Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/c4e6a4-61c2-4388-b844-3b715691d2e9/1/kX-VdRHtzW1CfMS8g0O9lVNrN34.roa
File: kX-VdRHtzW1CfMS8g0O9lVNrN34.roa (raw, json)
Hash identifier: 1YTwpLO8F8/c72ElMFw6a0YxOTA0MMlnVtuXBy93WMY=
Subject key identifier: 91:7F:95:75:11:ED:CD:6D:42:7C:C4:BC:83:43:BD:95:53:6B:37:7E
Certificate issuer: /CN=75193bd9f84b4a9ed47a03bdf892d9e798b72727
Certificate serial: 01941F8C8136372F0D4BC2064A80E8C8D75E
Authority key identifier: 75:19:3B:D9:F8:4B:4A:9E:D4:7A:03:BD:F8:92:D9:E7:98:B7:27:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dRk72fhLSp7UegO9-JLZ55i3Jyc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/c4e6a4-61c2-4388-b844-3b715691d2e9/1/kX-VdRHtzW1CfMS8g0O9lVNrN34.roa
Signing time: Wed 01 Jan 2025 01:48:09 +0000
ROA not before: Wed 01 Jan 2025 01:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48954
IP address blocks: 37.48.240.0/21 maxlen: 24
45.147.84.0/24 maxlen: 24
85.91.40.0/22 maxlen: 24
185.40.87.0/24 maxlen: 24
185.83.120.0/22 maxlen: 24
195.88.100.0/23 maxlen: 24
2a00:7640::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/c4e6a4-61c2-4388-b844-3b715691d2e9/1/dRk72fhLSp7UegO9-JLZ55i3Jyc.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/c4e6a4-61c2-4388-b844-3b715691d2e9/1/dRk72fhLSp7UegO9-JLZ55i3Jyc.mft
rsync://rpki.ripe.net/repository/DEFAULT/dRk72fhLSp7UegO9-JLZ55i3Jyc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:81:36:37:2f:0d:4b:c2:06:4a:80:e8:c8:d7:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75193bd9f84b4a9ed47a03bdf892d9e798b72727
Validity
Not Before: Jan 1 01:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=917f957511edcd6d427cc4bc8343bd95536b377e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f5:93:d7:4e:5c:b6:0b:fc:48:54:7c:d2:e9:
11:96:60:93:dd:6a:cf:06:39:16:ae:4f:8a:e2:52:
e2:c4:1a:d9:51:04:38:1f:dc:79:64:0c:75:46:a9:
d5:48:66:fe:0d:8f:7a:71:57:f3:42:55:43:cf:b5:
ac:ce:d8:41:30:e7:f3:94:94:df:d1:b9:47:8f:77:
6f:9d:aa:1a:6a:cf:01:76:4a:c8:9f:76:5d:73:0f:
44:a3:ac:9b:a3:68:fc:d5:4b:a8:96:db:5e:34:a8:
38:1c:c2:cf:76:55:91:4b:37:39:64:4a:2b:37:65:
62:84:42:dc:7d:80:a0:1c:0d:fa:92:42:28:1e:c6:
42:1f:f6:a7:5e:99:bc:16:bb:fa:30:98:12:d4:cc:
09:00:b9:49:0f:58:bb:5d:08:b9:39:4c:cb:d3:e8:
89:f6:ff:87:35:73:29:99:18:2c:e9:69:81:79:94:
80:07:90:b4:10:61:02:bd:fc:a2:9d:1e:5a:77:a6:
67:e5:1b:35:86:dc:eb:7a:2e:0f:0d:15:67:69:e6:
78:59:04:0e:5a:d4:52:47:f7:98:2c:52:90:4d:16:
f6:8b:36:6e:4f:c8:cc:ee:e2:ed:53:67:14:e6:dd:
1e:07:06:92:dd:8f:9d:aa:66:d5:84:ca:a4:48:aa:
13:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:7F:95:75:11:ED:CD:6D:42:7C:C4:BC:83:43:BD:95:53:6B:37:7E
X509v3 Authority Key Identifier:
keyid:75:19:3B:D9:F8:4B:4A:9E:D4:7A:03:BD:F8:92:D9:E7:98:B7:27:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dRk72fhLSp7UegO9-JLZ55i3Jyc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c4e6a4-61c2-4388-b844-3b715691d2e9/1/kX-VdRHtzW1CfMS8g0O9lVNrN34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c4e6a4-61c2-4388-b844-3b715691d2e9/1/dRk72fhLSp7UegO9-JLZ55i3Jyc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.48.240.0/21
