Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/D9OViOUA1-461O4zttxUuu7lHv0.roa
File: D9OViOUA1-461O4zttxUuu7lHv0.roa (raw, json)
Hash identifier: 2itBNaHzhENVRyOefdMh6N1RENcyUMqY/eAvQKNqorQ=
Subject key identifier: 0F:D3:95:88:E5:00:D7:EE:3A:D4:EE:33:B6:DC:54:BA:EE:E5:1E:FD
Certificate issuer: /CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
Certificate serial: 01942067EA82FADEF99195D61E174FDCB34A
Authority key identifier: 91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/D9OViOUA1-461O4zttxUuu7lHv0.roa
Signing time: Wed 01 Jan 2025 05:47:48 +0000
ROA not before: Wed 01 Jan 2025 05:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198584
IP address blocks: 45.135.192.0/24 maxlen: 24
45.153.33.0/24 maxlen: 24
92.246.87.0/24 maxlen: 24
195.62.32.0/24 maxlen: 24
2a10:ca80::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft
rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 11:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:ea:82:fa:de:f9:91:95:d6:1e:17:4f:dc:b3:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
Validity
Not Before: Jan 1 05:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0fd39588e500d7ee3ad4ee33b6dc54baeee51efd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ff:6a:a4:d4:e1:b3:bd:28:0b:88:77:82:17:
38:15:ec:38:5e:80:54:09:2c:a0:ed:6d:38:cf:ed:
aa:dc:02:47:a7:2f:23:20:fc:99:8c:d5:2e:f3:da:
8c:44:48:f3:62:4d:fc:7a:0e:8b:e1:7f:70:fc:5f:
ef:bf:d4:12:29:62:ff:b6:f0:8c:95:b1:c2:65:c2:
a4:4e:23:f9:3f:b1:30:f6:94:8f:67:ad:f0:07:e5:
c1:0b:73:fe:01:e4:21:36:6a:bf:e1:9c:5f:81:04:
f1:b9:cd:c0:61:81:c6:d9:87:0d:38:70:39:c6:7a:
06:f3:79:87:f0:86:ea:34:d6:2d:9f:e7:f5:65:a0:
17:86:76:6a:50:a3:b0:78:f2:08:fc:c2:3b:4d:ae:
27:2b:7f:fd:cf:e4:1f:bc:16:cb:2a:c0:6c:91:83:
6b:8e:8d:99:40:e6:bd:71:0d:ab:e4:de:12:e9:ce:
1b:51:2a:d6:9e:12:b6:46:51:14:1f:3f:d5:55:9b:
11:d4:70:d0:b8:23:91:68:00:5d:e7:89:81:5f:59:
45:b2:d8:b0:ae:c3:e2:48:13:6f:81:22:ba:6a:09:
7b:b1:03:c4:6b:6b:63:eb:9a:60:3f:be:6a:88:b6:
ec:05:5b:2c:72:65:62:67:9e:8d:2e:bb:ae:df:c6:
79:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:D3:95:88:E5:00:D7:EE:3A:D4:EE:33:B6:DC:54:BA:EE:E5:1E:FD
X509v3 Authority Key Identifier:
keyid:91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/D9OViOUA1-461O4zttxUuu7lHv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.192.0/24
45.153.33.0/24
92.246.87.0/24
195.62.32.0/24
IPv6:
2a10:ca80::/48
