6:45:2e:85:
bc:f1:b1:89:db:76:ae:4c:23:03:68:03:a4:51:f1:6c:c3:0d:
18:ea:4f:1d:ec:75:2f:26:ce:63:62:e5:34:3d:09:9d:82:39:
97:e8:47:a0:02:57:39:f5:b8:36:3a:09:70:9f:2f:ca:50:16:
21:51:d7:13:86:0a:77:b5:f4:bc:f7:e2:17:36:0d:90:62:78:
6c:d1:07:94
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAZdjZwuMr4Xag91L9vXbBSIXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwNjEyMDkwOTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGQ2MjRmMzk4NGRhMThiNGY2NmVjZWUwYzU1MDUzNTVjYjY2YWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZUVsiU32IN9OFgYrT9ie70Ni3bL
lveNVsQ0+XSdB2WNLQ2lQbgJp9Jyjm6kby9Rn8+9AZMs72mDUAJJp0z9cX5gX4JA
thys5tGBgVx1d8m7pEwRxQWYHvZDZ7EBqPtm9qa68w7gtPjFqqaKlgtedgonL4ph
ivhqTPW0VQUbgqArmQoAih6TSvCgRUHgG0tyKPz+uc/ZlpurqjeAEuz7pAiKb/vY
laFGRepT16srLvP6+BEzW7NshY2PlfkJZUJ4BwNpRktZIFxRs3d1CbpJ8pvR3apv
YuXa7H0gGWqkmYEymmCqNV+OdbL1I7NYh/KCMGCjmPjgRaJPqKxKfpGfoQIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFHDWJPOYTaGLT2bs7gxVBTVctmr/MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvY05Zazg1aE5vWXRQWnV6dURGVUZOVnkyYXY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGuBggrBgEFBQcBBwEB/wSBnjCBmzCBiQQCAAEwgYIDBAAt
CUkDBAAtCUsDBAAtWUEDBAItWtgDBAEtX8oDBAAthP8wDAMEAFT8SQMEAlT8SAME
AFXRAgMEALlmiwMEALlnbQMEALlo+zAMAwQAuXBlAwQDuXBgAwQBudnGAwQAud2i
AwQAueipAwQAuelTAwQAuenIAwQAwaKPAwQAwajjMA0EAgACMAcDBQAqCVMCMA0G
CSqGSIb3DQEBCwUAA4IBAQBrPu1z7gTQRmTRLxS9otKlGI6nUkqD2eGwbvvCq7op
Ye7Sp8fKlAuFHv7wF3pBncp+ZcDXwfYiS/ijfHUaS3xRYiibtz4WRwhjufgWtvXe
wcVz8MRd7UjSsgdqx6kYvd9YTyQnT8QdKCG61ALsAt0HjQydk6at/tptNoKsc0G5
LA5jBi1u1Jmlnp20otXY40MOpkJmqCuUqKReYd98WR398sMymYYYjV6HbHSE65BZ
hLZFLoW88bGJ23auTCMDaAOkUfFsww0Y6k8d7HUvJs5jYuU0PQmdgjmX6EegAlc5
9bg2Oglwny/KUBYhUdcThgp3tfS89+IXNg2QYnhs0QeU
-----END CERTIFICATE-----
Generated at Wed Jun 18 03:02:17 2025 by rpki-client