Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/29cd58-8327-42be-b7f9-c9819a410a7a/1/i5CYIYxAtwPyni-Dl_N7cKRXfcY.roa
File: i5CYIYxAtwPyni-Dl_N7cKRXfcY.roa (raw, json)
Hash identifier: SZTtaQcBy5UozsIuO5IHd1U+7pFMt22yevLjl5l8lZA=
Subject key identifier: 8B:90:98:21:8C:40:B7:03:F2:9E:2F:83:97:F3:7B:70:A4:57:7D:C6
Certificate issuer: /CN=348cf9779a92efe97543b22a347b81c2eaa5bbfa
Certificate serial: 019428284081244D146C1F60EDAA621EF195
Authority key identifier: 34:8C:F9:77:9A:92:EF:E9:75:43:B2:2A:34:7B:81:C2:EA:A5:BB:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NIz5d5qS7-l1Q7IqNHuBwuqlu_o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/29cd58-8327-42be-b7f9-c9819a410a7a/1/i5CYIYxAtwPyni-Dl_N7cKRXfcY.roa
Signing time: Thu 02 Jan 2025 17:55:14 +0000
ROA not before: Thu 02 Jan 2025 17:55:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199752
IP address blocks: 45.113.236.0/24 maxlen: 24
185.36.132.0/22 maxlen: 22
185.187.108.0/22 maxlen: 22
185.239.171.0/24 maxlen: 24
2a00:ef20::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/29cd58-8327-42be-b7f9-c9819a410a7a/1/NIz5d5qS7-l1Q7IqNHuBwuqlu_o.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/29cd58-8327-42be-b7f9-c9819a410a7a/1/NIz5d5qS7-l1Q7IqNHuBwuqlu_o.mft
rsync://rpki.ripe.net/repository/DEFAULT/NIz5d5qS7-l1Q7IqNHuBwuqlu_o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Mar 2025 14:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:28:40:81:24:4d:14:6c:1f:60:ed:aa:62:1e:f1:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=348cf9779a92efe97543b22a347b81c2eaa5bbfa
Validity
Not Before: Jan 2 17:55:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b9098218c40b703f29e2f8397f37b70a4577dc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:c2:bd:d2:2e:bb:db:3a:5d:76:69:8a:c4:a5:
bf:d6:c5:8e:c0:1a:f5:4e:83:d0:7c:1e:0c:ac:15:
ee:27:47:8d:6f:8c:2b:19:44:00:5b:28:3c:4a:2f:
42:c3:ac:48:6c:9f:a3:d1:63:c9:46:31:b8:34:9b:
6e:1c:e0:58:6a:ac:96:95:f3:57:6b:5e:6a:f7:fd:
54:90:48:d9:8c:01:f1:6f:0b:cf:00:79:b3:65:fd:
e3:3b:61:4e:5f:ec:70:db:cd:07:e0:90:ba:66:98:
1a:23:73:5d:5a:11:d3:2b:b6:6b:11:50:43:9e:2f:
21:c6:0c:a2:21:a4:7d:f2:6a:44:49:40:55:fa:85:
10:0f:e2:c2:82:72:56:be:9b:ed:ab:dd:aa:10:c1:
1f:fb:8e:03:13:c1:0c:4e:2c:be:34:db:6e:68:0a:
8c:14:68:14:d5:21:62:bc:de:58:68:36:9b:5c:81:
cb:83:cc:c9:d3:24:1b:5a:47:2e:b9:7a:5b:6e:dd:
7f:d1:37:5f:fc:24:82:ae:f5:b0:da:90:69:90:ee:
8f:5d:eb:53:e0:27:1a:2d:91:b0:66:6a:74:84:22:
c7:de:d8:d5:68:28:8f:63:e8:8f:0b:c9:c1:ec:da:
66:9d:7d:c3:44:04:f5:47:08:10:d5:b8:c4:6a:22:
d4:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:90:98:21:8C:40:B7:03:F2:9E:2F:83:97:F3:7B:70:A4:57:7D:C6
X509v3 Authority Key Identifier:
