Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/a5zFl7YfRoI9PIFZlL8A6oYDdmo.roa
File: a5zFl7YfRoI9PIFZlL8A6oYDdmo.roa (raw, json)
Hash identifier: TgtuYN4ql3AL9mn3/Ylv463rB0O0GB0BGknf6tE9nvI=
Subject key identifier: 6B:9C:C5:97:B6:1F:46:82:3D:3C:81:59:94:BF:00:EA:86:03:76:6A
Certificate issuer: /CN=293e0cd8b3e044edb823aef688aafb0b75de8675
Certificate serial: 0197AC0ED4F90C3AB06C6FBD04A36F9AE54C
Authority key identifier: 29:3E:0C:D8:B3:E0:44:ED:B8:23:AE:F6:88:AA:FB:0B:75:DE:86:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/a5zFl7YfRoI9PIFZlL8A6oYDdmo.roa
Signing time: Thu 26 Jun 2025 11:45:42 +0000
ROA not before: Thu 26 Jun 2025 11:45:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51026
IP address blocks: 45.129.36.0/24 maxlen: 24
45.129.37.0/24 maxlen: 24
45.129.38.0/24 maxlen: 24
45.129.39.0/24 maxlen: 24
185.53.141.0/24 maxlen: 24
185.53.142.0/24 maxlen: 24
185.53.143.0/24 maxlen: 24
185.126.202.0/24 maxlen: 24
185.126.203.0/24 maxlen: 24
2a0a:2fc4::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/KT4M2LPgRO24I672iKr7C3XehnU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/KT4M2LPgRO24I672iKr7C3XehnU.mft
rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ac:0e:d4:f9:0c:3a:b0:6c:6f:bd:04:a3:6f:9a:e5:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=293e0cd8b3e044edb823aef688aafb0b75de8675
Validity
Not Before: Jun 26 11:45:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b9cc597b61f46823d3c815994bf00ea8603766a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:b7:2f:19:3b:c0:b8:2b:a0:55:c6:88:62:99:
93:ab:da:95:3a:ff:54:23:52:2f:bd:fb:9c:f2:52:
fd:bd:1c:0b:79:01:20:5b:9c:b7:97:5b:b0:a0:14:
06:4b:62:a3:f1:91:dc:43:b3:a2:b4:c7:c5:73:30:
86:20:ab:87:e0:0d:a4:a1:a1:89:3c:37:29:b5:35:
e0:95:01:21:b0:04:c1:43:fb:70:02:47:0b:54:9b:
53:58:19:fd:29:08:56:f3:e2:91:8f:0f:6d:9f:80:
14:cd:4e:d0:77:99:23:54:04:c2:47:30:34:0e:d6:
fa:f4:47:6a:9e:7a:7d:ce:b4:ed:97:8a:45:c5:fc:
b0:f5:5b:5d:bb:06:6e:83:3c:31:63:c9:05:c4:3c:
ec:c8:c0:5b:5c:a5:ac:fb:e2:5a:64:69:db:c7:36:
b5:4e:b3:19:a0:79:14:cc:c2:fa:9d:11:fd:d9:1a:
fc:23:a4:a4:5c:3a:73:ad:e9:5e:62:39:90:84:51:
2d:56:d9:ee:ed:58:6e:ab:5c:d8:33:d9:2f:1a:12:
19:02:96:16:ff:d4:70:e9:8c:24:ec:78:29:af:64:
a5:e6:39:af:4f:4d:62:4e:b8:55:f9:45:2c:36:6a:
fb:2e:3b:dd:08:64:7d:a2:78:36:69:6b:8a:9d:ac:
aa:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:9C:C5:97:B6:1F:46:82:3D:3C:81:59:94:BF:00:EA:86:03:76:6A
X509v3 Authority Key Identifier:
keyid:29:3E:0C:D8:B3:E0:44:ED:B8:23:AE:F6:88:AA:FB:0B:75:DE:86:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/a5zFl7YfRoI9PIFZlL8A6oYDdmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/KT4M2LPgRO24I672iKr7C3XehnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.36.0/22
