Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/ilS2lsd8DxPgLbZs_X1sPQAL8N0.roa
File: ilS2lsd8DxPgLbZs_X1sPQAL8N0.roa (raw, json)
Hash identifier: vSc5dfCsLO+hXfyAs9GPwS0Zy6mZg/XFfwZE4YVpN/k=
Subject key identifier: 8A:54:B6:96:C7:7C:0F:13:E0:2D:B6:6C:FD:7D:6C:3D:00:0B:F0:DD
Certificate issuer: /CN=91c1c85bf5c53471a997ef9fa999d0c16be85444
Certificate serial: 0196B468D2D09C8967C44FA42927665197D8
Authority key identifier: 91:C1:C8:5B:F5:C5:34:71:A9:97:EF:9F:A9:99:D0:C1:6B:E8:54:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/ilS2lsd8DxPgLbZs_X1sPQAL8N0.roa
Signing time: Fri 09 May 2025 09:38:10 +0000
ROA not before: Fri 09 May 2025 09:38:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51185
IP address blocks: 45.157.64.0/24 maxlen: 24
45.157.65.0/24 maxlen: 24
45.157.66.0/24 maxlen: 24
45.157.67.0/24 maxlen: 24
94.124.64.0/21 maxlen: 21
94.124.64.0/24 maxlen: 24
94.124.65.0/24 maxlen: 24
94.124.66.0/24 maxlen: 24
94.124.67.0/24 maxlen: 24
94.124.68.0/24 maxlen: 24
94.124.69.0/24 maxlen: 24
94.124.70.0/24 maxlen: 24
94.124.71.0/24 maxlen: 24
178.248.48.0/24 maxlen: 24
178.248.49.0/24 maxlen: 24
178.248.50.0/24 maxlen: 24
178.248.51.0/24 maxlen: 24
178.248.52.0/24 maxlen: 24
178.248.53.0/24 maxlen: 24
178.248.54.0/24 maxlen: 24
178.248.55.0/24 maxlen: 24
185.45.208.0/24 maxlen: 24
185.45.209.0/24 maxlen: 24
185.45.210.0/24 maxlen: 24
185.45.211.0/24 maxlen: 24
185.187.156.0/24 maxlen: 24
185.187.157.0/24 maxlen: 24
185.187.158.0/24 maxlen: 24
185.187.159.0/24 maxlen: 24
2a02:2890::/48 maxlen: 48
2a02:2890:efff::/48 maxlen: 48
2a02:2890:ffff::/48 maxlen: 48
2a02:2891::/48 maxlen: 48
2a02:2891:1::/48 maxlen: 48
2a02:2891:2::/48 maxlen: 48
2a02:2891:4::/48 maxlen: 48
2a02:2891:9::/48 maxlen: 48
2a02:2891:10::/48 maxlen: 48
2a02:2891:11::/48 maxlen: 48
2a02:2891:12::/48 maxlen: 48
2a02:2891:13::/48 maxlen: 48
2a02:2891:15::/48 maxlen: 48
2a02:2891:16::/48 maxlen: 48
2a02:2891:18::/48 maxlen: 48
2a02:2891:29::/48 maxlen: 48
2a02:2891:ff::/48 maxlen: 48
2a02:2891:157::/48 maxlen: 48
2a02:2892:32::/48 maxlen: 48
2a02:2892:40::/48 maxlen: 48
2a02:2893:158::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 14:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b4:68:d2:d0:9c:89:67:c4:4f:a4:29:27:66:51:97:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91c1c85bf5c53471a997ef9fa999d0c16be85444
