Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/a0bf3e-3645-4e16-bca9-8adac17e90ae/1/CKD_EzJsFpUNnoX4pjrt6UNhRQI.roa
File: CKD_EzJsFpUNnoX4pjrt6UNhRQI.roa (raw, json)
Hash identifier: Er1sMrbr93QbR3Zv9Y+teqxvcF75+o/fSwKjskRLW5Q=
Subject key identifier: 08:A0:FF:13:32:6C:16:95:0D:9E:85:F8:A6:3A:ED:E9:43:61:45:02
Certificate issuer: /CN=974661cb1c38e63bd78bd6b2b1d68686a5415bf5
Certificate serial: 0194206818290F315746940E79C30B5514A4
Authority key identifier: 97:46:61:CB:1C:38:E6:3B:D7:8B:D6:B2:B1:D6:86:86:A5:41:5B:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l0Zhyxw45jvXi9aysdaGhqVBW_U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/a0bf3e-3645-4e16-bca9-8adac17e90ae/1/CKD_EzJsFpUNnoX4pjrt6UNhRQI.roa
Signing time: Wed 01 Jan 2025 05:48:00 +0000
ROA not before: Wed 01 Jan 2025 05:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30823
IP address blocks: 45.11.16.0/22 maxlen: 22
45.138.172.0/22 maxlen: 22
45.138.172.0/24 maxlen: 24
45.138.173.0/24 maxlen: 24
45.138.174.0/24 maxlen: 24
45.138.175.0/24 maxlen: 24
45.147.228.0/22 maxlen: 22
45.153.240.0/22 maxlen: 22
91.200.100.0/22 maxlen: 22
152.89.244.0/22 maxlen: 22
152.89.247.0/24 maxlen: 24
160.20.144.0/24 maxlen: 24
160.20.145.0/24 maxlen: 24
160.20.146.0/24 maxlen: 24
160.20.147.0/24 maxlen: 24
2a09:38c0::/29 maxlen: 29
2a0c:6a40::/29 maxlen: 29
2a0c:6a41:f230::/48 maxlen: 48
2a0d:4cc0::/29 maxlen: 29
2a0e:5100::/29 maxlen: 29
2a0e:b540::/29 maxlen: 29
2a0e:b540:ff03::/48 maxlen: 48
2a10:9c00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/a0bf3e-3645-4e16-bca9-8adac17e90ae/1/l0Zhyxw45jvXi9aysdaGhqVBW_U.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/a0bf3e-3645-4e16-bca9-8adac17e90ae/1/l0Zhyxw45jvXi9aysdaGhqVBW_U.mft
rsync://rpki.ripe.net/repository/DEFAULT/l0Zhyxw45jvXi9aysdaGhqVBW_U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:18:29:0f:31:57:46:94:0e:79:c3:0b:55:14:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=974661cb1c38e63bd78bd6b2b1d68686a5415bf5
Validity
Not Before: Jan 1 05:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=08a0ff13326c16950d9e85f8a63aede943614502
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:05:83:36:83:c5:1f:2e:ba:44:b4:55:3b:db:
dc:18:ce:fe:7f:0a:97:60:58:cd:af:5f:91:a1:8d:
7b:44:cb:7f:d5:4b:ac:dc:5e:b1:fc:38:42:50:da:
94:bc:e1:87:1f:f4:44:40:eb:1e:22:72:ec:a8:5c:
70:1a:2c:20:3a:32:7e:bb:57:3a:02:ea:59:35:2c:
40:5e:b1:39:35:72:bc:91:c2:43:71:08:0d:df:2f:
49:e8:f3:8e:ef:d0:44:90:da:3e:f2:d9:cb:6f:67:
cf:88:f7:cf:c2:83:62:44:f6:1f:24:22:3e:aa:8f:
2d:08:6f:79:ec:1b:59:8a:63:7f:44:cc:ad:ad:38:
1d:a1:1f:ba:dc:00:db:1b:8c:5a:f9:74:4e:48:8b:
50:2f:2c:9c:83:8e:4e:fc:61:31:48:12:d4:87:94:
29:d7:01:3f:47:34:e7:b9:13:e2:e6:03:99:a8:d8:
d4:e3:79:71:3d:26:e4:2a:3b:05:1c:4c:f3:d1:3b:
c3:83:76:61:37:70:72:85:69:e7:51:24:b9:9d:f1:
cb:48:8b:f8:b0:ae:6f:a4:64:82:46:87:8c:d9:e2:
95:00:6d:ed:20:fd:cd:3f:dc:65:dc:a9:0e:61:08:
95:17:66:fb:11:b7:10:16:98:14:20:89:ee:d2:c3:
43:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:A0:FF:13:32:6C:16:95:0D:9E:85:F8:A6:3A:ED:E9:43:61:45:02
X509v3 Authority Key Identifier:
keyid:97:46:61:CB:1C:38:E6:3B:D7:8B:D6:B2:B1:D6:86:86:A5:41:5B:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l0Zhyxw45jvXi9aysdaGhqVBW_U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a0bf3e-3645-4e16-bca9-8adac17e90ae/1/CKD_EzJsFpUNnoX4pjrt6UNhRQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a0bf3e-3645-4e16-bca9-8adac17e90ae/1/l0Zhyxw45jvXi9aysdaGhqVBW_U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.16.0/22
45.138.172.0/22
45.147.228.0/22
45.153.240.0/22
91.200.100.0/22
152.89.244.0/22
160.20.144.0/22
IPv6:
2a09:38c0::/29
2a0c:6a40::/29
2a0d:4cc0::/29
2a0e:5100::/29
2a0e:b540::/29
2a10:9c00::/29
Signature Algorithm: sha256WithRSAEncryption
06:84:e3:15:89:19:34:22:77:8d:30:09:ee:1d:a7:fa:ea:1b:
7c:00:4b:6f:36:c8:2e:ef:dc:4d:18:0b:1f:b3:47:26:b5:9f:
b8:b3:41:c1:df:31:9c:ac:1c:4e:6a:e9:14:40:25:51:96:59:
b6:b4:e8:f5:5a:b2:16:f8:b5:61:17:35:7a:94:7f:08:ef:6f:
76:1f:d3:a0:3e:e8:05:e3:32:d2:fd:51:78:b4:a7:2c:b2:90:
e3:d8:65:eb:4e:e9:40:b7:f9:7f:f7:9d:2c:0f:5f:86:c2:c1:
a7:26:33:cb:9e:51:bf:e5:53:a7:6c:c6:cd:2c:3e:03:e8:a5:
f3:39:ad:03:87:e0:40:e5:39:b7:f8:3b:8f:d0:e2:d1:a9:e9:
42:d4:4c:7d:1e:fe:a3:b9:f3:3e:66:fc:5d:ed:6e:18:33:23:
2f:e6:db:15:2e:2c:fe:b8:da:c0:0d:7c:e8:be:f1:09:8b:4a:
24:39:3d:92:59:a9:4b:59:a7:45:56:30:b4:48:07:9b:26:21:
da:4c:d5:45:90:b7:82:15:5b:3d:09:f0:8f:6e:8e:a4:d7:1a:
51:d9:9d:38:f4:84:70:89:8c:b2:7b:4e:67:32:10:07:49:a2:
f6:a8:0f:b8:d9:dc:38:88:25:09:f7:d5:1d:11:9f:35:c6:c8:
b1:0f:04:0c
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZQgaBgpDzFXRpQOecMLVRSkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NDY2MWNiMWMzOGU2M2JkNzhiZDZiMmIxZDY4Njg2YTU0
MTViZjUwHhcNMjUwMTAxMDU0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGEwZmYxMzMyNmMxNjk1MGQ5ZTg1ZjhhNjNhZWRlOTQzNjE0NTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1wWDNoPFHy66RLRVO9vcGM7+fwqX
YFjNr1+RoY17RMt/1Uus3F6x/DhCUNqUvOGHH/REQOseInLsqFxwGiwgOjJ+u1c6
AupZNSxAXrE5NXK8kcJDcQgN3y9J6POO79BEkNo+8tnLb2fPiPfPwoNiRPYfJCI+
qo8tCG957BtZimN/RMytrTgdoR+63ADbG4xa+XROSItQLyycg45O/GExSBLUh5Qp
1wE/RzTnuRPi5gOZqNjU43lxPSbkKjsFHEzz0TvDg3ZhN3ByhWnnUSS5nfHLSIv4
sK5vpGSCRoeM2eKVAG3tIP3NP9xl3KkOYQiVF2b7EbcQFpgUIInu0sNDfwIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFAig/xMybBaVDZ6F+KY67elDYUUCMB8GA1UdIwQY
MBaAFJdGYcscOOY714vWsrHWhoalQVv1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDBaaHl4dzQ1anZYaTlheXNkYUdocVZCV19VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9hMGJmM2UtMzY0NS00ZTE2LWJjYTkt
OGFkYWMxN2U5MGFlLzEvQ0tEX0V6SnNGcFVObm9YNHBqcnQ2VU5oUlFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9hMGJmM2UtMzY0NS00ZTE2LWJjYTktOGFkYWMxN2U5MGFl
LzEvbDBaaHl4dzQ1anZYaTlheXNkYUdocVZCV19VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDAwBAIAATAqAwQCLQsQAwQC
LYqsAwQCLZPkAwQCLZnwAwQCW8hkAwQCmFn0AwQCoBSQMDAEAgACMCoDBQMqCTjA
AwUDKgxqQAMFAyoNTMADBQMqDlEAAwUDKg61QAMFAyoQnAAwDQYJKoZIhvcNAQEL
BQADggEBAAaE4xWJGTQid40wCe4dp/rqG3wAS282yC7v3E0YCx+zRya1n7izQcHf
MZysHE5q6RRAJVGWWba06PVashb4tWEXNXqUfwjvb3Yf06A+6AXjMtL9UXi0pyyy
kOPYZetO6UC3+X/3nSwPX4bCwacmM8ueUb/lU6dsxs0sPgPopfM5rQOH4EDlObf4
O4/Q4tGp6ULUTH0e/qO58z5m/F3tbhgzIy/m2xUuLP642sANfOi+8QmLSiQ5PZJZ
qUtZp0VWMLRIB5smIdpM1UWQt4IVWz0J8I9ujqTXGlHZnTj0hHCJjLJ7TmcyEAdJ
ovaoD7jZ3DiIJQn31R0RnzXGyLEPBAw=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:47 2025 by rpki-client