Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/zS2PBrD2vmlXLTrGFHERr-Tg3sM.roa
File: zS2PBrD2vmlXLTrGFHERr-Tg3sM.roa (raw, json)
Hash identifier: ZKfnpYOgYarKcHUc2HZAGzDoCt3IGKzpVqNwP6NLT/8=
Subject key identifier: CD:2D:8F:06:B0:F6:BE:69:57:2D:3A:C6:14:71:11:AF:E4:E0:DE:C3
Certificate issuer: /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Certificate serial: 0194236A26A0FCA3DD6883EA5D6AC210573E
Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/zS2PBrD2vmlXLTrGFHERr-Tg3sM.roa
Signing time: Wed 01 Jan 2025 19:49:06 +0000
ROA not before: Wed 01 Jan 2025 19:49:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 5.253.184.0/23 maxlen: 23
5.253.187.0/24 maxlen: 24
45.81.161.0/24 maxlen: 24
45.81.162.0/24 maxlen: 24
45.81.163.0/24 maxlen: 24
45.130.33.0/24 maxlen: 24
45.130.34.0/23 maxlen: 23
88.214.0.0/24 maxlen: 24
88.214.1.0/24 maxlen: 24
88.214.2.0/24 maxlen: 24
88.214.3.0/24 maxlen: 24
88.218.196.0/22 maxlen: 22
185.114.204.0/24 maxlen: 24
185.219.160.0/24 maxlen: 24
185.219.161.0/24 maxlen: 24
185.219.163.0/24 maxlen: 24
193.111.184.0/22 maxlen: 22
193.135.220.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.mft
rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:26:a0:fc:a3:dd:68:83:ea:5d:6a:c2:10:57:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Validity
Not Before: Jan 1 19:49:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd2d8f06b0f6be69572d3ac6147111afe4e0dec3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:97:9e:96:02:d9:61:cf:b0:d3:99:5e:d3:7e:
a4:47:bd:c7:6d:d5:79:dc:45:03:39:55:b0:0d:d5:
e1:05:ee:99:db:d1:ee:84:cc:6c:d8:75:73:f8:97:
25:e6:11:a7:89:24:ec:32:e2:91:61:54:3b:f6:98:
e1:e7:ee:e2:86:1f:30:b5:6c:39:c1:bd:d7:e3:80:
1f:d4:44:75:8d:6a:6f:72:6f:82:8f:56:20:57:ab:
43:67:4c:a5:16:a0:7c:a8:92:be:97:58:eb:ff:af:
bf:7c:46:13:44:6e:dc:cf:8e:ef:ee:1d:4c:27:dd:
04:12:74:0b:e0:28:1c:88:18:f2:e8:48:9d:91:76:
3b:f1:dd:6b:91:3a:ec:bf:87:54:93:95:21:f9:df:
af:59:53:e8:7c:ea:ce:8e:81:ce:57:51:35:fd:b9:
ac:23:06:ca:7f:a1:b0:a7:e3:60:0a:b5:2f:5f:88:
75:fc:4a:a1:cd:03:27:d9:b6:90:ae:7c:61:0b:43:
8c:d9:42:ee:cf:69:1f:64:69:5d:95:16:9f:12:b8:
48:14:33:67:cd:53:a2:86:f0:54:1e:87:08:9b:32:
53:bb:8a:03:27:fd:db:38:5c:a0:7f:5c:a7:00:52:
d6:a9:a8:e8:cc:07:41:c2:26:6d:bf:db:db:09:e9:
d9:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:2D:8F:06:B0:F6:BE:69:57:2D:3A:C6:14:71:11:AF:E4:E0:DE:C3
X509v3 Authority Key Identifier:
keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/zS2PBrD2vmlXLTrGFHERr-Tg3sM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.184.0/23
5.253.187.0/24
45.81.161.0-45.81.163.255
