Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/m9Q0QpkVO1rZKT8wIA-lB6ceYcg.roa
File: m9Q0QpkVO1rZKT8wIA-lB6ceYcg.roa (raw, json)
Hash identifier: yW9VuP+7IZqfB9uY1adWMtzwRUiSlhz/2UYbCN1BQSU=
Subject key identifier: 9B:D4:34:42:99:15:3B:5A:D9:29:3F:30:20:0F:A5:07:A7:1E:61:C8
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 019426D9FAC87E768682F307E9278AFD0A11
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/m9Q0QpkVO1rZKT8wIA-lB6ceYcg.roa
Signing time: Thu 02 Jan 2025 11:50:07 +0000
ROA not before: Thu 02 Jan 2025 11:50:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25467
IP address blocks: 45.153.126.0/24 maxlen: 24
46.183.184.0/24 maxlen: 24
46.183.185.0/24 maxlen: 24
92.243.65.0/24 maxlen: 24
185.193.50.0/24 maxlen: 24
2a03:f80:385::/48 maxlen: 48
2a03:f80:389::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.mft
rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 12:01:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:fa:c8:7e:76:86:82:f3:07:e9:27:8a:fd:0a:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 2 11:50:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9bd4344299153b5ad9293f30200fa507a71e61c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:8c:92:68:a1:95:44:61:d0:db:38:c1:7f:0f:
e4:54:dd:80:42:51:51:52:12:11:cf:a3:ea:1a:83:
cd:c0:3e:6f:5e:88:13:38:60:73:5e:53:cc:f3:0d:
fb:02:ee:d3:29:a8:67:75:ce:73:45:12:65:f7:6d:
f4:3f:3f:e7:35:a0:08:03:81:ec:49:2a:0b:7e:65:
f4:a7:be:99:a1:0e:80:ec:6d:5d:2b:ad:90:b7:7a:
43:2e:d0:f3:11:de:db:1f:df:ad:2c:c7:ad:0b:15:
5f:3b:de:cb:4f:95:b4:8b:f5:ca:e4:93:ad:04:6f:
d0:1f:c6:73:1d:01:ad:45:67:56:ac:48:8f:1c:6a:
e8:47:dd:80:53:ba:c0:f1:f8:3c:74:f6:53:c3:94:
5b:d7:a0:e2:2c:30:c8:a3:47:15:d0:75:b2:dd:5b:
5c:31:b3:d2:27:07:39:a9:5b:6e:5d:99:00:80:77:
65:2d:7e:7e:81:08:99:21:62:bf:17:6e:68:aa:1c:
02:c2:b0:d0:c1:97:2c:b1:f2:f3:97:58:0f:05:95:
8b:54:84:88:09:89:82:5b:d4:ff:fc:d7:4f:a3:4b:
39:74:d3:7b:fd:d2:11:20:ca:12:f3:d1:a0:b7:95:
26:58:43:0e:68:98:cf:62:08:4f:d3:78:08:ff:be:
ea:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:D4:34:42:99:15:3B:5A:D9:29:3F:30:20:0F:A5:07:A7:1E:61:C8
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/m9Q0QpkVO1rZKT8wIA-lB6ceYcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.126.0/24
46.183.184.0/23
92.243.65.0/24
185.193.50.0/24
IPv6:
2a03:f80:385::/48
2a03:f80:389::/48
Signature Algorithm: sha256WithRSAEncryption
87:27:b9:9c:20:63:0e:01:db:cc:02:a1:3c:bd:21:9c:a3:c5:
53:83:8a:90:bb:a1:09:7a:0c:8a:a5:d0:c0:8f:1c:ab:9c:fb:
fe:d6:9e:a3:05:8b:a5:86:09:4a:d5:55:c3:e4:64:3e:fb:d2:
82:3a:39:6b:96:5b:fc:a9:08:13:7f:67:8e:01:72:3c:f4:5a:
74:22:d7:b1:d7:08:1b:3a:af:6e:d9:86:2d:8e:f8:85:cb:5d:
44:3d:48:a2:2b:03:b5:15:a0:85:8e:b4:cc:7a:a4:34:8d:85:
77:eb:13:a4:95:43:c9:e2:35:81:86:2f:61:e2:37:d7:71:ed:
11:c2:a8:2c:f9:a2:9c:f7:5a:75:71:8f:8c:28:3e:ff:1a:39:
39:7a:f7:09:11:1e:3d:5f:d7:5a:b8:f1:87:95:15:5b:62:cd:
c1:a0:86:6f:40:75:24:43:29:b6:f4:24:e2:97:a9:09:3d:87:
f1:c0:90:8e:13:7c:00:2d:d2:61:75:79:45:89:8a:63:6a:5d:
f7:96:32:fa:23:be:6b:5f:ed:b3:78:a2:a7:3b:58:41:eb:f3:
60:04:4b:66:be:e2:10:84:fd:09:58:f0:7b:44:86:1f:51:a7:
2e:a8:28:99:ae:98:93:a0:57:9a:d4:01:ba:19:13:f4:f6:ca:
d5:c9:ec:66
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZQm2frIfnaGgvMH6SeK/QoRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjUwMTAyMTE1MDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmQ0MzQ0Mjk5MTUzYjVhZDkyOTNmMzAyMDBmYTUwN2E3MWU2MWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYySaKGVRGHQ2zjBfw/kVN2AQlFR
UhIRz6PqGoPNwD5vXogTOGBzXlPM8w37Au7TKahndc5zRRJl9230Pz/nNaAIA4Hs
SSoLfmX0p76ZoQ6A7G1dK62Qt3pDLtDzEd7bH9+tLMetCxVfO97LT5W0i/XK5JOt
BG/QH8ZzHQGtRWdWrEiPHGroR92AU7rA8fg8dPZTw5Rb16DiLDDIo0cV0HWy3Vtc
MbPSJwc5qVtuXZkAgHdlLX5+gQiZIWK/F25oqhwCwrDQwZcssfLzl1gPBZWLVISI
CYmCW9T//NdPo0s5dNN7/dIRIMoS89Ggt5UmWEMOaJjPYghP03gI/77qJwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFJvUNEKZFTta2Sk/MCAPpQenHmHIMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvbTlRMFFwa1ZPMXJaS1Q4d0lBLWxCNmNlWWNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAeBAIAATAYAwQALZl+AwQB
Lre4AwQAXPNBAwQAucEyMBgEAgACMBIDBwAqAw+AA4UDBwAqAw+AA4kwDQYJKoZI
hvcNAQELBQADggEBAIcnuZwgYw4B28wCoTy9IZyjxVODipC7oQl6DIql0MCPHKuc
+/7WnqMFi6WGCUrVVcPkZD770oI6OWuWW/ypCBN/Z44Bcjz0WnQi17HXCBs6r27Z
hi2O+IXLXUQ9SKIrA7UVoIWOtMx6pDSNhXfrE6SVQ8niNYGGL2HiN9dx7RHCqCz5
opz3WnVxj4woPv8aOTl69wkRHj1f11q48YeVFVtizcGghm9AdSRDKbb0JOKXqQk9
h/HAkI4TfAAt0mF1eUWJimNqXfeWMvojvmtf7bN4oqc7WEHr82AES2a+4hCE/QlY
8HtEhh9Rpy6oKJmumJOgV5rUAboZE/T2ytXJ7GY=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:41:18 2025 by rpki-client