Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/850024-84ee-44c8-b2d9-7d20eb063455/1/yVy6K3-_uaSKa1-_oqUp0tf_Xgk.roa
File: yVy6K3-_uaSKa1-_oqUp0tf_Xgk.roa (raw, json)
Hash identifier: 7YTmf2c9OYfpZTmIIrXdtXUx4tpHodV4viOENQQMD4k=
Subject key identifier: C9:5C:BA:2B:7F:BF:B9:A4:8A:6B:5F:BF:A2:A5:29:D2:D7:FF:5E:09
Certificate issuer: /CN=30a55632ec9034c9b9a3f290aaecd9a07c1f26ab
Certificate serial: 0196C56EF39FD0159F461BC03C433A146317
Authority key identifier: 30:A5:56:32:EC:90:34:C9:B9:A3:F2:90:AA:EC:D9:A0:7C:1F:26:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MKVWMuyQNMm5o_KQquzZoHwfJqs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/850024-84ee-44c8-b2d9-7d20eb063455/1/yVy6K3-_uaSKa1-_oqUp0tf_Xgk.roa
Signing time: Mon 12 May 2025 16:58:24 +0000
ROA not before: Mon 12 May 2025 16:58:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199508
IP address blocks: 45.8.128.0/22 maxlen: 22
62.220.224.0/22 maxlen: 22
62.220.252.0/22 maxlen: 22
85.194.236.0/23 maxlen: 23
89.41.48.0/24 maxlen: 24
89.42.43.0/24 maxlen: 24
93.90.48.0/20 maxlen: 20
185.11.208.0/22 maxlen: 22
185.195.149.0/24 maxlen: 24
185.195.150.0/23 maxlen: 23
195.192.250.0/23 maxlen: 23
2a01:b5a0::/32 maxlen: 32
2a03:6f40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/850024-84ee-44c8-b2d9-7d20eb063455/1/MKVWMuyQNMm5o_KQquzZoHwfJqs.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/850024-84ee-44c8-b2d9-7d20eb063455/1/MKVWMuyQNMm5o_KQquzZoHwfJqs.mft
rsync://rpki.ripe.net/repository/DEFAULT/MKVWMuyQNMm5o_KQquzZoHwfJqs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c5:6e:f3:9f:d0:15:9f:46:1b:c0:3c:43:3a:14:63:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30a55632ec9034c9b9a3f290aaecd9a07c1f26ab
Validity
Not Before: May 12 16:58:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c95cba2b7fbfb9a48a6b5fbfa2a529d2d7ff5e09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:0d:4a:d7:da:92:77:2d:ee:23:86:49:f7:c6:
23:64:78:18:41:9e:a6:b4:4f:fb:ef:32:0f:14:77:
9f:6c:df:d8:06:5b:22:e3:67:25:26:31:a1:87:71:
0f:73:69:b7:b2:7d:7b:19:04:a6:37:a3:2e:6b:52:
b7:b1:b2:82:7a:d8:05:ae:c8:f5:d9:77:cd:f8:7e:
b1:9f:f3:46:b7:06:43:8b:92:c1:f6:c2:19:d7:2b:
c2:af:ca:0a:3e:ea:de:1a:f9:3f:45:28:5d:be:28:
16:01:24:2f:cb:89:3e:07:1c:ad:65:9f:01:df:50:
f9:b5:91:0c:7f:21:3c:99:e4:eb:d3:91:e7:03:c4:
03:50:ae:57:68:a8:65:c5:c0:ee:90:35:d5:f2:44:
27:e7:58:26:92:aa:60:a3:d7:97:81:af:ed:f0:e6:
a7:dc:06:b3:af:3c:a6:13:46:71:9d:93:0e:9f:71:
71:d2:fa:79:1b:91:76:66:57:f4:7a:b5:bf:7b:a9:
a3:1e:d5:10:a6:b4:f5:f0:03:39:66:18:5a:bf:2e:
68:ca:f4:4c:a7:47:be:96:05:eb:b8:d3:c9:ed:bd:
f5:11:78:bc:97:71:d1:8c:c5:13:75:c1:be:ff:79:
43:42:7c:95:cc:ca:c5:c6:15:03:9d:d7:bb:ee:5d:
fe:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:5C:BA:2B:7F:BF:B9:A4:8A:6B:5F:BF:A2:A5:29:D2:D7:FF:5E:09
X509v3 Authority Key Identifier:
keyid:30:A5:56:32:EC:90:34:C9:B9:A3:F2:90:AA:EC:D9:A0:7C:1F:26:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MKVWMuyQNMm5o_KQquzZoHwfJqs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/850024-84ee-44c8-b2d9-7d20eb063455/1/yVy6K3-_uaSKa1-_oqUp0tf_Xgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/850024-84ee-44c8-b2d9-7d20eb063455/1/MKVWMuyQNMm5o_KQquzZoHwfJqs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.128.0/22
