Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/9le1peACXBsZiHPrKGecXIwJa-c.roa
File: 9le1peACXBsZiHPrKGecXIwJa-c.roa (raw, json)
Hash identifier: abfbtZOYUj++vuicVi05zrp5kGNnF9HGnL5WTr/9qlE=
Subject key identifier: F6:57:B5:A5:E0:02:5C:1B:19:88:73:EB:28:67:9C:5C:8C:09:6B:E7
Certificate issuer: /CN=e138ec242a43e9c9d4ceb25dc90e5453373d3f46
Certificate serial: 0194258E4A19B48CB34DFC704A35EB859628
Authority key identifier: E1:38:EC:24:2A:43:E9:C9:D4:CE:B2:5D:C9:0E:54:53:37:3D:3F:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/9le1peACXBsZiHPrKGecXIwJa-c.roa
Signing time: Thu 02 Jan 2025 05:47:49 +0000
ROA not before: Thu 02 Jan 2025 05:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47674
IP address blocks: 185.11.145.0/24 maxlen: 32
185.11.146.0/24 maxlen: 32
185.11.147.0/24 maxlen: 32
185.62.188.0/24 maxlen: 32
185.62.189.0/24 maxlen: 32
185.62.190.0/24 maxlen: 32
188.209.49.0/24 maxlen: 24
188.209.52.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 00:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:4a:19:b4:8c:b3:4d:fc:70:4a:35:eb:85:96:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e138ec242a43e9c9d4ceb25dc90e5453373d3f46
Validity
Not Before: Jan 2 05:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f657b5a5e0025c1b198873eb28679c5c8c096be7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:13:a3:30:02:aa:02:5f:99:c1:b8:5e:b4:22:
e0:9c:d8:91:b9:85:75:40:c1:5b:25:3a:f9:53:1d:
c7:11:e7:ad:53:73:c6:d4:c4:fc:2e:ff:d4:6c:bf:
1f:4e:dc:08:b6:18:a7:98:bb:a5:70:ff:48:51:05:
02:52:41:0c:8a:c8:af:17:06:49:08:20:c0:e3:35:
68:a5:e6:f1:7e:0f:b5:e2:53:00:0e:15:9d:15:74:
94:c4:8a:77:fd:0c:88:42:da:03:e3:5c:4e:ea:90:
91:5a:c2:e5:b8:3d:f2:75:a0:d5:16:10:a1:f6:e9:
fd:88:a0:a5:1a:8e:f2:bc:75:4e:45:a4:31:55:f6:
41:da:44:f4:fc:e0:39:80:7d:39:af:c8:78:b2:15:
a9:49:42:60:2d:b7:72:ce:a8:43:aa:c8:bc:5f:8b:
fb:4e:02:02:7c:fa:6b:30:5b:7c:7b:af:62:95:b2:
c1:f2:35:38:2c:47:1f:cd:43:07:ae:ca:f4:e1:71:
92:3a:5d:5b:dc:7e:14:43:5f:ff:78:85:bc:aa:d8:
16:b5:80:04:d7:c1:df:f7:24:a5:12:3a:4d:cd:38:
76:e5:67:66:22:f5:3b:01:85:05:da:01:16:e6:11:
f5:9a:ff:14:4b:88:3d:58:29:16:06:e5:46:56:8f:
38:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:57:B5:A5:E0:02:5C:1B:19:88:73:EB:28:67:9C:5C:8C:09:6B:E7
X509v3 Authority Key Identifier:
keyid:E1:38:EC:24:2A:43:E9:C9:D4:CE:B2:5D:C9:0E:54:53:37:3D:3F:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/9le1peACXBsZiHPrKGecXIwJa-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.145.0-185.11.147.255
185.62.188.0-185.62.190.255
188.209.49.0/24
