Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/00c6c4-ab28-4405-b694-c3d57e2387ca/1/gZtu_mvpfnIEYpfX3O3Zhm8l3oY.roa
File: gZtu_mvpfnIEYpfX3O3Zhm8l3oY.roa (raw, json)
Hash identifier: eNPnQnlHd8yy83e7BBZ3vW4/qWGTiwqTNCUFgABwjBU=
Subject key identifier: 81:9B:6E:FE:6B:E9:7E:72:04:62:97:D7:DC:ED:D9:86:6F:25:DE:86
Certificate issuer: /CN=3fe14329b6c1e695011a82406f7af48f4bb10ad4
Certificate serial: 019422FBC01A9B8F6D3776564B66A78E75A2
Authority key identifier: 3F:E1:43:29:B6:C1:E6:95:01:1A:82:40:6F:7A:F4:8F:4B:B1:0A:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-FDKbbB5pUBGoJAb3r0j0uxCtQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/00c6c4-ab28-4405-b694-c3d57e2387ca/1/gZtu_mvpfnIEYpfX3O3Zhm8l3oY.roa
Signing time: Wed 01 Jan 2025 17:48:31 +0000
ROA not before: Wed 01 Jan 2025 17:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202543
IP address blocks: 45.154.176.0/24 maxlen: 24
45.154.177.0/24 maxlen: 24
45.154.178.0/24 maxlen: 24
45.154.179.0/24 maxlen: 24
185.227.6.0/24 maxlen: 24
185.246.168.0/24 maxlen: 24
185.246.169.0/24 maxlen: 24
185.246.170.0/24 maxlen: 24
185.246.171.0/24 maxlen: 24
2a0f:3980::/30 maxlen: 30
2a0f:3984::/30 maxlen: 30
2a0f:c300::/30 maxlen: 30
2a0f:c304::/30 maxlen: 30
2a14:2980::/30 maxlen: 30
2a14:2984::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/00c6c4-ab28-4405-b694-c3d57e2387ca/1/P-FDKbbB5pUBGoJAb3r0j0uxCtQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/00c6c4-ab28-4405-b694-c3d57e2387ca/1/P-FDKbbB5pUBGoJAb3r0j0uxCtQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-FDKbbB5pUBGoJAb3r0j0uxCtQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 20:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:c0:1a:9b:8f:6d:37:76:56:4b:66:a7:8e:75:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fe14329b6c1e695011a82406f7af48f4bb10ad4
Validity
Not Before: Jan 1 17:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=819b6efe6be97e72046297d7dcedd9866f25de86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:5b:0e:bf:9d:c2:80:7d:52:c3:df:b5:80:19:
39:95:cd:c8:09:f0:41:0e:47:5b:9d:a2:9c:ad:b1:
cf:9f:b9:45:20:2d:e1:26:82:23:5c:c3:dd:78:cd:
33:46:e2:61:22:fe:3d:5a:77:96:a0:2c:05:4d:8d:
7d:61:6d:cf:a8:6a:a8:b3:bb:f9:f7:06:c3:b4:cc:
ca:0b:7f:03:0a:e6:eb:f5:77:19:f7:4e:77:10:43:
0f:76:af:f7:63:c4:cd:89:19:f9:13:a5:b5:89:ac:
26:d6:c6:8f:cf:80:d4:ef:62:e2:b3:8d:c3:fe:31:
c6:35:99:f5:a7:bf:99:94:92:37:f5:45:1d:e0:fd:
8b:eb:4a:ef:b3:b6:da:44:ce:c3:f5:dd:d0:5d:e2:
9b:a4:1e:d7:09:e2:7b:ce:77:e2:52:15:13:d1:46:
e7:a7:d4:9f:97:04:a9:79:58:1c:35:c8:06:ea:4e:
d5:57:47:6e:ad:d0:4f:b0:33:9e:41:15:7e:6c:2c:
a7:d4:90:b6:97:ff:41:57:f7:6f:a4:fb:47:63:3e:
b9:b1:2a:6c:86:82:f3:34:85:b4:18:52:a1:b3:c7:
3c:92:04:21:e4:b3:1a:0f:53:5b:35:97:89:93:1b:
73:e9:30:0b:24:bf:90:ec:41:f0:06:f5:d8:fd:a3:
99:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:9B:6E:FE:6B:E9:7E:72:04:62:97:D7:DC:ED:D9:86:6F:25:DE:86
X509v3 Authority Key Identifier:
