Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/mFnU9BHuzrj5JitTn_9oawjrz9I.roa
File: mFnU9BHuzrj5JitTn_9oawjrz9I.roa (raw, json)
Hash identifier: +5iZ87nYgFTL+jO/6IKhTGk6GZ+oc+Iq1exS/P2CCYQ=
Subject key identifier: 98:59:D4:F4:11:EE:CE:B8:F9:26:2B:53:9F:FF:68:6B:08:EB:CF:D2
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0196869ABF6F3FF68FE197A6EFDA6A7F9D60
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/mFnU9BHuzrj5JitTn_9oawjrz9I.roa
Signing time: Wed 30 Apr 2025 12:10:10 +0000
ROA not before: Wed 30 Apr 2025 12:10:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205463
IP address blocks: 2.56.108.0/24 maxlen: 24
2.56.109.0/24 maxlen: 24
45.81.113.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.94.170.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
85.209.120.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
194.15.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 22:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:86:9a:bf:6f:3f:f6:8f:e1:97:a6:ef:da:6a:7f:9d:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Apr 30 12:10:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9859d4f411eeceb8f9262b539fff686b08ebcfd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a8:f4:a0:4b:8d:bd:42:9a:64:db:05:45:c3:
de:a1:9e:f7:5a:9d:08:13:8d:50:0d:c2:c0:e7:da:
f9:68:8a:e5:5b:2b:3a:ef:1f:7f:aa:30:c9:18:ae:
bb:5c:86:aa:83:a0:07:e6:72:d0:f3:dc:c9:32:0c:
00:6f:c1:00:0f:e5:02:3d:6d:86:2a:67:79:e0:30:
ca:46:4e:9a:6a:4c:29:02:2c:22:4a:a8:f0:d3:4c:
e1:36:04:4b:d7:47:58:c7:f3:48:5d:b1:74:d9:7b:
0d:89:00:ba:df:a0:e3:9e:74:96:5d:70:c1:71:ea:
dd:f2:d9:d1:da:cd:1d:41:a5:9f:15:3c:bc:ed:ed:
ae:1b:61:6f:e6:a2:b4:29:cd:6b:2a:7d:2b:58:b7:
69:f4:cb:a9:61:6b:67:54:bb:ba:2d:11:58:31:75:
91:b9:07:c9:d0:c9:52:28:6c:73:e9:02:e3:42:4c:
f8:34:e8:3c:23:ee:da:55:98:1a:1c:d5:b8:c2:25:
0e:91:f3:a0:00:1b:36:37:79:a9:ef:14:09:eb:c1:
8d:4a:81:03:48:b2:42:77:40:85:53:c2:b2:3d:02:
2a:d6:89:e7:eb:ba:7b:eb:99:83:9d:74:6f:2c:3c:
d9:9d:d8:f8:4a:2f:10:da:3b:22:7f:f4:ec:f1:63:
5d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:59:D4:F4:11:EE:CE:B8:F9:26:2B:53:9F:FF:68:6B:08:EB:CF:D2
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/mFnU9BHuzrj5JitTn_9oawjrz9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/23
45.81.113.0/24
45.81.115.0/24
45.88.139.0/24
45.94.170.0/24
45.132.181.0/24
85.209.120.0/24
193.57.41.0/24
194.15.52.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:bb:e9:8e:c4:de:e0:9b:e0:06:fb:fe:c9:3b:a2:23:04:1b:
d2:e2:68:66:c4:75:fa:39:55:12:26:0a:ce:d2:af:45:73:6b:
85:d8:c9:ee:cb:fc:e6:6a:13:3e:c3:94:39:de:f5:bb:fe:fa:
d6:25:fc:3b:35:f0:05:c2:8c:f6:93:f9:ac:df:d1:a1:5d:36:
b5:17:63:03:7e:13:1e:15:56:d7:5d:4f:0b:81:a3:1a:96:0b:
29:75:e2:cb:0a:8c:22:bb:e7:7e:32:48:0b:76:f9:26:49:53:
cf:eb:72:3f:7b:e6:8f:da:45:f0:b9:3e:a0:a4:a2:82:56:62:
8a:f4:c3:12:fa:1f:e6:06:3b:53:05:20:73:cc:9e:61:60:f1:
fb:c8:15:69:b3:e5:69:9a:29:50:d3:57:02:25:8c:ac:87:a1:
0b:21:d6:88:23:5d:61:42:4e:25:7a:1c:b1:c9:2e:22:f9:b5:
37:c9:f0:3c:63:64:78:60:53:49:1b:a7:b4:7a:21:65:e6:78:
2f:a3:5f:78:59:27:0b:78:19:17:ee:1c:2a:80:0f:9e:71:8d:
f8:ec:a2:0c:93:b4:76:b3:d4:b4:fe:01:b7:21:f6:b7:5f:6a:
f2:08:1e:41:da:cf:5d:2d:ac:1a:8b:a5:d0:11:50:e1:a1:95:
4a:af:4f:8b
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZaGmr9vP/aP4Zem79pqf51gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjUwNDMwMTIxMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODU5ZDRmNDExZWVjZWI4ZjkyNjJiNTM5ZmZmNjg2YjA4ZWJjZmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKj0oEuNvUKaZNsFRcPeoZ73Wp0I
E41QDcLA59r5aIrlWys67x9/qjDJGK67XIaqg6AH5nLQ89zJMgwAb8EAD+UCPW2G
Kmd54DDKRk6aakwpAiwiSqjw00zhNgRL10dYx/NIXbF02XsNiQC636DjnnSWXXDB
cerd8tnR2s0dQaWfFTy87e2uG2Fv5qK0Kc1rKn0rWLdp9MupYWtnVLu6LRFYMXWR
uQfJ0MlSKGxz6QLjQkz4NOg8I+7aVZgaHNW4wiUOkfOgABs2N3mp7xQJ68GNSoED
SLJCd0CFU8KyPQIq1onn67p765mDnXRvLDzZndj4Si8Q2jsif/Ts8WNd9wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFJhZ1PQR7s64+SYrU5//aGsI68/SMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvbUZuVTlCSHV6cmo1Sml0VG5fOW9hd2pyejlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBAjhsAwQA
LVFxAwQALVFzAwQALViLAwQALV6qAwQALYS1AwQAVdF4AwQAwTkpAwQAwg80MA0G
CSqGSIb3DQEBCwUAA4IBAQC1u+mOxN7gm+AG+/7JO6IjBBvS4mhmxHX6OVUSJgrO
0q9Fc2uF2Mnuy/zmahM+w5Q53vW7/vrWJfw7NfAFwoz2k/ms39GhXTa1F2MDfhMe
FVbXXU8LgaMalgspdeLLCowiu+d+MkgLdvkmSVPP63I/e+aP2kXwuT6gpKKCVmKK
9MMS+h/mBjtTBSBzzJ5hYPH7yBVps+VpmilQ01cCJYysh6ELIdaII11hQk4lehyx
yS4i+bU3yfA8Y2R4YFNJG6e0eiFl5ngvo194WScLeBkX7hwqgA+ecY347KIMk7R2
s9S0/gG3Ifa3X2ryCB5B2s9dLawai6XQEVDhoZVKr0+L
-----END CERTIFICATE-----
Generated at Fri May 9 03:47:10 2025 by rpki-client