Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/kdMTUuZQ-VDU7NqJNcyDpNWEwZA.roa
File: kdMTUuZQ-VDU7NqJNcyDpNWEwZA.roa (raw, json)
Hash identifier: 0xM4rSsb67XsqZdfOU2nnDN2imK41b/0o/x5ogOpXhY=
Subject key identifier: 91:D3:13:52:E6:50:F9:50:D4:EC:DA:89:35:CC:83:A4:D5:84:C1:90
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 019459E7341142000A2CA270953EEFFD032F
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/kdMTUuZQ-VDU7NqJNcyDpNWEwZA.roa
Signing time: Sun 12 Jan 2025 09:45:11 +0000
ROA not before: Sun 12 Jan 2025 09:45:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214654
IP address blocks: 45.92.218.0/23 maxlen: 23
45.134.38.0/24 maxlen: 24
45.152.162.0/23 maxlen: 23
45.152.162.0/24 maxlen: 24
45.152.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:59:e7:34:11:42:00:0a:2c:a2:70:95:3e:ef:fd:03:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 12 09:45:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91d31352e650f950d4ecda8935cc83a4d584c190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:27:25:8b:71:03:7e:41:20:12:f4:1a:12:3e:
1e:77:54:b6:21:d1:16:f4:22:47:a6:18:18:81:94:
08:88:9d:ba:46:4d:1b:d8:de:10:c4:0e:18:c5:ea:
2b:c5:09:c4:a6:14:97:38:ce:66:b6:f1:23:1e:d4:
06:ec:97:be:ae:4c:7c:2e:13:da:7a:2a:cb:d2:30:
30:a0:48:fc:4f:13:39:5b:e0:bd:01:22:50:71:54:
3b:71:ae:b4:d5:a6:9d:e4:a8:36:6f:da:94:23:3c:
92:cb:ed:e1:0e:06:ea:27:da:44:6a:9d:f6:20:9b:
85:e2:0c:09:23:c5:e5:63:f5:54:ca:90:1b:68:9e:
9c:67:6c:c6:11:08:c2:19:98:ac:a2:64:99:c6:d1:
18:63:ac:e5:d5:3d:a9:52:54:52:92:c8:a2:f5:a9:
a1:3f:be:e4:ea:45:5a:b6:76:70:71:b0:d0:f3:e4:
bc:cb:be:3b:84:34:04:5a:51:e0:f4:9b:26:23:d8:
45:22:a4:ee:3b:44:20:1c:0d:00:34:8d:79:56:1c:
b1:a2:bf:43:42:75:84:3c:c1:02:90:ad:31:39:4d:
ca:76:82:7c:9b:2a:3a:37:8d:c8:e4:73:53:aa:3b:
78:38:91:51:b4:33:fe:71:4f:66:33:88:c9:43:1f:
34:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:D3:13:52:E6:50:F9:50:D4:EC:DA:89:35:CC:83:A4:D5:84:C1:90
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/kdMTUuZQ-VDU7NqJNcyDpNWEwZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.218.0/23
45.134.38.0/24
45.152.162.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:4c:f1:0c:49:6b:26:a9:48:d9:47:b6:7e:a6:21:c8:c0:a1:
fe:cc:80:c7:03:3f:18:6e:d4:8b:c2:a8:1a:df:10:59:c1:79:
b2:42:c3:4c:67:b4:5f:b2:11:e9:be:71:3e:6d:8e:0e:11:c4:
45:e3:de:b7:40:f6:8c:c8:e4:82:da:8d:19:65:9f:95:0a:f3:
23:ce:6c:41:3c:7a:45:45:6b:58:e6:e8:37:ad:b9:d9:61:37:
16:2e:63:81:51:77:2e:94:27:6f:33:7c:74:cb:ad:b5:1d:0b:
91:28:6f:8e:5d:2d:a0:4e:49:b0:f0:01:66:5b:eb:7d:5a:f8:
dc:40:b8:ff:fb:fc:3f:c5:cc:1e:20:be:ed:77:5a:61:a8:59:
5e:05:bc:51:84:88:b0:9c:73:13:9c:f2:6b:08:db:4a:eb:2d:
9a:39:b3:9d:95:45:3c:f1:c0:09:e8:b4:d9:b5:e9:9d:c4:be:
1a:07:69:72:01:1c:c1:29:60:46:e8:eb:50:a0:a3:07:64:37:
68:26:fb:eb:ba:d9:2d:e7:63:44:fd:24:0b:a0:3a:ed:64:b5:
80:c7:7d:53:b5:f3:59:72:96:a8:d2:68:e8:13:11:82:fe:73:
c2:c0:7d:50:ff:14:48:df:05:d6:d2:7f:d2:3c:4d:1d:98:74:
2c:b6:a0:87
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZRZ5zQRQgAKLKJwlT7v/QMvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjUwMTEyMDk0NTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWQzMTM1MmU2NTBmOTUwZDRlY2RhODkzNWNjODNhNGQ1ODRjMTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqycli3EDfkEgEvQaEj4ed1S2IdEW
9CJHphgYgZQIiJ26Rk0b2N4QxA4YxeorxQnEphSXOM5mtvEjHtQG7Je+rkx8LhPa
eirL0jAwoEj8TxM5W+C9ASJQcVQ7ca601aad5Kg2b9qUIzySy+3hDgbqJ9pEap32
IJuF4gwJI8XlY/VUypAbaJ6cZ2zGEQjCGZisomSZxtEYY6zl1T2pUlRSksii9amh
P77k6kVatnZwcbDQ8+S8y747hDQEWlHg9JsmI9hFIqTuO0QgHA0ANI15Vhyxor9D
QnWEPMECkK0xOU3KdoJ8myo6N43I5HNTqjt4OJFRtDP+cU9mM4jJQx803QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJHTE1LmUPlQ1OzaiTXMg6TVhMGQMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEva2RNVFV1WlEtVkRVN05xSk5jeURwTldFd1pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLVzaAwQA
LYYmAwQBLZiiMA0GCSqGSIb3DQEBCwUAA4IBAQBdTPEMSWsmqUjZR7Z+piHIwKH+
zIDHAz8YbtSLwqga3xBZwXmyQsNMZ7RfshHpvnE+bY4OEcRF4963QPaMyOSC2o0Z
ZZ+VCvMjzmxBPHpFRWtY5ug3rbnZYTcWLmOBUXculCdvM3x0y621HQuRKG+OXS2g
Tkmw8AFmW+t9WvjcQLj/+/w/xcweIL7td1phqFleBbxRhIiwnHMTnPJrCNtK6y2a
ObOdlUU88cAJ6LTZtemdxL4aB2lyARzBKWBG6OtQoKMHZDdoJvvrutkt52NE/SQL
oDrtZLWAx31TtfNZcpao0mjoExGC/nPCwH1Q/xRI3wXW0n/SPE0dmHQstqCH
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:47:50 2025 by rpki-client