Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/b1282f-71c5-47e7-aea1-4d05498aa97d/1/SvV3htVhXEPI7wFXdPP_R5R2jOo.roa
File: SvV3htVhXEPI7wFXdPP_R5R2jOo.roa (raw, json)
Hash identifier: ADbpdowWW8HzIQ0XmIe2lqnPixhQxjU2ME36RexdQ8I=
Subject key identifier: 4A:F5:77:86:D5:61:5C:43:C8:EF:01:57:74:F3:FF:47:94:76:8C:EA
Certificate issuer: /CN=b0f8a885f7776d2ab99bb4f20e84d306e0394aa3
Certificate serial: 019426D9AABE13213F317F72574DE0A71068
Authority key identifier: B0:F8:A8:85:F7:77:6D:2A:B9:9B:B4:F2:0E:84:D3:06:E0:39:4A:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPiohfd3bSq5m7TyDoTTBuA5SqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/b1282f-71c5-47e7-aea1-4d05498aa97d/1/SvV3htVhXEPI7wFXdPP_R5R2jOo.roa
Signing time: Thu 02 Jan 2025 11:49:46 +0000
ROA not before: Thu 02 Jan 2025 11:49:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48305
IP address blocks: 45.148.0.0/22 maxlen: 22
91.242.128.0/22 maxlen: 24
91.242.128.0/24 maxlen: 24
91.242.130.0/23 maxlen: 23
91.242.132.0/22 maxlen: 24
91.242.133.0/24 maxlen: 24
185.86.184.0/22 maxlen: 22
2a03:77e0:3301::/48 maxlen: 48
2a03:77e0:3302::/48 maxlen: 48
2a03:77e0:4401::/48 maxlen: 48
2a03:77e0:5301::/48 maxlen: 48
2a0f:4400::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/b1282f-71c5-47e7-aea1-4d05498aa97d/1/sPiohfd3bSq5m7TyDoTTBuA5SqM.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/b1282f-71c5-47e7-aea1-4d05498aa97d/1/sPiohfd3bSq5m7TyDoTTBuA5SqM.mft
rsync://rpki.ripe.net/repository/DEFAULT/sPiohfd3bSq5m7TyDoTTBuA5SqM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 20:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:aa:be:13:21:3f:31:7f:72:57:4d:e0:a7:10:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0f8a885f7776d2ab99bb4f20e84d306e0394aa3
Validity
Not Before: Jan 2 11:49:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4af57786d5615c43c8ef015774f3ff4794768cea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:78:55:b9:03:fc:ea:ca:49:46:41:fe:eb:99:
38:1e:6a:72:80:77:9c:c1:8e:98:78:b9:29:d1:73:
2a:ba:d0:b8:a1:a8:14:8c:f4:da:7b:6b:c3:fb:97:
dd:8f:9c:83:13:b2:43:4a:fc:67:40:f8:95:e8:ed:
0a:d0:a9:16:1b:c8:28:32:d2:52:50:27:be:93:c2:
75:5d:8d:a0:c7:95:73:91:54:22:9d:20:eb:47:32:
89:53:12:d2:6e:67:77:2e:bc:ec:a2:2d:81:27:46:
44:f8:43:ff:ef:b4:c8:42:ec:0f:75:41:ff:df:c3:
dd:64:56:3d:1b:46:c4:79:72:eb:59:7e:a7:6f:51:
93:68:6b:a9:d4:15:1f:bc:29:bf:67:ca:fe:ad:70:
06:66:1e:37:14:26:87:9b:cc:62:0a:33:7b:dc:8c:
ad:c2:72:c6:ab:ee:5c:8b:6e:39:35:64:96:82:88:
62:69:d3:9d:2e:74:c1:8e:59:09:04:c9:00:d8:36:
41:c2:de:2d:4c:c1:39:a5:b9:29:0b:9f:60:76:56:
f6:e4:93:4c:78:8a:0a:d6:bb:d5:c6:0e:4f:f5:68:
2f:74:c9:f0:f0:b3:a3:9b:77:dd:b5:e2:2c:0f:bc:
0a:7d:c6:21:2a:21:b4:7f:9a:d6:72:d9:34:9c:3e:
42:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:F5:77:86:D5:61:5C:43:C8:EF:01:57:74:F3:FF:47:94:76:8C:EA
X509v3 Authority Key Identifier:
keyid:B0:F8:A8:85:F7:77:6D:2A:B9:9B:B4:F2:0E:84:D3:06:E0:39:4A:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPiohfd3bSq5m7TyDoTTBuA5SqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/b1282f-71c5-47e7-aea1-4d05498aa97d/1/SvV3htVhXEPI7wFXdPP_R5R2jOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/b1282f-71c5-47e7-aea1-4d05498aa97d/1/sPiohfd3bSq5m7TyDoTTBuA5SqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.0.0/22
91.242.128.0/21
185.86.184.0/22
IPv6:
2a03:77e0:3301::-2a03:77e0:3302:ffff:ffff:ffff:ffff:ffff
2a03:77e0:4401::/48
2a03:77e0:5301::/48
2a0f:4400::/29
Signature Algorithm: sha256WithRSAEncryption
2a:3a:9c:f9:bc:49:a1:97:90:7e:6c:ab:b3:db:e6:0f:5f:3f:
c7:9a:51:a1:fa:2e:a6:82:71:cb:19:c7:70:a7:f0:79:b1:02:
05:28:0d:c1:30:5c:16:d1:d8:ef:3a:c0:7f:68:ac:d4:44:48:
6e:f2:ea:c6:72:dd:d2:fa:5b:4d:9e:d2:42:80:52:0c:39:46:
bd:a4:f7:bd:cf:77:f2:2d:4a:74:92:63:a8:ad:f7:56:1c:db:
51:99:c4:80:9d:d3:5d:2f:1e:7e:03:9c:7b:fc:79:48:b3:aa:
fc:04:11:ab:3d:94:78:9b:a0:4e:0f:86:33:25:88:87:cd:b3:
3e:73:25:8b:af:9f:82:8a:1c:1e:36:6e:f7:f6:04:aa:03:3a:
46:ec:92:6f:a9:17:4b:9d:2d:50:80:63:b2:43:3e:a6:31:a7:
9b:47:61:64:8e:91:9d:b0:cb:43:fb:95:9c:df:95:6f:2b:7c:
9d:99:a0:f9:a1:26:67:f1:af:39:71:6c:94:4e:4a:54:32:bc:
de:d5:49:ff:51:10:aa:a6:f9:1c:2e:48:4a:3d:64:92:2a:74:
56:7c:3b:86:3e:a7:68:ae:9c:b6:c9:6d:ef:1c:ce:d8:df:d0:
c3:6f:d3:0a:e3:98:bc:12:30:a0:8f:f3:eb:9a:c1:e2:e4:62:
65:c2:1d:48
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZQm2aq+EyE/MX9yV03gpxBoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZjhhODg1Zjc3NzZkMmFiOTliYjRmMjBlODRkMzA2ZTAz
OTRhYTMwHhcNMjUwMTAyMTE0OTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWY1Nzc4NmQ1NjE1YzQzYzhlZjAxNTc3NGYzZmY0Nzk0NzY4Y2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnhVuQP86spJRkH+65k4HmpygHec
wY6YeLkp0XMqutC4oagUjPTae2vD+5fdj5yDE7JDSvxnQPiV6O0K0KkWG8goMtJS
UCe+k8J1XY2gx5VzkVQinSDrRzKJUxLSbmd3Lrzsoi2BJ0ZE+EP/77TIQuwPdUH/
38PdZFY9G0bEeXLrWX6nb1GTaGup1BUfvCm/Z8r+rXAGZh43FCaHm8xiCjN73Iyt
wnLGq+5ci245NWSWgohiadOdLnTBjlkJBMkA2DZBwt4tTME5pbkpC59gdlb25JNM
eIoK1rvVxg5P9WgvdMnw8LOjm3fdteIsD7wKfcYhKiG0f5rWctk0nD5CvwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFEr1d4bVYVxDyO8BV3Tz/0eUdozqMB8GA1UdIwQY
MBaAFLD4qIX3d20quZu08g6E0wbgOUqjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1Bpb2hmZDNiU3E1bTdUeURvVFRCdUE1U3FNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9iMTI4MmYtNzFjNS00N2U3LWFlYTEt
NGQwNTQ5OGFhOTdkLzEvU3ZWM2h0VmhYRVBJN3dGWGRQUF9SNVIyak9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9iMTI4MmYtNzFjNS00N2U3LWFlYTEtNGQwNTQ5OGFhOTdk
LzEvc1Bpb2hmZDNiU3E1bTdUeURvVFRCdUE1U3FNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAYBAIAATASAwQCLZQAAwQD
W/KAAwQCuVa4MDMEAgACMC0wEgMHACoDd+AzAQMHACoDd+AzAgMHACoDd+BEAQMH
ACoDd+BTAQMFAyoPRAAwDQYJKoZIhvcNAQELBQADggEBACo6nPm8SaGXkH5sq7Pb
5g9fP8eaUaH6LqaCccsZx3Cn8HmxAgUoDcEwXBbR2O86wH9orNRESG7y6sZy3dL6
W02e0kKAUgw5Rr2k973Pd/ItSnSSY6it91Yc21GZxICd010vHn4DnHv8eUizqvwE
Eas9lHiboE4PhjMliIfNsz5zJYuvn4KKHB42bvf2BKoDOkbskm+pF0udLVCAY7JD
PqYxp5tHYWSOkZ2wy0P7lZzflW8rfJ2ZoPmhJmfxrzlxbJROSlQyvN7VSf9REKqm
+RwuSEo9ZJIqdFZ8O4Y+p2iunLbJbe8cztjf0MNv0wrjmLwSMKCP8+uaweLkYmXC
HUg=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:34 2025 by rpki-client