Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/b3SLe6B8RMqbliWDKav99vFdTek.roa
File: b3SLe6B8RMqbliWDKav99vFdTek.roa (raw, json)
Hash identifier: iCQ5veiisd5iDOsW30aYP2ZsuL0olskVYr7vQwj4J8k=
Subject key identifier: 6F:74:8B:7B:A0:7C:44:CA:9B:96:25:83:29:AB:FD:F6:F1:5D:4D:E9
Certificate issuer: /CN=5bea81aa9b2197d9127b442525100ffaa36e0d52
Certificate serial: 01946A2AF24A8EF34512750A26AB72BC2C96
Authority key identifier: 5B:EA:81:AA:9B:21:97:D9:12:7B:44:25:25:10:0F:FA:A3:6E:0D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W-qBqpshl9kSe0QlJRAP-qNuDVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/b3SLe6B8RMqbliWDKav99vFdTek.roa
Signing time: Wed 15 Jan 2025 13:33:06 +0000
ROA not before: Wed 15 Jan 2025 13:33:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34373
IP address blocks: 45.128.64.0/22 maxlen: 24
45.132.40.0/22 maxlen: 24
77.74.124.0/22 maxlen: 24
86.48.68.0/22 maxlen: 24
91.219.76.0/22 maxlen: 24
185.56.52.0/22 maxlen: 24
185.63.56.0/22 maxlen: 24
185.69.204.0/22 maxlen: 24
185.96.44.0/22 maxlen: 24
185.97.228.0/22 maxlen: 24
185.116.40.0/22 maxlen: 24
185.165.68.0/22 maxlen: 24
185.210.128.0/22 maxlen: 24
193.105.233.0/24 maxlen: 24
217.61.253.0/24 maxlen: 24
2a00:4140::/29 maxlen: 48
2a06:900::/29 maxlen: 48
2a06:7bc0::/29 maxlen: 48
2a0b:57c0::/29 maxlen: 48
2a0b:ec00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/W-qBqpshl9kSe0QlJRAP-qNuDVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/W-qBqpshl9kSe0QlJRAP-qNuDVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/W-qBqpshl9kSe0QlJRAP-qNuDVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6a:2a:f2:4a:8e:f3:45:12:75:0a:26:ab:72:bc:2c:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bea81aa9b2197d9127b442525100ffaa36e0d52
Validity
Not Before: Jan 15 13:33:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f748b7ba07c44ca9b96258329abfdf6f15d4de9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e4:81:7d:c9:64:b7:10:d1:c0:c7:98:62:76:
ff:7e:2b:e4:24:bb:f9:8a:c0:88:32:d4:a6:64:c7:
e6:11:09:6d:12:5a:5d:16:c3:4b:0d:7e:4d:e1:18:
46:67:17:6b:e0:8d:99:d3:c6:a7:2e:18:c3:86:89:
30:c1:5d:a1:a0:ba:05:a7:f3:a9:b9:a7:f9:80:8d:
f2:01:99:c6:6e:3c:dc:26:5f:4d:9d:14:7d:8a:7f:
4d:8c:0e:4f:fc:0c:5d:8c:52:b1:44:5c:d9:d3:d3:
43:5f:eb:f5:27:81:bd:1d:11:28:91:d5:37:4a:19:
2c:0f:71:61:68:e8:d3:e8:d8:cd:66:2b:43:a3:2c:
54:ce:ec:de:b3:6b:bf:36:72:7d:8d:dc:f9:17:b6:
e8:29:f2:fb:8d:4d:77:bc:17:f3:4c:00:09:f1:60:
c5:03:8b:a6:0e:18:f0:63:91:c2:7f:2a:f8:9b:b5:
66:de:04:1b:68:e4:38:e8:c8:31:99:84:3e:dc:e1:
fc:e0:f6:3d:d7:3c:69:53:8c:6f:71:b9:2d:8b:17:
32:17:7a:1e:66:bc:23:fa:6f:e9:d0:70:22:66:f5:
a7:73:96:d0:32:51:0e:e2:28:27:f0:89:47:1e:82:
83:b5:92:dc:ce:30:1e:7e:81:7f:1e:27:75:0c:7b:
11:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:74:8B:7B:A0:7C:44:CA:9B:96:25:83:29:AB:FD:F6:F1:5D:4D:E9
X509v3 Authority Key Identifier:
keyid:5B:EA:81:AA:9B:21:97:D9:12:7B:44:25:25:10:0F:FA:A3:6E:0D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W-qBqpshl9kSe0QlJRAP-qNuDVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/b3SLe6B8RMqbliWDKav99vFdTek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/W-qBqpshl9kSe0QlJRAP-qNuDVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.64.0/22
