Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/u2VFohjmL_fSvkznUlbeDvk5M1Q.roa
File: u2VFohjmL_fSvkznUlbeDvk5M1Q.roa (raw, json)
Hash identifier: 8PR0qkP1x2sDesk9rohDrg1gdGK4n2ls+MiojBhpHg8=
Subject key identifier: BB:65:45:A2:18:E6:2F:F7:D2:BE:4C:E7:52:56:DE:0E:F9:39:33:54
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 0194266BAA61C29C30E4E7830CC2A0F49BFE
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/u2VFohjmL_fSvkznUlbeDvk5M1Q.roa
Signing time: Thu 02 Jan 2025 09:49:37 +0000
ROA not before: Thu 02 Jan 2025 09:49:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59729
IP address blocks: 45.140.7.0/24 maxlen: 24
77.83.20.0/22 maxlen: 24
84.252.66.0/24 maxlen: 24
84.252.67.0/24 maxlen: 24
88.218.239.0/24 maxlen: 24
91.245.239.0/24 maxlen: 24
95.214.92.0/24 maxlen: 24
176.118.188.0/24 maxlen: 24
176.118.189.0/24 maxlen: 24
185.177.76.0/23 maxlen: 24
194.28.156.0/24 maxlen: 24
194.28.158.0/24 maxlen: 24
194.28.159.0/24 maxlen: 24
194.104.5.0/24 maxlen: 24
194.104.6.0/24 maxlen: 24
212.69.132.0/24 maxlen: 24
212.69.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.mft
rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:aa:61:c2:9c:30:e4:e7:83:0c:c2:a0:f4:9b:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Jan 2 09:49:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb6545a218e62ff7d2be4ce75256de0ef9393354
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a0:ad:77:75:89:95:c7:82:62:a0:0a:a2:9b:
bf:5c:e3:d7:61:6c:5e:3d:88:39:c9:d8:52:33:26:
e0:f6:80:06:4a:c2:b7:e9:4c:aa:f7:f0:ae:d8:10:
f2:25:22:77:79:11:f2:f7:76:26:e4:6a:dd:99:aa:
45:f4:dc:2f:e1:8f:49:99:79:e8:ad:8f:71:8b:b2:
1d:72:c9:e1:c8:74:d3:eb:f1:ea:22:c0:af:e7:f2:
0b:f3:08:0c:ad:e6:51:ab:0c:22:9d:71:90:97:f6:
32:ac:fd:ab:e9:d0:72:d4:0c:4a:0c:60:62:28:15:
4b:e3:8b:b2:26:04:27:9f:2d:a8:0d:7f:f8:f2:bb:
ce:b8:36:af:a6:87:2e:62:69:31:8e:bf:9f:cc:da:
58:40:76:a4:1c:e0:50:01:53:1e:57:ad:0d:e2:86:
25:bc:03:0e:96:5b:29:eb:f7:fa:be:3c:47:18:0f:
ba:b5:6f:16:0e:18:d1:8f:11:15:91:13:19:38:78:
8d:4d:b6:71:86:77:89:11:50:ed:8c:3c:0f:20:b2:
1e:c9:c5:43:8b:36:63:a9:b1:b7:86:ab:e9:ba:37:
ed:db:ce:ac:6f:4d:27:3d:a2:a2:e2:72:0b:cb:ee:
fe:9f:5c:de:f2:bf:d5:3f:8d:f3:9f:bd:4a:73:e1:
3d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:65:45:A2:18:E6:2F:F7:D2:BE:4C:E7:52:56:DE:0E:F9:39:33:54
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/u2VFohjmL_fSvkznUlbeDvk5M1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.7.0/24
77.83.20.0/22
