Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/CkMelDZYJ8wLYR1cBeOcNR-SbG4.roa
File: CkMelDZYJ8wLYR1cBeOcNR-SbG4.roa (raw, json)
Hash identifier: 6DRW9xC/bgUNN/0DP+fJRep1JSUrKnuaZJm7l+ZDw18=
Subject key identifier: 0A:43:1E:94:36:58:27:CC:0B:61:1D:5C:05:E3:9C:35:1F:92:6C:6E
Certificate issuer: /CN=03cbdb0595fc48902938a78f42c1eaf0a159bf46
Certificate serial: 01958E408E04B0E6A7EA4A1753DBB985CB33
Authority key identifier: 03:CB:DB:05:95:FC:48:90:29:38:A7:8F:42:C1:EA:F0:A1:59:BF:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/CkMelDZYJ8wLYR1cBeOcNR-SbG4.roa
Signing time: Thu 13 Mar 2025 06:45:50 +0000
ROA not before: Thu 13 Mar 2025 06:45:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203936
IP address blocks: 45.148.73.0/24 maxlen: 24
45.148.74.0/23 maxlen: 24
45.148.74.0/24 maxlen: 24
45.148.75.0/24 maxlen: 24
185.118.188.0/22 maxlen: 24
185.128.60.0/22 maxlen: 22
185.237.136.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/A8vbBZX8SJApOKePQsHq8KFZv0Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/A8vbBZX8SJApOKePQsHq8KFZv0Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 12:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8e:40:8e:04:b0:e6:a7:ea:4a:17:53:db:b9:85:cb:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03cbdb0595fc48902938a78f42c1eaf0a159bf46
Validity
Not Before: Mar 13 06:45:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a431e94365827cc0b611d5c05e39c351f926c6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:90:d9:25:7a:b3:22:6f:e4:da:a6:c9:91:0c:
33:10:65:d4:0f:5f:5f:e5:bd:53:6d:dd:5e:60:e5:
d9:8e:85:b3:e0:c7:18:c1:20:9f:53:54:15:36:84:
01:79:de:95:64:f4:f8:8f:3a:a6:77:01:4e:53:61:
af:4e:d0:b2:12:69:0a:92:c9:00:6c:13:f9:5a:f4:
1e:2c:be:c7:d7:0a:f5:2c:5c:96:ee:63:cb:fe:30:
47:ba:8d:6f:9d:53:61:b0:32:e0:57:3a:f7:30:be:
af:ca:6a:86:8f:1e:13:f0:b8:af:91:5f:81:00:a3:
02:d7:f7:ad:9d:b4:b8:d2:e9:0f:d4:52:4e:df:73:
74:fb:9d:ba:ae:eb:97:30:ef:b6:73:f2:bd:2c:5e:
d2:87:38:f6:1b:70:8d:cc:f0:d2:95:f6:32:f7:0d:
73:b4:dd:93:fc:67:54:74:9f:34:d2:ce:ad:c6:40:
da:44:47:a7:90:9a:c6:11:b9:5c:4a:da:3d:a0:d1:
95:3c:23:67:53:11:48:f1:cf:95:dd:11:c6:82:f6:
5d:41:16:ee:dd:3c:97:6a:c9:d7:54:de:16:e7:fc:
fc:59:84:ea:3d:d2:fa:77:47:5f:a5:3c:7c:5c:66:
a4:fc:1c:e9:25:1b:f7:7d:4e:18:05:1e:9d:2b:19:
ab:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:43:1E:94:36:58:27:CC:0B:61:1D:5C:05:E3:9C:35:1F:92:6C:6E
X509v3 Authority Key Identifier:
keyid:03:CB:DB:05:95:FC:48:90:29:38:A7:8F:42:C1:EA:F0:A1:59:BF:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/CkMelDZYJ8wLYR1cBeOcNR-SbG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/A8vbBZX8SJApOKePQsHq8KFZv0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.73.0-45.148.75.255