62.220.224.0/22
62.220.252.0/22
85.194.236.0/23
89.41.48.0/24
89.42.43.0/24
93.90.48.0/20
185.11.208.0/22
185.195.149.0-185.195.151.255
195.192.250.0/23
IPv6:
2a01:b5a0::/32
2a03:6f40::/32
Signature Algorithm: sha256WithRSAEncryption
1d:dc:f5:d5:a8:ed:36:15:a2:bb:f1:2f:f4:c2:28:23:4f:2f:
f7:34:31:01:75:c9:27:42:0c:20:34:83:d0:7a:5a:fa:4f:aa:
c6:99:e5:1e:aa:2b:0a:c0:5b:4b:ec:1f:21:aa:95:7f:8a:1c:
ed:c6:58:6a:0a:13:74:be:35:e1:f8:82:4f:ee:1d:7b:a6:90:
34:f0:6b:fa:da:32:52:3a:f3:53:d8:ed:fe:ef:d0:3f:39:2f:
29:e6:49:d7:e5:41:b6:0c:d7:37:08:9e:8b:97:bd:00:18:6b:
f3:5c:24:58:f1:e0:06:db:ea:5f:11:9b:35:53:07:3b:82:43:
c9:43:5e:74:a6:9d:c6:a6:d3:1d:9d:38:f3:42:b5:31:b1:1e:
f3:ed:68:f5:84:53:05:56:74:ed:46:09:5a:22:60:47:fa:99:
bd:56:77:4a:47:10:1d:62:de:91:a1:30:a6:a5:49:94:e8:c4:
98:d4:dc:46:19:4a:2f:20:07:fb:12:b3:9b:0c:76:8e:1e:4f:
aa:44:b7:a1:be:b3:2f:79:fb:a3:e4:c3:9e:18:ea:af:14:02:
55:4b:46:5b:b0:cb:eb:82:ed:e4:03:0b:7d:02:dd:44:6f:9c:
f2:3f:d4:f1:19:c1:69:6e:09:a9:45:0d:32:2e:bf:85:04:ce:
83:33:6c:4a
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZbFbvOf0BWfRhvAPEM6FGMXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYTU1NjMyZWM5MDM0YzliOWEzZjI5MGFhZWNkOWEwN2Mx
ZjI2YWIwHhcNMjUwNTEyMTY1ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTVjYmEyYjdmYmZiOWE0OGE2YjVmYmZhMmE1MjlkMmQ3ZmY1ZTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqg1K19qSdy3uI4ZJ98YjZHgYQZ6m
tE/77zIPFHefbN/YBlsi42clJjGhh3EPc2m3sn17GQSmN6Mua1K3sbKCetgFrsj1
2XfN+H6xn/NGtwZDi5LB9sIZ1yvCr8oKPureGvk/RShdvigWASQvy4k+BxytZZ8B
31D5tZEMfyE8meTr05HnA8QDUK5XaKhlxcDukDXV8kQn51gmkqpgo9eXga/t8Oan
3AazrzymE0ZxnZMOn3Fx0vp5G5F2Zlf0erW/e6mjHtUQprT18AM5Zhhavy5oyvRM
p0e+lgXruNPJ7b31EXi8l3HRjMUTdcG+/3lDQnyVzMrFxhUDnde77l3+qQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFMlcuit/v7mkimtfv6KlKdLX/14JMB8GA1UdIwQY
MBaAFDClVjLskDTJuaPykKrs2aB8HyarMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUtWV011eVFOTW01b19LUXF1elpvSHdmSnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84NTAwMjQtODRlZS00NGM4LWIyZDkt
N2QyMGViMDYzNDU1LzEveVZ5NkszLV91YVNLYTEtX29xVXAwdGZfWGdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84NTAwMjQtODRlZS00NGM4LWIyZDktN2QyMGViMDYzNDU1
LzEvTUtWV011eVFOTW01b19LUXF1elpvSHdmSnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBKBAIAATBEAwQCLQiAAwQC
PtzgAwQCPtz8AwQBVcLsAwQAWSkwAwQAWSorAwQEXVowAwQCuQvQMAwDBAC5w5UD
BAO5w5ADBAHDwPowFAQCAAIwDgMFACoBtaADBQAqA29AMA0GCSqGSIb3DQEBCwUA
A4IBAQAd3PXVqO02FaK78S/0wigjTy/3NDEBdcknQgwgNIPQelr6T6rGmeUeqisK
wFtL7B8hqpV/ihztxlhqChN0vjXh+IJP7h17ppA08Gv62jJSOvNT2O3+79A/OS8p
5knX5UG2DNc3CJ6Ll70AGGvzXCRY8eAG2+pfEZs1Uwc7gkPJQ150pp3GptMdnTjz
QrUxsR7z7Wj1hFMFVnTtRglaImBH+pm9VndKRxAdYt6RoTCmpUmU6MSY1NxGGUov
IAf7ErObDHaOHk+qRLehvrMvefuj5MOeGOqvFAJVS0ZbsMvrgu3kAwt9At1Eb5zy
P9TxGcFpbgmpRQ0yLr+FBM6DM2xK
-----END CERTIFICATE-----
Generated at Tue May 13 06:53:46 2025 by rpki-client