Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/DaxLjHkCtwz6AkSdyDQ703dKGmk.roa
File: DaxLjHkCtwz6AkSdyDQ703dKGmk.roa (raw, json)
Hash identifier: 2I37BfoDYXYa1PY58j+G7pAzY0ub0GKNl2wADkpt+yE=
Subject key identifier: 0D:AC:4B:8C:79:02:B7:0C:FA:02:44:9D:C8:34:3B:D3:77:4A:1A:69
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019695A1CB953751DBA65BEDE5FFF76B9566
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/DaxLjHkCtwz6AkSdyDQ703dKGmk.roa
Signing time: Sat 03 May 2025 10:12:10 +0000
ROA not before: Sat 03 May 2025 10:12:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 5.180.32.0/22 maxlen: 24
5.180.50.0/24 maxlen: 24
5.180.51.0/24 maxlen: 24
5.180.80.0/24 maxlen: 24
5.253.39.0/24 maxlen: 24
45.8.188.0/22 maxlen: 24
45.8.192.0/22 maxlen: 24
45.8.199.0/24 maxlen: 24
45.8.255.0/24 maxlen: 24
45.9.0.0/24 maxlen: 24
45.9.1.0/24 maxlen: 24
85.208.107.0/24 maxlen: 24
85.208.113.0/24 maxlen: 24
85.208.115.0/24 maxlen: 24
85.209.160.0/24 maxlen: 24
193.168.208.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:95:a1:cb:95:37:51:db:a6:5b:ed:e5:ff:f7:6b:95:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: May 3 10:12:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0dac4b8c7902b70cfa02449dc8343bd3774a1a69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:7c:80:0b:35:32:08:da:b9:cc:46:5f:77:97:
b1:76:4a:4b:a7:5a:92:e7:61:5a:23:49:61:2f:a9:
1a:b0:0c:19:e5:e4:f7:5b:88:78:e4:b6:59:e3:de:
d7:21:06:4a:11:d1:de:e1:76:d3:3b:82:b2:c2:de:
5e:8e:94:df:73:91:f9:96:38:b6:5b:cf:30:fd:94:
b7:fb:bf:bf:eb:3e:2c:90:d2:01:7d:18:a9:d7:37:
91:20:77:a1:18:76:ad:fe:bd:fa:3c:5e:0a:3b:f8:
be:63:c6:7c:10:39:68:6d:34:bb:0a:88:d1:60:8a:
f8:79:c0:96:db:43:e5:51:51:13:dc:88:ce:27:ee:
13:5f:da:4e:19:9e:1f:4c:fa:55:10:05:40:50:59:
dc:0f:d1:1a:93:0f:63:c3:e9:1b:e1:16:8f:ec:b6:
26:0d:2a:f7:aa:96:e8:22:9d:16:17:d5:c0:5b:d0:
21:76:e8:3d:b5:fd:98:75:f1:df:21:12:e0:87:02:
7e:84:52:e5:00:2d:2b:eb:cf:16:fd:a8:c5:55:4d:
a5:c1:5b:85:35:c1:8b:f1:eb:78:56:38:95:c6:a9:
7b:55:e9:41:8f:c0:7e:01:45:b7:f3:56:f1:1f:cc:
ef:93:c5:ad:5f:78:ca:a6:a4:ba:bb:e0:49:e4:c8:
8b:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:AC:4B:8C:79:02:B7:0C:FA:02:44:9D:C8:34:3B:D3:77:4A:1A:69
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/DaxLjHkCtwz6AkSdyDQ703dKGmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.32.0/22
5.180.50.0/23
5.180.80.0/24
5.253.39.0/24
45.8.188.0-45.8.195.255
