Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/T14YGVIyo0B0GMjaoAuVV86EHfQ.roa
File: T14YGVIyo0B0GMjaoAuVV86EHfQ.roa (raw, json)
Hash identifier: 64ZLK4f1zxb+Q2lGELGqmESC0E6Ee+2GtOPU4byIZ/8=
Subject key identifier: 4F:5E:18:19:52:32:A3:40:74:18:C8:DA:A0:0B:95:57:CE:84:1D:F4
Certificate issuer: /CN=1e14eb1eef66c2d349f3f7d7bafa68e49fbfec9c
Certificate serial: 01949A4D070EC83C301DE7747EF4055F9EA7
Authority key identifier: 1E:14:EB:1E:EF:66:C2:D3:49:F3:F7:D7:BA:FA:68:E4:9F:BF:EC:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/T14YGVIyo0B0GMjaoAuVV86EHfQ.roa
Signing time: Fri 24 Jan 2025 21:52:06 +0000
ROA not before: Fri 24 Jan 2025 21:52:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210421
IP address blocks: 91.193.167.0/24 maxlen: 24
94.45.129.0/24 maxlen: 24
94.45.136.0/24 maxlen: 24
94.45.139.0/24 maxlen: 24
94.45.146.0/23 maxlen: 24
94.45.146.0/24 maxlen: 24
94.45.147.0/24 maxlen: 24
94.45.148.0/23 maxlen: 24
94.45.148.0/24 maxlen: 24
94.45.149.0/24 maxlen: 24
94.45.152.0/22 maxlen: 24
94.45.152.0/24 maxlen: 24
94.45.153.0/24 maxlen: 24
94.45.154.0/24 maxlen: 24
94.45.155.0/24 maxlen: 24
94.45.156.0/23 maxlen: 24
94.45.156.0/24 maxlen: 24
94.45.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.mft
rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:9a:4d:07:0e:c8:3c:30:1d:e7:74:7e:f4:05:5f:9e:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e14eb1eef66c2d349f3f7d7bafa68e49fbfec9c
Validity
Not Before: Jan 24 21:52:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f5e18195232a3407418c8daa00b9557ce841df4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:97:2e:6a:89:44:bd:0e:3f:db:27:87:d9:8e:
2a:e5:99:5f:f8:87:56:b2:1e:c4:d0:b1:b3:1a:92:
cb:b7:6b:ee:fb:d0:4b:59:83:b2:35:89:2d:3f:16:
2f:33:2a:7b:b0:a8:07:ae:0a:93:10:96:fb:2d:86:
01:a6:ca:8c:a3:fe:06:c7:49:55:ab:a0:29:15:32:
de:36:12:20:87:1e:a2:b9:89:3f:1b:19:61:81:ae:
7d:73:5b:22:b2:42:9d:18:c7:2f:24:10:d5:a4:bc:
2e:23:46:26:e2:bd:07:93:a3:f0:0a:81:47:9b:a1:
6c:5e:53:75:e5:f9:ae:35:22:6c:c9:80:e1:ed:be:
33:f4:72:00:98:f8:de:85:41:1f:96:cc:c9:6e:3d:
53:4c:23:6f:a7:88:21:c7:42:db:ae:90:99:78:cf:
13:3f:2f:b0:c5:61:51:ff:4b:0e:94:c7:dc:69:94:
fe:56:f6:c7:22:39:9d:87:73:9b:7d:ea:43:5f:f1:
33:8b:83:26:42:ee:5e:4a:e2:50:46:d0:04:20:26:
12:ee:da:d2:0c:e4:e1:e5:66:f1:65:29:5a:a3:bc:
e5:66:91:02:c4:2a:42:00:a6:53:37:4d:e3:ba:8f:
12:f6:ce:4c:96:fc:ce:a2:ce:80:5b:0f:4c:1f:49:
ab:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:5E:18:19:52:32:A3:40:74:18:C8:DA:A0:0B:95:57:CE:84:1D:F4
X509v3 Authority Key Identifier:
keyid:1E:14:EB:1E:EF:66:C2:D3:49:F3:F7:D7:BA:FA:68:E4:9F:BF:EC:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/T14YGVIyo0B0GMjaoAuVV86EHfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.167.0/24
