Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/5VyyRu9k0KJF1HIYdY3SbNtLs7Y.roa
File: 5VyyRu9k0KJF1HIYdY3SbNtLs7Y.roa (raw, json)
Hash identifier: JzNrotC5WQ6zx3dtdKUI1Ev/FqX2rmyNFShITvJA34M=
Subject key identifier: E5:5C:B2:46:EF:64:D0:A2:45:D4:72:18:75:8D:D2:6C:DB:4B:B3:B6
Certificate issuer: /CN=4722aea0ef4c0667db819f5d5a3daea6399f038c
Certificate serial: 01942748206D0FF86AF2A47507D8F4C98F26
Authority key identifier: 47:22:AE:A0:EF:4C:06:67:DB:81:9F:5D:5A:3D:AE:A6:39:9F:03:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RyKuoO9MBmfbgZ9dWj2upjmfA4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/5VyyRu9k0KJF1HIYdY3SbNtLs7Y.roa
Signing time: Thu 02 Jan 2025 13:50:25 +0000
ROA not before: Thu 02 Jan 2025 13:50:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206892
IP address blocks: 45.95.44.0/22 maxlen: 24
94.199.178.0/23 maxlen: 24
94.199.179.0/24 maxlen: 24
95.140.32.0/24 maxlen: 24
95.140.38.0/23 maxlen: 24
185.161.72.0/22 maxlen: 24
185.199.28.0/22 maxlen: 24
185.234.180.0/22 maxlen: 24
194.39.44.0/22 maxlen: 24
195.200.232.0/23 maxlen: 24
2a07:c280::/32 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/RyKuoO9MBmfbgZ9dWj2upjmfA4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/RyKuoO9MBmfbgZ9dWj2upjmfA4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/RyKuoO9MBmfbgZ9dWj2upjmfA4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 16:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:20:6d:0f:f8:6a:f2:a4:75:07:d8:f4:c9:8f:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4722aea0ef4c0667db819f5d5a3daea6399f038c
Validity
Not Before: Jan 2 13:50:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e55cb246ef64d0a245d47218758dd26cdb4bb3b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ac:59:69:90:e2:e3:7e:eb:c0:ed:48:e2:13:
73:a8:7a:10:ee:71:17:1b:ef:c4:92:45:65:da:54:
b9:cb:19:7e:af:28:72:6d:8a:40:99:d7:16:86:99:
95:04:58:41:04:46:5b:dd:aa:27:41:1e:b7:3e:50:
76:78:36:69:5d:6b:03:76:38:3f:58:e5:ff:6e:90:
99:56:e8:b8:56:66:52:cb:ec:b0:82:ee:ac:cc:3d:
5e:9a:f2:dd:2c:50:c7:6f:12:62:70:55:ee:54:ea:
d8:44:47:64:a7:ab:f4:fd:d2:12:13:b4:b4:d5:a2:
96:43:69:c5:f3:1f:4a:0e:4d:79:45:21:3f:84:75:
09:20:78:87:dd:05:98:16:c4:4a:3e:bd:1f:63:aa:
65:ab:c5:5f:b4:c4:d4:c4:5e:b7:8f:1a:2a:1f:03:
c8:c1:21:63:de:06:50:dc:4f:5d:70:82:11:de:0b:
b0:ee:07:f1:27:4c:a9:c0:13:18:4e:f5:7e:fd:64:
ac:22:b6:6a:1e:b0:f5:0b:0b:26:2f:af:e0:de:b8:
cc:8c:50:01:43:a5:3f:8f:0a:7b:29:42:f2:86:1a:
7a:e4:0b:ae:b3:51:a5:94:9c:bb:ac:3d:dd:cb:32:
94:8e:e2:87:8f:20:3b:f4:f4:dc:34:b3:07:0e:aa:
09:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:5C:B2:46:EF:64:D0:A2:45:D4:72:18:75:8D:D2:6C:DB:4B:B3:B6
X509v3 Authority Key Identifier:
keyid:47:22:AE:A0:EF:4C:06:67:DB:81:9F:5D:5A:3D:AE:A6:39:9F:03:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RyKuoO9MBmfbgZ9dWj2upjmfA4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/5VyyRu9k0KJF1HIYdY3SbNtLs7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/RyKuoO9MBmfbgZ9dWj2upjmfA4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.44.0/22
