Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/lJZWEsrqndeyUJO2YcX0Ze4EHeM.roa
File: lJZWEsrqndeyUJO2YcX0Ze4EHeM.roa (raw, json)
Hash identifier: C2yVrEWb5F/k2KnaJpmNueGTAHalSrKs+TAHoar3Epk=
Subject key identifier: 94:96:56:12:CA:EA:9D:D7:B2:50:93:B6:61:C5:F4:65:EE:04:1D:E3
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0197202C2BB36E2CC19EECF89C7A4860DA20
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/lJZWEsrqndeyUJO2YcX0Ze4EHeM.roa
Signing time: Fri 30 May 2025 07:50:54 +0000
ROA not before: Fri 30 May 2025 07:50:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 45.90.17.0/24 maxlen: 24
176.125.248.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
185.240.122.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:20:2c:2b:b3:6e:2c:c1:9e:ec:f8:9c:7a:48:60:da:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 30 07:50:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94965612caea9dd7b25093b661c5f465ee041de3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:29:fb:5b:7e:04:44:a0:e1:ab:7a:34:04:fc:
46:e5:be:06:70:7a:05:f5:3a:57:0f:18:58:64:e0:
0e:f4:ca:8a:c0:e5:99:02:90:40:b2:a7:ff:fa:5c:
2c:d4:ca:9c:db:92:30:05:11:03:a0:52:e4:af:2b:
d4:3e:69:56:db:98:91:0e:3b:66:0e:f6:6b:25:7b:
64:27:41:16:5a:24:a1:3a:7e:cb:de:28:55:01:ac:
c1:95:f5:95:bc:57:2d:2b:fa:bc:a5:f3:79:90:eb:
c4:5e:25:2d:ea:b1:23:6d:34:09:55:be:50:5e:02:
8d:88:d8:3a:f7:93:be:61:f8:15:dd:7d:f8:f6:8c:
cd:16:bd:f4:8a:be:94:22:71:c9:31:ca:cb:69:e0:
9f:31:a8:17:d0:92:7b:ad:f8:2d:8a:62:45:e0:5d:
e6:95:dd:5a:3b:dc:8a:31:3b:ef:77:11:2b:74:0d:
7f:8e:f9:7e:cb:54:4f:6a:b2:aa:4a:7d:85:ed:18:
a4:3b:9c:53:5b:1f:44:32:22:fb:05:16:c2:cc:52:
9f:9b:60:2a:dc:57:de:c1:dc:0b:13:6d:ce:4d:8a:
29:d2:1f:ca:7c:2e:6d:f2:83:09:0f:85:82:56:4d:
54:f4:4e:b4:3a:8d:85:7c:45:1d:1e:05:84:af:99:
a2:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:96:56:12:CA:EA:9D:D7:B2:50:93:B6:61:C5:F4:65:EE:04:1D:E3
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/lJZWEsrqndeyUJO2YcX0Ze4EHeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.17.0/24
176.125.248.0/24
185.222.29.0/24
185.240.122.0/24
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
06:69:c6:c6:be:96:41:ce:82:cd:d4:dd:03:48:29:d1:cb:07:
14:4e:57:1e:2b:68:7b:b1:6c:a8:d4:7a:19:24:eb:b0:5e:55:
d7:d5:ee:d4:1b:75:ea:2d:b8:01:da:dc:5e:8d:ba:fb:fb:ea:
71:08:6f:09:86:05:25:0d:cd:01:98:f3:9d:62:c2:89:73:40:
c0:2a:16:cd:8f:48:bd:98:ca:0a:4e:8d:38:46:56:ef:bb:96:
d0:83:41:3f:09:c1:cc:74:45:bd:34:74:8b:c2:43:09:2c:3a:
c3:be:c5:05:ac:28:7d:46:c6:19:50:39:4e:72:2e:d0:b1:c1:
9a:03:17:16:06:d3:8f:8a:f9:e8:c6:96:da:80:f2:97:e3:40:
02:ff:c5:c1:53:72:13:4b:71:87:d5:33:6e:b6:0c:e2:73:f3:
4a:8e:b1:42:40:0e:5a:ba:cb:b2:2c:b2:f5:2e:f7:1c:b5:d1:
67:2f:ed:4f:ad:fc:56:fb:33:c0:c9:b5:cf:50:68:3c:d2:56:
bb:3b:ca:fa:f8:b7:75:08:85:cd:49:fe:36:c2:2e:56:c2:e5:
a6:4b:78:d7:49:8a:3e:ff:9e:29:9c:c8:5f:9f:fb:6e:85:33:
91:73:4a:24:ba:f1:31:87:49:b0:f3:75:ee:a4:b3:c7:bb:12:
6f:4e:62:43
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZcgLCuzbizBnuz4nHpIYNogMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwNTMwMDc1MDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDk2NTYxMmNhZWE5ZGQ3YjI1MDkzYjY2MWM1ZjQ2NWVlMDQxZGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqin7W34ERKDhq3o0BPxG5b4GcHoF
9TpXDxhYZOAO9MqKwOWZApBAsqf/+lws1Mqc25IwBREDoFLkryvUPmlW25iRDjtm
DvZrJXtkJ0EWWiShOn7L3ihVAazBlfWVvFctK/q8pfN5kOvEXiUt6rEjbTQJVb5Q
XgKNiNg695O+YfgV3X349ozNFr30ir6UInHJMcrLaeCfMagX0JJ7rfgtimJF4F3m
ld1aO9yKMTvvdxErdA1/jvl+y1RParKqSn2F7RikO5xTWx9EMiL7BRbCzFKfm2Aq
3FfewdwLE23OTYop0h/KfC5t8oMJD4WCVk1U9E60Oo2FfEUdHgWEr5miuwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJSWVhLK6p3XslCTtmHF9GXuBB3jMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvbEpaV0VzcnFuZGV5VUpPMlljWDBaZTRFSGVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVoRAwQA
sH34AwQAud4dAwQAufB6AwQAufvnMA0GCSqGSIb3DQEBCwUAA4IBAQAGacbGvpZB
zoLN1N0DSCnRywcUTlceK2h7sWyo1HoZJOuwXlXX1e7UG3XqLbgB2txejbr7++px
CG8JhgUlDc0BmPOdYsKJc0DAKhbNj0i9mMoKTo04Rlbvu5bQg0E/CcHMdEW9NHSL
wkMJLDrDvsUFrCh9RsYZUDlOci7QscGaAxcWBtOPivnoxpbagPKX40AC/8XBU3IT
S3GH1TNutgzic/NKjrFCQA5ausuyLLL1LvcctdFnL+1PrfxW+zPAybXPUGg80la7
O8r6+Ld1CIXNSf42wi5WwuWmS3jXSYo+/54pnMhfn/tuhTORc0okuvExh0mw83Xu
pLPHuxJvTmJD
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:58:47 2025 by rpki-client