Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/XViC8UX-PPgLVj20viVYKS5yir8.roa
File: XViC8UX-PPgLVj20viVYKS5yir8.roa (raw, json)
Hash identifier: qgIFQ82FdXz9mnIhf+gtC76w1bsjNUllc3xuNfHtWdA=
Subject key identifier: 5D:58:82:F1:45:FE:3C:F8:0B:56:3D:B4:BE:25:58:29:2E:72:8A:BF
Certificate issuer: /CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Certificate serial: 0196A75DE3DC76A0C0844E3707A5D2DC75C5
Authority key identifier: 0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/XViC8UX-PPgLVj20viVYKS5yir8.roa
Signing time: Tue 06 May 2025 20:51:10 +0000
ROA not before: Tue 06 May 2025 20:51:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 45.66.132.0/24 maxlen: 24
45.66.135.0/24 maxlen: 24
45.82.165.0/24 maxlen: 24
45.134.18.0/24 maxlen: 24
45.144.242.0/24 maxlen: 24
45.144.243.0/24 maxlen: 24
91.220.202.0/24 maxlen: 24
91.220.203.0/24 maxlen: 24
185.120.17.0/24 maxlen: 24
185.126.137.0/24 maxlen: 24
185.172.114.0/24 maxlen: 24
188.119.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.mft
rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a7:5d:e3:dc:76:a0:c0:84:4e:37:07:a5:d2:dc:75:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Validity
Not Before: May 6 20:51:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d5882f145fe3cf80b563db4be2558292e728abf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:7a:e9:10:cb:d3:56:fb:d3:05:24:c3:16:57:
3e:b5:e6:6c:be:78:00:be:fa:95:3a:ef:2d:26:ce:
7d:ba:6b:37:8f:f9:c0:da:e1:21:50:7f:d6:7f:b9:
06:bd:08:43:65:8f:0f:c7:6a:14:26:86:cb:01:b4:
14:78:43:76:ac:75:72:01:54:52:d2:4a:22:7a:c9:
a2:a2:6d:3e:68:8a:9c:67:22:7b:eb:44:5f:31:89:
ee:48:b2:73:c9:1b:a7:7c:24:60:85:71:b0:7c:d6:
b9:a9:b3:c5:8b:8b:80:4c:de:41:38:c4:81:cf:2e:
76:b8:fa:1c:a5:7c:ac:67:4a:95:8d:63:60:56:b2:
36:ec:47:cd:9b:3f:7e:66:20:a3:7f:84:5d:b6:54:
94:72:5a:91:75:2a:cf:dc:21:8c:2f:f5:15:de:6b:
53:7f:ab:09:e1:02:72:1f:d1:15:b5:91:09:7e:9e:
dc:4d:37:56:2e:ad:1d:89:ba:ed:7f:c7:5f:ca:32:
d9:54:4f:93:73:f7:a3:0a:41:32:27:a8:37:93:21:
83:0e:aa:22:42:cf:09:4d:e8:86:dd:70:1f:5d:5b:
0c:45:67:0a:87:e2:22:ba:20:e4:c9:fc:58:0b:af:
39:4f:e7:8c:5a:51:35:a0:30:30:e9:49:44:a3:b0:
2e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:58:82:F1:45:FE:3C:F8:0B:56:3D:B4:BE:25:58:29:2E:72:8A:BF
X509v3 Authority Key Identifier:
keyid:0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/XViC8UX-PPgLVj20viVYKS5yir8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.132.0/24
45.66.135.0/24
45.82.165.0/24
45.134.18.0/24
45.144.242.0/23
91.220.202.0/23
