Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/oIphIwTz9C6baOlHSb_0SqWgQCI.roa
File: oIphIwTz9C6baOlHSb_0SqWgQCI.roa (raw, json)
Hash identifier: ir5vB+yl/lqoYCUd+DYXuo61KuDJbCK8OYXLFjAPMR8=
Subject key identifier: A0:8A:61:23:04:F3:F4:2E:9B:68:E9:47:49:BF:F4:4A:A5:A0:40:22
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 0194266BAB35D95C7A929918F27B883B46FA
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/oIphIwTz9C6baOlHSb_0SqWgQCI.roa
Signing time: Thu 02 Jan 2025 09:49:37 +0000
ROA not before: Thu 02 Jan 2025 09:49:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62240
IP address blocks: 5.104.72.0/24 maxlen: 24
5.104.74.0/24 maxlen: 24
45.130.184.0/24 maxlen: 24
45.130.185.0/24 maxlen: 24
45.130.186.0/24 maxlen: 24
45.140.4.0/24 maxlen: 24
45.140.7.0/24 maxlen: 24
77.83.20.0/22 maxlen: 24
84.252.64.0/22 maxlen: 24
88.218.80.0/24 maxlen: 24
88.218.239.0/24 maxlen: 24
91.245.239.0/24 maxlen: 24
95.214.83.0/24 maxlen: 24
95.214.92.0/24 maxlen: 24
95.214.93.0/24 maxlen: 24
95.214.95.0/24 maxlen: 24
176.118.188.0/24 maxlen: 24
176.118.189.0/24 maxlen: 24
176.118.191.0/24 maxlen: 24
185.177.76.0/24 maxlen: 24
185.177.77.0/24 maxlen: 24
193.160.68.0/24 maxlen: 24
193.160.72.0/24 maxlen: 24
193.228.48.0/22 maxlen: 24
194.28.157.0/24 maxlen: 24
212.69.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.mft
rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Apr 2025 13:43:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:ab:35:d9:5c:7a:92:99:18:f2:7b:88:3b:46:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Jan 2 09:49:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a08a612304f3f42e9b68e94749bff44aa5a04022
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:09:db:40:5d:0b:dd:db:12:bd:37:67:32:99:
f1:3b:20:33:45:e8:0a:14:e7:fd:58:6a:aa:85:9f:
4e:1a:e8:b4:84:7d:70:ee:78:71:80:fa:d2:3c:07:
9b:95:f9:e2:76:c8:98:e1:1f:96:be:73:c3:fc:ed:
11:37:86:6b:1e:fe:8e:55:cd:5f:c6:b7:76:a9:15:
75:54:b7:1d:29:f5:06:5b:6f:de:11:c1:c2:47:aa:
25:a8:ed:d6:95:f4:ae:df:88:dd:19:63:7c:41:85:
c4:b9:06:22:29:95:fd:02:72:0e:bb:29:56:76:b7:
23:21:ee:3a:2f:ca:f4:4d:80:ff:30:58:ce:b1:14:
67:67:13:4a:e6:ac:23:dc:9f:23:e4:cf:a0:03:ef:
e5:a6:ce:e9:33:1b:77:64:64:4b:8c:1a:85:d7:1c:
3c:1f:0a:1a:06:28:b7:78:00:a6:86:20:39:1d:57:
ce:0a:19:26:74:44:10:78:92:44:6b:e9:d5:9f:0b:
3b:5d:35:4f:21:3e:6d:32:a9:8b:85:15:26:82:bd:
35:a8:d3:54:d5:30:c4:16:cc:09:ce:af:ee:2b:e0:
d3:a5:c6:69:ba:47:8b:a6:b6:18:64:64:93:4a:aa:
33:f0:1c:84:1d:1f:51:84:83:4b:00:8d:1e:56:8c:
1c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:8A:61:23:04:F3:F4:2E:9B:68:E9:47:49:BF:F4:4A:A5:A0:40:22
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/oIphIwTz9C6baOlHSb_0SqWgQCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.72.0/24
