Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/I6fa7upvk-8lxJh8Xg3J12wgh5s.roa
File: I6fa7upvk-8lxJh8Xg3J12wgh5s.roa (raw, json)
Hash identifier: bov/2d/GEEG2qFtvTVuW6lrqmm4nh/Cfgdq8NX02hTc=
Subject key identifier: 23:A7:DA:EE:EA:6F:93:EF:25:C4:98:7C:5E:0D:C9:D7:6C:20:87:9B
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 019420680E943C1E78AFFD34A40E929A549D
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/I6fa7upvk-8lxJh8Xg3J12wgh5s.roa
Signing time: Wed 01 Jan 2025 05:47:57 +0000
ROA not before: Wed 01 Jan 2025 05:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210489
IP address blocks: 45.135.96.0/23 maxlen: 23
45.135.98.0/23 maxlen: 23
45.136.64.0/22 maxlen: 23
45.140.8.0/23 maxlen: 23
45.141.16.0/23 maxlen: 23
45.141.18.0/23 maxlen: 23
45.141.62.0/23 maxlen: 23
45.141.206.0/23 maxlen: 23
45.152.8.0/23 maxlen: 23
45.157.202.0/23 maxlen: 23
46.161.210.0/23 maxlen: 23
46.161.220.0/23 maxlen: 23
46.161.222.0/23 maxlen: 23
91.244.204.0/22 maxlen: 23
185.222.32.0/23 maxlen: 23
185.222.34.0/23 maxlen: 23
193.110.4.0/23 maxlen: 24
195.62.22.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:0e:94:3c:1e:78:af:fd:34:a4:0e:92:9a:54:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jan 1 05:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=23a7daeeea6f93ef25c4987c5e0dc9d76c20879b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:5a:c9:4e:1c:53:c1:5a:2d:39:37:08:8f:f2:
c9:74:84:84:0b:e6:7f:bd:56:f1:59:77:7a:b7:05:
08:ed:21:41:53:3d:e4:f4:17:3d:33:46:f0:cf:ff:
7a:82:fe:27:06:73:4a:4a:51:48:ab:0e:ed:ac:a4:
bd:16:fc:e9:04:3b:22:24:b3:8c:1f:5a:24:4b:6f:
f3:ea:87:0f:d2:99:8a:75:8d:8c:c3:70:10:48:1b:
a3:bf:86:ca:3e:d3:b1:00:1b:81:b0:83:a3:84:67:
43:a1:6f:1c:de:8b:fc:f4:fa:77:e6:53:f7:40:5b:
28:29:c6:9f:b1:b6:0f:72:c7:da:b8:41:cd:ee:2b:
6c:d3:d6:8d:c8:9d:a0:65:7d:f4:e7:bc:02:f7:85:
52:f9:9c:31:9a:b1:3d:43:aa:f5:09:43:be:93:16:
e4:9f:2c:6c:f2:39:80:8a:77:ab:e8:c0:d2:c8:7f:
ab:67:d9:68:af:fa:c5:e7:eb:64:9d:d5:f1:cf:2f:
c6:27:cb:cd:d0:fa:85:4e:02:69:38:cf:3f:8e:64:
60:99:68:ea:d5:c3:23:93:db:35:b4:49:47:02:23:
13:6c:89:03:36:7c:c6:72:7d:67:6d:40:e4:51:a3:
d5:2b:ef:44:3d:44:46:1f:7c:7a:43:06:07:1e:6f:
9a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:A7:DA:EE:EA:6F:93:EF:25:C4:98:7C:5E:0D:C9:D7:6C:20:87:9B
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/I6fa7upvk-8lxJh8Xg3J12wgh5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.96.0/22
45.136.64.0/22
45.140.8.0/23
