Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/g5z8NV4dmlaKd11s7v3mxc0KYqU.roa
File: g5z8NV4dmlaKd11s7v3mxc0KYqU.roa (raw, json)
Hash identifier: bnZ9DFLSZGC/zi7MlcnpGi6LDIICQO79p3wjfCQfT+E=
Subject key identifier: 83:9C:FC:35:5E:1D:9A:56:8A:77:5D:6C:EE:FD:E6:C5:CD:0A:62:A5
Certificate issuer: /CN=90d753a2547e03a4b0d2f91c70e9ce4e44680418
Certificate serial: 01949284D6D6DADA37E98DABCFDE55926474
Authority key identifier: 90:D7:53:A2:54:7E:03:A4:B0:D2:F9:1C:70:E9:CE:4E:44:68:04:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kNdTolR-A6Sw0vkccOnOTkRoBBg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/g5z8NV4dmlaKd11s7v3mxc0KYqU.roa
Signing time: Thu 23 Jan 2025 09:36:06 +0000
ROA not before: Thu 23 Jan 2025 09:36:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35224
IP address blocks: 45.66.76.0/22 maxlen: 22
45.150.0.0/22 maxlen: 22
91.189.96.0/21 maxlen: 21
91.189.96.0/24 maxlen: 24
91.189.97.0/24 maxlen: 24
91.189.98.0/24 maxlen: 24
91.189.99.0/24 maxlen: 24
91.189.100.0/24 maxlen: 24
91.189.101.0/24 maxlen: 24
91.189.102.0/24 maxlen: 24
91.189.103.0/24 maxlen: 24
92.118.0.0/22 maxlen: 22
94.231.240.0/20 maxlen: 20
94.231.240.0/24 maxlen: 24
94.231.241.0/24 maxlen: 24
94.231.242.0/23 maxlen: 23
94.231.244.0/22 maxlen: 22
94.231.248.0/24 maxlen: 24
94.231.249.0/24 maxlen: 24
94.231.250.0/24 maxlen: 24
94.231.251.0/24 maxlen: 24
94.231.252.0/24 maxlen: 24
94.231.253.0/24 maxlen: 24
94.231.254.0/24 maxlen: 24
94.231.255.0/24 maxlen: 24
185.9.252.0/22 maxlen: 22
185.9.252.0/24 maxlen: 24
185.9.253.0/24 maxlen: 24
185.9.254.0/24 maxlen: 24
185.9.255.0/24 maxlen: 24
193.239.92.0/22 maxlen: 22
193.239.186.0/23 maxlen: 23
195.222.116.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/kNdTolR-A6Sw0vkccOnOTkRoBBg.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/kNdTolR-A6Sw0vkccOnOTkRoBBg.mft
rsync://rpki.ripe.net/repository/DEFAULT/kNdTolR-A6Sw0vkccOnOTkRoBBg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 17:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:92:84:d6:d6:da:da:37:e9:8d:ab:cf:de:55:92:64:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90d753a2547e03a4b0d2f91c70e9ce4e44680418
Validity
Not Before: Jan 23 09:36:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=839cfc355e1d9a568a775d6ceefde6c5cd0a62a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8e:80:4d:bb:19:0f:06:94:ac:7e:c2:ab:e5:
01:1c:96:89:ee:ee:f5:e6:ea:c1:1a:3a:f9:f7:67:
cf:76:43:68:f7:f3:fe:45:d6:c8:00:36:65:76:e7:
3b:d8:17:eb:f9:a8:fc:12:2f:95:65:2a:ad:c1:11:
bc:03:e0:22:93:80:b2:ec:16:aa:e9:70:df:b0:d8:
77:ae:b1:8c:4f:47:b3:ea:4d:01:51:29:27:96:9b:
c8:e8:dc:87:81:3c:5f:5d:29:13:f1:08:c1:8b:3c:
f8:8e:d5:76:3d:08:54:6d:e2:85:0c:96:5c:5a:a7:
9b:5c:dc:15:8e:63:47:24:b6:3e:00:a6:30:06:75:
3d:4a:27:9c:d9:bd:67:33:c0:e2:59:b0:55:f3:a1:
49:61:95:1d:e7:c9:e9:05:60:b1:f8:e0:62:3c:ba:
b5:fc:5e:7e:39:31:a6:b2:7e:09:e7:32:08:d8:38:
de:03:57:f8:63:e7:c6:f5:b4:e8:1c:d6:ba:6c:cb:
5d:5e:52:b7:e9:99:dd:32:a6:2f:1d:23:56:7f:1d:
0d:77:60:78:6f:9a:4a:2f:04:0b:18:9b:99:8e:a0:
82:bf:0f:b7:e8:c5:11:96:16:00:18:41:4c:d1:f9:
58:6e:09:a4:c3:25:29:04:63:8d:9b:ef:d3:e6:93:
2e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:9C:FC:35:5E:1D:9A:56:8A:77:5D:6C:EE:FD:E6:C5:CD:0A:62:A5
