Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/ExQ7BMgc74xVetqFHwRsutEdeS4.roa
File: ExQ7BMgc74xVetqFHwRsutEdeS4.roa (raw, json)
Hash identifier: M+qyO+EOHZP7TGK2JjRjUGT20V4FYkmgqLUSP7YWWKw=
Subject key identifier: 13:14:3B:04:C8:1C:EF:8C:55:7A:DA:85:1F:04:6C:BA:D1:1D:79:2E
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 01958E9ED91648605B64518C54CC6EBAC400
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/ExQ7BMgc74xVetqFHwRsutEdeS4.roa
Signing time: Thu 13 Mar 2025 08:28:49 +0000
ROA not before: Thu 13 Mar 2025 08:28:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212609
IP address blocks: 45.90.248.0/22 maxlen: 22
45.130.76.0/24 maxlen: 24
45.130.79.0/24 maxlen: 24
89.190.148.0/24 maxlen: 24
89.190.149.0/24 maxlen: 24
89.190.151.0/24 maxlen: 24
212.60.0.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8e:9e:d9:16:48:60:5b:64:51:8c:54:cc:6e:ba:c4:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Mar 13 08:28:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=13143b04c81cef8c557ada851f046cbad11d792e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:f5:27:7c:0e:de:04:ae:1b:e7:e5:c7:11:3a:
74:41:ad:1f:e6:3a:35:9c:e1:a4:6f:0a:cc:e4:9a:
40:f6:c1:5e:e1:8f:ac:f9:3f:9b:0e:3c:aa:43:a3:
b6:1c:eb:cf:b2:00:65:c8:38:e0:b0:a5:fe:66:41:
e8:b3:44:48:61:8d:d2:08:7b:1d:9b:95:07:f1:13:
1f:30:a6:55:b0:1d:ed:8c:a2:27:00:59:a8:fe:ed:
88:ca:28:9e:5c:67:34:34:05:c3:11:25:35:d1:40:
4d:ba:f0:a9:d7:13:58:68:6a:23:8d:8e:69:ae:2b:
33:94:63:f4:ea:5b:80:56:dc:cb:cc:a1:8d:29:de:
33:10:1d:f4:81:85:9e:1e:ec:07:96:fa:c9:c9:bb:
32:da:61:25:77:d4:40:22:60:e2:d2:62:dc:d3:2b:
d9:99:b8:13:76:50:c8:ca:56:5d:f1:a8:dc:ea:00:
e2:3c:2b:88:70:15:63:c8:4d:65:1d:be:d0:74:76:
10:ba:0c:c0:89:5f:bb:a8:72:7d:1f:f6:88:62:2f:
36:27:35:20:f4:bb:18:9c:2d:11:41:d8:72:9b:90:
8e:e7:c3:34:da:fa:eb:11:85:45:7b:9f:8b:46:b3:
c4:0b:37:7e:5e:16:18:ee:62:5c:21:2e:9a:e9:97:
95:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:14:3B:04:C8:1C:EF:8C:55:7A:DA:85:1F:04:6C:BA:D1:1D:79:2E
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/ExQ7BMgc74xVetqFHwRsutEdeS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.248.0/22
45.130.76.0/24
45.130.79.0/24
89.190.148.0/23
89.190.151.0/24
212.60.0.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:0b:59:99:79:a5:b2:83:fe:50:ee:19:4b:e2:87:8d:35:d5:
51:52:57:8a:ed:ae:dc:f9:20:38:67:03:af:21:a6:ee:fd:4c:
7d:73:6c:8d:d8:e8:c6:29:83:84:7e:3e:39:df:22:29:eb:7f:
96:50:59:07:7d:fa:cb:10:44:1c:7b:bd:48:3b:a5:3b:0f:3a:
cf:ce:3a:36:36:88:50:b3:c5:4a:ce:ed:86:19:32:fe:9c:e0:
a4:3e:ed:97:17:cc:4c:f3:20:08:1e:7f:44:76:25:81:e9:90:
58:5a:db:79:b0:6e:50:4d:45:3f:56:db:75:59:b5:af:bf:43:
2a:24:9d:92:de:81:5a:99:bc:fd:71:84:ff:c8:74:3f:c9:fd:
b1:d2:43:20:cd:c4:97:23:94:01:78:df:4b:e8:7b:04:68:be:
7b:35:d6:41:71:16:0b:a6:95:63:5e:2b:49:50:92:8c:f1:44:
f7:b8:ec:3c:9a:f5:6a:65:49:81:63:45:01:ac:bd:62:86:f2:
16:a1:93:2c:91:96:95:4e:13:19:9f:53:04:3a:73:84:69:91:
1e:47:a9:6e:f0:e4:f2:41:a7:cf:b9:c2:62:e0:33:f8:77:dd:
4b:5f:d3:94:fd:62:ce:da:c6:c7:4c:a9:d0:ae:f9:45:95:56:
37:6f:c1:e7
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZWOntkWSGBbZFGMVMxuusQAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjUwMzEzMDgyODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzE0M2IwNGM4MWNlZjhjNTU3YWRhODUxZjA0NmNiYWQxMWQ3OTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fUnfA7eBK4b5+XHETp0Qa0f5jo1
nOGkbwrM5JpA9sFe4Y+s+T+bDjyqQ6O2HOvPsgBlyDjgsKX+ZkHos0RIYY3SCHsd
m5UH8RMfMKZVsB3tjKInAFmo/u2IyiieXGc0NAXDESU10UBNuvCp1xNYaGojjY5p
riszlGP06luAVtzLzKGNKd4zEB30gYWeHuwHlvrJybsy2mEld9RAImDi0mLc0yvZ
mbgTdlDIylZd8ajc6gDiPCuIcBVjyE1lHb7QdHYQugzAiV+7qHJ9H/aIYi82JzUg
9LsYnC0RQdhym5CO58M02vrrEYVFe5+LRrPECzd+XhYY7mJcIS6a6ZeVSwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBMUOwTIHO+MVXrahR8EbLrRHXkuMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvRXhRN0JNZ2M3NHhWZXRxRkh3UnN1dEVkZVM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLVr4AwQA
LYJMAwQALYJPAwQBWb6UAwQAWb6XAwQC1DwAMA0GCSqGSIb3DQEBCwUAA4IBAQB8
C1mZeaWyg/5Q7hlL4oeNNdVRUleK7a7c+SA4ZwOvIabu/Ux9c2yN2OjGKYOEfj45
3yIp63+WUFkHffrLEEQce71IO6U7DzrPzjo2NohQs8VKzu2GGTL+nOCkPu2XF8xM
8yAIHn9EdiWB6ZBYWtt5sG5QTUU/Vtt1WbWvv0MqJJ2S3oFambz9cYT/yHQ/yf2x
0kMgzcSXI5QBeN9L6HsEaL57NdZBcRYLppVjXitJUJKM8UT3uOw8mvVqZUmBY0UB
rL1ihvIWoZMskZaVThMZn1MEOnOEaZEeR6lu8OTyQafPucJi4DP4d91LX9OU/WLO
2sbHTKnQrvlFlVY3b8Hn
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:55:32 2025 by rpki-client