Validity
Not Before: May 9 09:38:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a54b696c77c0f13e02db66cfd7d6c3d000bf0dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:eb:86:b6:7f:55:d3:9d:e5:b7:b2:ad:cc:87:
76:b7:09:cc:a8:f4:d2:1a:d8:51:31:18:e6:d5:b6:
27:23:ee:90:68:b2:b2:17:4f:6d:c4:7a:a4:95:d9:
0a:eb:b6:0e:be:09:c6:42:fe:c0:80:4d:b1:4d:30:
23:61:d2:a2:f3:23:f2:61:6f:50:cf:05:ca:34:37:
5b:9b:63:0f:4c:44:64:a0:00:ff:98:87:06:d3:c0:
03:fd:fb:d2:0a:85:69:3f:43:51:33:73:10:88:fe:
f9:51:ca:ad:d7:d8:dc:23:7c:fd:fe:5d:cd:3a:57:
65:c3:b5:6b:d6:95:66:88:c5:0e:7e:fb:c2:39:6d:
c2:bc:f6:ed:0a:8e:87:8b:fb:9b:64:3b:1d:4e:0d:
bf:e5:65:15:a6:e9:a8:34:21:26:0d:4b:71:30:16:
99:5a:7d:0c:b8:01:f4:48:88:13:30:8f:0e:4b:6c:
9f:4d:14:c8:86:84:9f:f7:91:da:60:e1:64:c6:22:
75:30:9c:95:9b:21:a1:9f:e3:2f:4d:c8:c3:42:e3:
31:9a:b7:b9:41:19:27:6b:87:0e:33:b1:9f:e0:b8:
54:b5:3a:87:63:8b:30:7c:90:4f:56:ef:44:a6:d5:
97:a8:c6:56:7e:d2:18:51:9e:c9:15:13:32:a4:8f:
f0:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:54:B6:96:C7:7C:0F:13:E0:2D:B6:6C:FD:7D:6C:3D:00:0B:F0:DD
X509v3 Authority Key Identifier:
keyid:91:C1:C8:5B:F5:C5:34:71:A9:97:EF:9F:A9:99:D0:C1:6B:E8:54:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/ilS2lsd8DxPgLbZs_X1sPQAL8N0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.64.0/22
94.124.64.0/21
178.248.48.0/21
185.45.208.0/22
185.187.156.0/22
IPv6:
2a02:2890::/48
2a02:2890:efff::/48
2a02:2890:ffff::-2a02:2891:2:ffff:ffff:ffff:ffff:ffff
2a02:2891:4::/48
2a02:2891:9::/48
2a02:2891:10::/46
2a02:2891:15::-2a02:2891:16:ffff:ffff:ffff:ffff:ffff
2a02:2891:18::/48
2a02:2891:29::/48
2a02:2891:ff::/48
2a02:2891:157::/48
2a02:2892:32::/48
2a02:2892:40::/48
2a02:2893:158::/48
Signature Algorithm: sha256WithRSAEncryption
0d:88:6c:ae:36:2e:a9:e0:5b:96:57:bc:e1:42:af:cc:a7:0d:
42:e5:fc:ad:68:ab:8d:02:82:00:3c:82:60:c4:c2:30:d8:47:
99:a7:bf:3f:be:a4:da:3f:f6:e2:4e:4d:cd:3d:85:34:b8:4a:
08:74:90:ff:17:c5:0b:49:8c:17:c2:89:43:18:6c:9c:76:a2:
65:51:50:30:88:d4:cc:c4:3f:f6:87:5c:73:d5:b6:9f:ed:f9:
56:67:c1:5d:41:01:3a:ba:98:d1:4f:10:b9:14:b6:8d:92:0e:
d0:26:2a:ee:48:37:93:dc:d4:88:40:cc:b8:ad:9a:02:d1:41:
