Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/5mIxsYOuVHVx8Wu6pMlyT6LIvW4.roa
File: 5mIxsYOuVHVx8Wu6pMlyT6LIvW4.roa (raw, json)
Hash identifier: QFBfdMIlVLSJoI7/ka1s1GuZ/CcIEcAe9Qm+N8Lg5Tc=
Subject key identifier: E6:62:31:B1:83:AE:54:75:71:F1:6B:BA:A4:C9:72:4F:A2:C8:BD:6E
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 0194258EC4631C182FFD85FEF519A9E774FD
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/5mIxsYOuVHVx8Wu6pMlyT6LIvW4.roa
Signing time: Thu 02 Jan 2025 05:48:20 +0000
ROA not before: Thu 02 Jan 2025 05:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41378
IP address blocks: 45.9.8.0/22 maxlen: 24
45.9.8.0/24 maxlen: 24
45.9.9.0/24 maxlen: 24
45.9.10.0/24 maxlen: 24
45.9.11.0/24 maxlen: 24
185.145.244.0/24 maxlen: 24
2a0e:aa00:100::/44 maxlen: 48
2a0e:aa00:110::/44 maxlen: 48
2a0e:aa00:120::/44 maxlen: 48
2a0e:aa00:130::/44 maxlen: 48
2a0e:aa00:140::/44 maxlen: 48
2a0e:aa00:200::/44 maxlen: 48
2a0e:aa00:210::/44 maxlen: 48
2a0e:aa00:220::/44 maxlen: 48
2a0e:aa00:230::/44 maxlen: 48
2a0e:aa00:300::/44 maxlen: 48
2a0e:aa00:310::/44 maxlen: 48
2a0e:aa00:aa00::/40 maxlen: 48
2a0e:aa02::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 02:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:c4:63:1c:18:2f:fd:85:fe:f5:19:a9:e7:74:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 2 05:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e66231b183ae547571f16bbaa4c9724fa2c8bd6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:55:c0:84:2f:63:c3:a9:0f:1a:33:0e:dd:2b:
bc:11:42:af:4f:a8:69:37:3e:81:14:20:a6:60:2c:
07:87:cb:30:2c:72:90:c9:19:be:cf:0b:2e:58:86:
4d:c5:dc:a1:48:9b:cc:53:a5:9d:57:01:43:14:35:
9e:8c:98:5e:b4:c5:af:b7:19:1b:35:4d:8d:6c:18:
81:6b:d5:a2:0f:2e:27:86:2a:55:b6:2b:ac:79:72:
a0:45:01:8f:da:79:f4:57:77:52:34:e9:64:f4:63:
9f:bf:66:4f:99:c8:82:a4:3b:69:6a:8d:bb:bf:be:
2d:a6:b4:d2:07:38:b0:81:af:06:13:a4:53:a1:0d:
93:8c:e8:f6:9a:e9:42:26:eb:60:7d:70:ef:62:58:
82:e8:64:d0:92:26:21:2c:f8:8b:71:8e:e5:21:f1:
f3:da:dd:1e:20:b9:e2:47:99:4f:ae:96:bd:73:7f:
1c:98:80:b7:66:7c:b9:3a:c8:7f:fc:c4:bd:dd:2f:
14:15:28:cb:1d:df:d1:9a:aa:d2:24:4e:90:cb:c6:
ea:d7:8f:f0:05:9a:bd:8c:7f:f8:09:c0:9f:f8:28:
3e:87:a3:2f:4b:8f:77:d9:43:bf:74:09:cf:63:13:
f2:8d:26:ed:d7:e6:f6:73:ac:36:99:14:aa:2d:f9:
99:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:62:31:B1:83:AE:54:75:71:F1:6B:BA:A4:C9:72:4F:A2:C8:BD:6E
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/5mIxsYOuVHVx8Wu6pMlyT6LIvW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.8.0/22
