Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/Y9K3JlofK8POwOywRHQ-b7Rojd0.roa
File: Y9K3JlofK8POwOywRHQ-b7Rojd0.roa (raw, json)
Hash identifier: abVW39/CWooNu9JnN4E4q2eaNvJVrXWE5ieZckwkUSY=
Subject key identifier: 63:D2:B7:26:5A:1F:2B:C3:CE:C0:EC:B0:44:74:3E:6F:B4:68:8D:DD
Certificate issuer: /CN=4722aea0ef4c0667db819f5d5a3daea6399f038c
Certificate serial: 0196A5322BDD244FFAE7546137C52A1ADA9E
Authority key identifier: 47:22:AE:A0:EF:4C:06:67:DB:81:9F:5D:5A:3D:AE:A6:39:9F:03:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RyKuoO9MBmfbgZ9dWj2upjmfA4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/Y9K3JlofK8POwOywRHQ-b7Rojd0.roa
Signing time: Tue 06 May 2025 10:44:10 +0000
ROA not before: Tue 06 May 2025 10:44:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206892
IP address blocks: 45.95.44.0/22 maxlen: 24
94.199.178.0/23 maxlen: 24
94.199.179.0/24 maxlen: 24
95.140.32.0/24 maxlen: 24
95.140.38.0/23 maxlen: 24
185.90.236.0/22 maxlen: 24
185.161.72.0/22 maxlen: 24
185.199.28.0/22 maxlen: 24
185.234.180.0/22 maxlen: 24
194.39.44.0/22 maxlen: 24
195.200.232.0/23 maxlen: 24
2a07:c280::/32 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/RyKuoO9MBmfbgZ9dWj2upjmfA4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/RyKuoO9MBmfbgZ9dWj2upjmfA4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/RyKuoO9MBmfbgZ9dWj2upjmfA4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 14:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a5:32:2b:dd:24:4f:fa:e7:54:61:37:c5:2a:1a:da:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4722aea0ef4c0667db819f5d5a3daea6399f038c
Validity
Not Before: May 6 10:44:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=63d2b7265a1f2bc3cec0ecb044743e6fb4688ddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:bf:c0:68:6e:cd:9d:c5:6e:87:c7:34:26:cc:
43:24:88:3d:67:b6:52:5a:68:53:6f:0e:7d:a0:49:
e7:8e:8a:d3:65:8e:ec:06:24:34:ff:1d:9b:ea:5b:
ee:7d:a9:bb:e9:37:db:12:65:3f:4d:bd:2e:6e:6a:
1e:b5:44:f0:42:2e:d9:98:0c:03:55:32:08:5e:7a:
45:34:1c:71:b5:18:55:64:76:38:34:37:ae:91:ec:
f1:d4:3d:b7:09:ac:21:8d:83:77:a4:30:0c:7a:75:
0c:02:8d:b7:08:5c:cf:95:76:0a:f7:33:69:89:f7:
2f:8e:e1:56:5e:94:ec:0f:08:15:84:98:2b:60:27:
08:ba:7a:41:23:da:8b:dc:ed:9b:a7:e3:6d:7a:9d:
37:09:dd:d6:24:dc:0f:23:9c:8e:0f:27:d5:83:b5:
e4:65:dc:a5:ac:7e:4d:d9:66:42:43:ba:01:9b:44:
6d:ec:46:cd:f0:bc:c3:33:8c:c2:e1:50:ff:25:b3:
bf:b6:f7:29:0b:8e:14:6b:ee:f8:8a:fd:e4:86:12:
a1:a1:50:a5:ec:f8:58:de:00:9f:65:69:df:e5:ae:
5e:04:b4:ec:4c:51:1f:25:86:9a:11:41:d0:04:9d:
8c:65:8d:71:0c:ba:b3:3e:f0:77:44:94:08:45:85:
b6:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:D2:B7:26:5A:1F:2B:C3:CE:C0:EC:B0:44:74:3E:6F:B4:68:8D:DD
X509v3 Authority Key Identifier:
keyid:47:22:AE:A0:EF:4C:06:67:DB:81:9F:5D:5A:3D:AE:A6:39:9F:03:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RyKuoO9MBmfbgZ9dWj2upjmfA4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/Y9K3JlofK8POwOywRHQ-b7Rojd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/RyKuoO9MBmfbgZ9dWj2upjmfA4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.44.0/22
