Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/MniCdS_WZ4lZic5pzyt6lWwynsU.roa
File: MniCdS_WZ4lZic5pzyt6lWwynsU.roa (raw, json)
Hash identifier: psz4JBmudhLxsVGB1qqd8o8XZ5Wqy2adF+mRTSu5HHE=
Subject key identifier: 32:78:82:75:2F:D6:67:89:59:89:CE:69:CF:2B:7A:95:6C:32:9E:C5
Certificate issuer: /CN=293e0cd8b3e044edb823aef688aafb0b75de8675
Certificate serial: 0196AAD075AC13706FD8E4EEA00F85BC2AAB
Authority key identifier: 29:3E:0C:D8:B3:E0:44:ED:B8:23:AE:F6:88:AA:FB:0B:75:DE:86:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/MniCdS_WZ4lZic5pzyt6lWwynsU.roa
Signing time: Wed 07 May 2025 12:55:10 +0000
ROA not before: Wed 07 May 2025 12:55:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204544
IP address blocks: 45.129.36.0/22 maxlen: 22
45.129.36.0/24 maxlen: 24
45.129.37.0/24 maxlen: 24
45.129.38.0/23 maxlen: 23
45.129.38.0/24 maxlen: 24
45.129.39.0/24 maxlen: 24
185.53.140.0/22 maxlen: 22
185.53.140.0/23 maxlen: 23
185.53.140.0/24 maxlen: 24
185.53.141.0/24 maxlen: 24
185.53.142.0/23 maxlen: 23
185.53.142.0/24 maxlen: 24
185.53.143.0/24 maxlen: 24
2a0d:9680::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/KT4M2LPgRO24I672iKr7C3XehnU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/KT4M2LPgRO24I672iKr7C3XehnU.mft
rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 21:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:aa:d0:75:ac:13:70:6f:d8:e4:ee:a0:0f:85:bc:2a:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=293e0cd8b3e044edb823aef688aafb0b75de8675
Validity
Not Before: May 7 12:55:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=327882752fd667895989ce69cf2b7a956c329ec5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f6:34:51:af:e9:53:cc:1a:a8:e7:3e:ab:fe:
65:78:70:68:12:a7:55:6d:00:31:90:b2:4b:21:4b:
85:d7:49:77:7e:04:fe:72:db:80:85:68:0f:ae:52:
6b:6a:64:67:95:ee:99:b4:49:09:a8:3f:3e:d7:a5:
c9:99:9f:fe:9b:74:fe:a5:4d:af:ac:01:07:72:c8:
8b:7b:e5:11:a4:80:cd:92:51:a7:66:18:e5:82:1a:
f5:ad:8b:35:db:1b:0b:b5:9f:d1:02:b5:d6:77:5e:
11:5c:9e:fa:0f:24:dd:ec:1b:68:96:65:66:71:6b:
b8:86:43:0f:d4:22:12:ca:55:d0:8b:5e:ae:33:69:
ce:ab:4a:ab:24:98:5c:31:b1:a4:96:61:8d:17:8e:
1d:99:06:f9:c4:32:43:3f:4c:2a:38:6b:79:de:0a:
7f:da:c8:b7:f0:19:9c:ab:b2:d8:1f:de:61:53:61:
1f:ee:e2:aa:bb:7d:47:ac:32:0f:73:fc:52:11:23:
1f:97:2c:60:46:81:71:41:61:27:b8:7b:b8:5c:1f:
15:59:c8:77:e8:38:fa:3f:e0:a3:9d:08:7b:30:04:
74:49:e5:f6:eb:49:ed:02:62:b0:77:19:47:61:02:
98:60:22:b1:b9:f7:39:2f:49:ac:22:a6:30:47:b1:
cd:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:78:82:75:2F:D6:67:89:59:89:CE:69:CF:2B:7A:95:6C:32:9E:C5
X509v3 Authority Key Identifier:
keyid:29:3E:0C:D8:B3:E0:44:ED:B8:23:AE:F6:88:AA:FB:0B:75:DE:86:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/MniCdS_WZ4lZic5pzyt6lWwynsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/KT4M2LPgRO24I672iKr7C3XehnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.36.0/22
185.53.140.0/22
IPv6:
2a0d:9680::/48
Signature Algorithm: sha256WithRSAEncryption
96:0f:f8:d0:7c:c6:26:8e:4e:3b:93:09:09:4d:2e:78:84:77:
57:95:f9:b1:e0:36:c1:d5:b4:1f:fa:c9:f3:b0:8d:56:e8:cf:
2c:cb:10:d6:47:66:ca:23:3e:12:40:c3:57:c6:5d:c5:05:8f:
ee:3e:13:18:88:8f:27:a3:06:fe:1a:88:3e:45:81:34:70:94:
d9:db:5e:64:df:cc:d4:a4:4c:c5:98:aa:a3:2f:f9:04:b3:6b:
4c:ba:9d:57:79:2c:13:ca:80:77:2d:60:79:02:8a:70:0c:63:
43:4a:dc:8d:f5:f5:4a:45:75:eb:2f:8c:0e:99:ca:13:dd:30:
73:d4:03:d4:f5:bb:f5:ef:73:41:24:a9:d0:dd:27:ad:3e:07:
0b:50:1f:73:ca:2b:a9:62:51:e7:a6:18:d8:5f:7d:94:de:b7:
d8:02:bb:8f:96:ab:33:a5:2b:77:d9:7e:0f:2f:1a:7b:c1:27:
36:f1:6f:bd:dc:ab:ed:49:2c:cb:bb:cd:eb:ed:02:f5:ee:17:
e0:a2:52:36:12:b3:f5:7f:51:db:09:b0:ae:ca:e3:2e:f7:d5:
d2:04:53:a7:08:29:e5:ee:b7:5a:55:90:e8:ad:df:ae:f6:ac:
f9:bd:9d:ac:68:55:0c:ea:ab:e7:00:5e:6c:9f:73:e0:c5:07:
70:a9:64:97
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZaq0HWsE3Bv2OTuoA+FvCqrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5M2UwY2Q4YjNlMDQ0ZWRiODIzYWVmNjg4YWFmYjBiNzVk
ZTg2NzUwHhcNMjUwNTA3MTI1NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjc4ODI3NTJmZDY2Nzg5NTk4OWNlNjljZjJiN2E5NTZjMzI5ZWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvY0Ua/pU8waqOc+q/5leHBoEqdV
bQAxkLJLIUuF10l3fgT+ctuAhWgPrlJramRnle6ZtEkJqD8+16XJmZ/+m3T+pU2v
rAEHcsiLe+URpIDNklGnZhjlghr1rYs12xsLtZ/RArXWd14RXJ76DyTd7BtolmVm
cWu4hkMP1CISylXQi16uM2nOq0qrJJhcMbGklmGNF44dmQb5xDJDP0wqOGt53gp/
2si38Bmcq7LYH95hU2Ef7uKqu31HrDIPc/xSESMflyxgRoFxQWEnuHu4XB8VWch3
6Dj6P+CjnQh7MAR0SeX260ntAmKwdxlHYQKYYCKxufc5L0msIqYwR7HN8QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFDJ4gnUv1meJWYnOac8repVsMp7FMB8GA1UdIwQY
MBaAFCk+DNiz4ETtuCOu9oiq+wt13oZ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1Q0TTJMUGdSTzI0STY3MmlLcjdDM1hlaG5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC82ZGExYzItMjUyZC00YmQyLWI1NmMt
YmIyMTdjYzNiNzhkLzEvTW5pQ2RTX1daNGxaaWM1cHp5dDZsV3d5bnNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC82ZGExYzItMjUyZC00YmQyLWI1NmMtYmIyMTdjYzNiNzhk
LzEvS1Q0TTJMUGdSTzI0STY3MmlLcjdDM1hlaG5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCLYEkAwQC
uTWMMA8EAgACMAkDBwAqDZaAAAAwDQYJKoZIhvcNAQELBQADggEBAJYP+NB8xiaO
TjuTCQlNLniEd1eV+bHgNsHVtB/6yfOwjVbozyzLENZHZsojPhJAw1fGXcUFj+4+
ExiIjyejBv4aiD5FgTRwlNnbXmTfzNSkTMWYqqMv+QSza0y6nVd5LBPKgHctYHkC
inAMY0NK3I319UpFdesvjA6ZyhPdMHPUA9T1u/Xvc0EkqdDdJ60+BwtQH3PKK6li
UeemGNhffZTet9gCu4+WqzOlK3fZfg8vGnvBJzbxb73cq+1JLMu7zevtAvXuF+Ci
UjYSs/V/UdsJsK7K4y731dIEU6cIKeXut1pVkOit3672rPm9naxoVQzqq+cAXmyf
c+DFB3CpZJc=
-----END CERTIFICATE-----
Generated at Sun May 11 06:17:40 2025 by rpki-client