45.141.16.0/22
45.141.62.0/23
45.141.206.0/23
45.152.8.0/23
45.157.202.0/23
46.161.210.0/23
46.161.220.0/22
91.244.204.0/22
185.222.32.0/22
193.110.4.0/23
195.62.22.0/23
Signature Algorithm: sha256WithRSAEncryption
86:e4:6f:00:68:c9:12:b9:9d:42:e4:7b:05:f3:a3:7c:d8:5d:
ab:16:02:b6:e4:01:3f:c6:af:61:c7:9f:d1:51:07:22:54:e5:
06:d4:8a:eb:63:2d:2f:54:a8:7d:19:69:4e:9e:d8:a2:59:c3:
d4:02:cc:f2:b5:b3:cc:12:e0:f0:49:04:b3:d7:19:ab:28:34:
3e:00:e5:d3:c5:8d:bb:d2:7f:d9:2c:52:35:ab:60:5d:2e:4c:
03:b3:5f:5f:35:74:b3:b8:64:4d:ca:4d:3f:72:fd:b0:ba:b3:
18:38:42:06:9e:aa:8e:3b:4c:e8:64:f6:ac:1f:77:96:f2:82:
86:1e:4f:26:36:1d:7f:c1:cb:77:d2:47:ba:5f:93:1a:3e:18:
2d:a6:f9:ad:e2:c1:e8:55:1f:0a:65:9a:01:df:b4:ac:cf:be:
9a:62:c1:18:6c:ad:a7:96:1e:ad:70:48:8c:b1:55:45:f8:4e:
5f:c4:13:e5:ff:b6:3a:41:ba:6d:b0:cd:dc:bd:e9:37:ba:de:
10:65:87:80:9c:26:c5:d7:fe:19:b3:71:93:c1:65:a3:71:36:
30:9e:96:db:9d:7f:4d:47:f8:0e:e0:88:43:7b:c0:37:42:5b:
8c:0e:07:2f:5d:ad:56:1d:e2:af:d8:43:7a:70:0b:a5:0d:ea:
ea:12:f9:63
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZQgaA6UPB54r/00pA6SmlSdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjUwMTAxMDU0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2E3ZGFlZWVhNmY5M2VmMjVjNDk4N2M1ZTBkYzlkNzZjMjA4NzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFrJThxTwVotOTcIj/LJdISEC+Z/
vVbxWXd6twUI7SFBUz3k9Bc9M0bwz/96gv4nBnNKSlFIqw7trKS9FvzpBDsiJLOM
H1okS2/z6ocP0pmKdY2Mw3AQSBujv4bKPtOxABuBsIOjhGdDoW8c3ov89Pp35lP3
QFsoKcafsbYPcsfauEHN7its09aNyJ2gZX3057wC94VS+ZwxmrE9Q6r1CUO+kxbk
nyxs8jmAiner6MDSyH+rZ9lor/rF5+tkndXxzy/GJ8vN0PqFTgJpOM8/jmRgmWjq
1cMjk9s1tElHAiMTbIkDNnzGcn1nbUDkUaPVK+9EPURGH3x6QwYHHm+aDQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFCOn2u7qb5PvJcSYfF4NyddsIIebMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvSTZmYTd1cHZrLThseEpoOFhnM0oxMndnaDVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQCLYdgAwQC
LYhAAwQBLYwIAwQCLY0QAwQBLY0+AwQBLY3OAwQBLZgIAwQBLZ3KAwQBLqHSAwQC
LqHcAwQCW/TMAwQCud4gAwQBwW4EAwQBwz4WMA0GCSqGSIb3DQEBCwUAA4IBAQCG
5G8AaMkSuZ1C5HsF86N82F2rFgK25AE/xq9hx5/RUQciVOUG1IrrYy0vVKh9GWlO
ntiiWcPUAszytbPMEuDwSQSz1xmrKDQ+AOXTxY270n/ZLFI1q2BdLkwDs19fNXSz
uGRNyk0/cv2wurMYOEIGnqqOO0zoZPasH3eW8oKGHk8mNh1/wct30ke6X5MaPhgt
pvmt4sHoVR8KZZoB37Ssz76aYsEYbK2nlh6tcEiMsVVF+E5fxBPl/7Y6QbptsM3c
vek3ut4QZYeAnCbF1/4Zs3GTwWWjcTYwnpbbnX9NR/gO4IhDe8A3QluMDgcvXa1W
HeKv2EN6cAulDerqEvlj
-----END CERTIFICATE-----
Generated at Mon Apr 7 11:09:49 2025 by rpki-client