Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/T3DHso2DgcgzSGeGCdNcHguj0bs.roa
File: T3DHso2DgcgzSGeGCdNcHguj0bs.roa (raw, json)
Hash identifier: KCI6UzKi7D6G3w7EbBpxT/krna8j1J5HsGmbLXpPAns=
Subject key identifier: 4F:70:C7:B2:8D:83:81:C8:33:48:67:86:09:D3:5C:1E:0B:A3:D1:BB
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 01942067FF1B3D714DFEBB8962FEA5CC23DC
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/T3DHso2DgcgzSGeGCdNcHguj0bs.roa
Signing time: Wed 01 Jan 2025 05:47:53 +0000
ROA not before: Wed 01 Jan 2025 05:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 45.141.204.0/23 maxlen: 23
45.148.51.0/24 maxlen: 24
45.149.90.0/23 maxlen: 23
194.39.216.0/24 maxlen: 24
195.88.191.0/24 maxlen: 24
195.88.210.0/24 maxlen: 24
2a0c:9e06::/32 maxlen: 32
2a0e:a944::/32 maxlen: 32
2a0e:a945::/32 maxlen: 32
2a0e:a946::/32 maxlen: 32
2a0e:a947::/32 maxlen: 32
2a0f:3b80::/32 maxlen: 32
2a0f:3b81::/32 maxlen: 32
2a0f:3b82::/32 maxlen: 32
2a0f:3b83::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 03:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:ff:1b:3d:71:4d:fe:bb:89:62:fe:a5:cc:23:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jan 1 05:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f70c7b28d8381c83348678609d35c1e0ba3d1bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:19:2f:63:4b:9b:77:31:14:90:e7:76:fa:9f:
a7:a3:97:4c:77:af:6b:c3:18:25:7e:b3:11:6d:d0:
7d:5d:b7:34:77:74:ab:8d:96:4f:ca:22:71:b9:24:
e4:d3:a9:07:c2:f4:f8:b4:0d:e3:49:b9:57:7a:5b:
1a:b3:08:96:e0:73:c8:8a:ff:5d:27:77:b1:c2:41:
63:55:af:b5:49:16:56:ba:dc:88:c3:f7:52:e7:74:
51:a3:7c:6f:c3:cc:48:b7:5c:36:c4:ed:07:b7:2e:
45:25:47:7f:6a:0f:f5:62:b4:b8:39:8e:f4:f4:80:
6f:dc:19:20:a3:37:91:d9:86:2c:99:ec:bc:8e:bd:
be:09:71:0c:c4:bf:db:0c:5f:b3:20:6a:23:66:1d:
cc:fb:38:13:42:85:ee:7c:78:7a:e4:49:ff:40:f6:
47:66:91:3d:77:a5:75:87:cb:87:27:ad:5d:77:33:
9f:4e:88:b3:ac:4f:61:3c:22:91:79:cb:db:36:1d:
ea:b3:46:9d:51:80:84:79:9e:de:34:65:cd:28:7a:
8d:41:62:3a:36:97:1c:69:e8:38:3b:52:84:d1:00:
29:73:db:28:dd:b6:99:5b:3d:ab:ad:bb:eb:7a:fd:
81:8a:a2:3b:1e:cd:60:5e:f3:70:b7:65:8c:c3:15:
c5:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:70:C7:B2:8D:83:81:C8:33:48:67:86:09:D3:5C:1E:0B:A3:D1:BB
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/T3DHso2DgcgzSGeGCdNcHguj0bs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.204.0/23