54:17:ec:21:8c:74:49:80:1f:09:e3:75:f6:57:16:6c:a1:c2:
d4:71:33:d5:64:6c:9c:a2:61:ef:b0:a1:07:98:76:85:a5:1b:
ed:85:0a:e5:89:f3:f1:3a:a6:d2:b0:0d:00:f1:4e:4f:5a:6e:
ed:da:30:a1:d5:d3:85:53:ea:7e:9a:95:10:71:4d:d2:23:cf:
f9:8f:bb:5f:fe:bc:49:bc:21:5c:64:a8:ae:fd:28:8e:52:59:
4d:2e:47:ce:ac:c5:19:9d:a7:2c:49:17:09:9b:a2:46:cb:27:
39:30:4c:74:7b:0a:0b:9b:91:4e:66:25:c4:ec:5d:32:07:eb:
ff:e5:54:d9
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAZa0aNLQnIlnxE+kKSdmUZfYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYzFjODViZjVjNTM0NzFhOTk3ZWY5ZmE5OTlkMGMxNmJl
ODU0NDQwHhcNMjUwNTA5MDkzODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTU0YjY5NmM3N2MwZjEzZTAyZGI2NmNmZDdkNmMzZDAwMGJmMGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuuGtn9V053lt7KtzId2twnMqPTS
GthRMRjm1bYnI+6QaLKyF09txHqkldkK67YOvgnGQv7AgE2xTTAjYdKi8yPyYW9Q
zwXKNDdbm2MPTERkoAD/mIcG08AD/fvSCoVpP0NRM3MQiP75Ucqt19jcI3z9/l3N
Oldlw7Vr1pVmiMUOfvvCOW3CvPbtCo6Hi/ubZDsdTg2/5WUVpumoNCEmDUtxMBaZ
Wn0MuAH0SIgTMI8OS2yfTRTIhoSf95HaYOFkxiJ1MJyVmyGhn+MvTcjDQuMxmre5
QRkna4cOM7Gf4LhUtTqHY4swfJBPVu9EptWXqMZWftIYUZ7JFRMypI/wuQIDAQAB
o4ICwjCCAr4wHQYDVR0OBBYEFIpUtpbHfA8T4C22bP19bD0AC/DdMB8GA1UdIwQY
MBaAFJHByFv1xTRxqZfvn6mZ0MFr6FREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wMzQ3ZDMtZTU0Yy00NGMwLThmN2Et
NDUxNDM3NGU2ZmZhLzEvaWxTMmxzZDhEeFBnTGJac19YMXNQUUFMOE4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wMzQ3ZDMtZTU0Yy00NGMwLThmN2EtNDUxNDM3NGU2ZmZh
LzEva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHXBggrBgEFBQcBBwEB/wSBxzCBxDAkBAIAATAeAwQCLZ1A
AwQDXnxAAwQDsvgwAwQCuS3QAwQCubucMIGbBAIAAjCBlAMHACoCKJAAAAMHACoC
KJDv/zASAwcAKgIokP//AwcAKgIokQACAwcAKgIokQAEAwcAKgIokQAJAwcCKgIo
kQAQMBIDBwAqAiiRABUDBwAqAiiRABYDBwAqAiiRABgDBwAqAiiRACkDBwAqAiiR
AP8DBwAqAiiRAVcDBwAqAiiSADIDBwAqAiiSAEADBwAqAiiTAVgwDQYJKoZIhvcN
AQELBQADggEBAA2IbK42LqngW5ZXvOFCr8ynDULl/K1oq40CggA8gmDEwjDYR5mn
vz++pNo/9uJOTc09hTS4Sgh0kP8XxQtJjBfCiUMYbJx2omVRUDCI1MzEP/aHXHPV
tp/t+VZnwV1BATq6mNFPELkUto2SDtAmKu5IN5Pc1IhAzLitmgLRQVQX7CGMdEmA
HwnjdfZXFmyhwtRxM9VkbJyiYe+woQeYdoWlG+2FCuWJ8/E6ptKwDQDxTk9abu3a
MKHV04VT6n6alRBxTdIjz/mPu1/+vEm8IVxkqK79KI5SWU0uR86sxRmdpyxJFwmb
okbLJzkwTHR7CgubkU5mJcTsXTIH6//lVNk=
-----END CERTIFICATE-----
Generated at Mon May 12 20:35:58 2025 by rpki-client