Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/4HUEzjvO1URr-UPygZ4Bs6_KT9Q.roa
File: 4HUEzjvO1URr-UPygZ4Bs6_KT9Q.roa (raw, json)
Hash identifier: 8gqeOkmM8zl20dUfCC3W3gzkl4K07sQTxtiB6AnAR2Q=
Subject key identifier: E0:75:04:CE:3B:CE:D5:44:6B:F9:43:F2:81:9E:01:B3:AF:CA:4F:D4
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 0194A83EABB0CA358D9B24DEF7C0042F085E
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/4HUEzjvO1URr-UPygZ4Bs6_KT9Q.roa
Signing time: Mon 27 Jan 2025 14:51:06 +0000
ROA not before: Mon 27 Jan 2025 14:51:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215402
IP address blocks: 45.150.66.0/24 maxlen: 24
91.211.114.0/24 maxlen: 24
138.124.181.0/24 maxlen: 24
2a0e:4005:1000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.mft
rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a8:3e:ab:b0:ca:35:8d:9b:24:de:f7:c0:04:2f:08:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Jan 27 14:51:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e07504ce3bced5446bf943f2819e01b3afca4fd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:f5:5b:82:a2:ca:a6:60:80:4a:90:f8:22:9e:
18:c7:c0:95:a7:42:02:ae:22:ac:3d:8f:ce:ec:bb:
60:5b:fb:6e:fb:55:98:aa:25:7a:35:22:cd:b4:9a:
da:aa:86:ef:c9:e2:ec:14:fb:9c:1f:5d:45:b1:a8:
83:eb:95:03:21:a4:ae:37:29:8e:4b:ba:b6:27:1f:
23:47:71:1c:f4:a9:9d:85:6e:45:bf:fb:a9:41:e7:
18:a4:93:d2:5c:2c:14:49:e3:5a:2f:4b:ca:b4:e9:
90:31:8f:86:f4:25:6e:77:85:5c:7a:08:00:02:83:
69:8e:6c:92:11:8e:56:f8:3d:b5:17:8e:9c:8c:67:
e4:b1:90:d6:c2:11:bc:88:76:6b:7f:12:50:46:52:
f9:95:1d:8f:a1:5b:26:6b:27:c7:6f:69:01:03:39:
d1:75:bc:74:70:37:42:46:cc:14:07:e1:4e:88:f1:
ec:52:24:33:0c:0b:a8:0c:7c:18:b3:75:6b:01:bd:
b8:db:e1:87:54:95:0d:7c:a8:08:9a:c3:63:37:b5:
2e:d0:34:6d:a8:21:39:35:bb:83:d8:d7:5b:bb:f3:
bd:34:66:3f:22:2f:0b:73:24:cd:10:86:34:e3:c7:
95:98:3c:2a:35:1e:0d:19:c8:d6:66:a1:6d:8e:44:
86:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:75:04:CE:3B:CE:D5:44:6B:F9:43:F2:81:9E:01:B3:AF:CA:4F:D4
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/4HUEzjvO1URr-UPygZ4Bs6_KT9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.66.0/24
91.211.114.0/24
138.124.181.0/24
IPv6:
2a0e:4005:1000::/48
Signature Algorithm: sha256WithRSAEncryption
e3:ea:61:c8:92:82:da:47:1c:52:e1:9c:be:10:c4:7a:ec:6b:
ba:10:60:51:97:3f:87:4d:5a:c9:bf:01:e8:86:a4:9d:4c:9f:
47:5b:9a:05:26:d3:a6:4b:cd:ce:7f:cd:d9:4f:1b:c0:12:df:
ff:b1:49:46:32:35:5f:7a:15:1c:c9:bb:f1:44:da:60:00:90:
e7:a7:8c:76:dc:c0:a8:6c:a3:f1:a4:bb:39:81:f3:0c:7c:96:
8b:3a:ec:64:e3:af:a5:35:9d:53:62:d8:43:23:1b:a9:75:dc:
01:e1:7b:3f:41:d4:d1:fb:a9:83:08:85:48:75:9a:4d:de:33:
b5:14:9b:cf:1a:8f:3d:b7:75:09:70:11:66:75:c6:71:b4:c8:
22:5a:6c:19:f1:6e:c9:34:66:00:45:cf:52:8d:d5:d4:5d:8d:
fd:ad:91:38:14:a5:17:a8:40:87:f7:14:08:7d:46:db:d2:0a:
6f:b3:c2:4e:9c:d0:36:0c:ac:d5:a8:d4:d8:64:77:70:8e:1d:
7e:b2:6a:be:9a:a9:31:5f:cf:b5:a9:7b:7f:9f:ba:49:4b:95:
20:f6:e5:f7:7d:13:22:32:a4:66:b8:2c:64:56:86:1c:70:01:
5c:21:48:fd:ac:37:eb:90:2b:28:00:36:e9:54:1c:65:ed:cf:
11:f3:e3:7c
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZSoPquwyjWNmyTe98AELwheMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjUwMTI3MTQ1MTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDc1MDRjZTNiY2VkNTQ0NmJmOTQzZjI4MTllMDFiM2FmY2E0ZmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0PVbgqLKpmCASpD4Ip4Yx8CVp0IC
riKsPY/O7LtgW/tu+1WYqiV6NSLNtJraqobvyeLsFPucH11FsaiD65UDIaSuNymO
S7q2Jx8jR3Ec9KmdhW5Fv/upQecYpJPSXCwUSeNaL0vKtOmQMY+G9CVud4VceggA
AoNpjmySEY5W+D21F46cjGfksZDWwhG8iHZrfxJQRlL5lR2PoVsmayfHb2kBAznR
dbx0cDdCRswUB+FOiPHsUiQzDAuoDHwYs3VrAb242+GHVJUNfKgImsNjN7Uu0DRt
qCE5NbuD2Ndbu/O9NGY/Ii8LcyTNEIY048eVmDwqNR4NGcjWZqFtjkSGlQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFOB1BM47ztVEa/lD8oGeAbOvyk/UMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvNEhVRXpqdk8xVVJyLVVQeWdaNEJzNl9LVDlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQALZZCAwQA
W9NyAwQAiny1MA8EAgACMAkDBwAqDkAFEAAwDQYJKoZIhvcNAQELBQADggEBAOPq
YciSgtpHHFLhnL4QxHrsa7oQYFGXP4dNWsm/AeiGpJ1Mn0dbmgUm06ZLzc5/zdlP
G8AS3/+xSUYyNV96FRzJu/FE2mAAkOenjHbcwKhso/GkuzmB8wx8los67GTjr6U1
nVNi2EMjG6l13AHhez9B1NH7qYMIhUh1mk3eM7UUm88ajz23dQlwEWZ1xnG0yCJa
bBnxbsk0ZgBFz1KN1dRdjf2tkTgUpReoQIf3FAh9RtvSCm+zwk6c0DYMrNWo1Nhk
d3COHX6yar6aqTFfz7Wpe3+fuklLlSD25fd9EyIypGa4LGRWhhxwAVwhSP2sN+uQ
KygANulUHGXtzxHz43w=
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:35:29 2025 by rpki-client