45.148.51.0/24
45.149.90.0/23
194.39.216.0/24
195.88.191.0/24
195.88.210.0/24
IPv6:
2a0c:9e06::/32
2a0e:a944::/30
2a0f:3b80::/30
Signature Algorithm: sha256WithRSAEncryption
42:ca:86:43:89:6e:59:da:71:49:26:a7:c1:c9:35:78:23:0b:
6b:76:b3:c9:b9:e4:be:e9:4e:d1:6c:aa:61:84:77:2c:df:9d:
eb:d4:a0:01:03:24:8d:49:b6:a8:77:72:72:86:45:63:6b:b7:
30:33:f4:f6:30:ff:52:6b:fc:a8:20:cb:35:78:4b:0a:64:c5:
5f:b1:12:3c:92:6c:41:e5:8f:67:77:6b:81:86:0b:1f:c9:be:
6a:b3:35:d2:89:fe:fc:22:f2:5e:90:1e:c7:4b:d4:85:36:27:
4c:fe:58:56:a5:27:cb:56:4d:94:67:2d:54:89:3b:77:70:99:
88:9c:f9:c7:66:62:ae:fd:79:54:e9:b3:0f:bb:ad:bd:4c:05:
b1:60:f6:5f:8c:a8:d8:e6:53:9a:d9:ec:e7:3a:38:73:f2:df:
38:f6:b1:8b:fa:d6:6e:94:bf:99:c0:e4:75:a8:13:1f:94:b2:
3d:f7:f6:9f:fc:ea:81:9e:b8:c0:bb:84:a9:6a:a1:bd:99:5d:
1c:5a:6a:a1:4e:8c:77:34:0f:33:93:f7:7c:fa:f7:45:21:c5:
bc:83:c4:df:5d:3a:2f:78:b0:01:12:20:43:e7:ed:ff:60:1d:
57:70:0a:f4:44:40:c5:73:f0:4d:7a:03:08:3f:2d:4e:ea:4e:
24:a9:61:11
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZQgZ/8bPXFN/ruJYv6lzCPcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjUwMTAxMDU0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjcwYzdiMjhkODM4MWM4MzM0ODY3ODYwOWQzNWMxZTBiYTNkMWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBkvY0ubdzEUkOd2+p+no5dMd69r
wxglfrMRbdB9Xbc0d3SrjZZPyiJxuSTk06kHwvT4tA3jSblXelsaswiW4HPIiv9d
J3exwkFjVa+1SRZWutyIw/dS53RRo3xvw8xIt1w2xO0Hty5FJUd/ag/1YrS4OY70
9IBv3BkgozeR2YYsmey8jr2+CXEMxL/bDF+zIGojZh3M+zgTQoXufHh65En/QPZH
ZpE9d6V1h8uHJ61ddzOfToizrE9hPCKRecvbNh3qs0adUYCEeZ7eNGXNKHqNQWI6
Npccaeg4O1KE0QApc9so3baZWz2rrbvrev2BiqI7Hs1gXvNwt2WMwxXFkQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFE9wx7KNg4HIM0hnhgnTXB4Lo9G7MB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvVDNESHNvMkRnY2d6U0dlR0NkTmNIZ3VqMGJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAqBAIAATAkAwQBLY3MAwQA
LZQzAwQBLZVaAwQAwifYAwQAw1i/AwQAw1jSMBsEAgACMBUDBQAqDJ4GAwUCKg6p
RAMFAioPO4AwDQYJKoZIhvcNAQELBQADggEBAELKhkOJblnacUkmp8HJNXgjC2t2
s8m55L7pTtFsqmGEdyzfnevUoAEDJI1Jtqh3cnKGRWNrtzAz9PYw/1Jr/KggyzV4
SwpkxV+xEjySbEHlj2d3a4GGCx/JvmqzNdKJ/vwi8l6QHsdL1IU2J0z+WFalJ8tW
TZRnLVSJO3dwmYic+cdmYq79eVTpsw+7rb1MBbFg9l+MqNjmU5rZ7Oc6OHPy3zj2
sYv61m6Uv5nA5HWoEx+Usj339p/86oGeuMC7hKlqob2ZXRxaaqFOjHc0DzOT93z6
90UhxbyDxN9dOi94sAESIEPn7f9gHVdwCvREQMVz8E16Awg/LU7qTiSpYRE=
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:55:37 2025 by rpki-client