94.199.178.0/23
95.140.32.0/24
95.140.38.0/23
185.161.72.0/22
185.199.28.0/22
185.234.180.0/22
194.39.44.0/22
195.200.232.0/23
IPv6:
2a07:c280::/32
Signature Algorithm: sha256WithRSAEncryption
6e:70:14:9b:53:6a:15:20:ed:b3:3a:2e:98:6e:13:a3:c4:27:
87:ef:46:6b:d1:ff:b9:63:c4:e5:2e:0c:9e:83:92:a5:df:12:
d0:a2:47:7c:69:2d:74:cd:ac:82:c8:95:bd:12:b0:70:f9:ec:
a9:b9:54:f2:76:a6:f5:87:bc:10:9e:81:a9:3c:41:0f:23:e8:
ba:60:8d:b3:2c:eb:e2:ee:47:69:ad:53:1a:22:3e:ec:35:15:
cd:b3:47:1d:3a:b4:17:f0:35:8b:1f:64:46:f5:83:56:e4:4b:
16:42:8d:2e:95:a2:0c:26:8e:1b:c3:f0:1d:e6:66:8f:0a:c1:
3c:8a:53:b5:d9:58:9e:a0:ec:57:06:c5:b1:e2:ac:cb:b7:36:
da:66:d7:84:41:50:d3:5b:a7:4b:74:49:b3:b6:a1:cf:f1:64:
cd:e9:9b:21:50:12:e8:76:92:4f:9d:bc:8e:0e:7c:87:f0:a4:
ba:c7:fd:be:16:4c:c6:2d:6f:e6:c3:82:ee:05:b4:70:d0:d8:
85:42:8c:c7:cf:e7:2b:d6:6e:be:10:ab:21:4d:17:86:2a:4e:
df:cb:58:b5:12:ac:5e:3f:7e:08:0a:9e:2d:fd:ed:55:9d:85:
f9:9c:9e:44:8a:c1:ae:5c:3a:8a:0b:a8:a0:bb:ca:d7:c0:c8:
18:55:1c:84
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZQnSCBtD/hq8qR1B9j0yY8mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MjJhZWEwZWY0YzA2NjdkYjgxOWY1ZDVhM2RhZWE2Mzk5
ZjAzOGMwHhcNMjUwMTAyMTM1MDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTVjYjI0NmVmNjRkMGEyNDVkNDcyMTg3NThkZDI2Y2RiNGJiM2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6xZaZDi437rwO1I4hNzqHoQ7nEX
G+/EkkVl2lS5yxl+ryhybYpAmdcWhpmVBFhBBEZb3aonQR63PlB2eDZpXWsDdjg/
WOX/bpCZVui4VmZSy+ywgu6szD1emvLdLFDHbxJicFXuVOrYREdkp6v0/dISE7S0
1aKWQ2nF8x9KDk15RSE/hHUJIHiH3QWYFsRKPr0fY6plq8VftMTUxF63jxoqHwPI
wSFj3gZQ3E9dcIIR3guw7gfxJ0ypwBMYTvV+/WSsIrZqHrD1CwsmL6/g3rjMjFAB
Q6U/jwp7KULyhhp65Auus1GllJy7rD3dyzKUjuKHjyA79PTcNLMHDqoJVwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFOVcskbvZNCiRdRyGHWN0mzbS7O2MB8GA1UdIwQY
MBaAFEcirqDvTAZn24GfXVo9rqY5nwOMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnlLdW9POU1CbWZiZ1o5ZFdqMnVwam1mQTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi84MGMzODctYjIwYi00MzBhLWE1ZTYt
NmUzMDc0YzZjNjYzLzEvNVZ5eVJ1OWswS0pGMUhJWWRZM1NiTnRMczdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi84MGMzODctYjIwYi00MzBhLWE1ZTYtNmUzMDc0YzZjNjYz
LzEvUnlLdW9POU1CbWZiZ1o5ZFdqMnVwam1mQTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQCLV8sAwQB
XseyAwQAX4wgAwQBX4wmAwQCuaFIAwQCucccAwQCueq0AwQCwicsAwQBw8joMA0E
AgACMAcDBQAqB8KAMA0GCSqGSIb3DQEBCwUAA4IBAQBucBSbU2oVIO2zOi6YbhOj
xCeH70Zr0f+5Y8TlLgyeg5Kl3xLQokd8aS10zayCyJW9ErBw+eypuVTydqb1h7wQ
noGpPEEPI+i6YI2zLOvi7kdprVMaIj7sNRXNs0cdOrQX8DWLH2RG9YNW5EsWQo0u
laIMJo4bw/Ad5maPCsE8ilO12VieoOxXBsWx4qzLtzbaZteEQVDTW6dLdEmztqHP
8WTN6ZshUBLodpJPnbyODnyH8KS6x/2+FkzGLW/mw4LuBbRw0NiFQozHz+cr1m6+
EKshTReGKk7fy1i1EqxeP34ICp4t/e1VnYX5nJ5EisGuXDqKC6igu8rXwMgYVRyE
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:58:04 2025 by rpki-client