Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/rTnE_4SSvKLdBmzoX1z2eYDdLlo.roa
File: rTnE_4SSvKLdBmzoX1z2eYDdLlo.roa (raw, json)
Hash identifier: ahybXpUR1qe0NeSWLYaG6olTaEIqlXgXDv7V6mdJiXU=
Subject key identifier: AD:39:C4:FF:84:92:BC:A2:DD:06:6C:E8:5F:5C:F6:79:80:DD:2E:5A
Certificate issuer: /CN=2f3136ed10998580a517d9598abca33d9ba66599
Certificate serial: 0194266C338D0C777F183B6316DD90C12D56
Authority key identifier: 2F:31:36:ED:10:99:85:80:A5:17:D9:59:8A:BC:A3:3D:9B:A6:65:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/rTnE_4SSvKLdBmzoX1z2eYDdLlo.roa
Signing time: Thu 02 Jan 2025 09:50:12 +0000
ROA not before: Thu 02 Jan 2025 09:50:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 145.224.128.0/20 maxlen: 24
145.224.144.0/20 maxlen: 24
145.224.160.0/20 maxlen: 24
145.224.176.0/20 maxlen: 24
145.224.192.0/19 maxlen: 24
145.224.192.0/24 maxlen: 24
163.76.128.0/20 maxlen: 24
163.76.144.0/20 maxlen: 24
163.76.160.0/20 maxlen: 24
163.76.176.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.mft
rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:33:8d:0c:77:7f:18:3b:63:16:dd:90:c1:2d:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f3136ed10998580a517d9598abca33d9ba66599
Validity
Not Before: Jan 2 09:50:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad39c4ff8492bca2dd066ce85f5cf67980dd2e5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:47:81:c1:d3:12:f0:5c:58:50:67:f3:80:42:
41:f7:17:78:78:d6:75:5c:57:48:16:90:b6:12:fb:
ff:17:6a:d9:3a:90:8e:be:3a:d2:22:8f:d0:bc:41:
73:69:c4:02:f8:0a:30:23:7f:a7:a2:39:b9:a5:78:
75:20:cb:00:e0:04:e3:99:87:af:21:36:5f:77:46:
ac:94:c9:ec:af:01:0b:d4:fe:a7:ca:8c:e5:63:5b:
3b:8d:8c:ca:46:03:28:8d:bd:fc:cd:e8:a1:f9:0c:
9a:dc:79:ef:9e:8e:05:24:57:80:f5:bd:76:05:4b:
ca:23:dd:d0:91:08:c0:7a:6b:a2:88:26:2c:fb:4e:
74:45:a7:15:b3:0e:99:72:1e:08:09:21:8b:74:5a:
c6:2c:f8:c5:6d:c1:82:c0:c2:74:c1:29:a5:28:59:
73:31:36:1e:17:ab:f0:3d:64:cc:85:83:46:41:0f:
62:8e:df:e4:84:94:da:cb:0f:4b:40:b5:85:4b:c8:
b9:c3:94:47:f8:93:fc:d1:85:7a:49:54:6e:b2:cb:
4c:77:16:a1:e3:22:65:9e:c6:bf:01:40:46:f0:76:
25:69:be:65:2c:46:bb:6a:cc:22:6c:40:c1:f1:d9:
8e:93:02:49:34:36:15:0a:15:a5:51:bd:36:9e:8c:
be:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:39:C4:FF:84:92:BC:A2:DD:06:6C:E8:5F:5C:F6:79:80:DD:2E:5A
X509v3 Authority Key Identifier:
keyid:2F:31:36:ED:10:99:85:80:A5:17:D9:59:8A:BC:A3:3D:9B:A6:65:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/rTnE_4SSvKLdBmzoX1z2eYDdLlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.224.128.0-145.224.223.255
163.76.128.0/18
