Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/daf212-f009-4bd4-874d-624c3e788cdf/1/H_s46FVu3VtqmBdzQOsgFtOpwm4.roa
File: H_s46FVu3VtqmBdzQOsgFtOpwm4.roa (raw, json)
Hash identifier: xXfRZ05adaRJT3b+JBMiwuYhoS+v9eiqRiPqJaWYY3s=
Subject key identifier: 1F:FB:38:E8:55:6E:DD:5B:6A:98:17:73:40:EB:20:16:D3:A9:C2:6E
Certificate issuer: /CN=b660d78320860d5efe729e208b5eb4b2abebe078
Certificate serial: 0194266C27D22C6AAAAF3A4D0A4AD2BAB104
Authority key identifier: B6:60:D7:83:20:86:0D:5E:FE:72:9E:20:8B:5E:B4:B2:AB:EB:E0:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tmDXgyCGDV7-cp4gi160sqvr4Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/daf212-f009-4bd4-874d-624c3e788cdf/1/H_s46FVu3VtqmBdzQOsgFtOpwm4.roa
Signing time: Thu 02 Jan 2025 09:50:09 +0000
ROA not before: Thu 02 Jan 2025 09:50:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51198
IP address blocks: 45.132.8.0/24 maxlen: 24
45.132.9.0/24 maxlen: 24
45.132.10.0/24 maxlen: 24
45.132.11.0/24 maxlen: 24
185.179.179.0/24 maxlen: 24
2a0e:6540::/29 maxlen: 29
2a0e:6542::/32 maxlen: 32
2a13:7d00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/daf212-f009-4bd4-874d-624c3e788cdf/1/tmDXgyCGDV7-cp4gi160sqvr4Hg.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/daf212-f009-4bd4-874d-624c3e788cdf/1/tmDXgyCGDV7-cp4gi160sqvr4Hg.mft
rsync://rpki.ripe.net/repository/DEFAULT/tmDXgyCGDV7-cp4gi160sqvr4Hg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:27:d2:2c:6a:aa:af:3a:4d:0a:4a:d2:ba:b1:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b660d78320860d5efe729e208b5eb4b2abebe078
Validity
Not Before: Jan 2 09:50:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ffb38e8556edd5b6a98177340eb2016d3a9c26e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:4e:45:45:42:4d:e8:51:cb:45:5f:f5:56:71:
ce:92:34:49:39:8d:78:d5:ab:84:e4:cf:de:7c:0a:
c2:ce:eb:99:6c:7f:8e:a9:82:d9:9a:55:58:4b:e9:
5c:34:ce:76:19:78:42:a3:2a:67:78:9f:7d:b4:95:
14:d8:a4:e7:74:c6:50:8a:db:d8:02:68:48:58:2e:
75:32:55:12:65:20:65:4d:67:75:3f:56:5e:68:91:
ac:d9:60:c7:3d:01:32:24:c9:cc:31:8f:3b:da:6e:
00:f7:f4:5a:73:26:5f:88:03:85:8e:c2:dd:0b:79:
ce:5f:73:d1:f7:b1:c2:0a:65:44:17:30:b6:ad:16:
c9:3c:01:85:27:d4:4b:b3:8f:cf:82:29:bb:71:3c:
76:2e:08:51:f8:b2:b5:ff:0f:60:6b:71:50:d4:a1:
16:de:ef:1a:57:01:7c:2e:d8:f3:e3:9a:e1:6a:fc:
24:f5:77:2f:48:58:78:df:79:82:68:7b:36:1f:df:
17:5a:50:c5:9b:71:68:40:4e:b0:07:61:81:31:57:
63:6f:77:68:da:7e:f6:3e:76:37:62:26:a3:e5:94:
51:cb:b8:07:2e:4c:d6:d3:49:45:11:c1:e9:21:e6:
e9:0e:65:0f:c8:a4:84:52:c8:c2:c6:5a:2d:83:0b:
da:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:FB:38:E8:55:6E:DD:5B:6A:98:17:73:40:EB:20:16:D3:A9:C2:6E
X509v3 Authority Key Identifier:
keyid:B6:60:D7:83:20:86:0D:5E:FE:72:9E:20:8B:5E:B4:B2:AB:EB:E0:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tmDXgyCGDV7-cp4gi160sqvr4Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/daf212-f009-4bd4-874d-624c3e788cdf/1/H_s46FVu3VtqmBdzQOsgFtOpwm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/daf212-f009-4bd4-874d-624c3e788cdf/1/tmDXgyCGDV7-cp4gi160sqvr4Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.8.0/22
185.179.179.0/24
IPv6:
2a0e:6540::/29
2a13:7d00::/29
Signature Algorithm: sha256WithRSAEncryption
a1:a8:25:d6:cb:82:ea:e1:01:e0:3c:a5:22:70:06:94:74:8b:
09:8b:9f:16:ab:7d:a1:5a:ba:8b:a0:81:19:47:69:5c:90:5f:
72:5c:6a:f2:cf:7f:09:33:c8:1a:6d:91:2a:30:49:68:b6:1d:
31:19:46:45:31:02:bc:95:e7:87:85:b2:a8:99:ff:7a:e8:cd:
45:d7:13:39:c1:bb:33:b9:77:50:22:df:a4:b4:fb:14:20:ed:
fc:26:77:fe:e0:5d:8e:46:41:53:3b:67:a6:5e:f7:53:30:57:
d0:61:b9:d0:48:b2:86:f3:8e:64:d6:56:79:8f:89:ad:17:f2:
47:ff:ad:73:b4:d4:93:2e:f3:d1:2c:24:7a:d0:db:e2:ea:7e:
b6:48:49:76:1a:74:a1:8b:b6:e9:f3:76:da:84:16:05:97:73:
4e:96:9a:0a:49:27:d5:43:79:0e:ac:9b:19:da:3f:fe:bb:1d:
b4:a9:f7:2e:d2:ee:e3:52:8f:1c:87:85:7e:1b:a8:4a:13:f5:
15:2e:97:7b:e9:67:2b:2f:73:99:9b:4a:46:89:a6:66:46:08:
62:4d:86:18:19:ca:5e:65:35:22:ec:f9:10:6c:ea:73:aa:dc:
8a:21:f7:14:46:7f:bf:a3:63:38:9e:b1:9c:44:c9:45:b1:27:
92:f0:7c:19
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQmbCfSLGqqrzpNCkrSurEEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2NjBkNzgzMjA4NjBkNWVmZTcyOWUyMDhiNWViNGIyYWJl
YmUwNzgwHhcNMjUwMTAyMDk1MDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmZiMzhlODU1NmVkZDViNmE5ODE3NzM0MGViMjAxNmQzYTljMjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwE5FRUJN6FHLRV/1VnHOkjRJOY14
1auE5M/efArCzuuZbH+OqYLZmlVYS+lcNM52GXhCoypneJ99tJUU2KTndMZQitvY
AmhIWC51MlUSZSBlTWd1P1ZeaJGs2WDHPQEyJMnMMY872m4A9/RacyZfiAOFjsLd
C3nOX3PR97HCCmVEFzC2rRbJPAGFJ9RLs4/Pgim7cTx2LghR+LK1/w9ga3FQ1KEW
3u8aVwF8Ltjz45rhavwk9XcvSFh433mCaHs2H98XWlDFm3FoQE6wB2GBMVdjb3do
2n72PnY3Yiaj5ZRRy7gHLkzW00lFEcHpIebpDmUPyKSEUsjCxlotgwva9QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFB/7OOhVbt1bapgXc0DrIBbTqcJuMB8GA1UdIwQY
MBaAFLZg14Mghg1e/nKeIItetLKr6+B4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG1EWGd5Q0dEVjctY3A0Z2kxNjBzcXZyNEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9kYWYyMTItZjAwOS00YmQ0LTg3NGQt
NjI0YzNlNzg4Y2RmLzEvSF9zNDZGVnUzVnRxbUJkelFPc2dGdE9wd200LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9kYWYyMTItZjAwOS00YmQ0LTg3NGQtNjI0YzNlNzg4Y2Rm
LzEvdG1EWGd5Q0dEVjctY3A0Z2kxNjBzcXZyNEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLYQIAwQA
ubOzMBQEAgACMA4DBQMqDmVAAwUDKhN9ADANBgkqhkiG9w0BAQsFAAOCAQEAoagl
1suC6uEB4DylInAGlHSLCYufFqt9oVq6i6CBGUdpXJBfclxq8s9/CTPIGm2RKjBJ
aLYdMRlGRTECvJXnh4WyqJn/eujNRdcTOcG7M7l3UCLfpLT7FCDt/CZ3/uBdjkZB
Uztnpl73UzBX0GG50EiyhvOOZNZWeY+JrRfyR/+tc7TUky7z0SwketDb4up+tkhJ
dhp0oYu26fN22oQWBZdzTpaaCkkn1UN5DqybGdo//rsdtKn3LtLu41KPHIeFfhuo
ShP1FS6Xe+lnKy9zmZtKRommZkYIYk2GGBnKXmU1Iuz5EGzqc6rciiH3FEZ/v6Nj
OJ6xnETJRbEnkvB8GQ==
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:53:56 2025 by rpki-client