45.130.33.0-45.130.35.255
88.214.0.0/22
88.218.196.0/22
185.114.204.0/24
185.219.160.0/23
185.219.163.0/24
193.111.184.0/22
193.135.220.0/22
Signature Algorithm: sha256WithRSAEncryption
40:16:38:89:4f:e6:e1:dd:94:bd:c7:bc:66:ae:2f:de:60:63:
2f:fc:99:1e:fa:a6:13:1f:04:fa:67:ed:3a:bf:f0:e2:d6:73:
77:31:bb:c5:02:f3:d7:7c:39:9d:4e:71:44:40:f2:75:0f:8f:
5a:cd:a2:d2:ca:b7:ed:16:4b:af:7f:da:ab:6e:81:e3:9b:36:
e8:85:a4:b1:c0:42:62:0c:2f:b7:66:b1:8c:82:7d:33:66:73:
e4:e4:99:1e:18:20:ff:fd:d2:0e:84:0d:1f:c1:6e:45:0a:77:
b9:ab:f9:5b:9f:45:40:b8:d0:08:49:c1:6b:76:fb:fa:07:98:
30:6f:7b:37:f4:1f:bb:ac:dd:a9:b4:75:8b:06:07:8f:b9:a0:
43:14:04:79:ef:42:f2:a4:bf:5d:5b:b3:78:c9:af:8a:2d:6b:
ee:fb:63:74:2d:0d:29:0e:62:6c:c9:1a:1c:57:49:1f:bf:83:
c3:7d:93:19:b1:46:26:ec:c2:ac:ae:6e:eb:4d:8b:5e:dd:ab:
73:a4:35:d0:04:97:98:0a:c2:6d:e4:4f:f7:f7:c6:7e:d5:1f:
6f:1b:e8:25:af:aa:54:6e:df:bf:27:00:42:46:89:fe:a7:28:
89:af:16:1e:1b:99:fd:5c:27:80:a7:60:1f:f7:ac:ca:f2:85:
0a:e4:59:e8
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZQjaiag/KPdaIPqXWrCEFc+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjI1Y2U1NTBlNGQ5YmRhMDViZDVkNDVjOGI2YmEzNzQz
MGJiYmEwHhcNMjUwMTAxMTk0OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDJkOGYwNmIwZjZiZTY5NTcyZDNhYzYxNDcxMTFhZmU0ZTBkZWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJeelgLZYc+w05le036kR73HbdV5
3EUDOVWwDdXhBe6Z29HuhMxs2HVz+Jcl5hGniSTsMuKRYVQ79pjh5+7ihh8wtWw5
wb3X44Af1ER1jWpvcm+Cj1YgV6tDZ0ylFqB8qJK+l1jr/6+/fEYTRG7cz47v7h1M
J90EEnQL4CgciBjy6EidkXY78d1rkTrsv4dUk5Uh+d+vWVPofOrOjoHOV1E1/bms
IwbKf6Gwp+NgCrUvX4h1/EqhzQMn2baQrnxhC0OM2ULuz2kfZGldlRafErhIFDNn
zVOihvBUHocImzJTu4oDJ/3bOFygf1ynAFLWqajozAdBwiZtv9vbCenZXQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFM0tjwaw9r5pVy06xhRxEa/k4N7DMB8GA1UdIwQY
MBaAFJyyXOVQ5Nm9oFvV1FyLa6N0MLu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYt
YmU0NWYwZDJhYmJiLzEvelMyUEJyRDJ2bWxYTFRyR0ZIRVJyLVRnM3NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYtYmU0NWYwZDJhYmJi
LzEvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQBBf24AwQA
Bf27MAwDBAAtUaEDBAItUaAwDAMEAC2CIQMEAi2CIAMEAljWAAMEAljaxAMEALly
zAMEAbnboAMEALnbowMEAsFvuAMEAsGH3DANBgkqhkiG9w0BAQsFAAOCAQEAQBY4
iU/m4d2Uvce8Zq4v3mBjL/yZHvqmEx8E+mftOr/w4tZzdzG7xQLz13w5nU5xREDy
dQ+PWs2i0sq37RZLr3/aq26B45s26IWkscBCYgwvt2axjIJ9M2Zz5OSZHhgg//3S
DoQNH8FuRQp3uav5W59FQLjQCEnBa3b7+geYMG97N/Qfu6zdqbR1iwYHj7mgQxQE
ee9C8qS/XVuzeMmvii1r7vtjdC0NKQ5ibMkaHFdJH7+Dw32TGbFGJuzCrK5u602L
Xt2rc6Q10ASXmArCbeRP9/fGftUfbxvoJa+qVG7fvycAQkaJ/qcoia8WHhuZ/Vwn
gKdgH/esyvKFCuRZ6A==
-----END CERTIFICATE-----
Generated at Mon Apr 7 07:26:06 2025 by rpki-client