Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/9822bc-1593-498c-8f6a-703b6b70a7ec/1/XFrF4ZD8RKmENGKuXlNfyh9_oV8.roa
File: XFrF4ZD8RKmENGKuXlNfyh9_oV8.roa (raw, json)
Hash identifier: Syc9HmjiF/DkUOhl4IVh1oQ9jwD6L7ptWtUgxSy9ut8=
Subject key identifier: 5C:5A:C5:E1:90:FC:44:A9:84:34:62:AE:5E:53:5F:CA:1F:7F:A1:5F
Certificate issuer: /CN=92af03ca2df6423b77d0ef3737b0f4791aa035a3
Certificate serial: 01968C172A55308F2E2D8F07A6ACD3C6D155
Authority key identifier: 92:AF:03:CA:2D:F6:42:3B:77:D0:EF:37:37:B0:F4:79:1A:A0:35:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kq8Dyi32Qjt30O83N7D0eRqgNaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/9822bc-1593-498c-8f6a-703b6b70a7ec/1/XFrF4ZD8RKmENGKuXlNfyh9_oV8.roa
Signing time: Thu 01 May 2025 13:44:10 +0000
ROA not before: Thu 01 May 2025 13:44:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42156
IP address blocks: 45.83.172.0/22 maxlen: 22
45.83.172.0/23 maxlen: 23
45.83.174.0/24 maxlen: 24
45.83.175.0/24 maxlen: 24
45.143.60.0/24 maxlen: 24
45.143.61.0/24 maxlen: 24
45.143.62.0/23 maxlen: 23
69.48.159.0/24 maxlen: 24
185.161.188.0/24 maxlen: 24
185.251.180.0/24 maxlen: 24
2a0e:8480::/29 maxlen: 29
2a0e:e2c0::/29 maxlen: 29
2a0e:e2c1::/32 maxlen: 32
2a0e:e2c2::/32 maxlen: 32
2a0e:e2c4::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/9822bc-1593-498c-8f6a-703b6b70a7ec/1/kq8Dyi32Qjt30O83N7D0eRqgNaM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/9822bc-1593-498c-8f6a-703b6b70a7ec/1/kq8Dyi32Qjt30O83N7D0eRqgNaM.mft
rsync://rpki.ripe.net/repository/DEFAULT/kq8Dyi32Qjt30O83N7D0eRqgNaM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 19:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8c:17:2a:55:30:8f:2e:2d:8f:07:a6:ac:d3:c6:d1:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92af03ca2df6423b77d0ef3737b0f4791aa035a3
Validity
Not Before: May 1 13:44:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c5ac5e190fc44a9843462ae5e535fca1f7fa15f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0c:b7:2f:45:7b:14:1d:45:66:35:e5:e3:49:
2f:d3:3c:19:a9:c5:45:d0:b9:8c:c9:3a:1a:19:3f:
1d:05:7d:d7:91:7b:c6:28:ef:3a:50:5c:c3:d7:8f:
1e:70:3f:6e:47:d7:d0:b1:99:ae:04:57:72:a4:d4:
81:b2:02:a7:4c:70:1e:09:cd:e6:fa:21:46:e5:5d:
c8:9a:93:e6:dd:a7:66:f0:78:95:1e:ac:55:65:99:
32:a4:45:7f:2c:ce:82:71:cb:4a:33:0a:d2:a4:67:
ef:8a:6d:8d:94:d4:0e:df:41:88:49:1f:9f:8c:c8:
c9:3f:9d:01:79:6c:db:f4:e4:7c:db:e3:a0:43:a3:
0c:cf:0e:e5:81:03:22:bc:4b:c3:b6:9a:0d:7d:ce:
a3:64:88:0e:bd:79:19:d7:42:4a:c6:c4:45:93:a2:
64:6a:85:9c:c0:f8:94:ca:4b:69:98:15:23:61:a4:
a8:db:6c:45:46:47:3d:4e:11:e7:31:1d:a6:e5:e5:
f5:d4:3e:ee:fb:d2:ab:ce:d2:e4:c9:57:b0:94:cd:
62:05:b1:d9:44:b0:17:9b:d6:a9:a4:82:ac:a7:3d:
41:83:74:e7:7c:8d:f5:bc:11:fa:b1:43:48:92:f6:
f3:f2:cb:ca:dc:00:fb:44:b7:66:83:f4:2d:a3:ef:
c2:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:5A:C5:E1:90:FC:44:A9:84:34:62:AE:5E:53:5F:CA:1F:7F:A1:5F
X509v3 Authority Key Identifier:
keyid:92:AF:03:CA:2D:F6:42:3B:77:D0:EF:37:37:B0:F4:79:1A:A0:35:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kq8Dyi32Qjt30O83N7D0eRqgNaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/9822bc-1593-498c-8f6a-703b6b70a7ec/1/XFrF4ZD8RKmENGKuXlNfyh9_oV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/9822bc-1593-498c-8f6a-703b6b70a7ec/1/kq8Dyi32Qjt30O83N7D0eRqgNaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.172.0/22
45.143.60.0/22
69.48.159.0/24
185.161.188.0/24
185.251.180.0/24
IPv6:
2a0e:8480::/29
2a0e:e2c0::/29
Signature Algorithm: sha256WithRSAEncryption
3c:17:27:4d:6d:e5:32:67:5d:88:55:74:bc:25:fa:50:d5:dc:
25:1a:47:f5:c2:66:c0:63:0e:44:09:af:a3:34:5b:34:bb:d6:
ab:34:42:08:41:01:34:c1:b1:be:2e:f5:6a:61:f4:5b:df:bd:
31:c5:18:7c:ac:fe:3f:ec:9d:85:24:3c:8d:fa:4c:72:9a:e7:
a5:6d:0f:64:d4:67:d8:1b:f1:37:c0:6e:1e:e6:19:0f:fd:ea:
c5:09:28:c1:48:96:72:28:18:ae:6d:ed:48:3a:59:09:83:d4:
d0:b7:4e:e7:9b:32:39:f8:ba:74:a3:22:b4:a6:b0:b9:f3:39:
a6:e5:f5:ec:d6:c2:df:33:b0:23:cd:5d:66:d7:cd:a0:fa:cd:
0d:2c:dd:a2:0f:6c:1a:15:31:86:ab:f2:e7:cb:af:45:66:2e:
42:ef:62:6c:f0:bf:61:f0:1f:60:3c:fd:d1:f2:db:21:49:9e:
87:84:bb:73:c8:c8:a0:d3:b2:57:90:4d:1e:ff:cf:ad:b6:a5:
27:65:b1:91:cd:5d:e6:91:9f:c4:27:7d:28:d9:e5:fb:de:1a:
58:7c:a3:94:6d:c3:86:07:75:ce:4f:3b:e2:38:4e:0f:62:80:
2a:57:3d:0e:b8:ca:27:b5:cc:ec:bd:5b:65:e9:9f:71:dc:d8:
f3:64:89:c5
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZaMFypVMI8uLY8HpqzTxtFVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyYWYwM2NhMmRmNjQyM2I3N2QwZWYzNzM3YjBmNDc5MWFh
MDM1YTMwHhcNMjUwNTAxMTM0NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzVhYzVlMTkwZmM0NGE5ODQzNDYyYWU1ZTUzNWZjYTFmN2ZhMTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugy3L0V7FB1FZjXl40kv0zwZqcVF
0LmMyToaGT8dBX3XkXvGKO86UFzD148ecD9uR9fQsZmuBFdypNSBsgKnTHAeCc3m
+iFG5V3ImpPm3adm8HiVHqxVZZkypEV/LM6CcctKMwrSpGfvim2NlNQO30GISR+f
jMjJP50BeWzb9OR82+OgQ6MMzw7lgQMivEvDtpoNfc6jZIgOvXkZ10JKxsRFk6Jk
aoWcwPiUyktpmBUjYaSo22xFRkc9ThHnMR2m5eX11D7u+9KrztLkyVewlM1iBbHZ
RLAXm9appIKspz1Bg3TnfI31vBH6sUNIkvbz8svK3AD7RLdmg/Qto+/CtwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFFxaxeGQ/ESphDRirl5TX8off6FfMB8GA1UdIwQY
MBaAFJKvA8ot9kI7d9DvNzew9HkaoDWjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3E4RHlpMzJRanQzME84M043RDBlUnFnTmFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS85ODIyYmMtMTU5My00OThjLThmNmEt
NzAzYjZiNzBhN2VjLzEvWEZyRjRaRDhSS21FTkdLdVhsTmZ5aDlfb1Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS85ODIyYmMtMTU5My00OThjLThmNmEtNzAzYjZiNzBhN2Vj
LzEva3E4RHlpMzJRanQzME84M043RDBlUnFnTmFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQCLVOsAwQC
LY88AwQARTCfAwQAuaG8AwQAufu0MBQEAgACMA4DBQMqDoSAAwUDKg7iwDANBgkq
hkiG9w0BAQsFAAOCAQEAPBcnTW3lMmddiFV0vCX6UNXcJRpH9cJmwGMORAmvozRb
NLvWqzRCCEEBNMGxvi71amH0W9+9McUYfKz+P+ydhSQ8jfpMcprnpW0PZNRn2Bvx
N8BuHuYZD/3qxQkowUiWcigYrm3tSDpZCYPU0LdO55syOfi6dKMitKawufM5puX1
7NbC3zOwI81dZtfNoPrNDSzdog9sGhUxhqvy58uvRWYuQu9ibPC/YfAfYDz90fLb
IUmeh4S7c8jIoNOyV5BNHv/PrbalJ2Wxkc1d5pGfxCd9KNnl+94aWHyjlG3Dhgd1
zk874jhOD2KAKlc9DrjKJ7XM7L1bZemfcdzY82SJxQ==
-----END CERTIFICATE-----
Generated at Tue May 13 02:09:38 2025 by rpki-client