Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/tplznOUUkye4Oboj5270452uPCU.roa
File: tplznOUUkye4Oboj5270452uPCU.roa (raw, json)
Hash identifier: oV5IU1Lk66BpvWYXVEILF6uwP2Db7CnsQQek4qKWYTc=
Subject key identifier: B6:99:73:9C:E5:14:93:27:B8:39:BA:23:E7:6E:F4:E3:9D:AE:3C:25
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 019422FC11876BD78E9C101291F972603844
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/tplznOUUkye4Oboj5270452uPCU.roa
Signing time: Wed 01 Jan 2025 17:48:52 +0000
ROA not before: Wed 01 Jan 2025 17:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62013
IP address blocks: 45.67.118.0/23 maxlen: 23
185.181.40.0/23 maxlen: 24
185.181.42.0/23 maxlen: 24
185.181.48.0/23 maxlen: 24
185.181.50.0/23 maxlen: 24
194.213.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:11:87:6b:d7:8e:9c:10:12:91:f9:72:60:38:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 17:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b699739ce5149327b839ba23e76ef4e39dae3c25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:35:da:46:08:23:1f:79:c1:32:65:fd:bf:46:
da:51:45:bc:ad:d3:fa:c6:c2:4b:59:c9:dc:6e:06:
3f:25:a1:bd:bf:95:7d:78:e4:fa:14:e2:35:41:88:
fd:de:f8:9b:f2:07:0a:2c:de:18:f0:57:91:71:18:
ac:00:72:68:f0:c1:fd:13:2f:d7:01:57:d8:da:ab:
ea:01:0d:fe:ae:4e:12:dd:e6:84:f8:58:a3:20:4a:
58:6d:59:11:eb:91:5f:82:e4:ad:96:2a:a8:75:9a:
78:f8:d4:c8:c7:52:4c:ce:09:b5:7d:e6:43:36:74:
ae:9a:77:e8:1c:05:62:6e:b1:18:34:2a:bf:89:dc:
45:92:ae:7e:15:b8:45:58:eb:9a:67:d3:76:ad:dd:
91:34:04:d1:d9:3d:98:e5:92:b0:99:e3:98:e8:ff:
45:98:09:de:a1:c1:0c:56:2d:e8:8e:18:ec:4e:1d:
73:3d:bf:71:32:d0:dd:6a:c9:4a:67:ae:b6:68:11:
ac:bd:e8:9b:f3:61:12:4f:62:b4:aa:8d:1a:a6:df:
1e:11:cc:97:e5:40:70:76:e0:65:0b:96:d2:ac:44:
6b:17:3a:18:c6:b5:b7:7f:90:b1:56:73:2f:1d:e1:
b3:57:d8:ff:d0:74:fc:13:65:37:79:f4:d0:07:b3:
ae:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:99:73:9C:E5:14:93:27:B8:39:BA:23:E7:6E:F4:E3:9D:AE:3C:25
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/tplznOUUkye4Oboj5270452uPCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.118.0/23
185.181.40.0/22
185.181.48.0/22
194.213.8.0/24
Signature Algorithm: sha256WithRSAEncryption
27:ab:77:03:29:8f:e6:20:2d:a5:df:f1:d0:d5:73:ef:8e:ac:
ca:95:02:c4:56:2a:ed:da:3f:df:fe:00:67:ac:86:c9:a3:84:
d9:c7:b3:c4:9a:d4:24:ee:fc:eb:f2:ed:3c:b5:bc:e6:85:b9:
93:13:95:4d:3c:18:a7:0e:fe:93:f7:22:22:c4:b8:de:80:c6:
6f:20:9a:82:51:ba:1c:1a:1b:ea:24:ed:e2:ea:e2:f4:3a:d3:
e5:64:39:fe:72:d1:91:52:84:fb:b3:90:bc:f0:da:b4:a8:a5:
0f:2b:bd:13:15:cd:bb:55:df:a8:e0:43:fe:a8:9b:50:b1:9d:
f4:f8:0c:57:5a:ac:11:57:f1:a9:52:c0:f0:26:2d:2a:be:ff:
db:ac:af:3c:f8:34:b1:ad:a0:51:22:1d:41:a7:90:3f:66:c1:
fe:fd:ed:66:22:20:15:fa:b6:f5:2d:a0:dc:c3:fe:c5:02:b7:
82:2d:3a:0e:93:1d:4f:26:6b:13:b2:85:68:3e:0a:f3:85:f2:
82:33:51:2d:b4:eb:e1:8e:59:73:86:c6:bb:1e:29:15:3b:a2:
b9:68:dc:bf:21:a6:82:60:4a:d0:7f:7c:97:d2:aa:6d:95:e1:
e9:a1:14:e7:30:6a:03:27:86:e2:cf:92:2e:8d:90:8f:12:d6:
8f:4d:ed:bb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQi/BGHa9eOnBASkflyYDhEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjUwMTAxMTc0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjk5NzM5Y2U1MTQ5MzI3YjgzOWJhMjNlNzZlZjRlMzlkYWUzYzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDXaRggjH3nBMmX9v0baUUW8rdP6
xsJLWcncbgY/JaG9v5V9eOT6FOI1QYj93vib8gcKLN4Y8FeRcRisAHJo8MH9Ey/X
AVfY2qvqAQ3+rk4S3eaE+FijIEpYbVkR65FfguStliqodZp4+NTIx1JMzgm1feZD
NnSumnfoHAVibrEYNCq/idxFkq5+FbhFWOuaZ9N2rd2RNATR2T2Y5ZKwmeOY6P9F
mAneocEMVi3ojhjsTh1zPb9xMtDdaslKZ662aBGsveib82EST2K0qo0apt8eEcyX
5UBwduBlC5bSrERrFzoYxrW3f5CxVnMvHeGzV9j/0HT8E2U3efTQB7OuiQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLaZc5zlFJMnuDm6I+du9OOdrjwlMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvdHBsem5PVVVreWU0T2JvajUyNzA0NTJ1UENVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLUN2AwQC
ubUoAwQCubUwAwQAwtUIMA0GCSqGSIb3DQEBCwUAA4IBAQAnq3cDKY/mIC2l3/HQ
1XPvjqzKlQLEVirt2j/f/gBnrIbJo4TZx7PEmtQk7vzr8u08tbzmhbmTE5VNPBin
Dv6T9yIixLjegMZvIJqCUbocGhvqJO3i6uL0OtPlZDn+ctGRUoT7s5C88Nq0qKUP
K70TFc27Vd+o4EP+qJtQsZ30+AxXWqwRV/GpUsDwJi0qvv/brK88+DSxraBRIh1B
p5A/ZsH+/e1mIiAV+rb1LaDcw/7FAreCLToOkx1PJmsTsoVoPgrzhfKCM1EttOvh
jllzhsa7HikVO6K5aNy/IaaCYErQf3yX0qptleHpoRTnMGoDJ4biz5IujZCPEtaP
Te27
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:18:57 2025 by rpki-client