Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/P4Bbz81DKVf659V7Pusw5yxnCg8.roa
File: P4Bbz81DKVf659V7Pusw5yxnCg8.roa (raw, json)
Hash identifier: 6mtNya9D4eJ+7094qYmfrW/oPVu6b8pgbmkAvNwldHc=
Subject key identifier: 3F:80:5B:CF:CD:43:29:57:FA:E7:D5:7B:3E:EB:30:E7:2C:67:0A:0F
Certificate issuer: /CN=6506096695f7e6610b19b08e1d7fd9c4d914a4f0
Certificate serial: 019427B68B9BA1ECD1C5E924B1C1A55D38A1
Authority key identifier: 65:06:09:66:95:F7:E6:61:0B:19:B0:8E:1D:7F:D9:C4:D9:14:A4:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZQYJZpX35mELGbCOHX_ZxNkUpPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/P4Bbz81DKVf659V7Pusw5yxnCg8.roa
Signing time: Thu 02 Jan 2025 15:51:02 +0000
ROA not before: Thu 02 Jan 2025 15:51:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205614
IP address blocks: 45.89.160.0/22 maxlen: 24
45.135.124.0/22 maxlen: 24
185.171.44.0/22 maxlen: 24
193.22.251.0/24 maxlen: 24
2a0b:e880::/29 maxlen: 29
2a0d:1f80::/32 maxlen: 36
2a0e:8b40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/ZQYJZpX35mELGbCOHX_ZxNkUpPA.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/ZQYJZpX35mELGbCOHX_ZxNkUpPA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZQYJZpX35mELGbCOHX_ZxNkUpPA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 12:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:8b:9b:a1:ec:d1:c5:e9:24:b1:c1:a5:5d:38:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6506096695f7e6610b19b08e1d7fd9c4d914a4f0
Validity
Not Before: Jan 2 15:51:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f805bcfcd432957fae7d57b3eeb30e72c670a0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f5:9d:e0:a9:8b:16:aa:e7:56:8c:f2:88:18:
6f:50:73:e3:fd:64:6e:e0:7e:71:03:df:60:11:f6:
20:99:84:53:3b:2a:e1:a7:3e:a0:7d:bf:f0:7c:97:
84:0b:3f:4d:71:57:15:68:55:9b:4e:6d:34:cd:b0:
6c:b0:18:68:3c:94:bd:76:ff:42:48:43:4e:05:96:
1b:e2:b4:4b:24:35:ad:2e:5c:ca:94:b8:78:da:a6:
a0:18:4c:df:b6:d0:3b:bc:f0:bd:6b:32:7a:b2:bf:
c6:b7:ed:74:f2:b8:68:a8:89:ff:1c:26:ed:9a:4e:
35:24:9b:9b:42:5c:a1:9c:4a:37:d9:2b:82:77:12:
c9:40:8e:01:f1:82:51:ea:5f:a8:14:8d:a2:08:4a:
69:ed:45:c7:53:db:9b:ce:bf:fe:f7:a5:44:f9:4c:
2d:43:65:88:96:8d:f5:0a:1f:63:67:85:cd:22:00:
70:02:31:97:2a:3c:7d:ce:4a:6b:b8:1e:0f:20:17:
87:5f:cd:6d:90:f6:f3:4e:48:86:b1:a2:77:03:2f:
cd:9f:54:42:b4:a9:58:63:1c:da:2d:f9:48:dd:44:
4d:b7:a0:4b:75:61:2d:27:33:16:c0:3e:21:01:53:
fa:6e:a0:d8:ad:c7:ed:49:cd:77:1d:48:c5:6c:5a:
fc:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:80:5B:CF:CD:43:29:57:FA:E7:D5:7B:3E:EB:30:E7:2C:67:0A:0F
X509v3 Authority Key Identifier:
keyid:65:06:09:66:95:F7:E6:61:0B:19:B0:8E:1D:7F:D9:C4:D9:14:A4:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZQYJZpX35mELGbCOHX_ZxNkUpPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/P4Bbz81DKVf659V7Pusw5yxnCg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/ZQYJZpX35mELGbCOHX_ZxNkUpPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.160.0/22
