Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/GM87yoid4HvMFU0831meRD7aTrw.roa
File: GM87yoid4HvMFU0831meRD7aTrw.roa (raw, json)
Hash identifier: pAqrn8lneMfUM7XREKFFDTTB8aq7tLTz2G9UF3aA0BU=
Subject key identifier: 18:CF:3B:CA:88:9D:E0:7B:CC:15:4D:3C:DF:59:9E:44:3E:DA:4E:BC
Certificate issuer: /CN=48abf29fdef8570502f4b51be5ffc05c4d9b3465
Certificate serial: 0194258F5E1837E580BB30E3236B03C5E931
Authority key identifier: 48:AB:F2:9F:DE:F8:57:05:02:F4:B5:1B:E5:FF:C0:5C:4D:9B:34:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SKvyn974VwUC9LUb5f_AXE2bNGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/GM87yoid4HvMFU0831meRD7aTrw.roa
Signing time: Thu 02 Jan 2025 05:49:00 +0000
ROA not before: Thu 02 Jan 2025 05:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43395
IP address blocks: 45.9.144.0/24 maxlen: 24
45.9.145.0/24 maxlen: 24
45.9.146.0/24 maxlen: 24
45.9.147.0/24 maxlen: 24
45.86.6.0/24 maxlen: 24
45.86.7.0/24 maxlen: 24
45.148.248.0/24 maxlen: 24
45.148.250.0/24 maxlen: 24
45.148.251.0/24 maxlen: 24
185.140.232.0/24 maxlen: 24
185.140.234.0/24 maxlen: 24
185.140.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/SKvyn974VwUC9LUb5f_AXE2bNGU.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/SKvyn974VwUC9LUb5f_AXE2bNGU.mft
rsync://rpki.ripe.net/repository/DEFAULT/SKvyn974VwUC9LUb5f_AXE2bNGU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 14:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:5e:18:37:e5:80:bb:30:e3:23:6b:03:c5:e9:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48abf29fdef8570502f4b51be5ffc05c4d9b3465
Validity
Not Before: Jan 2 05:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=18cf3bca889de07bcc154d3cdf599e443eda4ebc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:bd:e9:b2:54:b1:1c:a7:6e:60:77:1c:36:86:
36:9b:b9:d6:35:02:52:18:37:9c:20:99:3c:ed:d6:
7e:39:4b:9b:44:4b:29:3b:74:59:a1:0a:1b:b8:ab:
53:35:d6:07:b4:db:7a:cf:e5:47:6b:7d:c0:0a:3e:
ec:ba:b6:53:65:e8:e4:d6:88:87:51:a3:fa:66:04:
92:06:74:a0:d2:2a:c9:b3:f8:30:bf:8a:11:da:3c:
c3:b1:92:4e:30:86:fb:17:17:d0:37:10:e8:0f:bc:
37:b4:66:58:e5:99:9a:9d:4b:e1:d6:a9:e5:59:82:
8a:80:aa:43:db:2d:8e:a8:8c:96:46:3e:6e:1a:98:
68:2a:60:13:e9:ac:07:5e:d1:87:c7:07:a4:c9:44:
50:29:11:a9:bc:ae:16:bb:07:10:c3:3f:da:82:2a:
81:84:2d:d9:de:3c:0b:f8:3d:4f:cd:b3:52:23:af:
5b:04:42:e5:c2:5c:73:a6:49:7f:8a:5a:85:5d:2e:
5f:99:c1:c5:b0:f3:45:59:b4:d7:fc:14:13:82:13:
97:f1:40:b4:25:21:95:d4:fc:4f:70:4a:17:40:83:
69:c3:ac:92:fa:33:05:74:f6:eb:12:fb:ee:1d:92:
87:50:90:cf:be:2d:fc:af:9f:74:d3:9d:f8:ac:cd:
02:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:CF:3B:CA:88:9D:E0:7B:CC:15:4D:3C:DF:59:9E:44:3E:DA:4E:BC
X509v3 Authority Key Identifier:
