Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/t3CZxHGrmtZmDELdMlXKtGYh3K0.roa
File: t3CZxHGrmtZmDELdMlXKtGYh3K0.roa (raw, json)
Hash identifier: EXeLpekUpbHYH7Cv6iD93sC4B2Y1Gc771dCHFnYz00s=
Subject key identifier: B7:70:99:C4:71:AB:9A:D6:66:0C:42:DD:32:55:CA:B4:66:21:DC:AD
Certificate issuer: /CN=92192e8d785581f72b18644224bd8c3fa8a2d11b
Certificate serial: 01964EA83BC6B5CC6FC899AB61DB29DB6F9F
Authority key identifier: 92:19:2E:8D:78:55:81:F7:2B:18:64:42:24:BD:8C:3F:A8:A2:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khkujXhVgfcrGGRCJL2MP6ii0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/t3CZxHGrmtZmDELdMlXKtGYh3K0.roa
Signing time: Sat 19 Apr 2025 15:26:10 +0000
ROA not before: Sat 19 Apr 2025 15:26:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59588
IP address blocks: 45.153.116.0/23 maxlen: 23
45.153.116.0/24 maxlen: 24
45.153.117.0/24 maxlen: 24
45.153.118.0/23 maxlen: 23
45.153.118.0/24 maxlen: 24
45.153.119.0/24 maxlen: 24
151.236.160.0/23 maxlen: 23
151.236.160.0/24 maxlen: 24
151.236.161.0/24 maxlen: 24
151.236.162.0/23 maxlen: 23
151.236.162.0/24 maxlen: 24
151.236.163.0/24 maxlen: 24
151.236.164.0/23 maxlen: 23
151.236.164.0/24 maxlen: 24
151.236.165.0/24 maxlen: 24
151.236.166.0/23 maxlen: 23
151.236.166.0/24 maxlen: 24
151.236.167.0/24 maxlen: 24
151.236.168.0/23 maxlen: 23
151.236.168.0/24 maxlen: 24
151.236.169.0/24 maxlen: 24
151.236.170.0/23 maxlen: 23
151.236.170.0/24 maxlen: 24
151.236.171.0/24 maxlen: 24
151.236.172.0/23 maxlen: 23
151.236.172.0/24 maxlen: 24
151.236.173.0/24 maxlen: 24
151.236.174.0/23 maxlen: 23
151.236.174.0/24 maxlen: 24
151.236.175.0/24 maxlen: 24
151.236.176.0/23 maxlen: 23
151.236.176.0/24 maxlen: 24
151.236.177.0/24 maxlen: 24
151.236.178.0/23 maxlen: 23
151.236.178.0/24 maxlen: 24
151.236.179.0/24 maxlen: 24
151.236.180.0/23 maxlen: 23
151.236.180.0/24 maxlen: 24
151.236.181.0/24 maxlen: 24
151.236.182.0/23 maxlen: 24
151.236.182.0/24 maxlen: 24
151.236.183.0/24 maxlen: 24
151.236.186.0/24 maxlen: 24
151.236.188.0/23 maxlen: 23
151.236.188.0/24 maxlen: 24
151.236.189.0/24 maxlen: 24
151.236.190.0/23 maxlen: 23
151.236.190.0/24 maxlen: 24
151.236.191.0/24 maxlen: 24
198.160.165.0/24 maxlen: 24
198.160.166.0/24 maxlen: 24
198.160.168.0/23 maxlen: 23
198.160.168.0/24 maxlen: 24
198.160.169.0/24 maxlen: 24
198.176.116.0/23 maxlen: 23
198.176.116.0/24 maxlen: 24
198.176.117.0/24 maxlen: 24
2a10:2200:1::/48 maxlen: 48
2a10:2200:2::/48 maxlen: 48