Signature Algorithm: sha256WithRSAEncryption
6f:d4:93:98:6f:6c:40:a6:74:b0:53:a2:4e:1c:fd:5a:bd:a7:
35:d1:60:fa:8a:df:62:3c:39:a4:fd:50:45:d0:0e:54:78:07:
82:03:cd:a9:72:a7:eb:da:ac:8c:dd:29:ae:06:cf:5c:85:54:
b9:58:e3:bf:a2:6d:a9:f5:67:44:18:f2:df:68:57:5d:66:62:
9c:ac:a7:8a:c2:2d:70:4c:b0:cc:35:be:96:69:32:08:e5:94:
93:af:34:da:77:22:ce:ab:4d:10:ec:81:ca:04:80:45:82:f0:
79:d2:d9:09:c5:cb:75:e7:09:ac:7e:72:bc:f9:44:ff:7b:7c:
61:b6:df:20:54:d2:6a:9b:56:e4:aa:00:80:b1:fb:c4:35:42:
1a:08:13:9f:bd:c7:3f:15:37:66:dc:75:b4:64:b4:73:5e:e1:
37:cd:de:de:13:32:af:dd:6c:a7:89:ee:4c:3c:0c:43:96:2c:
de:ec:ca:a5:4d:c2:c0:18:e7:1b:f6:ad:0b:1d:8d:ab:81:11:
b3:37:a0:71:97:2a:6a:79:64:7b:47:32:6f:7f:12:17:15:3e:
73:2f:f6:50:ce:17:88:fa:55:0d:03:bb:60:32:e8:4c:cd:34:
5d:c8:69:91:62:0a:fb:d4:41:7a:6a:48:a0:a1:e6:ac:b8:69:
14:56:20:d9
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQgZ+qC+t75kZXWHhdP3LNKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDBjNzhjMzA5YTNlOTlkYzlhYjc0ZjJjZGMwNDg0ODU5
ZTc1MzAwHhcNMjUwMTAxMDU0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmQzOTU4OGU1MDBkN2VlM2FkNGVlMzNiNmRjNTRiYWVlZTUxZWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/9qpNThs70oC4h3ghc4Few4XoBU
CSyg7W04z+2q3AJHpy8jIPyZjNUu89qMREjzYk38eg6L4X9w/F/vv9QSKWL/tvCM
lbHCZcKkTiP5P7Ew9pSPZ63wB+XBC3P+AeQhNmq/4ZxfgQTxuc3AYYHG2YcNOHA5
xnoG83mH8IbqNNYtn+f1ZaAXhnZqUKOwePII/MI7Ta4nK3/9z+QfvBbLKsBskYNr
jo2ZQOa9cQ2r5N4S6c4bUSrWnhK2RlEUHz/VVZsR1HDQuCORaABd54mBX1lFstiw
rsPiSBNvgSK6agl7sQPEa2tj65pgP75qiLbsBVsscmViZ56NLruu38Z5hQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFA/TlYjlANfuOtTuM7bcVLru5R79MB8GA1UdIwQY
MBaAFJHQx4wwmj6Z3Jq3TyzcBISFnnUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEt
NDg1MmM4ZmY4YWYyLzEvRDlPVmlPVUExLTQ2MU80enR0eFV1dTdsSHYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEtNDg1MmM4ZmY4YWYy
LzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQALYfAAwQA
LZkhAwQAXPZXAwQAwz4gMA8EAgACMAkDBwAqEMqAAAAwDQYJKoZIhvcNAQELBQAD
ggEBAG/Uk5hvbECmdLBTok4c/Vq9pzXRYPqK32I8OaT9UEXQDlR4B4IDzalyp+va
rIzdKa4Gz1yFVLlY47+iban1Z0QY8t9oV11mYpysp4rCLXBMsMw1vpZpMgjllJOv
NNp3Is6rTRDsgcoEgEWC8HnS2QnFy3XnCax+crz5RP97fGG23yBU0mqbVuSqAICx
+8Q1QhoIE5+9xz8VN2bcdbRktHNe4TfN3t4TMq/dbKeJ7kw8DEOWLN7syqVNwsAY
5xv2rQsdjauBEbM3oHGXKmp5ZHtHMm9/EhcVPnMv9lDOF4j6VQ0Du2Ay6EzNNF3I
aZFiCvvUQXpqSKCh5qy4aRRWINk=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:33:20 2025 by rpki-client