Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/EtWSzaoaSCM8kGY0yzk_rUsJTes.roa
File: EtWSzaoaSCM8kGY0yzk_rUsJTes.roa (raw, json)
Hash identifier: 6maQ8VqmJzHauLaGImw/YYSN3a7MnNEtjZop8YzKwOM=
Subject key identifier: 12:D5:92:CD:AA:1A:48:23:3C:90:66:34:CB:39:3F:AD:4B:09:4D:EB
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 01942143F8575AD63DF805EACD5D3A6D32D8
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/EtWSzaoaSCM8kGY0yzk_rUsJTes.roa
Signing time: Wed 01 Jan 2025 09:48:10 +0000
ROA not before: Wed 01 Jan 2025 09:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34665
IP address blocks: 31.40.202.0/24 maxlen: 24
45.91.239.0/24 maxlen: 24
45.95.31.0/24 maxlen: 24
45.128.128.0/24 maxlen: 24
78.142.239.0/24 maxlen: 24
84.252.70.0/23 maxlen: 23
85.208.84.0/24 maxlen: 24
193.187.104.0/24 maxlen: 24
193.187.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:f8:57:5a:d6:3d:f8:05:ea:cd:5d:3a:6d:32:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jan 1 09:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=12d592cdaa1a48233c906634cb393fad4b094deb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d7:cd:53:a2:69:1a:66:ba:4f:7e:0c:fb:44:
b6:f4:14:79:cd:1a:fc:eb:b2:3f:19:7e:7e:e9:cd:
4e:29:c5:07:1b:29:9d:98:8c:f5:18:35:4b:2d:8d:
0b:0b:db:4e:4a:93:ed:3f:72:07:88:d4:6f:16:83:
34:bc:3c:46:68:b6:4b:77:5f:15:76:0a:e7:16:c8:
ec:46:b0:c3:94:34:7f:fc:04:00:de:19:ac:73:a7:
5f:f1:b7:79:39:ac:6b:6e:07:74:af:f9:88:a4:95:
94:a4:62:a2:dc:e0:6c:e9:0f:84:ff:80:ae:46:7b:
95:94:56:10:9d:61:3a:c7:23:ea:d3:35:b3:a8:dc:
af:aa:c9:84:8f:9e:0b:6c:7e:d2:12:41:b1:ad:b7:
bc:d5:ae:f9:fc:80:b2:15:ac:a6:13:5c:7a:28:41:
1e:b7:09:e3:ef:d5:fc:7f:1d:c0:75:4e:3e:b2:f4:
75:72:48:0e:8d:6a:43:53:f3:91:25:8e:c7:11:dd:
0f:a8:ae:e1:67:c9:80:88:51:23:64:59:6a:11:a3:
70:c9:d8:36:cd:85:86:cc:a9:ca:54:4f:a0:04:e2:
3a:09:c4:9f:1d:b9:fa:17:d0:46:07:5a:29:b4:32:
23:e6:a7:b4:4d:ef:2c:ad:76:ee:dd:3f:77:fe:21:
7f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:D5:92:CD:AA:1A:48:23:3C:90:66:34:CB:39:3F:AD:4B:09:4D:EB
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/EtWSzaoaSCM8kGY0yzk_rUsJTes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.202.0/24
45.91.239.0/24
45.95.31.0/24
45.128.128.0/24
78.142.239.0/24
84.252.70.0/23
85.208.84.0/24
193.187.104.0/24
193.187.107.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:08:34:a7:1a:fe:2d:c1:b5:f1:15:c1:75:68:0d:8d:7d:b2:
3e:67:8c:ed:ae:08:8f:ad:5f:12:42:97:25:cb:57:23:df:4b:
e4:48:dd:8f:f0:b7:42:6a:d6:06:76:51:4f:9b:7f:24:2a:48:
03:74:94:28:7e:78:5b:b7:fb:b4:aa:24:ba:05:09:07:fd:a3:
37:6d:fe:01:35:7f:80:3d:a6:4c:3d:06:8f:ea:22:dd:cc:54:
16:0a:57:30:d4:b0:57:26:ec:29:17:d2:8a:69:5c:58:f2:f3:
23:a3:88:0c:68:dc:0d:8f:c6:e3:32:39:25:20:ea:ca:45:00:
c7:e2:2e:f1:91:0a:03:35:11:02:07:38:25:17:09:28:4f:89:
71:68:83:aa:bc:08:e7:06:37:22:dc:55:b8:c7:9f:e9:da:ef:
89:06:9d:3e:bc:39:af:79:0e:ba:20:30:56:0b:22:55:11:bb:
6d:7d:c6:01:5b:8e:a1:10:00:0d:90:e6:f0:dc:b4:ab:01:cb:
8b:f2:9b:5d:26:ea:a7:b0:ab:41:2e:5d:60:d5:ba:da:e3:13:
dc:9f:b2:12:72:8e:0d:6b:63:6b:53:51:86:2b:40:2a:4d:70:
1e:b9:e0:24:e0:8c:d7:31:19:5b:72:f7:ab:f5:b0:2f:43:f1:
3a:73:79:3f
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQhQ/hXWtY9+AXqzV06bTLYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwMTAxMDk0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmQ1OTJjZGFhMWE0ODIzM2M5MDY2MzRjYjM5M2ZhZDRiMDk0ZGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdfNU6JpGma6T34M+0S29BR5zRr8
67I/GX5+6c1OKcUHGymdmIz1GDVLLY0LC9tOSpPtP3IHiNRvFoM0vDxGaLZLd18V
dgrnFsjsRrDDlDR//AQA3hmsc6df8bd5Oaxrbgd0r/mIpJWUpGKi3OBs6Q+E/4Cu
RnuVlFYQnWE6xyPq0zWzqNyvqsmEj54LbH7SEkGxrbe81a75/ICyFaymE1x6KEEe
twnj79X8fx3AdU4+svR1ckgOjWpDU/ORJY7HEd0PqK7hZ8mAiFEjZFlqEaNwydg2
zYWGzKnKVE+gBOI6CcSfHbn6F9BGB1optDIj5qe0Te8srXbu3T93/iF/GwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFBLVks2qGkgjPJBmNMs5P61LCU3rMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvRXRXU3phb2FTQ004a0dZMHl6a19yVXNKVGVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAHyjKAwQA
LVvvAwQALV8fAwQALYCAAwQATo7vAwQBVPxGAwQAVdBUAwQAwbtoAwQAwbtrMA0G
CSqGSIb3DQEBCwUAA4IBAQBvCDSnGv4twbXxFcF1aA2NfbI+Z4ztrgiPrV8SQpcl
y1cj30vkSN2P8LdCatYGdlFPm38kKkgDdJQofnhbt/u0qiS6BQkH/aM3bf4BNX+A
PaZMPQaP6iLdzFQWClcw1LBXJuwpF9KKaVxY8vMjo4gMaNwNj8bjMjklIOrKRQDH
4i7xkQoDNRECBzglFwkoT4lxaIOqvAjnBjci3FW4x5/p2u+JBp0+vDmveQ66IDBW
CyJVEbttfcYBW46hEAANkObw3LSrAcuL8ptdJuqnsKtBLl1g1bra4xPcn7ISco4N
a2NrU1GGK0AqTXAeueAk4IzXMRlbcver9bAvQ/E6c3k/
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:36:54 2025 by rpki-client