Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ftokTYF3Kh8SBbmJ1cGwI1WUaUQ.roa
File: ftokTYF3Kh8SBbmJ1cGwI1WUaUQ.roa (raw, json)
Hash identifier: xLL87OM0+Nb1nelWB3vcXPOnYZkIX+X2YgoDChPTr3w=
Subject key identifier: 7E:DA:24:4D:81:77:2A:1F:12:05:B9:89:D5:C1:B0:23:55:94:69:44
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 019422FBC277D642272C4EF06309D6CD3039
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ftokTYF3Kh8SBbmJ1cGwI1WUaUQ.roa
Signing time: Wed 01 Jan 2025 17:48:32 +0000
ROA not before: Wed 01 Jan 2025 17:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34927
IP address blocks: 45.134.88.0/24 maxlen: 24
45.134.89.0/24 maxlen: 24
45.134.91.0/24 maxlen: 24
193.37.139.0/24 maxlen: 24
193.148.248.0/24 maxlen: 24
193.148.249.0/24 maxlen: 24
193.148.250.0/24 maxlen: 24
193.148.251.0/24 maxlen: 24
2a0c:9a40:1::/48 maxlen: 48
2a0c:9a40:1000::/44 maxlen: 48
2a0c:9a40:1001::/48 maxlen: 48
2a0c:9a40:1002::/48 maxlen: 48
2a0c:9a40:1024::/48 maxlen: 48
2a0c:9a40:1030::/44 maxlen: 48
2a0c:9a40:1034::/48 maxlen: 48
2a0c:9a40:1050::/48 maxlen: 48
2a0c:9a40:1051::/48 maxlen: 48
2a0c:9a40:1054::/48 maxlen: 48
2a0c:9a40:1055::/48 maxlen: 48
2a0c:9a40:1057::/48 maxlen: 48
2a0c:9a40:1058::/48 maxlen: 48
2a0c:9a40:1059::/48 maxlen: 48
2a0c:9a40:1060::/48 maxlen: 48
2a0c:9a40:1070::/44 maxlen: 48
2a0c:9a40:1070::/48 maxlen: 48
2a0c:9a40:1072::/48 maxlen: 48
2a0c:9a40:1074::/48 maxlen: 48
2a0c:9a40:1080::/44 maxlen: 48
2a0c:9a40:1080::/48 maxlen: 48
2a0c:9a40:1090::/44 maxlen: 48
2a0c:9a40:2000::/40 maxlen: 48
2a0c:9a40:2100::/40 maxlen: 48
2a0c:9a40:2200::/40 maxlen: 48
2a0c:9a40:2300::/40 maxlen: 48
2a0c:9a40:2328::/48 maxlen: 48
2a0c:9a40:2400::/40 maxlen: 48
2a0c:9a40:2500::/40 maxlen: 48
2a0c:9a40:2600::/40 maxlen: 48
2a0c:9a40:2700::/40 maxlen: 48
2a0c:9a40:2800::/40 maxlen: 48
2a0c:9a40:2900::/48 maxlen: 48
2a0c:9a40:2a00::/40 maxlen: 40
2a0c:9a40:2b00::/40 maxlen: 48
2a0c:9a40:2c00::/40 maxlen: 48
2a0c:9a40:2d00::/40 maxlen: 48
2a0c:9a40:2e00::/40 maxlen: 48
2a0c:9a40:8a90::/48 maxlen: 48
2a0c:9a44::/48 maxlen: 48
2a0c:9a46:500::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 14:13:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:c2:77:d6:42:27:2c:4e:f0:63:09:d6:cd:30:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 17:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7eda244d81772a1f1205b989d5c1b02355946944
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:36:df:7a:0c:85:c5:bf:29:1c:09:07:ff:f1:
a0:f3:9e:16:c9:fa:c4:88:4f:3a:50:03:82:d5:69:
b6:e2:8e:b7:cb:48:7e:c1:a1:1c:50:e7:30:e7:55:
c2:29:9a:7d:d4:62:b0:6b:76:b9:e2:7f:4b:86:9c:
e8:c4:33:65:ab:f1:93:de:92:85:c4:ae:30:10:e6:
03:cf:12:e2:f2:c2:70:62:e9:53:5a:d8:be:d5:ae:
b7:b4:4e:69:23:2a:28:f6:8c:76:fa:a5:22:58:61:
3e:c7:50:db:2f:fd:eb:05:b0:33:84:44:50:9a:6f:
20:46:ba:3e:1c:ec:cc:d0:68:c4:06:97:68:85:99:
f5:fa:bd:d4:1e:23:62:51:3c:fc:33:9c:ac:9d:c2:
cc:68:eb:48:49:b3:a7:e0:12:05:9c:1f:bb:b1:c3:
8a:66:95:a9:42:15:09:65:d7:cf:7a:24:08:42:7d:
2b:0b:6a:bf:cb:3a:d8:7c:9b:42:f3:37:24:10:91:
18:15:87:52:ff:4e:fa:fd:a6:fe:ec:7b:61:16:0c:
46:2f:28:14:b7:4d:77:5c:70:7d:fc:49:59:0c:06:
21:a6:a4:c6:d7:19:6e:30:a8:c9:3c:d3:54:ef:1d:
8e:16:56:a8:5d:62:44:2b:20:8d:60:68:53:c2:0e:
46:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:DA:24:4D:81:77:2A:1F:12:05:B9:89:D5:C1:B0:23:55:94:69:44
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ftokTYF3Kh8SBbmJ1cGwI1WUaUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.88.0/23
45.134.91.0/24
193.37.139.0/24
193.148.248.0/22
IPv6:
2a0c:9a40:1::/48
2a0c:9a40:1000::/44
2a0c:9a40:1024::/48
2a0c:9a40:1030::/44
2a0c:9a40:1050::/47
2a0c:9a40:1054::/47
2a0c:9a40:1057::-2a0c:9a40:1059:ffff:ffff:ffff:ffff:ffff
2a0c:9a40:1060::/48
2a0c:9a40:1070::-2a0c:9a40:109f:ffff:ffff:ffff:ffff:ffff
2a0c:9a40:2000::-2a0c:9a40:2900:ffff:ffff:ffff:ffff:ffff
2a0c:9a40:2a00::-2a0c:9a40:2eff:ffff:ffff:ffff:ffff:ffff
2a0c:9a40:8a90::/48
2a0c:9a44::/48
2a0c:9a46:500::/40
Signature Algorithm: sha256WithRSAEncryption
87:37:9c:32:c7:c8:57:eb:11:5b:38:49:aa:14:e4:e9:97:86:
f8:ad:7d:b8:53:e9:d6:4b:af:05:50:1e:f4:59:41:24:5a:0c:
64:4e:1d:5d:7c:4d:c6:6e:88:65:41:d7:91:88:c8:ba:18:0c:
62:26:51:be:5d:7c:7c:fd:02:62:fe:9b:c6:85:a6:04:db:0c:
45:ba:da:e5:c5:58:84:ed:1b:00:d7:50:1a:d2:dc:3f:3b:c1:
05:7c:23:22:69:60:6a:11:43:bc:f5:5f:84:d7:f0:4b:78:3e:
67:68:3b:fd:e8:d0:83:8f:d1:e9:21:73:de:81:12:f6:43:9e:
43:c4:c1:67:77:e0:fd:bf:52:2d:eb:23:f3:38:7f:19:57:7e:
a4:1d:24:0e:28:4e:90:65:06:b2:de:6b:e0:44:36:8a:97:60:
a6:97:d6:8b:cd:a4:8f:fe:8c:72:b2:0f:b4:fe:9f:73:c4:21:
7e:f6:2d:f3:64:ff:c6:68:16:f8:89:06:69:a3:23:c0:13:0d:
bd:0f:b5:bd:a6:b8:0b:c1:91:d3:0e:a1:85:d7:ff:d5:7a:37:
91:e5:ab:4f:55:f9:cf:35:41:2a:24:e3:f1:5e:91:1f:1e:1a:
15:d2:ea:05:43:91:c1:68:8b:3a:e9:e1:3f:2a:52:6e:e0:f6:
4e:7f:ab:27
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgISAZQi+8J31kInLE7wYwnWzTA5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTAxMTc0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWRhMjQ0ZDgxNzcyYTFmMTIwNWI5ODlkNWMxYjAyMzU1OTQ2OTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTbfegyFxb8pHAkH//Gg854WyfrE
iE86UAOC1Wm24o63y0h+waEcUOcw51XCKZp91GKwa3a54n9LhpzoxDNlq/GT3pKF
xK4wEOYDzxLi8sJwYulTWti+1a63tE5pIyoo9ox2+qUiWGE+x1DbL/3rBbAzhERQ
mm8gRro+HOzM0GjEBpdohZn1+r3UHiNiUTz8M5ysncLMaOtISbOn4BIFnB+7scOK
ZpWpQhUJZdfPeiQIQn0rC2q/yzrYfJtC8zckEJEYFYdS/076/ab+7HthFgxGLygU
t013XHB9/ElZDAYhpqTG1xluMKjJPNNU7x2OFlaoXWJEKyCNYGhTwg5G8QIDAQAB
o4ICzjCCAsowHQYDVR0OBBYEFH7aJE2BdyofEgW5idXBsCNVlGlEMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvZnRva1RZRjNLaDhTQmJtSjFjR3dJMVdVYVVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHjBggrBgEFBQcBBwEB/wSB0zCB0DAeBAIAATAYAwQBLYZY
AwQALYZbAwQAwSWLAwQCwZT4MIGtBAIAAjCBpgMHACoMmkAAAQMHBCoMmkAQAAMH
ACoMmkAQJAMHBCoMmkAQMAMHASoMmkAQUAMHASoMmkAQVDASAwcAKgyaQBBXAwcB
KgyaQBBYAwcAKgyaQBBgMBIDBwQqDJpAEHADBwUqDJpAEIAwEQMGBSoMmkAgAwcA
KgyaQCkAMBADBgEqDJpAKgMGACoMmkAuAwcAKgyaQIqQAwcAKgyaRAAAAwYAKgya
RgUwDQYJKoZIhvcNAQELBQADggEBAIc3nDLHyFfrEVs4SaoU5OmXhvitfbhT6dZL
rwVQHvRZQSRaDGROHV18TcZuiGVB15GIyLoYDGImUb5dfHz9AmL+m8aFpgTbDEW6
2uXFWITtGwDXUBrS3D87wQV8IyJpYGoRQ7z1X4TX8Et4PmdoO/3o0IOP0ekhc96B
EvZDnkPEwWd34P2/Ui3rI/M4fxlXfqQdJA4oTpBlBrLea+BENoqXYKaX1ovNpI/+
jHKyD7T+n3PEIX72LfNk/8ZoFviJBmmjI8ATDb0Ptb2muAvBkdMOoYXX/9V6N5Hl
q09V+c81QSok4/FekR8eGhXS6gVDkcFoizrp4T8qUm7g9k5/qyc=
-----END CERTIFICATE-----
Generated at Wed Apr 9 23:47:07 2025 by rpki-client