Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/Dj_T-lBfXDTeyJqOCKxotmpHbz4.roa
File: Dj_T-lBfXDTeyJqOCKxotmpHbz4.roa (raw, json)
Hash identifier: DtaFNIcs8JYKhrQsisMAzqL1AEZ9/JzAP4H/i5/c0dk=
Subject key identifier: 0E:3F:D3:FA:50:5F:5C:34:DE:C8:9A:8E:08:AC:68:B6:6A:47:6F:3E
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 019427488EE5E50C26C9FF484B9CB13EF45B
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/Dj_T-lBfXDTeyJqOCKxotmpHbz4.roa
Signing time: Thu 02 Jan 2025 13:50:54 +0000
ROA not before: Thu 02 Jan 2025 13:50:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58212
IP address blocks: 45.13.226.0/24 maxlen: 24
45.67.139.0/24 maxlen: 24
45.90.96.0/24 maxlen: 24
45.90.97.0/24 maxlen: 24
185.117.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:8e:e5:e5:0c:26:c9:ff:48:4b:9c:b1:3e:f4:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 2 13:50:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e3fd3fa505f5c34dec89a8e08ac68b66a476f3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d7:27:e6:68:1c:4f:16:39:b6:c2:7a:6f:ba:
68:98:1d:d5:a4:9d:cd:bc:16:9d:40:f3:5c:20:04:
ef:2c:b2:ad:25:07:65:b1:ae:89:56:dc:25:f7:6c:
dd:51:df:c5:25:8d:d7:cc:f8:24:1a:4b:4e:e4:74:
54:44:c3:a3:21:b2:9a:53:cb:3b:d6:ae:df:bb:ca:
23:e7:a4:d2:61:f8:44:48:fa:fb:d8:77:03:f7:b3:
b6:3f:c4:c2:5d:28:b8:0b:a8:05:23:cb:6e:2c:08:
36:00:6c:dc:2b:a4:33:17:24:0a:33:a1:08:5f:a3:
01:41:a0:70:e8:ed:ef:0f:50:9e:56:06:76:9f:dd:
70:73:8a:d4:be:c8:5d:8b:73:26:9a:7e:b3:f7:dc:
ec:12:26:8f:67:79:e3:86:93:a9:b2:23:c4:6c:37:
2c:5e:e3:85:f3:6c:f2:12:b2:b8:c6:5e:dc:9e:6d:
33:f0:98:98:70:51:53:d7:63:40:76:5b:56:fc:e4:
a6:cb:81:3b:ca:7e:c7:85:76:f0:08:43:56:63:e3:
84:bc:7c:52:bb:73:df:23:ce:e0:ee:b6:08:3f:ab:
c9:e7:44:45:ad:25:ae:1c:71:a0:e6:06:64:3b:49:
c8:f3:5d:97:af:74:cd:6f:af:39:fa:75:88:dd:86:
fc:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:3F:D3:FA:50:5F:5C:34:DE:C8:9A:8E:08:AC:68:B6:6A:47:6F:3E
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/Dj_T-lBfXDTeyJqOCKxotmpHbz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.226.0/24
45.67.139.0/24
45.90.96.0/23
185.117.0.0/24
Signature Algorithm: sha256WithRSAEncryption
49:0e:39:91:e9:00:28:2c:0d:49:8b:f5:d1:50:dd:ba:06:32:
1c:32:26:f3:a7:89:af:1e:44:3c:f1:49:85:c2:50:70:dc:8b:
63:93:02:5e:3d:22:a3:12:dc:e4:1e:54:19:bd:c7:3e:7e:0d:
b4:08:61:db:50:8f:e8:09:3b:29:5b:f8:3e:3d:34:b0:55:b2:
b8:cf:95:50:b9:73:f2:2f:7b:28:e2:b5:e6:36:55:d7:bd:c0:
25:36:6c:53:fc:2c:cd:0b:f1:dd:72:74:fb:a0:7a:7a:04:d8:
f6:da:53:b6:eb:92:f2:c0:6f:7f:ca:ad:7d:9e:e0:26:17:3f:
85:25:58:78:6e:77:90:16:a7:53:22:f8:b4:6c:77:a8:78:97:
5c:1a:75:a9:46:85:bc:1b:a3:9d:bb:ec:d9:af:88:27:c6:85:
b0:f8:52:c9:c4:cb:ec:b7:bd:4a:d3:cf:0f:1e:12:37:fb:99:
27:55:10:a4:78:c7:5b:4d:0c:79:20:de:48:26:c3:32:04:78:
46:8a:50:80:6c:ec:7f:89:e0:73:df:d3:69:9a:92:8f:1c:fc:
3f:7c:ef:91:72:56:6c:d3:ba:e5:8e:c0:1e:e2:d6:6a:76:f4:
23:25:5e:0e:11:e5:60:be:e0:54:80:28:96:78:ae:a4:4b:92:
2f:b0:41:a4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQnSI7l5Qwmyf9IS5yxPvRbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjUwMTAyMTM1MDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTNmZDNmYTUwNWY1YzM0ZGVjODlhOGUwOGFjNjhiNjZhNDc2ZjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Ncn5mgcTxY5tsJ6b7pomB3VpJ3N
vBadQPNcIATvLLKtJQdlsa6JVtwl92zdUd/FJY3XzPgkGktO5HRURMOjIbKaU8s7
1q7fu8oj56TSYfhESPr72HcD97O2P8TCXSi4C6gFI8tuLAg2AGzcK6QzFyQKM6EI
X6MBQaBw6O3vD1CeVgZ2n91wc4rUvshdi3Mmmn6z99zsEiaPZ3njhpOpsiPEbDcs
XuOF82zyErK4xl7cnm0z8JiYcFFT12NAdltW/OSmy4E7yn7HhXbwCENWY+OEvHxS
u3PfI87g7rYIP6vJ50RFrSWuHHGg5gZkO0nI812Xr3TNb685+nWI3Yb8pQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFA4/0/pQX1w03siajgisaLZqR28+MB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvRGpfVC1sQmZYRFRleUpxT0NLeG90bXBIYno0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQ3iAwQA
LUOLAwQBLVpgAwQAuXUAMA0GCSqGSIb3DQEBCwUAA4IBAQBJDjmR6QAoLA1Ji/XR
UN26BjIcMibzp4mvHkQ88UmFwlBw3ItjkwJePSKjEtzkHlQZvcc+fg20CGHbUI/o
CTspW/g+PTSwVbK4z5VQuXPyL3so4rXmNlXXvcAlNmxT/CzNC/HdcnT7oHp6BNj2
2lO265LywG9/yq19nuAmFz+FJVh4bneQFqdTIvi0bHeoeJdcGnWpRoW8G6Odu+zZ
r4gnxoWw+FLJxMvst71K088PHhI3+5knVRCkeMdbTQx5IN5IJsMyBHhGilCAbOx/
ieBz39NpmpKPHPw/fO+RclZs07rljsAe4tZqdvQjJV4OEeVgvuBUgCiWeK6kS5Iv
sEGk
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:37:18 2025 by rpki-client