Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/gRpxZ9tPgRBVp8qdYzJqgIxd2nc.roa
File: gRpxZ9tPgRBVp8qdYzJqgIxd2nc.roa (raw, json)
Hash identifier: 83UGnHR1vvpOBiG28c0LTC7t5cOOarvTlEqPeJagnUo=
Subject key identifier: 81:1A:71:67:DB:4F:81:10:55:A7:CA:9D:63:32:6A:80:8C:5D:DA:77
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 019424B3A9AC7B79EF057C15B2D6E4C68F55
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/gRpxZ9tPgRBVp8qdYzJqgIxd2nc.roa
Signing time: Thu 02 Jan 2025 01:49:01 +0000
ROA not before: Thu 02 Jan 2025 01:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 328867
IP address blocks: 45.158.254.0/24 maxlen: 24
85.92.112.0/24 maxlen: 24
185.243.7.0/24 maxlen: 24
185.245.0.0/24 maxlen: 24
194.62.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.mft
rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 21:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:a9:ac:7b:79:ef:05:7c:15:b2:d6:e4:c6:8f:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Jan 2 01:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=811a7167db4f811055a7ca9d63326a808c5dda77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:49:e6:75:a4:8f:d2:9c:a4:36:b3:81:0c:b1:
f1:e6:be:69:70:ce:29:74:c3:3d:0c:02:5c:a7:b5:
f8:77:42:a1:e2:79:27:e3:42:34:47:b0:6b:16:71:
77:60:c4:e9:5c:78:e6:03:59:12:00:a3:4b:6b:1d:
16:79:a2:84:dd:4f:48:fe:6b:28:eb:ce:fa:65:c0:
56:1f:30:a0:b4:58:5f:29:f8:bc:22:71:f2:4d:e3:
de:ff:85:20:05:d0:f0:dc:35:c2:32:32:14:89:b8:
a0:f8:e0:a9:33:8a:24:7f:19:7b:46:84:4e:ea:7f:
31:46:75:26:47:c3:4b:be:dd:33:87:84:1c:9a:03:
b0:18:c4:2b:88:41:80:ef:fb:c8:f1:bb:e5:71:3c:
8c:d4:71:d3:ea:10:e4:af:41:0f:7f:a1:e0:00:46:
a9:7f:98:4e:13:1d:25:b1:0a:b1:ec:05:38:2b:88:
f2:f8:c3:dc:d3:cc:56:f0:7e:c4:c7:8f:9a:84:f2:
fa:22:a4:f5:57:65:a3:e0:68:f1:74:49:d7:c9:f4:
6e:87:90:7a:70:77:ad:75:7c:1c:93:f0:88:87:9e:
55:d8:d7:e1:34:ae:2d:ab:85:ee:46:c4:00:b2:3e:
23:2f:d1:14:0e:1f:bc:29:2f:e2:3c:b2:e7:23:9e:
1c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:1A:71:67:DB:4F:81:10:55:A7:CA:9D:63:32:6A:80:8C:5D:DA:77
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/gRpxZ9tPgRBVp8qdYzJqgIxd2nc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.254.0/24
85.92.112.0/24
185.243.7.0/24
185.245.0.0/24
194.62.214.0/24
Signature Algorithm: sha256WithRSAEncryption
08:3d:bd:88:22:21:80:10:a1:df:0c:84:3e:ff:21:90:d7:54:
20:41:63:50:47:7a:1a:de:73:d6:b2:83:20:f2:f4:2d:a6:36:
0b:85:f9:8e:e4:86:31:29:bd:15:02:1a:62:20:9e:22:39:bf:
47:57:1e:7c:56:51:e5:13:7d:f8:f8:98:42:46:7c:16:cf:0d:
77:d9:94:42:03:5a:e6:c4:e2:1c:70:d1:eb:2c:ac:54:7e:95:
5e:8d:a9:9e:d0:3a:9a:a3:9d:b6:5b:55:71:ec:73:76:d9:84:
b2:dc:2b:96:28:67:21:7d:96:09:82:09:5d:ff:61:7a:45:c4:
96:a0:02:0c:30:bb:29:27:0f:a6:ec:41:17:89:94:08:11:13:
86:33:9e:64:89:71:d8:80:e7:de:0d:95:c4:be:c7:d7:87:dc:
0a:e0:7c:29:f3:27:4c:9e:b9:b3:f0:19:c5:e8:e6:ad:c6:de:
ff:05:41:0a:e6:98:9a:85:64:53:a3:ac:5a:9e:3e:34:7e:f3:
d1:10:db:65:d5:9f:b5:63:f4:af:7f:44:ac:ad:a6:f5:61:05:
ad:29:fe:8b:7c:2a:18:0f:1b:64:d8:8d:79:83:bb:ed:40:a2:
77:56:74:11:62:32:54:e7:b5:74:70:76:11:66:f5:76:b6:f3:
68:a7:1f:b5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQks6mse3nvBXwVstbkxo9VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjUwMTAyMDE0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTFhNzE2N2RiNGY4MTEwNTVhN2NhOWQ2MzMyNmE4MDhjNWRkYTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9knmdaSP0pykNrOBDLHx5r5pcM4p
dMM9DAJcp7X4d0Kh4nkn40I0R7BrFnF3YMTpXHjmA1kSAKNLax0WeaKE3U9I/mso
6876ZcBWHzCgtFhfKfi8InHyTePe/4UgBdDw3DXCMjIUibig+OCpM4okfxl7RoRO
6n8xRnUmR8NLvt0zh4QcmgOwGMQriEGA7/vI8bvlcTyM1HHT6hDkr0EPf6HgAEap
f5hOEx0lsQqx7AU4K4jy+MPc08xW8H7Ex4+ahPL6IqT1V2Wj4GjxdEnXyfRuh5B6
cHetdXwck/CIh55V2NfhNK4tq4XuRsQAsj4jL9EUDh+8KS/iPLLnI54caQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIEacWfbT4EQVafKnWMyaoCMXdp3MB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvZ1JweFo5dFBnUkJWcDhxZFl6SnFnSXhkMm5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALZ7+AwQA
VVxwAwQAufMHAwQAufUAAwQAwj7WMA0GCSqGSIb3DQEBCwUAA4IBAQAIPb2IIiGA
EKHfDIQ+/yGQ11QgQWNQR3oa3nPWsoMg8vQtpjYLhfmO5IYxKb0VAhpiIJ4iOb9H
Vx58VlHlE334+JhCRnwWzw132ZRCA1rmxOIccNHrLKxUfpVejame0Dqao522W1Vx
7HN22YSy3CuWKGchfZYJggld/2F6RcSWoAIMMLspJw+m7EEXiZQIEROGM55kiXHY
gOfeDZXEvsfXh9wK4Hwp8ydMnrmz8BnF6Oatxt7/BUEK5piahWRTo6xanj40fvPR
ENtl1Z+1Y/Svf0Ssrab1YQWtKf6LfCoYDxtk2I15g7vtQKJ3VnQRYjJU57V0cHYR
ZvV2tvNopx+1
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:56:44 2025 by rpki-client