Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/w9RX6MaAp0BwQCPK8hrZIWWzFm4.roa
File: w9RX6MaAp0BwQCPK8hrZIWWzFm4.roa (raw, json)
Hash identifier: 6rxWErjQqbL7+OcI7QwVV76+tY/f2tbAGsAv/hz0KnE=
Subject key identifier: C3:D4:57:E8:C6:80:A7:40:70:40:23:CA:F2:1A:D9:21:65:B3:16:6E
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 0194E3C585C3BA46B837A41CDB89736DEFFC
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/w9RX6MaAp0BwQCPK8hrZIWWzFm4.roa
Signing time: Sat 08 Feb 2025 04:16:00 +0000
ROA not before: Sat 08 Feb 2025 04:16:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 932
IP address blocks: 45.83.236.0/24 maxlen: 24
45.150.198.0/23 maxlen: 24
91.208.73.0/24 maxlen: 24
91.208.104.0/24 maxlen: 24
91.213.200.0/24 maxlen: 24
2a12:ab80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.mft
rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 10:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:e3:c5:85:c3:ba:46:b8:37:a4:1c:db:89:73:6d:ef:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: Feb 8 04:16:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c3d457e8c680a740704023caf21ad92165b3166e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ca:55:f3:6c:e6:ee:04:5e:40:35:43:43:72:
27:43:5f:2d:c9:88:ab:68:fb:cf:94:8c:f0:d5:e5:
de:e1:37:fe:69:ea:a8:2a:86:f2:92:03:b4:08:08:
09:1a:b4:46:ec:2c:8b:9f:f6:c5:61:e7:bd:ec:dc:
1d:59:c5:02:70:62:cc:3b:a4:92:cb:03:6d:aa:2e:
9f:ff:76:4d:0e:9b:b1:23:b2:23:ab:24:8d:dc:29:
7d:b9:dd:ff:7e:77:55:26:8c:ea:e0:e2:32:49:02:
85:8f:a2:28:11:67:83:aa:fc:d7:b9:b4:e9:d1:a9:
e6:7a:ac:f3:76:28:69:90:8c:4f:a4:b0:0e:9e:ba:
56:38:3e:bf:84:61:d1:8b:8e:36:ae:b6:9e:6a:9c:
82:5d:b0:ac:6a:b0:c8:8f:a1:e9:36:83:7a:4f:d5:
22:d4:0a:79:ae:58:52:83:aa:90:c3:3f:7f:9c:e5:
05:00:5c:a4:52:62:3d:eb:a6:c5:8c:aa:b4:6b:46:
23:98:5e:43:21:33:be:33:35:04:05:f1:db:a5:a8:
77:76:7c:98:7a:c6:55:f0:fc:9b:09:bc:ce:c1:78:
e4:e8:e9:10:3d:a9:df:56:70:27:f0:d1:7c:83:5c:
37:ad:b8:ba:2a:a5:df:22:bf:2b:6c:05:d8:32:0f:
40:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:D4:57:E8:C6:80:A7:40:70:40:23:CA:F2:1A:D9:21:65:B3:16:6E
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/w9RX6MaAp0BwQCPK8hrZIWWzFm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.236.0/24
45.150.198.0/23
91.208.73.0/24
91.208.104.0/24
91.213.200.0/24
IPv6:
2a12:ab80::/29
Signature Algorithm: sha256WithRSAEncryption
1c:cf:33:c3:9d:a2:51:a8:aa:17:68:2b:84:20:6e:e6:b2:ac:
be:71:70:9b:97:ba:ad:82:1d:b4:00:9b:3d:cb:0f:87:05:f2:
61:9a:ff:ba:fa:4b:e6:f7:89:f4:6b:c3:d5:f7:32:a0:37:34:
37:eb:fb:79:07:ea:22:2d:03:65:d0:09:27:e9:9d:ef:fc:80:
2d:3f:f0:97:1e:ea:9c:27:e0:9c:3a:38:fa:a2:00:5c:ac:f7:
71:33:b9:11:80:5c:5a:7e:4f:90:5d:f2:c3:a5:5c:a8:7f:2e:
c7:8d:c2:e5:2f:21:81:c3:5c:b3:34:a8:73:73:17:5c:8b:5b:
9d:7f:63:b4:89:86:40:a9:49:e9:3a:0d:d6:10:d9:2a:d8:9e:
91:69:5c:83:11:c2:ac:85:84:f0:a3:03:1f:ad:f7:92:ea:6c:
39:e9:bd:e4:07:0c:15:87:4e:a0:d1:10:3b:c7:40:c5:a0:2e:
97:ea:e2:eb:53:e1:99:fb:f8:0c:c9:15:e2:65:a5:51:7d:b1:
f0:83:3f:5e:2b:c2:a7:57:4f:f8:ff:a0:ed:ed:cb:12:b4:e3:
6f:09:e9:76:2c:cc:28:05:7b:67:5f:d8:e9:2f:b2:5b:aa:4e:
46:db:8f:e8:a5:6b:78:b4:a6:e1:23:be:fd:61:ed:b1:2f:a9:
56:1b:25:d9
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZTjxYXDuka4N6Qc24lzbe/8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjUwMjA4MDQxNjAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2Q0NTdlOGM2ODBhNzQwNzA0MDIzY2FmMjFhZDkyMTY1YjMxNjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcpV82zm7gReQDVDQ3InQ18tyYir
aPvPlIzw1eXe4Tf+aeqoKobykgO0CAgJGrRG7CyLn/bFYee97NwdWcUCcGLMO6SS
ywNtqi6f/3ZNDpuxI7IjqySN3Cl9ud3/fndVJozq4OIySQKFj6IoEWeDqvzXubTp
0anmeqzzdihpkIxPpLAOnrpWOD6/hGHRi442rraeapyCXbCsarDIj6HpNoN6T9Ui
1Ap5rlhSg6qQwz9/nOUFAFykUmI966bFjKq0a0YjmF5DITO+MzUEBfHbpah3dnyY
esZV8PybCbzOwXjk6OkQPanfVnAn8NF8g1w3rbi6KqXfIr8rbAXYMg9AOQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFMPUV+jGgKdAcEAjyvIa2SFlsxZuMB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvdzlSWDZNYUFwMEJ3UUNQSzhoclpJV1d6Rm00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQALVPsAwQB
LZbGAwQAW9BJAwQAW9BoAwQAW9XIMA0EAgACMAcDBQMqEquAMA0GCSqGSIb3DQEB
CwUAA4IBAQAczzPDnaJRqKoXaCuEIG7msqy+cXCbl7qtgh20AJs9yw+HBfJhmv+6
+kvm94n0a8PV9zKgNzQ36/t5B+oiLQNl0Akn6Z3v/IAtP/CXHuqcJ+CcOjj6ogBc
rPdxM7kRgFxafk+QXfLDpVyofy7HjcLlLyGBw1yzNKhzcxdci1udf2O0iYZAqUnp
Og3WENkq2J6RaVyDEcKshYTwowMfrfeS6mw56b3kBwwVh06g0RA7x0DFoC6X6uLr
U+GZ+/gMyRXiZaVRfbHwgz9eK8KnV0/4/6Dt7csStONvCel2LMwoBXtnX9jpL7Jb
qk5G24/opWt4tKbhI779Ye2xL6lWGyXZ
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:23:37 2025 by rpki-client