Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5KrjZvf_gwFbU6KYe_mGJK6_RzY.roa
File: 5KrjZvf_gwFbU6KYe_mGJK6_RzY.roa (raw, json)
Hash identifier: ml2DIZgC8JGoHgH4ESH1Y0eLOUjC4U6F0NAyVwLV8n8=
Subject key identifier: E4:AA:E3:66:F7:FF:83:01:5B:53:A2:98:7B:F9:86:24:AE:BF:47:36
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0197AB2CB41AD54972947496F8817766BEE7
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5KrjZvf_gwFbU6KYe_mGJK6_RzY.roa
Signing time: Thu 26 Jun 2025 07:38:42 +0000
ROA not before: Thu 26 Jun 2025 07:38:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50053
IP address blocks: 45.128.232.0/24 maxlen: 24
45.144.154.0/24 maxlen: 24
45.149.234.0/24 maxlen: 24
79.110.48.0/24 maxlen: 24
185.222.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 20:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ab:2c:b4:1a:d5:49:72:94:74:96:f8:81:77:66:be:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 26 07:38:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e4aae366f7ff83015b53a2987bf98624aebf4736
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a2:67:b4:c8:ff:84:1a:05:9d:ea:78:84:9b:
31:57:81:9a:1d:e0:6c:25:98:40:ce:d5:df:75:cb:
a7:33:ea:aa:bb:02:8b:1c:81:c5:b5:50:75:a8:1d:
5b:19:b4:d2:7e:c9:d2:bb:c0:2e:1a:4c:7c:cc:c9:
d6:8b:ae:75:0c:4b:79:bb:1e:c6:f5:ec:aa:f4:03:
c3:86:7b:b6:1c:3b:76:fc:01:a8:47:e8:a6:47:b9:
ff:9e:d4:12:19:41:72:7b:cb:1e:05:66:3d:c9:60:
33:8e:ce:fe:9f:bb:12:4b:71:0f:d5:08:69:4d:0b:
7a:b2:ea:30:4c:12:7e:d4:df:3c:d8:ba:18:c1:a3:
8a:dd:55:5e:de:80:d7:d2:a3:41:f5:8e:01:53:87:
6f:15:23:8a:fe:35:62:05:ba:e7:40:93:3a:5f:bd:
36:c0:40:ee:57:c5:45:e1:c0:80:dc:e2:ce:38:dd:
84:82:22:69:87:65:72:6e:1c:ac:df:7e:e5:07:c5:
fd:77:37:c5:e6:d6:ac:13:ad:e7:43:3c:21:c5:1e:
a9:36:e7:61:ec:78:9e:97:0b:7c:89:c1:5a:80:2a:
94:50:53:80:ee:7e:fa:2c:40:fa:c9:30:36:2a:f4:
e2:68:01:3b:c5:2c:53:e6:89:4e:08:2f:6e:b9:b5:
08:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:AA:E3:66:F7:FF:83:01:5B:53:A2:98:7B:F9:86:24:AE:BF:47:36
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5KrjZvf_gwFbU6KYe_mGJK6_RzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.232.0/24
45.144.154.0/24
45.149.234.0/24
79.110.48.0/24
185.222.161.0/24
Signature Algorithm: sha256WithRSAEncryption
89:e1:cb:37:3d:4d:f9:6d:8e:7a:c8:24:6b:3d:a6:b1:68:53:
a8:d5:d7:75:6c:71:10:52:38:91:76:66:e3:ca:ba:44:d7:58:
c6:ca:56:5c:51:23:ac:f6:0f:6b:f6:f8:ef:5c:df:59:f3:c9:
9e:40:ed:b1:f7:d6:b5:b4:0b:9a:26:46:d4:f6:6f:c8:08:a6:
0f:b9:73:ef:27:3e:1e:77:e7:d1:1c:83:bb:e7:4a:1c:67:6e:
1b:1d:9d:86:49:e0:d8:82:d1:5d:ea:35:e9:47:b9:41:6a:71:
0e:b6:aa:1a:be:16:0f:8b:88:6c:48:bc:6c:79:2f:b6:69:67:
e5:48:e7:af:9b:3e:4c:94:4d:83:0c:90:99:0c:49:2a:c8:1d:
93:bc:5a:f9:da:3b:2e:15:0f:23:46:86:22:25:51:cb:38:d3:
45:f8:09:06:f2:bb:10:14:ad:76:2c:77:57:3e:95:52:23:c5:
a0:89:1d:6a:d7:3a:26:48:aa:d2:6a:26:4e:3b:d1:95:f3:31:
06:99:13:eb:d5:66:06:57:81:ef:14:4d:24:00:ca:04:2a:42:
20:a8:e4:7c:16:a8:1d:cb:de:5b:fa:d2:25:72:f6:04:e4:12:
e4:bc:03:5d:23:cf:6a:57:3c:5d:d3:ec:03:52:4f:dd:5b:7d:
03:18:c8:d0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZerLLQa1UlylHSW+IF3Zr7nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNjI2MDczODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGFhZTM2NmY3ZmY4MzAxNWI1M2EyOTg3YmY5ODYyNGFlYmY0NzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaJntMj/hBoFnep4hJsxV4GaHeBs
JZhAztXfdcunM+qquwKLHIHFtVB1qB1bGbTSfsnSu8AuGkx8zMnWi651DEt5ux7G
9eyq9APDhnu2HDt2/AGoR+imR7n/ntQSGUFye8seBWY9yWAzjs7+n7sSS3EP1Qhp
TQt6suowTBJ+1N882LoYwaOK3VVe3oDX0qNB9Y4BU4dvFSOK/jViBbrnQJM6X702
wEDuV8VF4cCA3OLOON2EgiJph2Vybhys337lB8X9dzfF5tasE63nQzwhxR6pNudh
7Hielwt8icFagCqUUFOA7n76LED6yTA2KvTiaAE7xSxT5olOCC9uubUItQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOSq42b3/4MBW1OimHv5hiSuv0c2MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNUtyalp2Zl9nd0ZiVTZLWWVfbUdKSzZfUnpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALYDoAwQA
LZCaAwQALZXqAwQAT24wAwQAud6hMA0GCSqGSIb3DQEBCwUAA4IBAQCJ4cs3PU35
bY56yCRrPaaxaFOo1dd1bHEQUjiRdmbjyrpE11jGylZcUSOs9g9r9vjvXN9Z88me
QO2x99a1tAuaJkbU9m/ICKYPuXPvJz4ed+fRHIO750ocZ24bHZ2GSeDYgtFd6jXp
R7lBanEOtqoavhYPi4hsSLxseS+2aWflSOevmz5MlE2DDJCZDEkqyB2TvFr52jsu
FQ8jRoYiJVHLONNF+AkG8rsQFK12LHdXPpVSI8WgiR1q1zomSKrSaiZOO9GV8zEG
mRPr1WYGV4HvFE0kAMoEKkIgqOR8Fqgdy95b+tIlcvYE5BLkvANdI89qVzxd0+wD
Uk/dW30DGMjQ
-----END CERTIFICATE-----
Generated at Thu Jul 3 01:15:13 2025 by rpki-client