45.8.199.0/24
45.8.255.0-45.9.1.255
85.208.107.0/24
85.208.113.0/24
85.208.115.0/24
85.209.160.0/24
193.168.208.0/22
Signature Algorithm: sha256WithRSAEncryption
71:d7:0b:d5:ac:09:91:11:78:28:69:20:61:95:8b:6a:28:1a:
76:9d:95:b0:18:8e:8e:b1:d7:91:53:df:3e:7b:c6:9c:b2:df:
a8:a1:c4:5c:2b:fb:c6:a2:c8:ce:5d:0d:23:13:3b:b7:ac:0c:
17:a1:a9:b7:b4:2d:05:a1:4e:53:fc:ce:f0:19:07:1e:2e:d8:
00:14:60:b2:c6:f8:de:c6:6d:7c:8c:81:07:de:08:36:a0:31:
0e:c8:79:57:83:68:d8:f4:25:f1:47:74:f7:c3:32:83:7c:6a:
1b:32:19:7f:02:94:4b:9b:db:18:a1:8d:66:1d:35:4d:bf:65:
51:e1:9a:96:92:b3:4c:31:12:e9:fa:78:1e:d0:3f:d7:d6:e7:
b5:b1:86:4e:6e:5c:41:0e:8d:72:da:7f:3b:94:8a:36:f2:30:
2b:d3:e4:a6:f5:77:a8:59:05:8a:31:75:62:df:99:e6:4d:3f:
cf:eb:13:0f:5c:5a:62:8e:8e:50:78:6d:ca:9c:66:bb:52:e9:
75:14:1e:b2:3e:f6:fe:96:b8:8b:5c:9a:c4:41:01:14:6a:e4:
0f:7b:95:71:58:84:ec:0b:b0:4f:04:3b:f4:5e:1b:d4:a8:4f:
73:93:79:a9:e0:0c:c5:96:cf:54:1d:43:1b:5a:e2:5b:1c:1a:
81:39:8e:2e
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZaVocuVN1Hbplvt5f/3a5VmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwNTAzMTAxMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGFjNGI4Yzc5MDJiNzBjZmEwMjQ0OWRjODM0M2JkMzc3NGExYTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2HyACzUyCNq5zEZfd5exdkpLp1qS
52FaI0lhL6kasAwZ5eT3W4h45LZZ497XIQZKEdHe4XbTO4Kywt5ejpTfc5H5lji2
W88w/ZS3+7+/6z4skNIBfRip1zeRIHehGHat/r36PF4KO/i+Y8Z8EDlobTS7CojR
YIr4ecCW20PlUVET3IjOJ+4TX9pOGZ4fTPpVEAVAUFncD9Eakw9jw+kb4RaP7LYm
DSr3qpboIp0WF9XAW9Ahdug9tf2YdfHfIRLghwJ+hFLlAC0r688W/ajFVU2lwVuF
NcGL8et4VjiVxql7VelBj8B+AUW381bxH8zvk8WtX3jKpqS6u+BJ5MiLNwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFA2sS4x5ArcM+gJEncg0O9N3ShppMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvRGF4TGpIa0N0d3o2QWtTZHlEUTcwM2RLR21rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQCBbQgAwQB
BbQyAwQABbRQAwQABf0nMAwDBAItCLwDBAItCMADBAAtCMcwDAMEAC0I/wMEAS0J
AAMEAFXQawMEAFXQcQMEAFXQcwMEAFXRoAMEAsGo0DANBgkqhkiG9w0BAQsFAAOC
AQEAcdcL1awJkRF4KGkgYZWLaigadp2VsBiOjrHXkVPfPnvGnLLfqKHEXCv7xqLI
zl0NIxM7t6wMF6Gpt7QtBaFOU/zO8BkHHi7YABRgssb43sZtfIyBB94INqAxDsh5
V4No2PQl8Ud098Myg3xqGzIZfwKUS5vbGKGNZh01Tb9lUeGalpKzTDES6fp4HtA/
19bntbGGTm5cQQ6Nctp/O5SKNvIwK9PkpvV3qFkFijF1Yt+Z5k0/z+sTD1xaYo6O
UHhtypxmu1LpdRQesj72/pa4i1yaxEEBFGrkD3uVcViE7AuwTwQ79F4b1KhPc5N5
qeAMxZbPVB1DG1riWxwagTmOLg==
-----END CERTIFICATE-----
Generated at Sat May 10 10:41:02 2025 by rpki-client