Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/OD7HVVIuMD3Lafn41l9onL8Lz_s.roa
File: OD7HVVIuMD3Lafn41l9onL8Lz_s.roa (raw, json)
Hash identifier: J7Wal9yEvhszZygAEKLjaKjqNoMovgD/F/EiRSy+bQA=
Subject key identifier: 38:3E:C7:55:52:2E:30:3D:CB:69:F9:F8:D6:5F:68:9C:BF:0B:CF:FB
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01975996264024D8DE1039463407DE10DF7A
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/OD7HVVIuMD3Lafn41l9onL8Lz_s.roa
Signing time: Tue 10 Jun 2025 11:25:01 +0000
ROA not before: Tue 10 Jun 2025 11:25:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.90.17.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.199.54.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.209.38.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
185.209.74.0/24 maxlen: 24
185.209.75.0/24 maxlen: 24
185.210.233.0/24 maxlen: 24
185.214.108.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.218.101.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.222.28.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.223.155.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.225.3.0/24 maxlen: 24
185.226.104.0/24 maxlen: 24
185.227.144.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.228.75.0/24 maxlen: 24
185.232.206.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.8.112.0/24 maxlen: 24
193.8.114.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
194.5.64.0/24 maxlen: 24
194.76.169.0/24 maxlen: 24
194.76.172.0/24 maxlen: 24
194.124.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:59:96:26:40:24:d8:de:10:39:46:34:07:de:10:df:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 10 11:25:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=383ec755522e303dcb69f9f8d65f689cbf0bcffb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:cd:68:51:9e:8f:eb:82:0e:83:ce:87:d0:d5:
5a:4c:43:ba:4a:e2:7d:73:ee:18:cf:0e:52:67:d7:
b6:2e:d9:f1:51:c3:0e:b5:5c:7c:9f:58:b1:b0:ec:
99:e1:a3:8f:0b:62:67:aa:2b:92:96:da:19:7f:6c:
ce:13:7e:0a:73:a1:d2:5c:ba:80:31:03:22:96:11:
75:de:6f:74:3b:30:e9:4f:47:cd:59:d1:56:72:87:
fe:60:0f:13:ac:8c:33:e6:52:66:b9:4c:5d:2a:a8:
4f:ee:8e:09:f3:f7:b9:4c:71:0e:97:c9:a0:04:84:
36:0e:42:64:44:6a:26:f6:b2:39:f0:8d:97:62:4a:
7c:f9:c8:16:3e:4b:93:e6:f7:bb:b1:e4:84:3c:af:
14:bb:70:eb:0e:cb:11:5e:e1:fb:6e:4f:18:77:33:
e0:c6:d6:9b:03:dd:28:2b:67:9d:34:5f:83:27:6e:
25:ac:82:13:f6:ce:a6:5d:5f:75:23:12:b0:90:31:
59:84:da:41:1e:63:e1:8f:8d:35:08:2a:d3:e7:1d:
df:7f:fd:7c:09:04:5a:d0:13:96:19:1b:bb:83:80:
9b:68:46:4e:65:0c:21:27:82:6e:69:94:5d:39:56:
03:22:a4:de:96:90:25:3b:d3:86:37:00:e0:bf:e9:
38:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:3E:C7:55:52:2E:30:3D:CB:69:F9:F8:D6:5F:68:9C:BF:0B:CF:FB
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/OD7HVVIuMD3Lafn41l9onL8Lz_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.17.0/24
185.126.82.0/24
185.199.54.0/24