185.145.244.0/24
IPv6:
2a0e:aa00:100::-2a0e:aa00:14f:ffff:ffff:ffff:ffff:ffff
2a0e:aa00:200::/42
2a0e:aa00:300::/43
2a0e:aa00:aa00::/40
2a0e:aa02::/32
Signature Algorithm: sha256WithRSAEncryption
7e:a6:3e:d8:2a:2c:ee:77:95:7a:02:ff:7d:b3:a9:e0:c7:8c:
99:68:de:a4:38:87:d1:78:b5:11:c6:1a:c8:b4:da:f5:2a:1c:
e2:27:b5:35:d1:b5:4f:70:fc:4f:e9:d3:43:f8:27:ad:f1:05:
3c:bc:1f:a3:ae:fa:81:98:35:ea:d7:15:bc:e6:ff:cb:34:1e:
46:05:08:47:da:a9:49:63:f2:52:43:f9:43:1f:62:41:46:e5:
2c:6a:34:d9:55:5d:22:ad:b8:65:67:9c:ba:fa:4f:60:e0:9f:
2b:0e:71:b5:15:bb:21:71:48:bd:7c:c2:35:83:e3:23:b2:ae:
09:14:7c:a4:1e:f4:60:74:99:57:5f:fc:56:59:c5:e4:08:5b:
ed:8d:b2:46:ef:f0:56:08:e4:df:3d:d0:c8:3f:cd:34:22:be:
83:c9:c5:9d:a6:20:fa:61:a8:22:25:c3:cd:ab:d6:9e:e4:4e:
4e:07:10:41:e3:74:71:f5:02:02:ca:20:0b:9e:94:6d:64:96:
f2:68:b8:1c:ca:60:d0:67:69:f6:93:71:76:12:2a:24:b3:8e:
ea:b7:71:1a:ad:c1:31:23:12:fc:71:9a:41:10:1c:6a:c8:d7:
05:c5:9f:a4:f2:ec:fa:8f:2b:2e:59:17:f8:b2:f8:85:4b:a4:
51:69:8b:19
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZQljsRjHBgv/YX+9Rmp53T9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjUwMTAyMDU0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjYyMzFiMTgzYWU1NDc1NzFmMTZiYmFhNGM5NzI0ZmEyYzhiZDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1XAhC9jw6kPGjMO3Su8EUKvT6hp
Nz6BFCCmYCwHh8swLHKQyRm+zwsuWIZNxdyhSJvMU6WdVwFDFDWejJhetMWvtxkb
NU2NbBiBa9WiDy4nhipVtiuseXKgRQGP2nn0V3dSNOlk9GOfv2ZPmciCpDtpao27
v74tprTSBziwga8GE6RToQ2TjOj2mulCJutgfXDvYliC6GTQkiYhLPiLcY7lIfHz
2t0eILniR5lPrpa9c38cmIC3Zny5Osh//MS93S8UFSjLHd/RmqrSJE6Qy8bq14/w
BZq9jH/4CcCf+Cg+h6MvS4932UO/dAnPYxPyjSbt1+b2c6w2mRSqLfmZ0QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFOZiMbGDrlR1cfFruqTJck+iyL1uMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvNW1JeHNZT3VWSFZ4OFd1NnBNbHlUNkxJdlc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDASBAIAATAMAwQCLQkIAwQA
uZH0MDoEAgACMDQwEQMGACoOqgABAwcEKg6qAAFAAwcGKg6qAAIAAwcFKg6qAAMA
AwYAKg6qAKoDBQAqDqoCMA0GCSqGSIb3DQEBCwUAA4IBAQB+pj7YKizud5V6Av99
s6ngx4yZaN6kOIfReLURxhrItNr1KhziJ7U10bVPcPxP6dND+Cet8QU8vB+jrvqB
mDXq1xW85v/LNB5GBQhH2qlJY/JSQ/lDH2JBRuUsajTZVV0irbhlZ5y6+k9g4J8r
DnG1FbshcUi9fMI1g+Mjsq4JFHykHvRgdJlXX/xWWcXkCFvtjbJG7/BWCOTfPdDI
P800Ir6DycWdpiD6YagiJcPNq9ae5E5OBxBB43Rx9QICyiALnpRtZJbyaLgcymDQ
Z2n2k3F2Eioks47qt3EarcExIxL8cZpBEBxqyNcFxZ+k8uz6jysuWRf4sviFS6RR
aYsZ
-----END CERTIFICATE-----
Generated at Thu Apr 10 12:35:04 2025 by rpki-client