keyid:3F:E1:43:29:B6:C1:E6:95:01:1A:82:40:6F:7A:F4:8F:4B:B1:0A:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-FDKbbB5pUBGoJAb3r0j0uxCtQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/00c6c4-ab28-4405-b694-c3d57e2387ca/1/gZtu_mvpfnIEYpfX3O3Zhm8l3oY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/00c6c4-ab28-4405-b694-c3d57e2387ca/1/P-FDKbbB5pUBGoJAb3r0j0uxCtQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.176.0/22
185.227.6.0/24
185.246.168.0/22
IPv6:
2a0f:3980::/29
2a0f:c300::/29
2a14:2980::/29
Signature Algorithm: sha256WithRSAEncryption
5b:05:34:93:98:9c:50:a5:db:17:49:61:af:09:04:2a:07:3d:
f2:af:bc:ff:bd:d9:d3:7c:12:86:da:66:74:d0:86:18:c2:9e:
79:9b:6d:22:00:b5:17:55:bf:ab:87:4d:33:8d:28:cf:ef:65:
b0:65:43:60:32:7f:9a:f1:73:57:b7:7e:ab:3e:cb:dc:22:d4:
90:99:b2:a8:77:1a:f8:bb:6f:96:93:2a:d1:44:0a:e0:e6:d5:
6d:dc:25:0b:2d:bb:69:43:1b:b3:c5:66:93:b6:ac:b2:7b:3c:
3c:65:3a:36:a9:75:93:e1:2c:72:50:ca:f8:16:17:0e:9f:72:
54:e9:35:b0:40:60:33:1b:62:7c:e8:f6:17:e6:b5:23:9e:1a:
db:d9:f0:3c:40:85:95:0c:34:ce:65:23:2d:45:d5:3b:b7:ed:
17:d6:04:e8:dd:fd:44:e0:82:58:58:b3:3b:ff:02:9c:42:9f:
2d:69:90:6c:07:3a:52:08:73:db:82:16:3a:8f:56:50:bf:4b:
02:e5:4b:e3:08:ea:c1:8b:d8:a6:e4:df:ee:c2:00:28:f0:12:
12:06:ed:59:23:c2:6a:02:99:34:2e:6b:26:97:16:63:8f:3b:
e5:69:50:46:6e:37:31:d5:49:8a:b7:a1:47:69:2d:aa:ab:c6:
11:5b:4c:57
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZQi+8Aam49tN3ZWS2anjnWiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZTE0MzI5YjZjMWU2OTUwMTFhODI0MDZmN2FmNDhmNGJi
MTBhZDQwHhcNMjUwMTAxMTc0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTliNmVmZTZiZTk3ZTcyMDQ2Mjk3ZDdkY2VkZDk4NjZmMjVkZTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlsOv53CgH1Sw9+1gBk5lc3ICfBB
DkdbnaKcrbHPn7lFIC3hJoIjXMPdeM0zRuJhIv49WneWoCwFTY19YW3PqGqos7v5
9wbDtMzKC38DCubr9XcZ9053EEMPdq/3Y8TNiRn5E6W1iawm1saPz4DU72Lis43D
/jHGNZn1p7+ZlJI39UUd4P2L60rvs7baRM7D9d3QXeKbpB7XCeJ7znfiUhUT0Ubn
p9SflwSpeVgcNcgG6k7VV0durdBPsDOeQRV+bCyn1JC2l/9BV/dvpPtHYz65sSps
hoLzNIW0GFKhs8c8kgQh5LMaD1NbNZeJkxtz6TALJL+Q7EHwBvXY/aOZywIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFIGbbv5r6X5yBGKX19zt2YZvJd6GMB8GA1UdIwQY
MBaAFD/hQym2weaVARqCQG969I9LsQrUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUC1GREtiYkI1cFVCR29KQWIzcjBqMHV4Q3RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wMGM2YzQtYWIyOC00NDA1LWI2OTQt
YzNkNTdlMjM4N2NhLzEvZ1p0dV9tdnBmbklFWXBmWDNPM1pobThsM29ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wMGM2YzQtYWIyOC00NDA1LWI2OTQtYzNkNTdlMjM4N2Nh
LzEvUC1GREtiYkI1cFVCR29KQWIzcjBqMHV4Q3RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQCLZqwAwQA
ueMGAwQCufaoMBsEAgACMBUDBQMqDzmAAwUDKg/DAAMFAyoUKYAwDQYJKoZIhvcN
AQELBQADggEBAFsFNJOYnFCl2xdJYa8JBCoHPfKvvP+92dN8EobaZnTQhhjCnnmb
bSIAtRdVv6uHTTONKM/vZbBlQ2Ayf5rxc1e3fqs+y9wi1JCZsqh3Gvi7b5aTKtFE
CuDm1W3cJQstu2lDG7PFZpO2rLJ7PDxlOjapdZPhLHJQyvgWFw6fclTpNbBAYDMb
Ynzo9hfmtSOeGtvZ8DxAhZUMNM5lIy1F1Tu37RfWBOjd/UTgglhYszv/ApxCny1p
kGwHOlIIc9uCFjqPVlC/SwLlS+MI6sGL2Kbk3+7CACjwEhIG7VkjwmoCmTQuayaX
FmOPO+VpUEZuNzHVSYq3oUdpLaqrxhFbTFc=
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:31:57 2025 by rpki-client