84.252.66.0/23
88.218.239.0/24
91.245.239.0/24
95.214.92.0/24
176.118.188.0/23
185.177.76.0/23
194.28.156.0/24
194.28.158.0/23
194.104.5.0-194.104.6.255
212.69.132.0/24
212.69.134.0/24
Signature Algorithm: sha256WithRSAEncryption
12:e9:67:75:4a:20:97:b8:7c:95:28:54:c4:b0:07:b7:5f:05:
66:28:55:f1:95:51:0a:c4:1d:89:3d:d8:df:a1:e7:6f:0c:63:
48:82:30:05:1c:73:f1:c9:90:b5:83:12:b2:e1:99:bf:78:2b:
67:aa:e3:1e:78:1f:a0:25:a7:db:d5:64:89:c1:ba:4c:a4:a1:
89:3f:88:14:fa:aa:ee:f3:87:e3:c3:9e:4c:54:eb:c5:81:cd:
bb:33:59:1a:1c:07:1f:20:75:7c:79:31:93:f7:a3:4a:96:c9:
67:20:7a:2f:86:dd:a9:ee:e2:86:2f:9c:05:25:a8:69:69:2f:
0f:5a:dd:bb:2e:0b:90:3e:17:6e:02:fa:3c:4a:68:c5:fb:41:
87:2c:6a:50:18:77:14:1a:1a:43:a2:1b:bb:ef:87:3d:3f:63:
2e:29:31:1d:f1:60:22:98:71:2d:35:bd:9c:71:3f:c9:89:3d:
52:3a:5f:f8:04:1f:49:45:ad:91:c2:c3:49:90:4e:6c:93:25:
95:44:96:1a:7a:44:91:88:83:70:20:38:fe:26:4e:f9:4e:ae:
5d:6d:7a:45:62:84:a8:45:b3:e0:c5:af:84:79:41:a0:d0:9e:
2f:38:af:a6:06:25:eb:3a:c9:0e:57:53:70:22:dd:ae:54:ef:
c7:1e:78:95
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZQma6phwpww5OeDDMKg9Jv+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjUwMTAyMDk0OTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjY1NDVhMjE4ZTYyZmY3ZDJiZTRjZTc1MjU2ZGUwZWY5MzkzMzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqCtd3WJlceCYqAKopu/XOPXYWxe
PYg5ydhSMybg9oAGSsK36Uyq9/Cu2BDyJSJ3eRHy93Ym5GrdmapF9Nwv4Y9JmXno
rY9xi7IdcsnhyHTT6/HqIsCv5/IL8wgMreZRqwwinXGQl/YyrP2r6dBy1AxKDGBi
KBVL44uyJgQnny2oDX/48rvOuDavpocuYmkxjr+fzNpYQHakHOBQAVMeV60N4oYl
vAMOllsp6/f6vjxHGA+6tW8WDhjRjxEVkRMZOHiNTbZxhneJEVDtjDwPILIeycVD
izZjqbG3hqvpujft286sb00nPaKi4nILy+7+n1ze8r/VP43zn71Kc+E9IQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFLtlRaIY5i/30r5M51JW3g75OTNUMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvdTJWRm9oam1MX2ZTdmt6blVsYmVEdms1TTFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQALYwHAwQC
TVMUAwQBVPxCAwQAWNrvAwQAW/XvAwQAX9ZcAwQBsHa8AwQBubFMAwQAwhycAwQB
whyeMAwDBADCaAUDBADCaAYDBADURYQDBADURYYwDQYJKoZIhvcNAQELBQADggEB
ABLpZ3VKIJe4fJUoVMSwB7dfBWYoVfGVUQrEHYk92N+h528MY0iCMAUcc/HJkLWD
ErLhmb94K2eq4x54H6Alp9vVZInBukykoYk/iBT6qu7zh+PDnkxU68WBzbszWRoc
Bx8gdXx5MZP3o0qWyWcgei+G3anu4oYvnAUlqGlpLw9a3bsuC5A+F24C+jxKaMX7
QYcsalAYdxQaGkOiG7vvhz0/Yy4pMR3xYCKYcS01vZxxP8mJPVI6X/gEH0lFrZHC
w0mQTmyTJZVElhp6RJGIg3AgOP4mTvlOrl1tekVihKhFs+DFr4R5QaDQni84r6YG
Jes6yQ5XU3Ai3a5U78ceeJU=
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:24:38 2025 by rpki-client