185.120.17.0/24
185.126.137.0/24
185.172.114.0/24
188.119.102.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:9c:6b:57:61:e7:5e:61:a3:04:a5:aa:6f:d0:d0:8f:19:7c:
f0:04:76:18:1e:51:02:e1:df:05:3b:c1:be:d1:e2:50:60:f4:
87:83:27:80:47:8b:c1:70:95:ab:13:11:eb:cc:b8:17:28:4d:
c1:c4:6d:6c:fc:0f:5b:36:dc:c2:5c:21:cf:96:50:05:95:65:
35:ce:9b:2a:a9:67:ef:4d:00:47:73:f2:9e:9a:bf:2e:4e:87:
c8:8d:e4:f3:78:d5:3a:b7:52:de:ce:a4:7d:84:ed:dd:01:08:
7b:57:c2:e1:1a:37:74:bc:10:e3:91:16:cb:cc:31:13:6a:d9:
ca:c6:67:d3:d9:d1:8f:4f:b5:1b:5a:bc:4d:68:9a:81:bf:68:
45:38:f4:dd:b4:7c:97:74:8f:19:cc:73:cf:3a:04:5f:82:df:
dc:0d:fb:38:48:30:c6:d7:02:d2:d4:3b:6f:fb:fe:29:8f:8e:
d8:ce:6b:5e:9f:36:87:34:d6:4c:40:ea:e9:f6:28:03:b2:0c:
e3:af:0b:05:83:80:86:cf:46:c6:03:32:8f:e8:fa:99:04:7c:
19:7a:1a:11:2b:64:90:8d:93:dc:d1:14:88:f8:e2:5e:2b:a2:
73:f0:53:5f:65:70:a7:71:05:70:e0:02:f5:1e:18:46:df:f0:
6d:88:22:8f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZanXePcdqDAhE43B6XS3HXFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMjQ3ZTczMzkxZWM5ZDZhMmE0NmYyY2IwYjAyZmM5OTQy
ODhmMTMwHhcNMjUwNTA2MjA1MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDU4ODJmMTQ1ZmUzY2Y4MGI1NjNkYjRiZTI1NTgyOTJlNzI4YWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3HrpEMvTVvvTBSTDFlc+teZsvngA
vvqVOu8tJs59ums3j/nA2uEhUH/Wf7kGvQhDZY8Px2oUJobLAbQUeEN2rHVyAVRS
0koiesmiom0+aIqcZyJ760RfMYnuSLJzyRunfCRghXGwfNa5qbPFi4uATN5BOMSB
zy52uPocpXysZ0qVjWNgVrI27EfNmz9+ZiCjf4RdtlSUclqRdSrP3CGML/UV3mtT
f6sJ4QJyH9EVtZEJfp7cTTdWLq0dibrtf8dfyjLZVE+Tc/ejCkEyJ6g3kyGDDqoi
Qs8JTeiG3XAfXVsMRWcKh+IiuiDkyfxYC685T+eMWlE1oDAw6UlEo7AunQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFF1YgvFF/jz4C1Y9tL4lWCkucoq/MB8GA1UdIwQY
MBaAFAskfnM5HsnWoqRvLLCwL8mUKI8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMt
NzM2Nzg5ZWU2ZmQwLzEvWFZpQzhVWC1QUGdMVmoyMHZpVllLUzV5aXI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMtNzM2Nzg5ZWU2ZmQw
LzEvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALUKEAwQA
LUKHAwQALVKlAwQALYYSAwQBLZDyAwQBW9zKAwQAuXgRAwQAuX6JAwQAuaxyAwQA
vHdmMA0GCSqGSIb3DQEBCwUAA4IBAQAPnGtXYedeYaMEpapv0NCPGXzwBHYYHlEC
4d8FO8G+0eJQYPSHgyeAR4vBcJWrExHrzLgXKE3BxG1s/A9bNtzCXCHPllAFlWU1
zpsqqWfvTQBHc/Kemr8uTofIjeTzeNU6t1LezqR9hO3dAQh7V8LhGjd0vBDjkRbL
zDETatnKxmfT2dGPT7UbWrxNaJqBv2hFOPTdtHyXdI8ZzHPPOgRfgt/cDfs4SDDG
1wLS1Dtv+/4pj47YzmtenzaHNNZMQOrp9igDsgzjrwsFg4CGz0bGAzKP6PqZBHwZ
ehoRK2SQjZPc0RSI+OJeK6Jz8FNfZXCncQVw4AL1HhhG3/BtiCKP
-----END CERTIFICATE-----
Generated at Sun May 11 09:15:47 2025 by rpki-client