185.53.141.0-185.53.143.255
185.126.202.0/23
IPv6:
2a0a:2fc4::/32
Signature Algorithm: sha256WithRSAEncryption
48:b0:1d:3f:f0:d5:91:09:00:a0:d2:98:4c:bf:e0:a9:04:15:
21:da:ec:74:0c:03:d3:b1:4d:d2:f0:14:08:42:45:d2:c7:58:
22:97:3b:ef:80:bb:d0:fa:07:a9:8a:69:3d:0d:bc:04:a4:63:
b4:c4:47:44:8e:fb:29:9c:24:9c:be:d2:ef:41:a5:5e:f1:19:
c4:32:3b:38:27:7c:2f:cf:42:6a:b7:43:ea:3d:1a:0f:0d:c5:
2d:e6:50:44:65:8f:81:0c:47:49:0f:d5:3f:78:94:f1:bc:71:
e7:d3:5e:f3:c7:07:3f:eb:af:88:66:5a:55:17:67:a7:57:1e:
87:73:d4:64:28:65:0f:00:20:20:fd:69:0c:b7:19:5f:74:ce:
01:20:57:92:53:29:7c:0a:91:52:39:46:c5:25:69:4d:7c:0d:
2f:3c:ca:2f:2e:0d:c0:0e:9d:28:10:0f:1f:40:b3:55:bf:06:
08:fe:29:9f:e1:ab:be:49:13:11:91:c5:0c:a9:27:7c:a9:8b:
c1:66:48:76:6b:05:4f:01:6d:d9:7d:5c:1a:1b:84:26:10:8b:
fe:f1:38:75:18:f0:67:3d:90:96:37:da:89:bf:25:f8:36:88:
4f:79:03:6d:38:a5:c7:20:06:d2:bd:5c:16:e6:43:00:76:64:
05:ba:2a:6a
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZesDtT5DDqwbG+9BKNvmuVMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5M2UwY2Q4YjNlMDQ0ZWRiODIzYWVmNjg4YWFmYjBiNzVk
ZTg2NzUwHhcNMjUwNjI2MTE0NTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjljYzU5N2I2MWY0NjgyM2QzYzgxNTk5NGJmMDBlYTg2MDM3NjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7bcvGTvAuCugVcaIYpmTq9qVOv9U
I1Ivvfuc8lL9vRwLeQEgW5y3l1uwoBQGS2Kj8ZHcQ7OitMfFczCGIKuH4A2koaGJ
PDcptTXglQEhsATBQ/twAkcLVJtTWBn9KQhW8+KRjw9tn4AUzU7Qd5kjVATCRzA0
Dtb69Edqnnp9zrTtl4pFxfyw9VtduwZugzwxY8kFxDzsyMBbXKWs++JaZGnbxza1
TrMZoHkUzML6nRH92Rr8I6SkXDpzreleYjmQhFEtVtnu7Vhuq1zYM9kvGhIZApYW
/9Rw6Ywk7Hgpr2Sl5jmvT01iTrhV+UUsNmr7LjvdCGR9ong2aWuKnayqXwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFGucxZe2H0aCPTyBWZS/AOqGA3ZqMB8GA1UdIwQY
MBaAFCk+DNiz4ETtuCOu9oiq+wt13oZ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1Q0TTJMUGdSTzI0STY3MmlLcjdDM1hlaG5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC82ZGExYzItMjUyZC00YmQyLWI1NmMt
YmIyMTdjYzNiNzhkLzEvYTV6Rmw3WWZSb0k5UElGWmxMOEE2b1lEZG1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC82ZGExYzItMjUyZC00YmQyLWI1NmMtYmIyMTdjYzNiNzhk
LzEvS1Q0TTJMUGdSTzI0STY3MmlLcjdDM1hlaG5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCLYEkMAwD
BAC5NY0DBAS5NYADBAG5fsowDQQCAAIwBwMFACoKL8QwDQYJKoZIhvcNAQELBQAD
ggEBAEiwHT/w1ZEJAKDSmEy/4KkEFSHa7HQMA9OxTdLwFAhCRdLHWCKXO++Au9D6
B6mKaT0NvASkY7TER0SO+ymcJJy+0u9BpV7xGcQyOzgnfC/PQmq3Q+o9Gg8NxS3m
UERlj4EMR0kP1T94lPG8cefTXvPHBz/rr4hmWlUXZ6dXHodz1GQoZQ8AICD9aQy3
GV90zgEgV5JTKXwKkVI5RsUlaU18DS88yi8uDcAOnSgQDx9As1W/Bgj+KZ/hq75J
ExGRxQypJ3ypi8FmSHZrBU8Bbdl9XBobhCYQi/7xOHUY8Gc9kJY32om/Jfg2iE95
A204pccgBtK9XBbmQwB2ZAW6Kmo=
-----END CERTIFICATE-----
Generated at Sun Jun 29 06:06:29 2025 by rpki-client