Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/TrRa3mOQMzvIbozJzmyBJZ6tULw.roa
File: TrRa3mOQMzvIbozJzmyBJZ6tULw.roa (raw, json)
Hash identifier: d1WpoK6cobO04MOKczILPk89idxmBxtIOoIeGxHI9HI=
Subject key identifier: 4E:B4:5A:DE:63:90:33:3B:C8:6E:8C:C9:CE:6C:81:25:9E:AD:50:BC
Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial: 0194282552A56C94E472E37EDACB3A7AF1F8
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/TrRa3mOQMzvIbozJzmyBJZ6tULw.roa
Signing time: Thu 02 Jan 2025 17:52:02 +0000
ROA not before: Thu 02 Jan 2025 17:52:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205960
IP address blocks: 2.59.153.0/24 maxlen: 24
2.59.154.0/24 maxlen: 24
45.91.225.0/24 maxlen: 24
91.204.224.0/24 maxlen: 24
91.204.225.0/24 maxlen: 24
91.204.226.0/24 maxlen: 24
91.204.227.0/24 maxlen: 24
185.202.101.0/24 maxlen: 24
185.202.103.0/24 maxlen: 24
193.239.151.0/24 maxlen: 24
194.126.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.mft
rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:52:a5:6c:94:e4:72:e3:7e:da:cb:3a:7a:f1:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
Validity
Not Before: Jan 2 17:52:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4eb45ade6390333bc86e8cc9ce6c81259ead50bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:d6:96:59:49:90:1d:66:f0:6f:cb:52:c6:b4:
2c:06:ec:c5:f0:00:b7:ac:26:fa:af:5c:74:9a:c1:
20:5b:ef:0e:00:06:e7:f8:a9:9c:d0:ab:2a:9a:e7:
45:0d:09:17:85:fb:8a:87:d5:ad:90:fd:28:4f:8b:
77:2f:46:1a:62:50:42:fc:b8:85:9c:dc:c7:2a:40:
52:f9:29:69:76:8f:6a:c7:f2:e0:1f:8e:44:83:e4:
ba:65:d4:ee:6f:9d:07:b9:ed:b4:ed:10:25:62:77:
67:96:8e:fb:88:0a:59:84:75:17:86:08:08:a8:40:
02:13:82:6f:82:57:58:74:72:72:af:ed:2f:02:1d:
fe:13:2a:b2:68:31:8d:cb:13:c2:c5:bb:23:4a:a5:
05:25:3b:1d:79:7a:11:39:0f:8c:bd:e6:9a:e2:58:
61:cf:e3:5e:03:d0:0e:09:5a:3a:f1:84:e4:47:eb:
c3:df:fd:72:43:6b:e3:53:4d:1a:44:23:85:50:95:
46:66:db:91:70:0b:b5:d0:3c:2d:b6:71:78:60:9f:
95:0b:c0:fe:4d:d1:85:76:23:f4:46:dd:63:55:0e:
51:1a:70:47:c6:31:61:5e:d7:40:cc:59:0d:60:3c:
1e:77:b9:96:9a:5b:0c:e2:92:0f:fc:f0:8f:c6:a6:
4b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:B4:5A:DE:63:90:33:3B:C8:6E:8C:C9:CE:6C:81:25:9E:AD:50:BC
X509v3 Authority Key Identifier:
keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/TrRa3mOQMzvIbozJzmyBJZ6tULw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.153.0-2.59.154.255
45.91.225.0/24
91.204.224.0/22
185.202.101.0/24
185.202.103.0/24
193.239.151.0/24
194.126.215.0/24
Signature Algorithm: sha256WithRSAEncryption
06:50:8d:a8:cf:c4:88:8c:15:93:ee:92:bc:aa:95:ba:c6:e4:
40:69:eb:c7:ad:c0:4b:8f:3f:32:0e:9a:55:1d:10:f8:49:88:
34:ed:9e:61:01:bd:09:be:77:16:1b:cb:a1:c3:cd:cc:6e:24:
41:cf:83:1c:6b:5d:f6:e7:5e:99:53:d1:69:af:c1:11:1f:9f:
1b:3f:b5:14:ab:fa:e7:05:ac:2d:01:92:aa:04:e1:aa:39:97:
6b:ca:91:42:00:b2:89:f2:04:98:f5:e3:48:d2:91:95:ac:6e:
a2:53:c6:41:3c:13:c3:95:f9:8d:3c:2d:da:a2:6a:07:ad:4f:
bd:85:62:0d:21:0a:5c:2e:6d:6b:eb:b8:3f:fd:28:42:3e:33:
e9:c2:ac:c2:88:cf:af:63:ba:41:4f:af:a3:62:7a:d4:87:12:
e2:e6:e0:6a:af:9b:d5:04:2b:e0:03:1c:dc:af:be:43:ee:f2:
df:96:fb:b2:f7:f7:11:c6:27:11:a2:8c:8d:7f:bf:8e:ab:e9:
ba:2d:af:2b:2d:8e:7c:a2:a8:f7:29:56:82:01:17:4b:05:71:
e2:b0:46:2e:30:51:95:b5:1a:f1:be:2c:48:5a:51:ce:5f:1e:
c5:d9:7d:bf:00:e0:22:d7:90:3c:11:ed:45:d2:07:35:cc:13:
f0:95:02:b0
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZQoJVKlbJTkcuN+2ss6evH4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjUwMTAyMTc1MjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWI0NWFkZTYzOTAzMzNiYzg2ZThjYzljZTZjODEyNTllYWQ1MGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9NaWWUmQHWbwb8tSxrQsBuzF8AC3
rCb6r1x0msEgW+8OAAbn+Kmc0KsqmudFDQkXhfuKh9WtkP0oT4t3L0YaYlBC/LiF
nNzHKkBS+Slpdo9qx/LgH45Eg+S6ZdTub50Hue207RAlYndnlo77iApZhHUXhggI
qEACE4JvgldYdHJyr+0vAh3+EyqyaDGNyxPCxbsjSqUFJTsdeXoROQ+Mveaa4lhh
z+NeA9AOCVo68YTkR+vD3/1yQ2vjU00aRCOFUJVGZtuRcAu10DwttnF4YJ+VC8D+
TdGFdiP0Rt1jVQ5RGnBHxjFhXtdAzFkNYDwed7mWmlsM4pIP/PCPxqZLvQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFE60Wt5jkDM7yG6Myc5sgSWerVC8MB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvVHJSYTNtT1FNenZJYm96SnpteUJKWjZ0VUx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBAACO5kD
BAACO5oDBAAtW+EDBAJbzOADBAC5ymUDBAC5ymcDBADB75cDBADCftcwDQYJKoZI
hvcNAQELBQADggEBAAZQjajPxIiMFZPukryqlbrG5EBp68etwEuPPzIOmlUdEPhJ
iDTtnmEBvQm+dxYby6HDzcxuJEHPgxxrXfbnXplT0WmvwREfnxs/tRSr+ucFrC0B
kqoE4ao5l2vKkUIAsonyBJj140jSkZWsbqJTxkE8E8OV+Y08LdqiagetT72FYg0h
ClwubWvruD/9KEI+M+nCrMKIz69jukFPr6NietSHEuLm4Gqvm9UEK+ADHNyvvkPu
8t+W+7L39xHGJxGijI1/v46r6botrystjnyiqPcpVoIBF0sFceKwRi4wUZW1GvG+
LEhaUc5fHsXZfb8A4CLXkDwR7UXSBzXME/CVArA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:51:19 2025 by rpki-client