45.147.84.0/24
85.91.40.0/22
185.40.87.0/24
185.83.120.0/22
195.88.100.0/23
IPv6:
2a00:7640::/32
Signature Algorithm: sha256WithRSAEncryption
9d:4a:14:50:73:03:06:f8:e9:61:0c:df:25:3f:82:cb:31:c1:
6c:e6:35:cf:62:bf:0c:fe:9d:55:1b:67:f4:5f:5f:5a:16:70:
27:2a:57:04:f3:e4:02:51:4c:31:56:b7:21:5b:d4:6e:75:e6:
85:40:18:d8:0f:85:12:cf:ef:0c:f4:f5:45:53:02:ba:fa:5a:
5b:19:51:89:56:40:71:3d:69:0c:f6:ad:1c:9a:59:26:fa:0e:
04:af:44:f1:20:1a:3b:2d:82:6a:6d:58:6d:44:a7:ee:67:40:
9d:f2:4a:c2:89:93:fd:90:ba:a5:50:76:f2:0c:e7:01:06:b0:
65:ac:f8:2a:6f:f5:08:16:f7:d3:99:9c:f7:58:11:97:0e:57:
88:1b:f8:ee:54:e6:8b:99:00:62:b5:d4:cb:3a:48:f9:35:f8:
b9:72:a2:a8:4f:b3:19:80:23:62:9d:60:00:c6:72:49:24:77:
89:e7:55:1f:76:b8:92:2b:6c:56:16:1f:66:0f:40:e8:83:57:
d4:d1:2f:4d:58:8d:0d:81:9c:7d:b5:c5:8f:94:e3:7e:a3:65:
69:b0:c3:03:6a:3e:48:45:4a:ad:f3:09:81:02:cf:d3:68:10:
6b:95:7a:98:2f:70:31:9c:76:16:01:cc:1f:fe:21:d6:dd:30:
6d:cb:fd:d6
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQfjIE2Ny8NS8IGSoDoyNdeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MTkzYmQ5Zjg0YjRhOWVkNDdhMDNiZGY4OTJkOWU3OThi
NzI3MjcwHhcNMjUwMTAxMDE0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTdmOTU3NTExZWRjZDZkNDI3Y2M0YmM4MzQzYmQ5NTUzNmIzNzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPWT105ctgv8SFR80ukRlmCT3WrP
BjkWrk+K4lLixBrZUQQ4H9x5ZAx1RqnVSGb+DY96cVfzQlVDz7WszthBMOfzlJTf
0blHj3dvnaoaas8BdkrIn3Zdcw9Eo6ybo2j81UuoltteNKg4HMLPdlWRSzc5ZEor
N2VihELcfYCgHA36kkIoHsZCH/anXpm8Frv6MJgS1MwJALlJD1i7XQi5OUzL0+iJ
9v+HNXMpmRgs6WmBeZSAB5C0EGECvfyinR5ad6Zn5Rs1htzrei4PDRVnaeZ4WQQO
WtRSR/eYLFKQTRb2izZuT8jM7uLtU2cU5t0eBwaS3Y+dqmbVhMqkSKoTaQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFJF/lXUR7c1tQnzEvINDvZVTazd+MB8GA1UdIwQY
MBaAFHUZO9n4S0qe1HoDvfiS2eeYtycnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFJrNzJmaExTcDdVZWdPOS1KTFo1NWkzSnljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9jNGU2YTQtNjFjMi00Mzg4LWI4NDQt
M2I3MTU2OTFkMmU5LzEva1gtVmRSSHR6VzFDZk1TOGcwTzlsVk5yTjM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9jNGU2YTQtNjFjMi00Mzg4LWI4NDQtM2I3MTU2OTFkMmU5
LzEvZFJrNzJmaExTcDdVZWdPOS1KTFo1NWkzSnljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDJTDwAwQA
LZNUAwQCVVsoAwQAuShXAwQCuVN4AwQBw1hkMA0EAgACMAcDBQAqAHZAMA0GCSqG
SIb3DQEBCwUAA4IBAQCdShRQcwMG+OlhDN8lP4LLMcFs5jXPYr8M/p1VG2f0X19a
FnAnKlcE8+QCUUwxVrchW9RudeaFQBjYD4USz+8M9PVFUwK6+lpbGVGJVkBxPWkM
9q0cmlkm+g4Er0TxIBo7LYJqbVhtRKfuZ0Cd8krCiZP9kLqlUHbyDOcBBrBlrPgq
b/UIFvfTmZz3WBGXDleIG/juVOaLmQBitdTLOkj5Nfi5cqKoT7MZgCNinWAAxnJJ
JHeJ51UfdriSK2xWFh9mD0Dog1fU0S9NWI0NgZx9tcWPlON+o2VpsMMDaj5IRUqt
8wmBAs/TaBBrlXqYL3AxnHYWAcwf/iHW3TBty/3W
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:17:27 2025 by rpki-client