Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/4D9WuX_v-a5FkYQRnE-rJHdgsD0.roa
File: 4D9WuX_v-a5FkYQRnE-rJHdgsD0.roa (raw, json)
Hash identifier: h3NxO5aSx+mwWD8rJ6/jDSVLXF37crmyBvcFwwI4yns=
Subject key identifier: E0:3F:56:B9:7F:EF:F9:AE:45:91:84:11:9C:4F:AB:24:77:60:B0:3D
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 0195B2D665CDD8BD2AD275E8F4D391C73D95
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/4D9WuX_v-a5FkYQRnE-rJHdgsD0.roa
Signing time: Thu 20 Mar 2025 09:15:49 +0000
ROA not before: Thu 20 Mar 2025 09:15:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35048
IP address blocks: 2.59.50.0/24 maxlen: 24
5.183.130.0/24 maxlen: 24
45.11.20.0/24 maxlen: 24
45.11.21.0/24 maxlen: 24
45.84.176.0/24 maxlen: 24
45.84.177.0/24 maxlen: 24
45.90.196.0/24 maxlen: 24
92.119.193.0/24 maxlen: 24
94.158.190.0/24 maxlen: 24
193.53.168.0/24 maxlen: 24
194.32.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 08:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b2:d6:65:cd:d8:bd:2a:d2:75:e8:f4:d3:91:c7:3d:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Mar 20 09:15:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e03f56b97feff9ae459184119c4fab247760b03d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:25:08:4c:88:25:eb:64:0a:b1:eb:e4:e7:65:
cc:e0:83:78:1f:8f:ad:e6:68:38:6b:e1:e1:0b:19:
42:f8:cf:ab:5e:c7:a0:b9:fa:9b:a8:0e:75:3f:1c:
46:1b:5b:74:31:82:a5:af:e3:60:2a:1d:0e:9f:46:
97:49:94:54:05:db:fc:8e:a0:a4:3a:bb:98:ba:99:
fe:1b:68:cb:37:8e:ab:ad:97:14:0f:78:3e:6e:c2:
6a:3a:1a:a8:81:50:c7:a5:43:19:fd:cc:aa:90:d8:
5c:18:53:a4:ae:80:9e:1c:70:c2:35:f5:d6:d6:7b:
dd:4c:5b:c7:47:e2:59:fc:88:f4:f2:60:3b:d6:5e:
ba:f6:dd:84:d4:ea:62:91:16:5d:df:ec:88:3a:3a:
45:36:e6:4f:53:c6:b8:36:4e:8c:1f:e1:cd:7d:40:
e8:ec:48:45:70:32:50:55:4a:45:f5:12:0f:bc:35:
6b:f0:f8:1d:be:c7:10:bc:dc:71:eb:e8:5e:fc:c8:
a6:c9:60:b6:0e:94:e9:bf:f2:cf:3d:b1:11:77:cb:
b8:ca:e5:ce:60:88:08:cd:5e:10:24:36:8a:9c:05:
7a:d8:ce:49:85:6c:b3:b6:7b:b5:8d:cf:4e:af:f6:
95:b6:ec:7a:44:9b:0e:cb:48:63:12:5e:e4:56:bd:
9f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:3F:56:B9:7F:EF:F9:AE:45:91:84:11:9C:4F:AB:24:77:60:B0:3D
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/4D9WuX_v-a5FkYQRnE-rJHdgsD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.50.0/24
5.183.130.0/24
45.11.20.0/23
45.84.176.0/23
45.90.196.0/24
92.119.193.0/24
94.158.190.0/24
193.53.168.0/24
194.32.237.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:33:c8:14:4c:71:c6:36:15:6a:05:9d:46:36:6b:3b:82:dc:
35:30:f6:59:20:1b:a7:82:ae:83:14:85:cc:02:66:4d:8e:d9:
93:a3:a2:2a:e2:6d:76:66:ba:4b:48:e2:2b:ce:9a:4f:2f:7c:
3b:31:db:82:10:91:c1:9a:d0:f1:c7:c7:48:7b:0e:6b:e3:f7:
15:6b:8a:b7:a5:89:dc:c5:48:d4:e6:95:65:c4:17:56:ee:6c:
4c:09:90:bc:c8:98:25:be:4d:44:93:d7:83:af:b2:11:ea:a5:
97:e4:e6:fb:01:5c:14:5a:07:f8:17:88:62:ab:57:d4:dd:5b:
76:c5:f5:f6:93:9d:e4:83:25:aa:5a:3d:f6:a3:7c:de:91:e8:
29:ad:b6:4d:80:01:26:64:d3:95:16:8c:c6:55:e3:56:25:3d:
54:83:9c:42:d8:3c:f9:28:66:3b:fe:56:03:03:db:8c:07:5a:
3e:fc:46:29:1d:77:78:c6:65:cb:ab:db:66:36:5d:90:be:14:
90:1f:50:b5:c2:f5:73:46:d8:4c:c8:c3:a7:d3:a2:17:a1:ba:
73:c6:8e:70:47:7d:78:f5:6e:3c:bc:0c:99:56:57:98:a8:ec:
98:a8:d9:7a:87:ba:55:a7:c0:86:53:55:90:aa:d2:1c:b1:00:
7c:2d:0d:c4
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZWy1mXN2L0q0nXo9NORxz2VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjUwMzIwMDkxNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDNmNTZiOTdmZWZmOWFlNDU5MTg0MTE5YzRmYWIyNDc3NjBiMDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCUITIgl62QKsevk52XM4IN4H4+t
5mg4a+HhCxlC+M+rXsegufqbqA51PxxGG1t0MYKlr+NgKh0On0aXSZRUBdv8jqCk
OruYupn+G2jLN46rrZcUD3g+bsJqOhqogVDHpUMZ/cyqkNhcGFOkroCeHHDCNfXW
1nvdTFvHR+JZ/Ij08mA71l669t2E1OpikRZd3+yIOjpFNuZPU8a4Nk6MH+HNfUDo
7EhFcDJQVUpF9RIPvDVr8PgdvscQvNxx6+he/MimyWC2DpTpv/LPPbERd8u4yuXO
YIgIzV4QJDaKnAV62M5JhWyztnu1jc9Or/aVtux6RJsOy0hjEl7kVr2f6QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFOA/Vrl/7/muRZGEEZxPqyR3YLA9MB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvNEQ5V3VYX3YtYTVGa1lRUm5FLXJKSGRnc0QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAAjsyAwQA
BbeCAwQBLQsUAwQBLVSwAwQALVrEAwQAXHfBAwQAXp6+AwQAwTWoAwQAwiDtMA0G
CSqGSIb3DQEBCwUAA4IBAQCNM8gUTHHGNhVqBZ1GNms7gtw1MPZZIBungq6DFIXM
AmZNjtmTo6Iq4m12ZrpLSOIrzppPL3w7MduCEJHBmtDxx8dIew5r4/cVa4q3pYnc
xUjU5pVlxBdW7mxMCZC8yJglvk1Ek9eDr7IR6qWX5Ob7AVwUWgf4F4hiq1fU3Vt2
xfX2k53kgyWqWj32o3zekegprbZNgAEmZNOVFozGVeNWJT1Ug5xC2Dz5KGY7/lYD
A9uMB1o+/EYpHXd4xmXLq9tmNl2QvhSQH1C1wvVzRthMyMOn06IXobpzxo5wR314
9W48vAyZVleYqOyYqNl6h7pVp8CGU1WQqtIcsQB8LQ3E
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:36:42 2025 by rpki-client