keyid:34:8C:F9:77:9A:92:EF:E9:75:43:B2:2A:34:7B:81:C2:EA:A5:BB:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NIz5d5qS7-l1Q7IqNHuBwuqlu_o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/29cd58-8327-42be-b7f9-c9819a410a7a/1/i5CYIYxAtwPyni-Dl_N7cKRXfcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/29cd58-8327-42be-b7f9-c9819a410a7a/1/NIz5d5qS7-l1Q7IqNHuBwuqlu_o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.113.236.0/24
185.36.132.0/22
185.187.108.0/22
185.239.171.0/24
IPv6:
2a00:ef20::/29
Signature Algorithm: sha256WithRSAEncryption
8d:94:3c:e7:48:4a:f4:40:48:2c:ca:fc:24:54:03:bb:35:91:
1b:12:ea:eb:e0:e3:f4:ec:f9:fa:39:c6:1d:f0:97:92:a5:22:
6d:9f:cf:ab:f2:60:5d:a6:62:58:c2:00:27:99:9b:1c:d7:64:
77:9a:91:96:22:45:6c:bf:ea:d5:98:a9:18:1a:49:41:14:de:
9a:5f:3e:f9:a7:73:fd:07:a5:93:52:87:b2:97:82:ad:b5:6c:
e5:0f:80:59:5f:45:cd:22:ba:87:29:13:74:e0:90:ac:5b:63:
d9:6b:1c:fc:a5:16:9a:83:8a:12:6f:32:da:77:bb:be:50:22:
ec:6a:4a:de:e4:6b:fb:02:09:0a:94:83:11:b9:97:8b:aa:42:
59:c2:9f:e9:3c:09:50:9b:d3:44:88:6c:57:72:74:42:8d:d4:
aa:76:97:80:20:ab:b9:01:73:f4:f7:24:fc:9e:cd:8f:7f:cc:
02:23:6d:eb:62:28:76:f5:1a:3f:b1:7f:6d:93:8c:ad:45:25:
ec:b1:42:66:b4:80:53:1a:17:c2:c3:95:1c:cb:89:b3:4c:f4:
48:fb:88:21:97:6c:29:f6:45:99:20:90:ab:5c:aa:4e:ef:3a:
92:d3:25:67:4b:4a:e7:b2:9b:4f:b7:b4:09:cd:55:6f:93:bd:
a3:34:c1:1a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQoKECBJE0UbB9g7apiHvGVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OGNmOTc3OWE5MmVmZTk3NTQzYjIyYTM0N2I4MWMyZWFh
NWJiZmEwHhcNMjUwMTAyMTc1NTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjkwOTgyMThjNDBiNzAzZjI5ZTJmODM5N2YzN2I3MGE0NTc3ZGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksK90i672zpddmmKxKW/1sWOwBr1
ToPQfB4MrBXuJ0eNb4wrGUQAWyg8Si9Cw6xIbJ+j0WPJRjG4NJtuHOBYaqyWlfNX
a15q9/1UkEjZjAHxbwvPAHmzZf3jO2FOX+xw280H4JC6ZpgaI3NdWhHTK7ZrEVBD
ni8hxgyiIaR98mpESUBV+oUQD+LCgnJWvpvtq92qEMEf+44DE8EMTiy+NNtuaAqM
FGgU1SFivN5YaDabXIHLg8zJ0yQbWkcuuXpbbt1/0Tdf/CSCrvWw2pBpkO6PXetT
4CcaLZGwZmp0hCLH3tjVaCiPY+iPC8nB7NpmnX3DRAT1RwgQ1bjEaiLUCQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFIuQmCGMQLcD8p4vg5fze3CkV33GMB8GA1UdIwQY
MBaAFDSM+Xeaku/pdUOyKjR7gcLqpbv6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkl6NWQ1cVM3LWwxUTdJcU5IdUJ3dXFsdV9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8yOWNkNTgtODMyNy00MmJlLWI3Zjkt
Yzk4MTlhNDEwYTdhLzEvaTVDWUlZeEF0d1B5bmktRGxfTjdjS1JYZmNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8yOWNkNTgtODMyNy00MmJlLWI3ZjktYzk4MTlhNDEwYTdh
LzEvTkl6NWQ1cVM3LWwxUTdJcU5IdUJ3dXFsdV9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQALXHsAwQC
uSSEAwQCubtsAwQAue+rMA0EAgACMAcDBQMqAO8gMA0GCSqGSIb3DQEBCwUAA4IB
AQCNlDznSEr0QEgsyvwkVAO7NZEbEurr4OP07Pn6OcYd8JeSpSJtn8+r8mBdpmJY
wgAnmZsc12R3mpGWIkVsv+rVmKkYGklBFN6aXz75p3P9B6WTUoeyl4KttWzlD4BZ
X0XNIrqHKRN04JCsW2PZaxz8pRaag4oSbzLad7u+UCLsakre5Gv7AgkKlIMRuZeL
qkJZwp/pPAlQm9NEiGxXcnRCjdSqdpeAIKu5AXP09yT8ns2Pf8wCI23rYih29Ro/
sX9tk4ytRSXssUJmtIBTGhfCw5Ucy4mzTPRI+4ghl2wp9kWZIJCrXKpO7zqS0yVn
S0rnsptPt7QJzVVvk72jNMEa
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:39:35 2025 by rpki-client