188.209.52.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:b9:19:d3:e6:3f:8b:81:e3:ab:79:21:1a:2e:00:68:54:cd:
af:f9:10:d3:db:f0:1e:51:f2:35:a6:7a:90:9a:41:38:e9:1c:
87:8e:70:8b:2e:a1:3e:50:9b:ef:90:bc:6c:89:b6:f1:f7:b9:
66:24:cc:ce:d6:bd:81:4f:50:db:40:30:87:82:15:16:d9:d7:
b2:73:86:a4:e2:a3:b9:8c:bc:57:d2:a0:ea:0d:1a:69:c3:9f:
f4:d7:65:ff:dd:28:6c:7f:ee:1c:c9:85:e5:56:86:18:c5:0d:
82:a7:03:7c:82:bb:2c:15:90:26:e6:4c:33:27:c6:d1:fa:95:
e9:10:ca:27:93:ff:49:3f:ad:33:8f:ea:f2:24:cb:10:27:78:
1d:ac:22:f8:a4:d4:0b:76:d1:21:3d:3c:83:ba:31:e2:15:87:
66:2a:48:a5:b6:73:e3:8d:a4:81:1f:4b:4a:8d:21:3d:75:7b:
ca:5e:5e:b0:4b:da:bf:e1:a0:52:f2:c8:64:6f:e3:86:c8:63:
4e:32:31:11:47:05:e6:77:79:64:7b:ef:da:82:67:99:ac:09:
73:4c:48:02:6c:f5:86:4a:e1:15:df:5a:8c:3b:c3:30:af:e8:
6e:0b:e8:1f:6a:d9:55:8a:55:87:41:6d:1a:34:68:8b:a3:e5:
b2:ec:14:57
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQljkoZtIyzTfxwSjXrhZYoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMzhlYzI0MmE0M2U5YzlkNGNlYjI1ZGM5MGU1NDUzMzcz
ZDNmNDYwHhcNMjUwMTAyMDU0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjU3YjVhNWUwMDI1YzFiMTk4ODczZWIyODY3OWM1YzhjMDk2YmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsROjMAKqAl+ZwbhetCLgnNiRuYV1
QMFbJTr5Ux3HEeetU3PG1MT8Lv/UbL8fTtwIthinmLulcP9IUQUCUkEMisivFwZJ
CCDA4zVopebxfg+14lMADhWdFXSUxIp3/QyIQtoD41xO6pCRWsLluD3ydaDVFhCh
9un9iKClGo7yvHVORaQxVfZB2kT0/OA5gH05r8h4shWpSUJgLbdyzqhDqsi8X4v7
TgICfPprMFt8e69ilbLB8jU4LEcfzUMHrsr04XGSOl1b3H4UQ1//eIW8qtgWtYAE
18Hf9ySlEjpNzTh25WdmIvU7AYUF2gEW5hH1mv8US4g9WCkWBuVGVo84fwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFPZXtaXgAlwbGYhz6yhnnFyMCWvnMB8GA1UdIwQY
MBaAFOE47CQqQ+nJ1M6yXckOVFM3PT9GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFRqc0pDcEQ2Y25VenJKZHlRNVVVemM5UDBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8wYjdmZDMtOTBmMC00NWQxLThhNTgt
Njc4NWNkNDU2ODcxLzEvOWxlMXBlQUNYQnNaaUhQcktHZWNYSXdKYS1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8wYjdmZDMtOTBmMC00NWQxLThhNTgtNjc4NWNkNDU2ODcx
LzEvNFRqc0pDcEQ2Y25VenJKZHlRNVVVemM5UDBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAC5C5ED
BAK5C5AwDAMEArk+vAMEALk+vgMEALzRMQMEALzRNDANBgkqhkiG9w0BAQsFAAOC
AQEAX7kZ0+Y/i4Hjq3khGi4AaFTNr/kQ09vwHlHyNaZ6kJpBOOkch45wiy6hPlCb
75C8bIm28fe5ZiTMzta9gU9Q20Awh4IVFtnXsnOGpOKjuYy8V9Kg6g0aacOf9Ndl
/90obH/uHMmF5VaGGMUNgqcDfIK7LBWQJuZMMyfG0fqV6RDKJ5P/ST+tM4/q8iTL
ECd4Hawi+KTUC3bRIT08g7ox4hWHZipIpbZz442kgR9LSo0hPXV7yl5esEvav+Gg
UvLIZG/jhshjTjIxEUcF5nd5ZHvv2oJnmawJc0xIAmz1hkrhFd9ajDvDMK/obgvo
H2rZVYpVh0FtGjRoi6PlsuwUVw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:38:36 2025 by rpki-client