Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/yuuB2KONhG_4U4b8x6sLfT_QyK8.roa
File: yuuB2KONhG_4U4b8x6sLfT_QyK8.roa (raw, json)
Hash identifier: nmT4hg/orDDfGbLVfXOBmgugDkVcFUxF1FfArL2tLbY=
Subject key identifier: CA:EB:81:D8:A3:8D:84:6F:F8:53:86:FC:C7:AB:0B:7D:3F:D0:C8:AF
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 0195FAD30B85B68AEE3CEFEABF6FB37AEDC1
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/yuuB2KONhG_4U4b8x6sLfT_QyK8.roa
Signing time: Thu 03 Apr 2025 08:44:49 +0000
ROA not before: Thu 03 Apr 2025 08:44:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211750
IP address blocks: 45.128.157.0/24 maxlen: 24
45.128.158.0/24 maxlen: 24
185.228.81.0/24 maxlen: 24
185.228.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fa:d3:0b:85:b6:8a:ee:3c:ef:ea:bf:6f:b3:7a:ed:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Apr 3 08:44:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=caeb81d8a38d846ff85386fcc7ab0b7d3fd0c8af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:94:83:23:00:f7:66:9c:93:1a:95:6a:16:45:
d3:93:f5:a3:e9:50:8f:75:25:86:cd:8a:91:59:65:
c8:95:7a:a2:d7:37:87:0d:4f:c0:57:ce:37:6a:6a:
80:72:5a:b2:1d:6e:de:b2:29:4e:7d:46:49:e4:4a:
02:3d:a2:1b:eb:49:08:ec:e1:8b:03:1f:1c:d3:c2:
e3:50:01:17:bc:61:90:6c:1e:55:40:0d:91:4b:0a:
14:c6:07:a4:7d:25:0c:6c:66:8c:ea:fa:34:44:02:
6d:0b:fe:34:17:08:b0:a2:58:2e:53:d4:e2:80:c3:
2b:54:2f:b8:2f:84:f1:82:bc:8e:18:bd:a2:74:76:
26:4d:35:57:2c:c7:9a:51:9c:1f:34:e3:39:0f:0a:
38:9c:0e:ea:55:53:ca:fc:25:b6:26:e5:48:5f:1a:
e2:5f:e5:23:e1:88:dc:3d:97:89:31:40:34:af:f0:
bb:2e:17:27:db:dc:29:f9:85:49:f5:c1:90:2f:b4:
b0:b2:e7:d5:2b:09:d7:75:8d:7f:26:57:bd:8f:02:
c6:8c:32:61:54:3b:21:6b:32:19:5f:a0:a5:6e:e9:
e9:d5:db:48:72:44:e0:65:88:ad:c1:94:5d:15:2c:
cf:f6:75:2c:89:8f:9a:71:10:37:37:8a:63:c3:d6:
46:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:EB:81:D8:A3:8D:84:6F:F8:53:86:FC:C7:AB:0B:7D:3F:D0:C8:AF
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/yuuB2KONhG_4U4b8x6sLfT_QyK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.157.0-45.128.158.255
185.228.81.0-185.228.82.255
Signature Algorithm: sha256WithRSAEncryption
40:76:06:3d:3d:08:63:db:ce:6f:ae:5d:c3:38:37:ef:ba:88:
56:32:ad:fc:12:3d:34:4b:24:29:11:ec:f1:6c:ee:01:df:af:
18:c2:29:60:c5:1e:a0:ff:b9:98:13:84:95:da:4c:ad:39:38:
fc:d0:74:2e:56:f6:a2:31:16:38:31:3d:59:18:51:ad:1d:a3:
88:d8:37:05:43:5c:b8:2d:e6:a1:13:91:fc:2a:cb:1b:ed:ae:
8f:62:85:58:10:bb:ef:04:89:18:e5:83:48:99:e4:49:41:7b:
15:a2:64:25:c6:b1:68:5c:9b:0a:77:43:73:44:0a:9e:fd:61:
da:ab:b1:e9:90:b5:11:69:29:37:01:cb:9d:a6:d9:f2:74:b0:
d8:19:d6:84:f6:d6:e7:9c:bc:0f:38:3f:85:f7:c6:9b:60:37:
6c:e1:b1:c8:28:de:97:51:f1:9a:b3:2b:a0:5a:4d:d0:63:7b:
a7:37:6f:c8:59:90:61:3a:cd:df:9b:9b:29:4d:28:d6:22:14:
22:25:d8:3a:30:4f:c9:b0:f0:64:7d:14:af:20:8c:4a:ea:94:
6b:2b:ab:05:ee:2f:4f:f8:49:4a:b7:2c:db:ed:dc:49:a6:98:
65:70:3b:0a:74:b4:4d:39:7b:b0:52:f1:9b:36:9a:e5:fa:09:
bb:36:be:95
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZX60wuFtoruPO/qv2+zeu3BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjUwNDAzMDg0NDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWViODFkOGEzOGQ4NDZmZjg1Mzg2ZmNjN2FiMGI3ZDNmZDBjOGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpSDIwD3ZpyTGpVqFkXTk/Wj6VCP
dSWGzYqRWWXIlXqi1zeHDU/AV843amqAclqyHW7esilOfUZJ5EoCPaIb60kI7OGL
Ax8c08LjUAEXvGGQbB5VQA2RSwoUxgekfSUMbGaM6vo0RAJtC/40FwiwolguU9Ti
gMMrVC+4L4TxgryOGL2idHYmTTVXLMeaUZwfNOM5Dwo4nA7qVVPK/CW2JuVIXxri
X+Uj4YjcPZeJMUA0r/C7Lhcn29wp+YVJ9cGQL7SwsufVKwnXdY1/Jle9jwLGjDJh
VDshazIZX6Clbunp1dtIckTgZYitwZRdFSzP9nUsiY+acRA3N4pjw9ZGOQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFMrrgdijjYRv+FOG/MerC30/0MivMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEveXV1QjJLT05oR180VTRiOHg2c0xmVF9ReUs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAAtgJ0D
BAAtgJ4wDAMEALnkUQMEALnkUjANBgkqhkiG9w0BAQsFAAOCAQEAQHYGPT0IY9vO
b65dwzg377qIVjKt/BI9NEskKRHs8WzuAd+vGMIpYMUeoP+5mBOEldpMrTk4/NB0
Llb2ojEWODE9WRhRrR2jiNg3BUNcuC3moROR/CrLG+2uj2KFWBC77wSJGOWDSJnk
SUF7FaJkJcaxaFybCndDc0QKnv1h2qux6ZC1EWkpNwHLnabZ8nSw2BnWhPbW55y8
Dzg/hffGm2A3bOGxyCjel1HxmrMroFpN0GN7pzdvyFmQYTrN35ubKU0o1iIUIiXY
OjBPybDwZH0UryCMSuqUayurBe4vT/hJSrcs2+3cSaaYZXA7CnS0TTl7sFLxmzaa
5foJuza+lQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:23:58 2025 by rpki-client