94.45.129.0/24
94.45.136.0/24
94.45.139.0/24
94.45.146.0-94.45.149.255
94.45.152.0-94.45.157.255
Signature Algorithm: sha256WithRSAEncryption
03:85:80:50:c9:3c:9b:b4:4d:d9:28:35:60:1e:8c:71:97:8e:
2d:df:2b:0b:d5:dd:c9:03:c9:ba:cd:46:6c:f2:0b:22:78:e3:
f6:0e:be:ab:a0:ec:bc:77:1c:e0:2b:c2:2d:9d:ef:0e:62:ee:
99:3c:56:95:3c:37:5a:8d:4b:74:c4:92:d1:9e:46:ca:ba:0c:
49:61:44:da:aa:3f:de:04:0d:8c:da:5f:3a:7f:c9:e5:60:e5:
63:b3:36:1e:71:b8:5d:91:89:dc:d1:ba:d5:e3:df:cb:b5:d1:
9b:57:49:1f:5c:25:bb:8f:dd:14:23:ff:09:19:36:a7:4b:3e:
de:41:0a:68:cb:cf:c4:28:ed:48:08:1e:18:c7:eb:09:4b:db:
3b:f9:e8:3c:21:bc:38:85:be:bb:57:7f:79:c0:aa:93:87:bc:
b3:f1:1c:7a:46:2b:7f:43:0e:69:e3:61:82:4c:ed:d1:e9:cc:
69:a6:b6:43:16:4f:42:a8:e1:8c:c9:3f:8d:be:84:dd:cd:a9:
34:83:60:d0:e0:a7:ef:46:af:92:41:f6:5d:58:de:ff:b3:88:
1f:19:11:55:25:26:97:e7:6a:97:32:e8:d7:3a:d6:30:86:77:
22:32:82:7a:4b:46:c1:ce:98:fd:20:1c:2a:e6:a3:00:77:fc:
25:89:e4:b0
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZSaTQcOyDwwHed0fvQFX56nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMTRlYjFlZWY2NmMyZDM0OWYzZjdkN2JhZmE2OGU0OWZi
ZmVjOWMwHhcNMjUwMTI0MjE1MjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjVlMTgxOTUyMzJhMzQwNzQxOGM4ZGFhMDBiOTU1N2NlODQxZGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJcuaolEvQ4/2yeH2Y4q5Zlf+IdW
sh7E0LGzGpLLt2vu+9BLWYOyNYktPxYvMyp7sKgHrgqTEJb7LYYBpsqMo/4Gx0lV
q6ApFTLeNhIghx6iuYk/Gxlhga59c1siskKdGMcvJBDVpLwuI0Ym4r0Hk6PwCoFH
m6FsXlN15fmuNSJsyYDh7b4z9HIAmPjehUEflszJbj1TTCNvp4ghx0LbrpCZeM8T
Py+wxWFR/0sOlMfcaZT+VvbHIjmdh3ObfepDX/Ezi4MmQu5eSuJQRtAEICYS7trS
DOTh5WbxZSlao7zlZpECxCpCAKZTN03juo8S9s5MlvzOos6AWw9MH0mrPQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFE9eGBlSMqNAdBjI2qALlVfOhB30MB8GA1UdIwQY
MBaAFB4U6x7vZsLTSfP317r6aOSfv+ycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGhUckh1OW13dE5KOF9mWHV2cG81Si1fN0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8zMzNhYjEtYWY5Yi00MzRjLThkMTMt
OWNhOThmNDk1MGNmLzEvVDE0WUdWSXlvMEIwR01qYW9BdVZWODZFSGZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8zMzNhYjEtYWY5Yi00MzRjLThkMTMtOWNhOThmNDk1MGNm
LzEvSGhUckh1OW13dE5KOF9mWHV2cG81Si1fN0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQAW8GnAwQA
Xi2BAwQAXi2IAwQAXi2LMAwDBAFeLZIDBAFeLZQwDAMEA14tmAMEAV4tnDANBgkq
hkiG9w0BAQsFAAOCAQEAA4WAUMk8m7RN2Sg1YB6McZeOLd8rC9XdyQPJus1GbPIL
Injj9g6+q6DsvHcc4CvCLZ3vDmLumTxWlTw3Wo1LdMSS0Z5GyroMSWFE2qo/3gQN
jNpfOn/J5WDlY7M2HnG4XZGJ3NG61ePfy7XRm1dJH1wlu4/dFCP/CRk2p0s+3kEK
aMvPxCjtSAgeGMfrCUvbO/noPCG8OIW+u1d/ecCqk4e8s/EcekYrf0MOaeNhgkzt
0enMaaa2QxZPQqjhjMk/jb6E3c2pNINg0OCn70avkkH2XVje/7OIHxkRVSUml+dq
lzLo1zrWMIZ3IjKCektGwc6Y/SAcKuajAHf8JYnksA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:43 2025 by rpki-client