45.132.40.0/22
77.74.124.0/22
86.48.68.0/22
91.219.76.0/22
185.56.52.0/22
185.63.56.0/22
185.69.204.0/22
185.96.44.0/22
185.97.228.0/22
185.116.40.0/22
185.165.68.0/22
185.210.128.0/22
193.105.233.0/24
217.61.253.0/24
IPv6:
2a00:4140::/29
2a06:900::/29
2a06:7bc0::/29
2a0b:57c0::/29
2a0b:ec00::/29
Signature Algorithm: sha256WithRSAEncryption
9b:80:67:57:62:ef:d7:1d:7e:92:df:b0:b7:67:20:72:fb:92:
d6:9d:21:8b:79:bd:43:73:93:ec:ec:3a:3b:99:ec:5d:30:99:
f3:c3:4d:13:70:d4:03:69:e8:10:8b:18:19:3d:02:e8:20:99:
e8:d8:89:f7:f3:af:ab:25:cb:a1:b9:4b:13:96:14:c6:35:7e:
3f:34:2d:e9:60:72:94:67:b7:17:62:32:5b:7f:81:03:44:10:
8d:56:29:33:66:6b:e0:8a:ee:09:b7:c8:1c:fe:e4:c7:7c:7c:
eb:db:3b:a8:b9:29:bb:4e:f2:ca:99:4f:11:61:2a:ed:dc:91:
c4:ef:c7:31:97:8d:e7:67:d8:ea:c6:33:0d:14:f9:94:ac:0c:
6b:30:ea:e4:4e:92:95:24:96:ef:2a:66:21:a9:74:43:0c:8b:
08:34:0e:b2:52:44:e8:b9:e4:96:49:6b:ed:9e:40:74:64:57:
2d:f4:87:b9:54:03:8e:ae:2a:21:e1:a0:d6:7e:84:d3:c2:92:
24:88:bb:99:17:d7:94:05:f1:8b:5a:a5:a3:6f:e0:fd:81:a4:
10:5f:a3:49:26:dd:c9:85:50:7b:39:6e:e4:fc:88:8d:01:6f:
da:d5:5e:06:2b:5c:40:45:91:1a:fd:87:99:a6:79:53:b2:0c:
36:b8:c0:4b
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAZRqKvJKjvNFEnUKJqtyvCyWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZWE4MWFhOWIyMTk3ZDkxMjdiNDQyNTI1MTAwZmZhYTM2
ZTBkNTIwHhcNMjUwMTE1MTMzMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Zjc0OGI3YmEwN2M0NGNhOWI5NjI1ODMyOWFiZmRmNmYxNWQ0ZGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreSBfclktxDRwMeYYnb/fivkJLv5
isCIMtSmZMfmEQltElpdFsNLDX5N4RhGZxdr4I2Z08anLhjDhokwwV2hoLoFp/Op
uaf5gI3yAZnGbjzcJl9NnRR9in9NjA5P/AxdjFKxRFzZ09NDX+v1J4G9HREokdU3
ShksD3FhaOjT6NjNZitDoyxUzuzes2u/NnJ9jdz5F7boKfL7jU13vBfzTAAJ8WDF
A4umDhjwY5HCfyr4m7Vm3gQbaOQ46MgxmYQ+3OH84PY91zxpU4xvcbktixcyF3oe
Zrwj+m/p0HAiZvWnc5bQMlEO4ign8IlHHoKDtZLczjAefoF/Hid1DHsRrwIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFG90i3ugfETKm5Ylgymr/fbxXU3pMB8GA1UdIwQY
MBaAFFvqgaqbIZfZEntEJSUQD/qjbg1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVy1xQnFwc2hsOWtTZTBRbEpSQVAtcU51RFZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8yMjQxNTUtM2NhNC00ZmY3LWE5NjQt
ZmMwZGQ5MjUyYzlhLzEvYjNTTGU2QjhSTXFibGlXREthdjk5dkZkVGVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8yMjQxNTUtM2NhNC00ZmY3LWE5NjQtZmMwZGQ5MjUyYzlh
LzEvVy1xQnFwc2hsOWtTZTBRbEpSQVAtcU51RFZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTBgBAIAATBaAwQCLYBA
AwQCLYQoAwQCTUp8AwQCVjBEAwQCW9tMAwQCuTg0AwQCuT84AwQCuUXMAwQCuWAs
AwQCuWHkAwQCuXQoAwQCuaVEAwQCudKAAwQAwWnpAwQA2T39MCkEAgACMCMDBQMq
AEFAAwUDKgYJAAMFAyoGe8ADBQMqC1fAAwUDKgvsADANBgkqhkiG9w0BAQsFAAOC
AQEAm4BnV2Lv1x1+kt+wt2cgcvuS1p0hi3m9Q3OT7Ow6O5nsXTCZ88NNE3DUA2no
EIsYGT0C6CCZ6NiJ9/OvqyXLoblLE5YUxjV+PzQt6WBylGe3F2IyW3+BA0QQjVYp
M2Zr4IruCbfIHP7kx3x869s7qLkpu07yyplPEWEq7dyRxO/HMZeN52fY6sYzDRT5
lKwMazDq5E6SlSSW7ypmIal0QwyLCDQOslJE6Lnklklr7Z5AdGRXLfSHuVQDjq4q
IeGg1n6E08KSJIi7mRfXlAXxi1qlo2/g/YGkEF+jSSbdyYVQezlu5PyIjQFv2tVe
BitcQEWRGv2HmaZ5U7IMNrjASw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 14:42:59 2025 by rpki-client