185.118.188.0/22
185.128.60.0/22
185.237.136.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:8d:1c:ff:69:50:31:a9:1f:a6:a3:ab:65:48:54:8d:a7:dd:
53:0e:7d:3d:61:8f:a6:a3:7f:92:75:d7:38:37:10:95:4f:c8:
a9:f4:5d:55:c2:98:ed:32:cc:98:a0:d7:2c:5c:e4:22:12:f7:
a6:85:d0:b4:a3:bf:25:1d:4a:22:93:40:22:17:7a:e9:d2:a2:
6b:8b:d6:68:a3:d8:fc:19:9e:c2:8c:d3:03:e2:23:e7:48:66:
2d:44:8b:9d:87:fb:95:ae:82:70:0a:80:f1:d9:91:63:91:4b:
b4:f3:56:fd:b4:a8:60:bd:0b:6c:72:70:f4:5e:1c:3a:c5:53:
95:a5:b0:75:54:63:f6:47:ab:32:e9:6e:18:05:81:13:c1:af:
ec:82:68:71:4a:c8:13:a6:78:a4:19:32:36:dd:7a:e9:56:73:
2f:3b:71:a6:65:be:54:cd:c9:4b:7f:f4:a2:51:57:72:40:d5:
0c:54:9b:36:43:40:f1:c5:44:9c:ce:25:55:79:8d:5d:47:14:
41:81:40:bb:d5:ab:2b:c2:11:12:cf:c8:32:ae:a2:1a:ae:74:
cf:43:3c:2a:eb:b7:72:98:41:63:d7:ba:92:79:93:3c:b2:a7:
f7:9d:c9:c1:80:3e:ee:84:ab:fd:2d:54:12:86:a6:61:64:c3:
27:be:51:d8
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZWOQI4EsOan6koXU9u5hcszMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzY2JkYjA1OTVmYzQ4OTAyOTM4YTc4ZjQyYzFlYWYwYTE1
OWJmNDYwHhcNMjUwMzEzMDY0NTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTQzMWU5NDM2NTgyN2NjMGI2MTFkNWMwNWUzOWMzNTFmOTI2YzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppDZJXqzIm/k2qbJkQwzEGXUD19f
5b1Tbd1eYOXZjoWz4McYwSCfU1QVNoQBed6VZPT4jzqmdwFOU2GvTtCyEmkKkskA
bBP5WvQeLL7H1wr1LFyW7mPL/jBHuo1vnVNhsDLgVzr3ML6vymqGjx4T8LivkV+B
AKMC1/etnbS40ukP1FJO33N0+526ruuXMO+2c/K9LF7Shzj2G3CNzPDSlfYy9w1z
tN2T/GdUdJ800s6txkDaREenkJrGEblcSto9oNGVPCNnUxFI8c+V3RHGgvZdQRbu
3TyXasnXVN4W5/z8WYTqPdL6d0dfpTx8XGak/BzpJRv3fU4YBR6dKxmr8QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFApDHpQ2WCfMC2EdXAXjnDUfkmxuMB8GA1UdIwQY
MBaAFAPL2wWV/EiQKTinj0LB6vChWb9GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTh2YkJaWDhTSkFwT0tlUFFzSHE4S0ZadjBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80YTdkN2YtODg2ZC00YmRmLTgzZDYt
ZjY2MTM4MDY2MzU4LzEvQ2tNZWxEWllKOHdMWVIxY0JlT2NOUi1TYkc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My80YTdkN2YtODg2ZC00YmRmLTgzZDYtZjY2MTM4MDY2MzU4
LzEvQTh2YkJaWDhTSkFwT0tlUFFzSHE4S0ZadjBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAAtlEkD
BAItlEgDBAK5drwDBAK5gDwDBAK57YgwDQYJKoZIhvcNAQELBQADggEBADyNHP9p
UDGpH6ajq2VIVI2n3VMOfT1hj6ajf5J11zg3EJVPyKn0XVXCmO0yzJig1yxc5CIS
96aF0LSjvyUdSiKTQCIXeunSomuL1mij2PwZnsKM0wPiI+dIZi1Ei52H+5WugnAK
gPHZkWORS7TzVv20qGC9C2xycPReHDrFU5WlsHVUY/ZHqzLpbhgFgRPBr+yCaHFK
yBOmeKQZMjbdeulWcy87caZlvlTNyUt/9KJRV3JA1QxUmzZDQPHFRJzOJVV5jV1H
FEGBQLvVqyvCERLPyDKuohqudM9DPCrrt3KYQWPXupJ5kzyyp/edycGAPu6Eq/0t
VBKGpmFkwye+Udg=
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:56:20 2025 by rpki-client