keyid:48:AB:F2:9F:DE:F8:57:05:02:F4:B5:1B:E5:FF:C0:5C:4D:9B:34:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SKvyn974VwUC9LUb5f_AXE2bNGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/GM87yoid4HvMFU0831meRD7aTrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/SKvyn974VwUC9LUb5f_AXE2bNGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.144.0/22
45.86.6.0/23
45.148.248.0/24
45.148.250.0/23
185.140.232.0/24
185.140.234.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:75:14:7b:13:67:d2:d6:59:ca:2f:e9:84:5d:89:77:0e:e7:
e3:e3:40:78:95:4e:8f:7f:7c:e7:03:9d:fa:69:6b:58:51:57:
eb:66:85:60:5b:62:51:4e:8c:c5:85:94:c3:bd:28:bc:dc:6b:
16:7a:d0:32:18:fa:7a:82:2b:05:9a:fd:14:ff:6d:c9:43:22:
81:ca:95:45:bd:bd:30:6f:e6:6f:3c:ff:4e:91:88:20:e4:3e:
14:48:46:ac:e3:38:64:14:6f:a1:67:8e:aa:a0:d5:b1:dd:e7:
50:4c:86:d7:dc:cb:e6:7a:e1:56:a8:1d:59:22:1c:93:0b:1d:
4b:99:1b:d9:92:46:38:45:1d:d1:67:5a:6d:a8:eb:1e:3d:57:
12:f4:39:dc:34:b1:61:37:b1:ef:3a:9f:af:35:e9:96:c0:8e:
54:57:0a:65:39:55:e3:49:75:14:a1:d2:3e:2d:7b:43:85:58:
a3:5a:75:2d:05:5a:63:ae:f4:bc:7b:05:96:a4:02:60:06:54:
8d:a1:00:81:7d:78:74:40:4a:94:35:5e:0d:37:6e:5c:43:5c:
ac:bb:4b:95:a3:13:1d:cc:f5:a3:a0:b3:e2:e8:be:25:98:55:
94:92:b4:97:ed:60:50:f1:93:75:07:32:10:3b:3e:b6:df:f6:
a6:37:99:05
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQlj14YN+WAuzDjI2sDxekxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4YWJmMjlmZGVmODU3MDUwMmY0YjUxYmU1ZmZjMDVjNGQ5
YjM0NjUwHhcNMjUwMTAyMDU0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGNmM2JjYTg4OWRlMDdiY2MxNTRkM2NkZjU5OWU0NDNlZGE0ZWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAor3pslSxHKduYHccNoY2m7nWNQJS
GDecIJk87dZ+OUubREspO3RZoQobuKtTNdYHtNt6z+VHa33ACj7surZTZejk1oiH
UaP6ZgSSBnSg0irJs/gwv4oR2jzDsZJOMIb7FxfQNxDoD7w3tGZY5ZmanUvh1qnl
WYKKgKpD2y2OqIyWRj5uGphoKmAT6awHXtGHxwekyURQKRGpvK4WuwcQwz/agiqB
hC3Z3jwL+D1PzbNSI69bBELlwlxzpkl/ilqFXS5fmcHFsPNFWbTX/BQTghOX8UC0
JSGV1PxPcEoXQINpw6yS+jMFdPbrEvvuHZKHUJDPvi38r5900534rM0CSwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBjPO8qIneB7zBVNPN9ZnkQ+2k68MB8GA1UdIwQY
MBaAFEir8p/e+FcFAvS1G+X/wFxNmzRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0t2eW45NzRWd1VDOUxVYjVmX0FYRTJiTkdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hZjQxY2ItZmY5MS00NTljLTlhNjQt
YWJhMTEzZjNlM2FlLzEvR004N3lvaWQ0SHZNRlUwODMxbWVSRDdhVHJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hZjQxY2ItZmY5MS00NTljLTlhNjQtYWJhMTEzZjNlM2Fl
LzEvU0t2eW45NzRWd1VDOUxVYjVmX0FYRTJiTkdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLQmQAwQB
LVYGAwQALZT4AwQBLZT6AwQAuYzoAwQBuYzqMA0GCSqGSIb3DQEBCwUAA4IBAQAv
dRR7E2fS1lnKL+mEXYl3Dufj40B4lU6Pf3znA536aWtYUVfrZoVgW2JRTozFhZTD
vSi83GsWetAyGPp6gisFmv0U/23JQyKBypVFvb0wb+ZvPP9OkYgg5D4USEas4zhk
FG+hZ46qoNWx3edQTIbX3MvmeuFWqB1ZIhyTCx1LmRvZkkY4RR3RZ1ptqOsePVcS
9DncNLFhN7HvOp+vNemWwI5UVwplOVXjSXUUodI+LXtDhVijWnUtBVpjrvS8ewWW
pAJgBlSNoQCBfXh0QEqUNV4NN25cQ1ysu0uVoxMdzPWjoLPi6L4lmFWUkrSX7WBQ
8ZN1BzIQOz623/amN5kF
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:58:34 2025 by rpki-client