Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/d5DBYXD49Wmzvg6c5ewypAIK9x4.roa
File: d5DBYXD49Wmzvg6c5ewypAIK9x4.roa (raw, json)
Hash identifier: C5NSsnrbrHcrF7qbh5BAcueP/w4u6C6eFsmXVMmRP2U=
Subject key identifier: 77:90:C1:61:70:F8:F5:69:B3:BE:0E:9C:E5:EC:32:A4:02:0A:F7:1E
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0196BA93317EA41C7FCE9A6955197F1CAED1
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/d5DBYXD49Wmzvg6c5ewypAIK9x4.roa
Signing time: Sat 10 May 2025 14:22:10 +0000
ROA not before: Sat 10 May 2025 14:22:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34872
IP address blocks: 45.154.97.0/24 maxlen: 32
45.154.99.0/24 maxlen: 32
62.3.50.0/24 maxlen: 32
194.28.98.0/23 maxlen: 32
2a0c:b640::/32 maxlen: 128
2a0c:b641::/44 maxlen: 128
2a0c:b641:10::/44 maxlen: 128
2a0c:b641:50::/44 maxlen: 128
2a0c:b641:60::/44 maxlen: 128
2a0c:b641:530::/44 maxlen: 128
2a0c:b641:70f::/48 maxlen: 128
2a0c:b641:820::/44 maxlen: 128
2a0f:8400::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.mft
rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 14 May 2025 14:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ba:93:31:7e:a4:1c:7f:ce:9a:69:55:19:7f:1c:ae:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: May 10 14:22:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7790c16170f8f569b3be0e9ce5ec32a4020af71e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:89:77:34:f6:a3:ae:eb:a3:a2:24:0e:d2:37:
87:35:6f:d6:72:e4:38:17:ca:d9:ff:7e:31:b9:0a:
15:a1:94:d8:66:eb:0d:92:d6:67:e9:b8:25:ed:52:
30:cc:26:fe:4b:57:4d:61:60:39:a8:80:dd:15:fc:
08:28:85:e0:d4:63:5c:5d:db:52:0d:ee:86:d7:04:
9c:89:fe:3f:f8:04:0e:c5:e1:48:c6:70:8c:07:3a:
40:02:c2:a9:49:c5:c5:a6:e3:4c:65:af:8b:ce:c4:
77:d1:81:60:d0:65:8f:47:ae:cf:9d:26:53:c4:c8:
39:58:c0:a4:f4:d9:85:c8:f3:c1:88:7c:86:7b:48:
28:f1:5c:ae:08:24:e9:ad:d5:51:06:97:16:33:61:
36:6e:85:f8:d7:e9:33:26:23:cf:5c:26:f7:81:a2:
59:bd:2a:0e:72:dc:d3:00:62:4d:ed:82:47:c3:12:
32:5b:a5:98:63:31:4c:2d:53:75:eb:49:33:de:89:
1b:1e:bc:46:d9:19:54:c0:47:b0:74:7d:6d:12:e5:
7a:6f:6d:2d:f5:ea:4a:97:18:5b:39:2d:db:9a:8c:
45:6b:01:c6:f4:03:ed:94:91:b7:10:f0:7f:d7:f2:
52:94:08:b5:eb:9f:c9:58:61:c6:ce:2a:5a:3b:57:
30:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:90:C1:61:70:F8:F5:69:B3:BE:0E:9C:E5:EC:32:A4:02:0A:F7:1E
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/d5DBYXD49Wmzvg6c5ewypAIK9x4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.97.0/24
45.154.99.0/24
62.3.50.0/24
194.28.98.0/23