94.199.178.0/23
95.140.32.0/24
95.140.38.0/23
185.90.236.0/22
185.161.72.0/22
185.199.28.0/22
185.234.180.0/22
194.39.44.0/22
195.200.232.0/23
IPv6:
2a07:c280::/32
Signature Algorithm: sha256WithRSAEncryption
72:9f:b8:91:a9:a6:69:a8:6f:35:18:2d:94:7a:fa:0f:8a:a0:
3c:d3:96:b7:46:72:b3:7f:4d:2d:d3:4d:a2:9e:03:53:7c:63:
55:93:08:45:9b:a9:41:3a:e6:b9:10:08:ed:3b:70:29:19:1f:
30:fd:ab:bd:9c:cc:ed:96:dd:e4:46:aa:f2:2c:5b:46:74:de:
ce:06:a0:fb:7b:42:7c:d3:f5:b3:58:a8:99:9c:7d:5f:ae:14:
be:27:0d:e2:2b:f3:ca:63:4d:a8:e6:ce:ff:f1:e3:ba:77:46:
8b:b0:3a:20:ef:25:4e:db:69:5b:6e:41:bc:f9:1f:0a:70:58:
29:39:4b:a1:3d:00:cc:c5:16:3b:e0:de:2a:60:17:d1:1a:29:
51:46:97:c7:01:f8:14:22:53:e6:8a:d3:bf:2f:80:c3:93:6a:
a0:c3:02:dd:8c:1b:72:cf:26:62:d1:d7:8e:30:c8:c3:f3:b1:
15:5e:02:10:4a:d1:b1:6e:69:ae:23:bd:cf:38:29:41:15:32:
1c:0c:e7:4b:d1:e0:dc:61:34:42:15:9f:2c:79:cc:73:76:d7:
51:d3:2a:aa:db:9d:14:88:c3:80:05:c8:d3:60:db:bb:bd:4f:
8f:13:72:d6:cb:21:b3:60:fe:01:04:25:40:98:78:d5:5e:1f:
ac:9f:f5:dc
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZalMivdJE/651RhN8UqGtqeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MjJhZWEwZWY0YzA2NjdkYjgxOWY1ZDVhM2RhZWE2Mzk5
ZjAzOGMwHhcNMjUwNTA2MTA0NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2QyYjcyNjVhMWYyYmMzY2VjMGVjYjA0NDc0M2U2ZmI0Njg4ZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAor/AaG7NncVuh8c0JsxDJIg9Z7ZS
WmhTbw59oEnnjorTZY7sBiQ0/x2b6lvufam76TfbEmU/Tb0ubmoetUTwQi7ZmAwD
VTIIXnpFNBxxtRhVZHY4NDeukezx1D23CawhjYN3pDAMenUMAo23CFzPlXYK9zNp
ifcvjuFWXpTsDwgVhJgrYCcIunpBI9qL3O2bp+Ntep03Cd3WJNwPI5yODyfVg7Xk
ZdylrH5N2WZCQ7oBm0Rt7EbN8LzDM4zC4VD/JbO/tvcpC44Ua+74iv3khhKhoVCl
7PhY3gCfZWnf5a5eBLTsTFEfJYaaEUHQBJ2MZY1xDLqzPvB3RJQIRYW2AQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFGPStyZaHyvDzsDssER0Pm+0aI3dMB8GA1UdIwQY
MBaAFEcirqDvTAZn24GfXVo9rqY5nwOMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnlLdW9POU1CbWZiZ1o5ZFdqMnVwam1mQTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi84MGMzODctYjIwYi00MzBhLWE1ZTYt
NmUzMDc0YzZjNjYzLzEvWTlLM0psb2ZLOFBPd095d1JIUS1iN1JvamQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi84MGMzODctYjIwYi00MzBhLWE1ZTYtNmUzMDc0YzZjNjYz
LzEvUnlLdW9POU1CbWZiZ1o5ZFdqMnVwam1mQTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQCLV8sAwQB
XseyAwQAX4wgAwQBX4wmAwQCuVrsAwQCuaFIAwQCucccAwQCueq0AwQCwicsAwQB
w8joMA0EAgACMAcDBQAqB8KAMA0GCSqGSIb3DQEBCwUAA4IBAQByn7iRqaZpqG81
GC2UevoPiqA805a3RnKzf00t002ingNTfGNVkwhFm6lBOua5EAjtO3ApGR8w/au9
nMztlt3kRqryLFtGdN7OBqD7e0J80/WzWKiZnH1frhS+Jw3iK/PKY02o5s7/8eO6
d0aLsDog7yVO22lbbkG8+R8KcFgpOUuhPQDMxRY74N4qYBfRGilRRpfHAfgUIlPm
itO/L4DDk2qgwwLdjBtyzyZi0deOMMjD87EVXgIQStGxbmmuI73POClBFTIcDOdL
0eDcYTRCFZ8secxzdtdR0yqq250UiMOABcjTYNu7vU+PE3LWyyGzYP4BBCVAmHjV
Xh+sn/Xc
-----END CERTIFICATE-----
Generated at Mon May 12 21:15:56 2025 by rpki-client