
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/fe6870-0990-4c21-9e4d-8c52e666a8a2/1/bM6mSCryzLcqvPFxYUCmttMEnFY.roa
File: bM6mSCryzLcqvPFxYUCmttMEnFY.roa (raw, json)
Hash identifier: b8FjItegYCst2YsPStwGEOU1VLujWdlHGpQF7tCH2s4=
Subject key identifier: 6C:CE:A6:48:2A:F2:CC:B7:2A:BC:F1:71:61:40:A6:B6:D3:04:9C:56
Certificate issuer: /CN=411a2a9405bda1671c10776f4426273c904e4ad0
Certificate serial: 0197A1944D69547B130321AFB82E23683403
Authority key identifier: 41:1A:2A:94:05:BD:A1:67:1C:10:77:6F:44:26:27:3C:90:4E:4A:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QRoqlAW9oWccEHdvRCYnPJBOStA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/fe6870-0990-4c21-9e4d-8c52e666a8a2/1/bM6mSCryzLcqvPFxYUCmttMEnFY.roa
Signing time: Tue 24 Jun 2025 10:55:40 +0000
ROA not before: Tue 24 Jun 2025 10:55:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209097
IP address blocks: 45.11.252.0/24 maxlen: 24
45.11.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/fe6870-0990-4c21-9e4d-8c52e666a8a2/1/QRoqlAW9oWccEHdvRCYnPJBOStA.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/fe6870-0990-4c21-9e4d-8c52e666a8a2/1/QRoqlAW9oWccEHdvRCYnPJBOStA.mft
rsync://rpki.ripe.net/repository/DEFAULT/QRoqlAW9oWccEHdvRCYnPJBOStA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a1:94:4d:69:54:7b:13:03:21:af:b8:2e:23:68:34:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411a2a9405bda1671c10776f4426273c904e4ad0
Validity
Not Before: Jun 24 10:55:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ccea6482af2ccb72abcf1716140a6b6d3049c56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:93:f0:5e:6a:02:44:f0:7b:7f:a0:be:fe:b8:
0c:4c:54:4a:bd:64:6e:b5:e4:9a:f6:84:bb:fe:2c:
5c:33:4c:c3:9a:7b:c4:c3:60:42:00:95:0b:0c:60:
85:ad:29:bb:7a:1a:4d:a8:ca:19:d8:e6:58:4e:5a:
20:a0:42:15:28:e6:59:ea:16:67:dc:78:eb:c1:3c:
a5:ac:a3:3a:63:5b:9a:4f:7d:0d:26:08:38:ad:27:
de:0d:78:6a:80:bb:6b:65:9f:ef:98:40:11:1e:09:
99:5e:f4:f5:56:8c:8e:40:3f:cd:25:55:38:51:3b:
c3:d8:f0:94:a0:18:d8:a5:14:b8:4c:31:32:c3:2d:
e9:3d:17:2b:bc:bc:49:79:fc:da:38:db:87:0c:87:
99:4d:78:36:41:f2:f9:67:a3:9a:91:af:21:ae:17:
87:24:fa:48:df:27:d9:ac:b4:c3:d7:86:a6:fb:dd:
46:68:38:f1:77:a6:33:03:ef:aa:93:6c:07:bf:8e:
45:17:4c:0e:5c:2e:ed:9e:a1:57:b7:ae:ab:08:a7:
e0:d7:59:88:f8:73:13:61:b7:55:96:fb:e2:b3:5a:
5d:fb:4a:eb:ce:ad:87:62:8b:67:c1:07:e4:3f:4b:
bd:f0:64:6a:8f:25:8c:25:52:85:d3:bb:0d:92:77:
7c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:CE:A6:48:2A:F2:CC:B7:2A:BC:F1:71:61:40:A6:B6:D3:04:9C:56
X509v3 Authority Key Identifier:
keyid:41:1A:2A:94:05:BD:A1:67:1C:10:77:6F:44:26:27:3C:90:4E:4A:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QRoqlAW9oWccEHdvRCYnPJBOStA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/fe6870-0990-4c21-9e4d-8c52e666a8a2/1/bM6mSCryzLcqvPFxYUCmttMEnFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/fe6870-0990-4c21-9e4d-8c52e666a8a2/1/QRoqlAW9oWccEHdvRCYnPJBOStA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.252.0/23
Signature Algorithm: sha256WithRSAEncryption
85:90:a1:9b:ad:53:3f:d2:ef:d4:a7:39:e4:df:bc:a5:36:9a:
7a:43:f4:df:f7:d3:cf:fc:71:44:85:4f:64:b7:fc:b1:59:28:
23:93:d4:93:07:47:50:1a:24:67:f4:d3:b5:70:57:4f:b5:20:
fb:f0:66:2a:26:2b:31:9c:3e:d3:c1:c5:08:23:56:06:8c:e0:
99:99:27:a1:e5:b0:76:ef:8f:19:3e:c0:b7:55:2f:9e:cf:8b:
7b:65:dc:8a:b7:2c:fc:c9:7e:c9:42:fc:6f:0d:b6:f2:22:ff:
37:20:a1:25:15:de:61:92:34:d8:81:64:5a:49:a8:b1:ce:3d:
a5:4c:2e:d9:ed:d7:1e:7d:a8:5c:da:2e:a9:77:62:fd:1e:0c:
6e:3a:18:f2:11:14:e3:ce:a1:22:1b:fe:82:f4:f9:02:f2:c6:
5e:4e:3c:21:e9:56:c5:5d:47:30:8c:c2:e5:d4:86:56:6d:a3:
02:f2:71:2d:fd:15:3f:35:16:1e:ad:f7:e0:55:d9:72:b8:d5:
12:6f:3c:c4:3b:d5:a9:64:2b:62:a0:f4:73:2f:98:34:2a:d3:
ae:dd:52:13:d8:9e:e6:db:0d:4c:45:6b:d2:e5:36:c5:60:a3:
51:f0:0e:17:32:ef:bd:d5:93:2f:18:b3:94:83:ed:65:1a:b8:
80:a7:45:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZehlE1pVHsTAyGvuC4jaDQDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMWEyYTk0MDViZGExNjcxYzEwNzc2ZjQ0MjYyNzNjOTA0
ZTRhZDAwHhcNMjUwNjI0MTA1NTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2NlYTY0ODJhZjJjY2I3MmFiY2YxNzE2MTQwYTZiNmQzMDQ5YzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05PwXmoCRPB7f6C+/rgMTFRKvWRu
teSa9oS7/ixcM0zDmnvEw2BCAJULDGCFrSm7ehpNqMoZ2OZYTlogoEIVKOZZ6hZn
3HjrwTylrKM6Y1uaT30NJgg4rSfeDXhqgLtrZZ/vmEARHgmZXvT1VoyOQD/NJVU4
UTvD2PCUoBjYpRS4TDEywy3pPRcrvLxJefzaONuHDIeZTXg2QfL5Z6Oaka8hrheH
JPpI3yfZrLTD14am+91GaDjxd6YzA++qk2wHv45FF0wOXC7tnqFXt66rCKfg11mI
+HMTYbdVlvvis1pd+0rrzq2HYotnwQfkP0u98GRqjyWMJVKF07sNknd8VwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGzOpkgq8sy3KrzxcWFAprbTBJxWMB8GA1UdIwQY
MBaAFEEaKpQFvaFnHBB3b0QmJzyQTkrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVJvcWxBVzlvV2NjRUhkdlJDWW5QSkJPU3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9mZTY4NzAtMDk5MC00YzIxLTllNGQt
OGM1MmU2NjZhOGEyLzEvYk02bVNDcnl6TGNxdlBGeFlVQ210dE1FbkZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9mZTY4NzAtMDk5MC00YzIxLTllNGQtOGM1MmU2NjZhOGEy
LzEvUVJvcWxBVzlvV2NjRUhkdlJDWW5QSkJPU3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLQv8MA0G
CSqGSIb3DQEBCwUAA4IBAQCFkKGbrVM/0u/Upznk37ylNpp6Q/Tf99PP/HFEhU9k
t/yxWSgjk9STB0dQGiRn9NO1cFdPtSD78GYqJisxnD7TwcUII1YGjOCZmSeh5bB2
748ZPsC3VS+ez4t7ZdyKtyz8yX7JQvxvDbbyIv83IKElFd5hkjTYgWRaSaixzj2l
TC7Z7dcefahc2i6pd2L9HgxuOhjyERTjzqEiG/6C9PkC8sZeTjwh6VbFXUcwjMLl
1IZWbaMC8nEt/RU/NRYerffgVdlyuNUSbzzEO9WpZCtioPRzL5g0KtOu3VIT2J7m
2w1MRWvS5TbFYKNR8A4XMu+91ZMvGLOUg+1lGriAp0Xl
-----END CERTIFICATE-----
Generated at Tue Jul 1 17:57:37 2025 by rpki-client