5.104.74.0/24
45.130.184.0-45.130.186.255
45.140.4.0/24
45.140.7.0/24
77.83.20.0/22
84.252.64.0/22
88.218.80.0/24
88.218.239.0/24
91.245.239.0/24
95.214.83.0/24
95.214.92.0/23
95.214.95.0/24
176.118.188.0/23
176.118.191.0/24
185.177.76.0/23
193.160.68.0/24
193.160.72.0/24
193.228.48.0/22
194.28.157.0/24
212.69.135.0/24
Signature Algorithm: sha256WithRSAEncryption
67:52:83:88:e0:42:be:ce:26:5a:46:5b:8c:a5:2d:62:24:46:
f2:6f:7a:dc:7a:40:0c:24:95:0b:39:48:aa:d9:a8:ce:02:07:
bd:56:ba:64:00:32:f6:6a:1d:74:05:13:6c:9f:72:86:ca:15:
48:99:5d:9f:6f:b9:6e:73:01:22:1c:b0:66:2f:8e:42:3a:42:
fd:ce:13:f9:56:77:24:5b:10:2b:2e:29:19:1c:c7:57:42:6b:
56:26:6c:28:55:fe:29:07:a1:41:cb:dd:27:75:b7:59:a8:25:
50:16:9b:03:6e:13:4d:5a:32:34:af:a1:12:a4:2b:e3:7c:4f:
7d:b0:7d:4a:46:d3:e5:84:32:b9:e8:21:55:1c:c6:49:86:d1:
a7:10:b2:d0:fb:ed:e3:63:7b:ec:20:e1:ac:10:21:fe:b5:e4:
f3:df:bf:41:5d:43:1a:ad:52:c7:46:7e:44:60:75:13:b8:66:
8c:4a:60:10:82:28:2d:e7:3f:11:fd:50:7b:18:7a:64:6e:2a:
6c:ee:25:d8:57:98:a3:9b:30:2c:1d:ae:de:12:ee:42:e3:a5:
3c:c9:03:2f:04:fb:ad:db:20:81:36:70:09:d6:95:dd:e9:f9:
fe:9f:76:40:2f:e6:73:71:74:7d:93:89:6d:8a:63:21:c9:ca:
f0:a8:4b:6e
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZQma6s12Vx6kpkY8nuIO0b6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjUwMTAyMDk0OTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDhhNjEyMzA0ZjNmNDJlOWI2OGU5NDc0OWJmZjQ0YWE1YTA0MDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswnbQF0L3dsSvTdnMpnxOyAzRegK
FOf9WGqqhZ9OGui0hH1w7nhxgPrSPAeblfnidsiY4R+WvnPD/O0RN4ZrHv6OVc1f
xrd2qRV1VLcdKfUGW2/eEcHCR6olqO3WlfSu34jdGWN8QYXEuQYiKZX9AnIOuylW
drcjIe46L8r0TYD/MFjOsRRnZxNK5qwj3J8j5M+gA+/lps7pMxt3ZGRLjBqF1xw8
HwoaBii3eACmhiA5HVfOChkmdEQQeJJEa+nVnws7XTVPIT5tMqmLhRUmgr01qNNU
1TDEFswJzq/uK+DTpcZpukeLprYYZGSTSqoz8ByEHR9RhINLAI0eVowcGwIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFKCKYSME8/Qum2jpR0m/9EqloEAiMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvb0lwaEl3VHo5QzZiYU9sSFNiXzBTcVdnUUNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAAF
aEgDBAAFaEowDAMEAy2CuAMEAC2CugMEAC2MBAMEAC2MBwMEAk1TFAMEAlT8QAME
AFjaUAMEAFja7wMEAFv17wMEAF/WUwMEAV/WXAMEAF/WXwMEAbB2vAMEALB2vwME
AbmxTAMEAMGgRAMEAMGgSAMEAsHkMAMEAMIcnQMEANRFhzANBgkqhkiG9w0BAQsF
AAOCAQEAZ1KDiOBCvs4mWkZbjKUtYiRG8m963HpADCSVCzlIqtmozgIHvVa6ZAAy
9moddAUTbJ9yhsoVSJldn2+5bnMBIhywZi+OQjpC/c4T+VZ3JFsQKy4pGRzHV0Jr
ViZsKFX+KQehQcvdJ3W3WaglUBabA24TTVoyNK+hEqQr43xPfbB9SkbT5YQyuegh
VRzGSYbRpxCy0Pvt42N77CDhrBAh/rXk89+/QV1DGq1Sx0Z+RGB1E7hmjEpgEIIo
Lec/Ef1Qexh6ZG4qbO4l2FeYo5swLB2u3hLuQuOlPMkDLwT7rdsggTZwCdaV3en5
/p92QC/mc3F0fZOJbYpjIcnK8KhLbg==
-----END CERTIFICATE-----
Generated at Thu Apr 3 22:20:19 2025 by rpki-client