Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/nFy218cMoV1x87wAvm4khH-zk-I.roa
File: nFy218cMoV1x87wAvm4khH-zk-I.roa (raw, json)
Hash identifier: +jv9fiHcSwPz9rrYjTHAj2V8pXL295rMUGQE8j23qaA=
Subject key identifier: 9C:5C:B6:D7:C7:0C:A1:5D:71:F3:BC:00:BE:6E:24:84:7F:B3:93:E2
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0197713573F60E179EE6DA334B9A782756FE
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/nFy218cMoV1x87wAvm4khH-zk-I.roa
Signing time: Sun 15 Jun 2025 01:30:17 +0000
ROA not before: Sun 15 Jun 2025 01:30:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5511
IP address blocks: 45.136.0.0/24 maxlen: 32
45.136.2.0/24 maxlen: 32
45.136.3.0/24 maxlen: 32
128.0.119.0/24 maxlen: 32
185.117.20.0/22 maxlen: 32
185.117.20.0/24 maxlen: 32
185.117.22.0/24 maxlen: 32
185.117.23.0/24 maxlen: 32
185.120.13.0/24 maxlen: 32
185.144.100.0/24 maxlen: 32
185.144.102.0/24 maxlen: 32
185.211.48.0/24 maxlen: 32
185.211.49.0/24 maxlen: 32
185.211.50.0/24 maxlen: 32
185.227.240.0/24 maxlen: 32
185.227.241.0/24 maxlen: 32
185.227.242.0/24 maxlen: 32
185.227.243.0/24 maxlen: 32
193.201.208.0/24 maxlen: 32
193.201.209.0/24 maxlen: 32
193.201.210.0/24 maxlen: 32
193.201.211.0/24 maxlen: 32
194.36.100.0/24 maxlen: 32
194.36.102.0/24 maxlen: 32
194.36.103.0/24 maxlen: 32
194.124.64.0/24 maxlen: 32
194.124.65.0/24 maxlen: 32
194.124.66.0/24 maxlen: 32
194.124.67.0/24 maxlen: 32
195.85.68.0/24 maxlen: 32
195.85.69.0/24 maxlen: 32
195.85.70.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:71:35:73:f6:0e:17:9e:e6:da:33:4b:9a:78:27:56:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jun 15 01:30:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c5cb6d7c70ca15d71f3bc00be6e24847fb393e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:6b:98:65:68:48:cd:0e:81:59:22:24:4a:7a:
04:87:6e:4f:1b:92:11:a9:c1:e2:46:ae:02:53:89:
39:a0:3a:e8:b2:b6:ee:6a:a7:86:62:12:53:b2:d1:
36:9d:05:1d:54:7f:8e:ff:0e:6c:98:2a:ba:aa:44:
84:33:8d:b9:c2:9b:12:da:9e:ec:b4:7b:1d:ed:70:
a7:21:70:1a:5c:8c:1e:c6:36:03:b6:5c:dd:e1:42:
46:a6:3d:78:ef:d0:57:40:41:e4:59:0d:78:f2:7f:
14:ac:10:ef:db:d6:4a:9f:eb:cb:bf:4c:88:a4:2c:
b7:e8:e6:35:d7:97:71:15:30:ed:23:86:6c:02:c2:
d6:3c:2a:ec:5e:8e:0a:69:1e:70:17:97:ff:09:6a:
04:63:d7:23:1a:f9:b0:0c:37:06:c9:5d:61:4e:fb:
55:d0:8b:f3:ab:af:b0:5e:55:a4:16:4d:04:23:a4:
06:fb:54:d9:f8:37:9f:8e:68:d3:3e:14:e5:dc:b5:
32:d7:6b:4e:40:72:31:d3:28:39:b4:4d:1f:6c:cd:
5a:40:1c:4c:5b:aa:a4:f3:94:de:e7:5f:50:80:a0:
db:23:21:76:0f:ad:e7:0d:de:1a:a0:97:5f:b4:2a:
aa:25:46:0f:8d:60:a0:4c:cc:36:e0:41:80:ee:6d:
ac:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:5C:B6:D7:C7:0C:A1:5D:71:F3:BC:00:BE:6E:24:84:7F:B3:93:E2