185.206.251.0/24
185.209.38.0/24
185.209.73.0-185.209.75.255
185.210.233.0/24
185.214.108.0/24
185.218.20.0/24
185.218.101.0/24
185.220.250.0/23
185.222.28.0/23
185.223.80.0/24
185.223.155.0/24
185.225.0.0/23
185.225.3.0/24
185.226.104.0/24
185.227.144.0/24
185.227.146.0/23
185.228.75.0/24
185.232.206.0/24
185.246.112.0/24
193.8.112.0-193.8.114.255
193.58.146.0/23
194.5.64.0/24
194.76.169.0/24
194.76.172.0/24
194.124.69.0/24
Signature Algorithm: sha256WithRSAEncryption
47:40:dd:45:5d:4b:31:74:df:1e:a0:7a:6b:57:0f:ab:2b:5c:
e4:87:cb:85:e3:5a:a9:59:26:b0:a8:ae:f2:dc:eb:e8:54:29:
27:33:b7:80:75:2e:8a:c7:93:4d:5c:6b:f8:02:34:6e:11:e4:
93:9e:df:65:3f:fa:74:ae:2b:9d:4d:fa:2f:01:8e:06:e6:85:
b5:99:4e:a2:ac:9f:a4:03:e6:79:80:c4:40:92:62:69:20:cc:
1a:74:3b:e8:f8:15:42:55:bb:51:b5:f5:00:91:99:01:35:b1:
e9:f3:36:54:c4:b6:ca:5d:1c:77:f0:e0:98:9f:d7:4b:7f:07:
cc:a1:99:99:d2:27:70:93:a0:0a:35:d6:c7:3a:35:bd:8b:8d:
f9:25:f3:87:01:84:20:ea:f0:4e:59:bc:1a:8e:fc:d5:ea:d2:
90:c4:35:39:7a:fc:52:e5:53:71:3d:be:37:e4:c7:f4:60:c9:
58:bf:8d:1c:7c:25:6a:65:5b:c0:da:b5:64:94:dd:3b:39:ca:
ca:bb:7f:b8:77:7a:5f:7d:c2:60:f7:95:00:42:2f:70:7b:cd:
13:75:a9:68:3f:af:d9:4a:64:47:44:c1:43:7e:57:4f:b8:d5:
44:83:89:05:a3:ec:f1:52:e5:46:63:1c:dc:e6:8d:92:fe:02:
1d:5f:bd:0c
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAZdZliZAJNjeEDlGNAfeEN96MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwNjEwMTEyNTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODNlYzc1NTUyMmUzMDNkY2I2OWY5ZjhkNjVmNjg5Y2JmMGJjZmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtc1oUZ6P64IOg86H0NVaTEO6SuJ9
c+4Yzw5SZ9e2LtnxUcMOtVx8n1ixsOyZ4aOPC2JnqiuSltoZf2zOE34Kc6HSXLqA
MQMilhF13m90OzDpT0fNWdFWcof+YA8TrIwz5lJmuUxdKqhP7o4J8/e5THEOl8mg
BIQ2DkJkRGom9rI58I2XYkp8+cgWPkuT5ve7seSEPK8Uu3DrDssRXuH7bk8YdzPg
xtabA90oK2edNF+DJ24lrIIT9s6mXV91IxKwkDFZhNpBHmPhj401CCrT5x3ff/18
CQRa0BOWGRu7g4CbaEZOZQwhJ4JuaZRdOVYDIqTelpAlO9OGNwDgv+k4MwIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFDg+x1VSLjA9y2n5+NZfaJy/C8/7MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvT0Q3SFZWSXVNRDNMYWZuNDFsOW9uTDhMel9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHVBggrBgEFBQcBBwEB/wSBxTCBwjCBvwQCAAEwgbgDBAAt
WhEDBAC5flIDBAC5xzYDBAC5zvsDBAC50SYwDAMEALnRSQMEArnRSAMEALnS6QME
ALnWbAMEALnaFAMEALnaZQMEAbnc+gMEAbneHAMEALnfUAMEALnfmwMEAbnhAAME
ALnhAwMEALniaAMEALnjkAMEAbnjkgMEALnkSwMEALnozgMEALn2cDAMAwQEwQhw
AwQAwQhyAwQBwTqSAwQAwgVAAwQAwkypAwQAwkysAwQAwnxFMA0GCSqGSIb3DQEB
CwUAA4IBAQBHQN1FXUsxdN8eoHprVw+rK1zkh8uF41qpWSawqK7y3OvoVCknM7eA
dS6Kx5NNXGv4AjRuEeSTnt9lP/p0riudTfovAY4G5oW1mU6irJ+kA+Z5gMRAkmJp
IMwadDvo+BVCVbtRtfUAkZkBNbHp8zZUxLbKXRx38OCYn9dLfwfMoZmZ0idwk6AK
NdbHOjW9i435JfOHAYQg6vBOWbwajvzV6tKQxDU5evxS5VNxPb435Mf0YMlYv40c
fCVqZVvA2rVklN07OcrKu3+4d3pffcJg95UAQi9we80TdaloP6/ZSmRHRMFDfldP
uNVEg4kFo+zxUuVGYxzc5o2S/gIdX70M
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:30:56 2025 by rpki-client