IPv6:
2a0c:b640::-2a0c:b641:1f:ffff:ffff:ffff:ffff:ffff
2a0c:b641:50::-2a0c:b641:6f:ffff:ffff:ffff:ffff:ffff
2a0c:b641:530::/44
2a0c:b641:70f::/48
2a0c:b641:820::/44
2a0f:8400::/32
Signature Algorithm: sha256WithRSAEncryption
1c:6d:99:88:6b:53:45:6e:b2:06:79:09:a6:b0:73:32:94:d7:
9f:95:91:d4:df:09:62:b2:f9:c5:c9:7a:c5:1d:ae:6c:f3:77:
23:38:8f:eb:76:5e:df:c5:f6:e3:75:46:82:1c:6f:5a:8b:c1:
77:b1:bc:ac:6d:fc:4a:95:c7:a2:2d:3e:80:18:6e:5d:70:82:
0d:59:7c:20:9f:e4:68:a0:0b:52:50:ed:96:47:55:b1:18:96:
3d:8e:00:ae:49:1d:e2:99:d6:4e:e3:d6:d3:fe:76:78:21:0a:
4e:88:30:2a:95:04:4a:87:6f:22:ef:9f:b0:ea:67:70:88:37:
8c:58:c5:69:ae:72:14:1e:74:c4:b5:85:60:0b:b8:56:44:e0:
1e:f9:9f:69:30:c4:83:87:8b:96:ff:3e:ca:da:77:b8:13:fa:
75:4c:9c:e9:79:68:22:40:19:6b:a5:fd:db:c2:76:2d:69:5e:
98:f4:eb:97:ca:64:47:36:0b:c2:15:53:8e:ad:88:2b:1c:de:
42:4b:d3:3e:e2:d5:43:9f:6c:4f:7c:bc:c8:11:b7:e7:b6:6d:
25:e5:c6:e0:cd:23:29:4a:a6:eb:4d:b1:52:79:70:47:4d:89:
3f:07:2b:89:7d:0f:e1:bf:28:79:8e:0c:2d:e7:5c:7e:54:09:
f5:2f:2a:d4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZa6kzF+pBx/zpppVRl/HK7RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjUwNTEwMTQyMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzkwYzE2MTcwZjhmNTY5YjNiZTBlOWNlNWVjMzJhNDAyMGFmNzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIl3NPajruujoiQO0jeHNW/WcuQ4
F8rZ/34xuQoVoZTYZusNktZn6bgl7VIwzCb+S1dNYWA5qIDdFfwIKIXg1GNcXdtS
De6G1wScif4/+AQOxeFIxnCMBzpAAsKpScXFpuNMZa+LzsR30YFg0GWPR67PnSZT
xMg5WMCk9NmFyPPBiHyGe0go8VyuCCTprdVRBpcWM2E2boX41+kzJiPPXCb3gaJZ
vSoOctzTAGJN7YJHwxIyW6WYYzFMLVN160kz3okbHrxG2RlUwEewdH1tEuV6b20t
9epKlxhbOS3bmoxFawHG9APtlJG3EPB/1/JSlAi165/JWGHGzipaO1cwBQIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFHeQwWFw+PVps74OnOXsMqQCCvceMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvZDVEQllYRDQ5V216dmc2YzVld3lwQUlLOXg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwHgQCAAEwGAMEAC2aYQME
AC2aYwMEAD4DMgMEAcIcYjBOBAIAAjBIMBADBQYqDLZAAwcFKgy2QQAAMBIDBwQq
DLZBAFADBwQqDLZBAGADBwQqDLZBBTADBwAqDLZBBw8DBwQqDLZBCCADBQAqD4QA
MA0GCSqGSIb3DQEBCwUAA4IBAQAcbZmIa1NFbrIGeQmmsHMylNeflZHU3wlisvnF
yXrFHa5s83cjOI/rdl7fxfbjdUaCHG9ai8F3sbysbfxKlceiLT6AGG5dcIINWXwg
n+RooAtSUO2WR1WxGJY9jgCuSR3imdZO49bT/nZ4IQpOiDAqlQRKh28i75+w6mdw
iDeMWMVprnIUHnTEtYVgC7hWROAe+Z9pMMSDh4uW/z7K2ne4E/p1TJzpeWgiQBlr
pf3bwnYtaV6Y9OuXymRHNgvCFVOOrYgrHN5CS9M+4tVDn2xPfLzIEbfntm0l5cbg
zSMpSqbrTbFSeXBHTYk/ByuJfQ/hvyh5jgwt51x+VAn1LyrU
-----END CERTIFICATE-----
Generated at Tue May 13 20:56:21 2025 by rpki-client