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/nFy218cMoV1x87wAvm4khH-zk-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.0.0/24
45.136.2.0/23
128.0.119.0/24
185.117.20.0/22
185.120.13.0/24
185.144.100.0/24
185.144.102.0/24
185.211.48.0-185.211.50.255
185.227.240.0/22
193.201.208.0/22
194.36.100.0/24
194.36.102.0/23
194.124.64.0/22
195.85.68.0-195.85.70.255
Signature Algorithm: sha256WithRSAEncryption
b6:3a:3c:5c:ab:d7:6b:95:9c:45:b5:f9:a9:a6:75:fa:1d:28:
a2:a6:e6:7c:91:fe:11:b1:57:27:c4:24:29:a7:de:e0:a6:b4:
e0:47:ca:29:22:07:cd:1c:f6:dd:53:93:b1:4c:c6:05:25:ef:
0a:7b:6d:15:f6:54:9a:36:59:ce:6e:3a:f3:0a:3e:a0:29:3f:
50:9c:15:e7:02:ce:20:44:36:10:20:a4:72:a7:57:78:e6:c9:
8f:27:d7:75:0c:66:15:72:ae:bc:51:f1:01:4c:61:26:c1:b6:
cb:80:80:24:8d:c8:d7:0b:d5:3d:e9:c3:46:ed:87:2d:b9:01:
17:b1:f1:8e:b7:4c:8c:01:c4:e2:ba:af:9a:30:f5:45:d8:0e:
5d:2c:63:b1:e1:14:ac:6d:ff:ae:78:db:14:c0:da:13:15:03:
64:34:eb:8c:04:84:d2:2e:53:3c:7c:c2:98:40:33:88:7f:89:
6e:3f:a6:74:2d:59:a7:32:b1:b2:46:77:ab:03:ef:16:ed:6f:
a3:d1:be:45:5e:1a:3f:3a:bc:90:0e:ed:3a:36:6c:75:3a:92:
2d:e2:b2:90:dd:a0:5d:e5:e0:d1:ee:5d:4d:9c:d1:07:75:e9:
c0:e0:6c:68:0e:d5:4f:fa:9c:29:d7:9a:d7:1e:6b:27:c1:f2:
30:04:6c:99
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZdxNXP2Dhee5tozS5p4J1b+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwNjE1MDEzMDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzVjYjZkN2M3MGNhMTVkNzFmM2JjMDBiZTZlMjQ4NDdmYjM5M2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5GuYZWhIzQ6BWSIkSnoEh25PG5IR
qcHiRq4CU4k5oDrosrbuaqeGYhJTstE2nQUdVH+O/w5smCq6qkSEM425wpsS2p7s
tHsd7XCnIXAaXIwexjYDtlzd4UJGpj1479BXQEHkWQ148n8UrBDv29ZKn+vLv0yI
pCy36OY115dxFTDtI4ZsAsLWPCrsXo4KaR5wF5f/CWoEY9cjGvmwDDcGyV1hTvtV
0Ivzq6+wXlWkFk0EI6QG+1TZ+DefjmjTPhTl3LUy12tOQHIx0yg5tE0fbM1aQBxM
W6qk85Te519QgKDbIyF2D63nDd4aoJdftCqqJUYPjWCgTMw24EGA7m2sXwIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFJxcttfHDKFdcfO8AL5uJIR/s5PiMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvbkZ5MjE4Y01vVjF4ODd3QXZtNGtoSC16ay1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQALYgAAwQB
LYgCAwQAgAB3AwQCuXUUAwQAuXgNAwQAuZBkAwQAuZBmMAwDBAS50zADBAC50zID
BAK54/ADBALBydADBADCJGQDBAHCJGYDBALCfEAwDAMEAsNVRAMEAMNVRjANBgkq
hkiG9w0BAQsFAAOCAQEAtjo8XKvXa5WcRbX5qaZ1+h0ooqbmfJH+EbFXJ8QkKafe
4Ka04EfKKSIHzRz23VOTsUzGBSXvCnttFfZUmjZZzm468wo+oCk/UJwV5wLOIEQ2
ECCkcqdXeObJjyfXdQxmFXKuvFHxAUxhJsG2y4CAJI3I1wvVPenDRu2HLbkBF7Hx
jrdMjAHE4rqvmjD1RdgOXSxjseEUrG3/rnjbFMDaExUDZDTrjASE0i5TPHzCmEAz
iH+Jbj+mdC1ZpzKxskZ3qwPvFu1vo9G+RV4aPzq8kA7tOjZsdTqSLeKykN2gXeXg
0e5dTZzRB3XpwOBsaA7VT/qcKdea1x5rJ8HyMARsmQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:40:42 2025 by rpki-client