Signature Algorithm: sha256WithRSAEncryption
9f:85:c4:77:80:e1:b5:50:92:3c:a6:66:39:a1:09:97:1f:1c:
ad:c8:a6:f8:ad:15:5a:19:70:ad:5e:22:cf:64:38:99:fd:98:
de:95:70:a9:90:85:22:29:86:f7:17:26:44:54:46:2f:53:dd:
9d:63:50:bb:1e:49:a7:ba:50:59:96:f4:e9:1b:f2:a0:9f:81:
a4:4f:d2:06:91:64:25:7c:1a:7b:64:bc:93:2e:e0:67:b6:ff:
7e:a3:43:cd:ef:c3:85:b5:c8:cb:6e:b3:a5:a8:bb:ff:8d:17:
00:30:67:a2:9c:5e:a9:6b:d4:2d:7e:3b:20:b8:39:c3:c3:25:
f9:cd:68:79:f5:d5:ed:2e:d2:ab:1d:66:b6:59:13:4c:03:a7:
72:9f:3c:db:b9:40:7b:37:52:76:b1:1d:6f:a4:a4:de:69:15:
8b:96:54:4f:1e:fa:bb:d1:a7:64:7e:54:2f:ed:99:af:4a:05:
05:70:5a:8f:91:d0:79:a4:5c:a2:ef:48:a6:79:07:42:67:38:
51:c6:e3:6a:b3:0c:2e:b8:7d:13:23:ad:c7:53:8f:41:6c:e0:
10:3e:1d:69:82:7d:dc:e6:33:85:9d:bb:20:61:4f:45:4e:f6:
52:0d:14:d3:27:f0:4d:18:01:be:de:b5:3d:72:2d:e7:c7:fb:
21:82:ba:d8
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQmbDONDHd/GDtjFt2QwS1WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMzEzNmVkMTA5OTg1ODBhNTE3ZDk1OThhYmNhMzNkOWJh
NjY1OTkwHhcNMjUwMTAyMDk1MDEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDM5YzRmZjg0OTJiY2EyZGQwNjZjZTg1ZjVjZjY3OTgwZGQyZTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEeBwdMS8FxYUGfzgEJB9xd4eNZ1
XFdIFpC2Evv/F2rZOpCOvjrSIo/QvEFzacQC+AowI3+nojm5pXh1IMsA4ATjmYev
ITZfd0aslMnsrwEL1P6nyozlY1s7jYzKRgMojb38zeih+Qya3Hnvno4FJFeA9b12
BUvKI93QkQjAemuiiCYs+050RacVsw6Zch4ICSGLdFrGLPjFbcGCwMJ0wSmlKFlz
MTYeF6vwPWTMhYNGQQ9ijt/khJTayw9LQLWFS8i5w5RH+JP80YV6SVRusstMdxah
4yJlnsa/AUBG8HYlab5lLEa7aswibEDB8dmOkwJJNDYVChWlUb02noy+VQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFK05xP+Ekryi3QZs6F9c9nmA3S5aMB8GA1UdIwQY
MBaAFC8xNu0QmYWApRfZWYq8oz2bpmWZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHpFMjdSQ1poWUNsRjlsWmlyeWpQWnVtWlprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mOTBkODMtMDJiZS00ZTVmLWJkMGYt
OTI5ZjEwNjYzMGYxLzEvclRuRV80U1N2S0xkQm16b1gxejJlWURkTGxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mOTBkODMtMDJiZS00ZTVmLWJkMGYtOTI5ZjEwNjYzMGYx
LzEvTHpFMjdSQ1poWUNsRjlsWmlyeWpQWnVtWlprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAeR4IAD
BAWR4MADBAajTIAwDQYJKoZIhvcNAQELBQADggEBAJ+FxHeA4bVQkjymZjmhCZcf
HK3IpvitFVoZcK1eIs9kOJn9mN6VcKmQhSIphvcXJkRURi9T3Z1jULseSae6UFmW
9Okb8qCfgaRP0gaRZCV8GntkvJMu4Ge2/36jQ83vw4W1yMtus6Wou/+NFwAwZ6Kc
Xqlr1C1+OyC4OcPDJfnNaHn11e0u0qsdZrZZE0wDp3KfPNu5QHs3UnaxHW+kpN5p
FYuWVE8e+rvRp2R+VC/tma9KBQVwWo+R0HmkXKLvSKZ5B0JnOFHG42qzDC64fRMj
rcdTj0Fs4BA+HWmCfdzmM4WduyBhT0VO9lINFNMn8E0YAb7etT1yLefH+yGCutg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:18:39 2025 by rpki-client