45.135.124.0/22
185.171.44.0/22
193.22.251.0/24
IPv6:
2a0b:e880::/29
2a0d:1f80::/32
2a0e:8b40::/29
Signature Algorithm: sha256WithRSAEncryption
0a:b4:39:4d:3b:1b:3f:5f:df:9a:9d:76:a7:f5:67:41:d8:ee:
96:42:0d:0a:a4:bf:f9:e8:e1:fe:a2:e3:ad:54:fd:1c:a6:d3:
d5:f1:51:ef:b0:58:91:f4:2d:c1:19:59:c7:cb:25:e7:d6:87:
39:ce:25:9d:0e:ad:ab:77:ea:d5:df:c9:12:c1:f5:1e:de:ce:
56:35:00:1f:14:0b:d5:74:92:ad:3f:87:8c:44:f2:21:d2:a4:
29:af:d5:3a:e2:34:77:97:40:74:71:5c:1f:e6:af:37:48:f6:
2e:1e:ef:ea:97:25:1a:22:68:28:0f:8e:64:fa:fc:ad:43:7d:
e9:c7:2a:55:e1:25:ae:9b:e2:df:86:fb:3c:81:be:45:3d:29:
6f:e5:af:2c:fd:e0:61:3d:4d:4d:cd:d5:ae:3b:48:54:6c:74:
37:ef:f6:41:a4:05:45:af:43:ac:ea:ae:28:9e:c9:4e:b5:34:
3c:68:ee:86:2a:43:c1:ff:e7:68:d0:25:ec:f4:24:52:8e:be:
a8:6f:2c:74:f2:fc:bc:73:a7:93:e2:82:1e:03:32:e9:ad:85:
a2:03:48:bb:82:98:fb:70:59:fa:35:a5:3b:c0:1b:7a:34:a9:
00:13:20:ff:8a:2e:8d:e2:7b:e6:51:79:b4:ab:32:88:3b:db:
2e:12:5f:74
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZQntouboezRxekkscGlXTihMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MDYwOTY2OTVmN2U2NjEwYjE5YjA4ZTFkN2ZkOWM0ZDkx
NGE0ZjAwHhcNMjUwMTAyMTU1MTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjgwNWJjZmNkNDMyOTU3ZmFlN2Q1N2IzZWViMzBlNzJjNjcwYTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPWd4KmLFqrnVozyiBhvUHPj/WRu
4H5xA99gEfYgmYRTOyrhpz6gfb/wfJeECz9NcVcVaFWbTm00zbBssBhoPJS9dv9C
SENOBZYb4rRLJDWtLlzKlLh42qagGEzfttA7vPC9azJ6sr/Gt+108rhoqIn/HCbt
mk41JJubQlyhnEo32SuCdxLJQI4B8YJR6l+oFI2iCEpp7UXHU9ubzr/+96VE+Uwt
Q2WIlo31Ch9jZ4XNIgBwAjGXKjx9zkpruB4PIBeHX81tkPbzTkiGsaJ3Ay/Nn1RC
tKlYYxzaLflI3URNt6BLdWEtJzMWwD4hAVP6bqDYrcftSc13HUjFbFr82wIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFD+AW8/NQylX+ufVez7rMOcsZwoPMB8GA1UdIwQY
MBaAFGUGCWaV9+ZhCxmwjh1/2cTZFKTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlFZSlpwWDM1bUVMR2JDT0hYX1p4TmtVcFBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9mNWJhYTQtZjY3MC00Mzg1LWJjMzgt
YTQxNTI1NThkMThjLzEvUDRCYno4MURLVmY2NTlWN1B1c3c1eXhuQ2c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9mNWJhYTQtZjY3MC00Mzg1LWJjMzgtYTQxNTI1NThkMThj
LzEvWlFZSlpwWDM1bUVMR2JDT0hYX1p4TmtVcFBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAeBAIAATAYAwQCLVmgAwQC
LYd8AwQCuassAwQAwRb7MBsEAgACMBUDBQMqC+iAAwUAKg0fgAMFAyoOi0AwDQYJ
KoZIhvcNAQELBQADggEBAAq0OU07Gz9f35qddqf1Z0HY7pZCDQqkv/no4f6i461U
/Rym09XxUe+wWJH0LcEZWcfLJefWhznOJZ0Orat36tXfyRLB9R7ezlY1AB8UC9V0
kq0/h4xE8iHSpCmv1TriNHeXQHRxXB/mrzdI9i4e7+qXJRoiaCgPjmT6/K1DfenH
KlXhJa6b4t+G+zyBvkU9KW/lryz94GE9TU3N1a47SFRsdDfv9kGkBUWvQ6zqriie
yU61NDxo7oYqQ8H/52jQJez0JFKOvqhvLHTy/Lxzp5Pigh4DMumthaIDSLuCmPtw
Wfo1pTvAG3o0qQATIP+KLo3ie+ZRebSrMog72y4SX3Q=
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:45:07 2025 by rpki-client