2a10:2200:3::/48 maxlen: 48
2a10:2200:b::/48 maxlen: 48
2a10:2200:c::/48 maxlen: 48
2a10:2200:d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/khkujXhVgfcrGGRCJL2MP6ii0Rs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/khkujXhVgfcrGGRCJL2MP6ii0Rs.mft
rsync://rpki.ripe.net/repository/DEFAULT/khkujXhVgfcrGGRCJL2MP6ii0Rs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:4e:a8:3b:c6:b5:cc:6f:c8:99:ab:61:db:29:db:6f:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92192e8d785581f72b18644224bd8c3fa8a2d11b
Validity
Not Before: Apr 19 15:26:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b77099c471ab9ad6660c42dd3255cab46621dcad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:87:17:a1:ca:1c:f1:e2:20:4a:96:36:25:4e:
00:9d:f0:71:06:e0:ca:b6:5f:ee:f8:76:06:e3:57:
2b:62:30:30:fa:60:04:9a:ea:b7:14:b0:ab:5f:34:
e9:ff:95:c2:f5:ef:7b:d4:8d:ee:ef:61:32:16:14:
6a:c8:6d:2b:66:43:92:1d:57:7f:8d:ce:f9:45:da:
12:5a:d7:78:cd:41:89:6d:36:59:7e:6d:ed:ac:1f:
1b:85:0e:b4:ed:4d:7d:53:45:fe:01:bf:33:2f:44:
41:31:34:e2:a6:02:02:89:cb:a9:34:58:04:ee:35:
5a:0e:97:77:d0:7e:6b:61:e8:b2:27:7f:36:01:33:
dd:86:e1:99:97:33:fd:f9:7a:81:20:5f:54:c1:cd:
90:34:f5:4b:15:77:79:17:49:49:d8:6c:fc:cc:63:
f3:ac:66:71:5c:53:66:7d:05:2d:b3:21:0b:26:47:
86:c8:9e:0f:3e:09:ad:8d:f2:e6:46:0b:d1:b9:6c:
cc:ec:a9:69:31:36:26:5e:b5:be:db:aa:af:ab:84:
90:53:70:c4:a8:df:ad:ce:d9:d5:ed:59:18:00:0f:
7b:41:0f:8b:0b:af:8d:77:b7:f2:62:50:a8:7c:44:
dd:13:e8:65:2c:c5:d5:3d:17:47:8f:b5:e1:8a:dd:
39:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:70:99:C4:71:AB:9A:D6:66:0C:42:DD:32:55:CA:B4:66:21:DC:AD
X509v3 Authority Key Identifier:
keyid:92:19:2E:8D:78:55:81:F7:2B:18:64:42:24:BD:8C:3F:A8:A2:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khkujXhVgfcrGGRCJL2MP6ii0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/t3CZxHGrmtZmDELdMlXKtGYh3K0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/khkujXhVgfcrGGRCJL2MP6ii0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.116.0/22
151.236.160.0-151.236.183.255
151.236.186.0/24
151.236.188.0/22
198.160.165.0-198.160.166.255
198.160.168.0/23
198.176.116.0/23
IPv6:
2a10:2200:1::-2a10:2200:3:ffff:ffff:ffff:ffff:ffff
2a10:2200:b::-2a10:2200:d:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
10:64:be:44:3a:12:ad:e6:81:d3:16:93:31:db:9d:17:17:60:
79:8b:e3:f0:f7:2d:aa:05:56:71:4d:a8:3b:69:fc:41:ca:4c:
9a:11:8b:0d:b5:a8:94:d4:ac:6e:47:10:51:e2:16:e7:50:88:
56:3a:cd:87:97:db:ba:2e:82:0d:fe:56:52:b3:1f:39:e2:9a:
32:65:82:8a:d3:37:22:f2:c1:fb:87:13:04:52:7e:a1:b7:8d:
e4:ed:38:03:e7:44:e5:36:25:87:e6:80:ae:15:42:5c:7e:03:
05:8b:98:96:5a:39:41:ff:bc:b7:6c:00:3c:99:68:13:c6:48:
27:5f:a2:7b:bd:64:c5:d3:73:af:5b:fb:f1:5d:09:22:49:cb:
d2:0e:d1:9d:df:26:03:6a:65:c5:1c:31:e0:13:a9:5e:b3:62:
02:52:4c:f2:d2:a6:e9:79:71:2a:a9:56:02:ac:2e:0e:d2:9d:
38:e5:1e:69:50:26:b6:48:8d:54:14:a9:33:04:80:70:9a:7b:
af:e4:0d:31:fa:b4:5e:2c:2b:24:60:27:87:3e:65:44:cd:11:
94:55:4e:ac:6f:87:79:1f:e1:65:0a:19:be:8f:f3:fb:73:9d:
22:da:4e:02:70:4a:45:be:24:c0:89:a7:ee:92:cc:90:88:e0:
77:43:0a:e9
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZZOqDvGtcxvyJmrYdsp22+fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMTkyZThkNzg1NTgxZjcyYjE4NjQ0MjI0YmQ4YzNmYThh
MmQxMWIwHhcNMjUwNDE5MTUyNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzcwOTljNDcxYWI5YWQ2NjYwYzQyZGQzMjU1Y2FiNDY2MjFkY2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtocXococ8eIgSpY2JU4AnfBxBuDK
tl/u+HYG41crYjAw+mAEmuq3FLCrXzTp/5XC9e971I3u72EyFhRqyG0rZkOSHVd/
jc75RdoSWtd4zUGJbTZZfm3trB8bhQ607U19U0X+Ab8zL0RBMTTipgICicupNFgE
7jVaDpd30H5rYeiyJ382ATPdhuGZlzP9+XqBIF9Uwc2QNPVLFXd5F0lJ2Gz8zGPz
rGZxXFNmfQUtsyELJkeGyJ4PPgmtjfLmRgvRuWzM7KlpMTYmXrW+26qvq4SQU3DE
qN+tztnV7VkYAA97QQ+LC6+Nd7fyYlCofETdE+hlLMXVPRdHj7Xhit05lwIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFLdwmcRxq5rWZgxC3TJVyrRmIdytMB8GA1UdIwQY
MBaAFJIZLo14VYH3KxhkQiS9jD+ootEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2hrdWpYaFZnZmNyR0dSQ0pMMk1QNmlpMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9kOWIzOTctZTEwNS00YWM5LTg1Mzct
MDA4NWEzNjVhMjVmLzEvdDNDWnhIR3JtdFptREVMZE1sWEt0R1loM0swLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9kOWIzOTctZTEwNS00YWM5LTg1MzctMDA4NWEzNjVhMjVm
LzEva2hrdWpYaFZnZmNyR0dSQ0pMMk1QNmlpMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwQAQCAAEwOgMEAi2ZdDAM
AwQFl+ygAwQDl+ywAwQAl+y6AwQCl+y8MAwDBADGoKUDBADGoKYDBAHGoKgDBAHG
sHQwLgQCAAIwKDASAwcAKhAiAAABAwcCKhAiAAAAMBIDBwAqECIAAAsDBwEqECIA
AAwwDQYJKoZIhvcNAQELBQADggEBABBkvkQ6Eq3mgdMWkzHbnRcXYHmL4/D3LaoF
VnFNqDtp/EHKTJoRiw21qJTUrG5HEFHiFudQiFY6zYeX27ougg3+VlKzHznimjJl
gorTNyLywfuHEwRSfqG3jeTtOAPnROU2JYfmgK4VQlx+AwWLmJZaOUH/vLdsADyZ
aBPGSCdfonu9ZMXTc69b+/FdCSJJy9IO0Z3fJgNqZcUcMeATqV6zYgJSTPLSpul5
cSqpVgKsLg7SnTjlHmlQJrZIjVQUqTMEgHCae6/kDTH6tF4sKyRgJ4c+ZUTNEZRV
Tqxvh3kf4WUKGb6P8/tznSLaTgJwSkW+JMCJp+6SzJCI4HdDCuk=
-----END CERTIFICATE-----
Generated at Sun May 11 20:09:42 2025 by rpki-client