X509v3 Authority Key Identifier:
keyid:90:D7:53:A2:54:7E:03:A4:B0:D2:F9:1C:70:E9:CE:4E:44:68:04:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kNdTolR-A6Sw0vkccOnOTkRoBBg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/g5z8NV4dmlaKd11s7v3mxc0KYqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/kNdTolR-A6Sw0vkccOnOTkRoBBg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.76.0/22
45.150.0.0/22
91.189.96.0/21
92.118.0.0/22
94.231.240.0/20
185.9.252.0/22
193.239.92.0/22
193.239.186.0/23
195.222.116.0/22
Signature Algorithm: sha256WithRSAEncryption
52:b8:df:dc:b4:4f:b2:96:0d:ae:42:9f:28:ad:1c:45:7d:f1:
38:b2:05:c1:07:1d:37:26:44:e8:d2:aa:4e:9b:c8:1f:3f:e2:
e2:88:09:34:37:42:16:d6:63:2c:21:0e:bb:7d:50:a8:df:27:
31:05:86:72:2a:ac:22:18:82:0a:4b:93:10:80:6e:0c:4d:1a:
53:95:b5:12:de:06:c6:3d:d0:a0:d2:d7:da:39:db:71:a3:6a:
b4:da:d8:c7:cd:96:7b:2d:f5:c1:ce:25:c8:b3:7e:de:a0:58:
1e:be:6f:9d:de:5a:19:47:70:ef:35:52:f7:e2:9e:bc:97:87:
e2:53:93:d2:39:3c:d8:fb:2d:5f:04:b7:33:dd:e6:ca:a1:0e:
53:56:15:91:51:29:bc:9e:ff:fa:21:0c:83:1b:92:65:91:76:
da:fb:1f:d1:ff:51:a4:4b:d4:03:3e:29:24:62:cf:92:60:05:
e4:2f:5f:2c:6c:a6:56:68:20:a4:14:9e:21:03:0b:7f:bb:94:
bf:fe:8e:ce:25:42:9b:e2:67:ed:b1:16:90:0b:1f:59:21:3f:
cb:5b:50:bd:c9:32:39:bb:13:1b:d5:4a:b5:d2:b1:45:89:3d:
b2:4f:ed:b5:4a:86:c0:ed:98:f8:3e:08:1e:78:80:bf:81:84:
d4:21:10:53
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZSShNbW2to36Y2rz95VkmR0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZDc1M2EyNTQ3ZTAzYTRiMGQyZjkxYzcwZTljZTRlNDQ2
ODA0MTgwHhcNMjUwMTIzMDkzNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzljZmMzNTVlMWQ5YTU2OGE3NzVkNmNlZWZkZTZjNWNkMGE2MmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmI6ATbsZDwaUrH7Cq+UBHJaJ7u71
5urBGjr592fPdkNo9/P+RdbIADZlduc72Bfr+aj8Ei+VZSqtwRG8A+Aik4Cy7Baq
6XDfsNh3rrGMT0ez6k0BUSknlpvI6NyHgTxfXSkT8QjBizz4jtV2PQhUbeKFDJZc
WqebXNwVjmNHJLY+AKYwBnU9Siec2b1nM8DiWbBV86FJYZUd58npBWCx+OBiPLq1
/F5+OTGmsn4J5zII2DjeA1f4Y+fG9bToHNa6bMtdXlK36ZndMqYvHSNWfx0Nd2B4
b5pKLwQLGJuZjqCCvw+36MURlhYAGEFM0flYbgmkwyUpBGONm+/T5pMuJQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFIOc/DVeHZpWinddbO795sXNCmKlMB8GA1UdIwQY
MBaAFJDXU6JUfgOksNL5HHDpzk5EaAQYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva05kVG9sUi1BNlN3MHZrY2NPbk9Ua1JvQkJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9jYzkwOTktNzEwMS00NzJlLWFlZmMt
NWViNjZiY2UzMThkLzEvZzV6OE5WNGRtbGFLZDExczd2M214YzBLWXFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9jYzkwOTktNzEwMS00NzJlLWFlZmMtNWViNjZiY2UzMThk
LzEva05kVG9sUi1BNlN3MHZrY2NPbk9Ua1JvQkJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCLUJMAwQC
LZYAAwQDW71gAwQCXHYAAwQEXufwAwQCuQn8AwQCwe9cAwQBwe+6AwQCw950MA0G
CSqGSIb3DQEBCwUAA4IBAQBSuN/ctE+ylg2uQp8orRxFffE4sgXBBx03JkTo0qpO
m8gfP+LiiAk0N0IW1mMsIQ67fVCo3ycxBYZyKqwiGIIKS5MQgG4MTRpTlbUS3gbG
PdCg0tfaOdtxo2q02tjHzZZ7LfXBziXIs37eoFgevm+d3loZR3DvNVL34p68l4fi
U5PSOTzY+y1fBLcz3ebKoQ5TVhWRUSm8nv/6IQyDG5JlkXba+x/R/1GkS9QDPikk
Ys+SYAXkL18sbKZWaCCkFJ4hAwt/u5S//o7OJUKb4mftsRaQCx9ZIT/LW1C9yTI5
uxMb1Uq10rFFiT2yT+21SobA7Zj4PggeeIC/gYTUIRBT
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:44:52 2025 by rpki-client