Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/SvD0YrflKZtrg8ajsXRYlZShlIQ.roa
File: SvD0YrflKZtrg8ajsXRYlZShlIQ.roa (raw, json)
Hash identifier: BCIwz2vY2jLgYS7z7fY4QU/HwErNwcVpkosUz//VdPM=
Subject key identifier: 4A:F0:F4:62:B7:E5:29:9B:6B:83:C6:A3:B1:74:58:95:94:A1:94:84
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 01958345ECB98E5C879951573A36BEB210E7
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/SvD0YrflKZtrg8ajsXRYlZShlIQ.roa
Signing time: Tue 11 Mar 2025 03:35:52 +0000
ROA not before: Tue 11 Mar 2025 03:35:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 149457
IP address blocks: 45.134.145.0/24 maxlen: 24
103.100.168.0/24 maxlen: 24
185.233.18.0/24 maxlen: 24
193.107.218.0/24 maxlen: 24
202.71.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.mft
rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 06:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:83:45:ec:b9:8e:5c:87:99:51:57:3a:36:be:b2:10:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Mar 11 03:35:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4af0f462b7e5299b6b83c6a3b174589594a19484
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ec:22:f0:d4:84:45:53:d7:d0:89:3b:39:2a:
83:2f:21:24:f7:00:b7:d1:ed:a8:82:9e:cf:c2:b9:
27:1f:91:f8:0d:a5:d3:6e:67:e4:c2:8f:fd:cc:ab:
ba:38:51:e5:cb:7a:f4:9e:ba:29:08:60:87:85:ca:
90:38:ff:39:08:e4:11:4f:9d:35:ec:ed:1b:ad:b1:
3a:5e:e8:ba:80:0a:c3:95:c9:8e:6c:35:28:8f:7f:
37:0c:a4:1c:d3:f0:31:2d:64:12:73:36:52:92:c3:
8c:07:a3:81:21:1d:7a:57:fe:47:23:3b:70:b6:e5:
07:5a:f5:6e:9c:40:85:9e:52:3c:ad:e9:64:bf:9c:
13:00:5a:22:8a:77:0c:0a:1d:c0:11:db:dc:7c:89:
fe:12:e1:f3:51:ef:6d:8d:34:45:03:44:84:fe:25:
6c:45:2f:af:72:50:c1:52:80:96:6c:8d:f5:9f:1f:
8e:59:72:61:3b:61:fe:0b:e6:40:41:5d:9e:79:1a:
ca:20:f0:e9:fd:04:13:6f:78:fc:9d:8a:89:08:c4:
8f:d2:86:62:d0:a1:34:41:82:63:1f:de:1d:ad:48:
57:a2:35:55:cd:49:f1:a3:ed:96:ad:93:57:e2:ac:
a8:de:5e:b6:a1:6a:6d:46:de:73:25:2b:d6:30:9d:
60:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:F0:F4:62:B7:E5:29:9B:6B:83:C6:A3:B1:74:58:95:94:A1:94:84
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/SvD0YrflKZtrg8ajsXRYlZShlIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.145.0/24
103.100.168.0/24
185.233.18.0/24
193.107.218.0/24
202.71.5.0/24
Signature Algorithm: sha256WithRSAEncryption
81:23:b7:3d:bd:8f:29:2f:3c:56:d1:a9:39:49:5c:66:d4:4d:
2b:37:fa:cc:06:36:66:b3:fe:3e:07:15:9f:61:40:71:f9:7f:
b1:83:0c:5f:2c:11:2a:6d:b1:ab:65:65:08:40:d8:a7:76:0c:
3d:ba:eb:23:02:90:cc:98:66:d4:dc:be:3a:65:63:18:b9:92:
b0:ef:0f:90:55:a0:2a:f7:84:1b:0e:a6:64:8d:85:9f:b4:90:
a8:97:94:00:66:9e:5e:43:fe:5d:06:66:a9:81:f5:9b:61:3d:
58:9d:fd:76:de:6a:4c:ec:4f:36:e7:6d:42:c6:ff:ea:c1:27:
cb:c1:f3:00:29:2b:87:87:dc:72:74:aa:e3:0d:10:b1:fe:61:
eb:c5:a9:b7:d5:75:74:bf:57:1e:9f:3d:a4:aa:1f:9d:a7:e2:
e0:66:75:88:09:4f:2b:c2:d4:16:f1:fb:ac:a8:a6:0f:fc:23:
49:95:86:6e:46:b8:c7:d3:61:8d:10:78:44:e2:b6:97:aa:02:
78:65:cd:68:3d:72:a0:b6:08:3d:6a:06:ab:74:7f:cc:0e:d6:
56:ec:9a:9c:d2:4e:de:c2:a6:b1:d6:88:bc:1d:c0:a5:ea:1b:
0d:9c:0c:de:1a:f8:98:4f:d5:ab:3b:97:f8:76:c5:82:4d:5e:
c5:1a:67:26
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZWDRey5jlyHmVFXOja+shDnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjUwMzExMDMzNTUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWYwZjQ2MmI3ZTUyOTliNmI4M2M2YTNiMTc0NTg5NTk0YTE5NDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+wi8NSERVPX0Ik7OSqDLyEk9wC3
0e2ogp7PwrknH5H4DaXTbmfkwo/9zKu6OFHly3r0nropCGCHhcqQOP85COQRT501
7O0brbE6Xui6gArDlcmObDUoj383DKQc0/AxLWQSczZSksOMB6OBIR16V/5HIztw
tuUHWvVunECFnlI8relkv5wTAFoiincMCh3AEdvcfIn+EuHzUe9tjTRFA0SE/iVs
RS+vclDBUoCWbI31nx+OWXJhO2H+C+ZAQV2eeRrKIPDp/QQTb3j8nYqJCMSP0oZi
0KE0QYJjH94drUhXojVVzUnxo+2WrZNX4qyo3l62oWptRt5zJSvWMJ1gxQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFErw9GK35Smba4PGo7F0WJWUoZSEMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvU3ZEMFlyZmxLWnRyZzhhanNYUllsWlNobElRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALYaRAwQA
Z2SoAwQAuekSAwQAwWvaAwQAykcFMA0GCSqGSIb3DQEBCwUAA4IBAQCBI7c9vY8p
LzxW0ak5SVxm1E0rN/rMBjZms/4+BxWfYUBx+X+xgwxfLBEqbbGrZWUIQNindgw9
uusjApDMmGbU3L46ZWMYuZKw7w+QVaAq94QbDqZkjYWftJCol5QAZp5eQ/5dBmap
gfWbYT1Ynf123mpM7E82521Cxv/qwSfLwfMAKSuHh9xydKrjDRCx/mHrxam31XV0
v1cenz2kqh+dp+LgZnWICU8rwtQW8fusqKYP/CNJlYZuRrjH02GNEHhE4raXqgJ4
Zc1oPXKgtgg9agardH/MDtZW7Jqc0k7ewqax1oi8HcCl6hsNnAzeGviYT9WrO5f4
dsWCTV7FGmcm
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:45:46 2025 by rpki-client