Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/dpNKQ2Sgz6QIHDbXymZzkoop83E.roa
File: dpNKQ2Sgz6QIHDbXymZzkoop83E.roa (raw, json)
Hash identifier: VrlYMgpMUbMGcZ9vFi+tBzjsUYnk4uGqxHrElmnVkpU=
Subject key identifier: 76:93:4A:43:64:A0:CF:A4:08:1C:36:D7:CA:66:73:92:8A:29:F3:71
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 01942521B6CB022B1341052DB980C8B36080
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/dpNKQ2Sgz6QIHDbXymZzkoop83E.roa
Signing time: Thu 02 Jan 2025 03:49:13 +0000
ROA not before: Thu 02 Jan 2025 03:49:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6134
IP address blocks: 45.10.68.0/24 maxlen: 24
45.83.236.0/24 maxlen: 24
45.150.198.0/23 maxlen: 24
91.208.104.0/24 maxlen: 24
91.213.200.0/24 maxlen: 24
91.216.169.0/24 maxlen: 24
91.216.190.0/24 maxlen: 24
91.217.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.mft
rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 19:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:b6:cb:02:2b:13:41:05:2d:b9:80:c8:b3:60:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: Jan 2 03:49:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76934a4364a0cfa4081c36d7ca6673928a29f371
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:49:01:39:b8:10:41:9f:ea:47:a6:d1:91:15:
40:cd:61:1b:16:21:ab:57:68:75:d0:4f:f5:97:ea:
04:4d:42:d5:fd:cd:b8:0c:38:4c:98:25:37:e6:92:
52:c1:8f:c9:a5:86:c8:9e:2a:6b:e7:af:7b:34:8a:
f2:84:25:5b:18:ab:c9:0c:bb:26:33:4e:8b:e0:b6:
66:08:f6:eb:5f:61:79:a8:5e:de:9a:8e:9d:95:b7:
ba:43:74:d2:0e:2f:2b:3f:51:11:e4:a4:0e:9f:8d:
5d:08:74:29:f5:af:32:88:5f:25:df:2a:dc:4c:b7:
52:fd:05:13:be:c7:a3:c0:dd:b3:ff:43:7c:a9:45:
19:6b:78:7c:09:5e:f5:00:a2:39:79:a5:2c:77:e1:
37:17:56:83:c5:b8:6f:8c:82:0f:95:d0:61:43:32:
82:6d:4f:e0:eb:59:7c:de:ea:bc:6e:f9:63:f5:0b:
d0:0e:86:de:67:30:70:78:6e:74:91:af:a9:fc:cf:
fd:35:21:77:f5:ac:f3:a7:a2:cf:52:9d:4b:5c:15:
30:66:51:e0:99:3a:57:ec:b2:dc:32:70:28:35:c4:
bd:e4:69:0f:44:23:66:f5:f9:73:fd:a3:88:22:9c:
56:ab:7f:af:71:a2:3c:64:c8:d0:86:2f:ef:0e:99:
d0:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:93:4A:43:64:A0:CF:A4:08:1C:36:D7:CA:66:73:92:8A:29:F3:71
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/dpNKQ2Sgz6QIHDbXymZzkoop83E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.68.0/24
45.83.236.0/24
45.150.198.0/23
91.208.104.0/24
91.213.200.0/24
91.216.169.0/24
91.216.190.0/24
91.217.135.0/24
Signature Algorithm: sha256WithRSAEncryption
03:7c:a2:6f:55:04:f2:d4:58:11:9c:4d:87:6d:47:f6:47:4c:
6a:5d:1f:dd:09:90:bb:93:a9:df:10:03:f7:71:92:72:09:e1:
ea:a0:e8:83:0d:65:87:65:89:e1:9f:9d:60:c6:bc:5d:1d:68:
a9:c8:b4:53:93:57:ca:da:4f:cf:de:11:40:67:1c:94:88:82:
8a:9d:7f:a5:04:09:7a:77:ed:00:9c:d5:a9:fe:6f:53:0d:ee:
58:32:da:1b:fe:fb:93:93:98:4f:8a:71:c1:af:67:60:17:b2:
4b:78:ad:d0:6c:b7:1c:8c:d4:97:01:41:94:9a:86:eb:82:7b:
18:d6:7e:58:7c:01:57:3f:80:5e:31:ad:01:d9:12:bc:18:2f:
a9:fb:f8:32:2f:80:26:7f:e5:08:e9:76:3c:6f:b2:bf:dd:e2:
06:eb:7c:16:0f:b7:db:08:0c:a1:25:b9:3f:e2:09:30:c7:04:
18:dc:c0:c9:55:3a:0a:2b:c5:f3:29:69:c5:03:33:86:67:6f:
1c:f2:7a:53:1d:fe:e5:b9:ed:97:5e:30:1e:5e:cd:8c:b7:7e:
f5:c4:f5:7b:a3:9f:29:6d:44:58:ae:be:e4:eb:b0:9f:c9:10:
8b:5c:c7:17:12:1c:27:1a:84:a0:ac:5a:09:1a:1c:3f:e6:83:
cd:3d:ed:12
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQlIbbLAisTQQUtuYDIs2CAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjUwMTAyMDM0OTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjkzNGE0MzY0YTBjZmE0MDgxYzM2ZDdjYTY2NzM5MjhhMjlmMzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzkkBObgQQZ/qR6bRkRVAzWEbFiGr
V2h10E/1l+oETULV/c24DDhMmCU35pJSwY/JpYbInipr5697NIryhCVbGKvJDLsm
M06L4LZmCPbrX2F5qF7emo6dlbe6Q3TSDi8rP1ER5KQOn41dCHQp9a8yiF8l3yrc
TLdS/QUTvsejwN2z/0N8qUUZa3h8CV71AKI5eaUsd+E3F1aDxbhvjIIPldBhQzKC
bU/g61l83uq8bvlj9QvQDobeZzBweG50ka+p/M/9NSF39azzp6LPUp1LXBUwZlHg
mTpX7LLcMnAoNcS95GkPRCNm9flz/aOIIpxWq3+vcaI8ZMjQhi/vDpnQLwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFHaTSkNkoM+kCBw218pmc5KKKfNxMB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvZHBOS1EyU2d6NlFJSERiWHltWnprb29wODNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALQpEAwQA
LVPsAwQBLZbGAwQAW9BoAwQAW9XIAwQAW9ipAwQAW9i+AwQAW9mHMA0GCSqGSIb3
DQEBCwUAA4IBAQADfKJvVQTy1FgRnE2HbUf2R0xqXR/dCZC7k6nfEAP3cZJyCeHq
oOiDDWWHZYnhn51gxrxdHWipyLRTk1fK2k/P3hFAZxyUiIKKnX+lBAl6d+0AnNWp
/m9TDe5YMtob/vuTk5hPinHBr2dgF7JLeK3QbLccjNSXAUGUmobrgnsY1n5YfAFX
P4BeMa0B2RK8GC+p+/gyL4Amf+UI6XY8b7K/3eIG63wWD7fbCAyhJbk/4gkwxwQY
3MDJVToKK8XzKWnFAzOGZ28c8npTHf7lue2XXjAeXs2Mt371xPV7o58pbURYrr7k
67CfyRCLXMcXEhwnGoSgrFoJGhw/5oPNPe0S
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:23:19 2025 by rpki-client