Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/7943a0-ccab-4260-bd51-afe89aacc492/1/vIUD6qLiZhlDA8IvWgGD4RFZTgQ.roa
File: vIUD6qLiZhlDA8IvWgGD4RFZTgQ.roa (raw, json)
Hash identifier: 8f4c2O05sapdQ4wcaKqtNByBFKGfiB5rQ1o7fR58j44=
Subject key identifier: BC:85:03:EA:A2:E2:66:19:43:03:C2:2F:5A:01:83:E1:11:59:4E:04
Certificate issuer: /CN=92eff6162502ea3b52fd8ca3ae108d13d6bff652
Certificate serial: 019427476163557A35057DEBB1FE5E025A43
Authority key identifier: 92:EF:F6:16:25:02:EA:3B:52:FD:8C:A3:AE:10:8D:13:D6:BF:F6:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ku_2FiUC6jtS_YyjrhCNE9a_9lI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/7943a0-ccab-4260-bd51-afe89aacc492/1/vIUD6qLiZhlDA8IvWgGD4RFZTgQ.roa
Signing time: Thu 02 Jan 2025 13:49:36 +0000
ROA not before: Thu 02 Jan 2025 13:49:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60670
IP address blocks: 45.155.108.0/24 maxlen: 24
45.155.109.0/24 maxlen: 24
45.155.110.0/24 maxlen: 24
45.155.111.0/24 maxlen: 24
62.68.95.0/24 maxlen: 24
185.180.184.0/24 maxlen: 24
185.180.185.0/24 maxlen: 24
185.180.186.0/24 maxlen: 24
185.180.187.0/24 maxlen: 24
2a0a:ad80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/7943a0-ccab-4260-bd51-afe89aacc492/1/ku_2FiUC6jtS_YyjrhCNE9a_9lI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/7943a0-ccab-4260-bd51-afe89aacc492/1/ku_2FiUC6jtS_YyjrhCNE9a_9lI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ku_2FiUC6jtS_YyjrhCNE9a_9lI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 03:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:61:63:55:7a:35:05:7d:eb:b1:fe:5e:02:5a:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92eff6162502ea3b52fd8ca3ae108d13d6bff652
Validity
Not Before: Jan 2 13:49:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc8503eaa2e266194303c22f5a0183e111594e04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f9:c0:0d:8c:12:0a:ea:9a:32:bb:58:ed:28:
95:22:f0:b8:ce:9e:e3:4f:49:9b:83:6d:54:9c:4c:
23:98:0f:54:e0:8d:61:e6:61:77:f0:9b:eb:98:89:
a1:1b:3f:1f:1c:d2:2b:d0:7b:f9:24:78:12:73:8a:
d1:a6:2a:1d:c9:6a:c2:dc:84:58:5b:56:f5:f4:42:
a3:59:a8:0b:a9:f8:1a:68:ae:03:86:9c:24:6e:50:
cb:e7:76:7d:4d:28:76:90:5e:6e:f6:73:3f:a6:a8:
07:a0:2a:3d:5b:8b:8c:38:8c:b5:c9:58:fb:d3:d2:
1e:08:46:8e:ab:33:49:b7:5f:7a:c7:cc:d1:ff:aa:
d7:15:66:18:a8:a2:06:e5:20:34:41:e8:ae:ff:99:
a0:8f:9f:f6:7d:00:b1:4c:a3:0e:88:81:3a:4d:3f:
b4:72:0e:be:5d:f7:29:e6:d3:2d:c1:4d:d2:61:e7:
dd:bb:3d:86:ba:55:97:96:85:f4:86:1b:4f:94:79:
ad:91:b5:2c:2b:eb:dd:ef:f4:41:c0:b6:1e:cf:82:
33:23:d2:bd:51:58:2e:fd:c1:89:ce:d4:04:1c:97:
d3:35:da:b4:00:fc:78:6d:9b:52:87:47:96:68:fe:
42:44:e4:c6:62:63:ee:9a:08:ac:ef:5e:a6:21:19:
91:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:85:03:EA:A2:E2:66:19:43:03:C2:2F:5A:01:83:E1:11:59:4E:04
X509v3 Authority Key Identifier:
keyid:92:EF:F6:16:25:02:EA:3B:52:FD:8C:A3:AE:10:8D:13:D6:BF:F6:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ku_2FiUC6jtS_YyjrhCNE9a_9lI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/7943a0-ccab-4260-bd51-afe89aacc492/1/vIUD6qLiZhlDA8IvWgGD4RFZTgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/7943a0-ccab-4260-bd51-afe89aacc492/1/ku_2FiUC6jtS_YyjrhCNE9a_9lI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.108.0/22
62.68.95.0/24
185.180.184.0/22
IPv6:
2a0a:ad80::/29
Signature Algorithm: sha256WithRSAEncryption
87:11:96:84:35:e0:6c:e8:ed:ad:df:2c:13:b3:68:30:ab:e0:
fb:00:cd:f8:b0:0e:40:b6:85:a4:3f:70:1b:44:cd:2c:5c:fd:
08:87:02:16:1a:c2:e6:93:9a:a4:c6:96:fa:d1:71:ce:21:66:
f9:4e:80:5c:2a:bb:2d:64:c9:ad:93:06:53:fc:65:71:1c:28:
24:7f:ce:6b:46:37:2c:6a:b3:5f:4d:5f:88:bd:05:a9:d5:76:
ce:ca:89:fe:06:a4:a1:f1:ec:63:e4:00:15:48:a8:c2:c7:7b:
c6:9c:25:22:e9:ae:4d:00:86:e8:aa:dc:2b:d9:a4:40:ea:bf:
d4:ec:4a:e3:d7:2f:b9:9b:c2:66:73:39:c1:56:97:48:27:6f:
95:37:8a:aa:68:c8:ff:f8:06:41:3f:a6:24:57:e4:6f:6f:34:
72:34:5a:ad:65:c7:0e:4b:87:0c:79:83:07:97:c7:30:fd:f2:
57:1d:4d:9c:12:b2:5b:f5:af:68:a8:ac:d6:c0:23:c7:ac:93:
86:c2:37:6f:79:0e:53:c4:7d:2e:88:12:cc:60:0e:1c:b6:ca:
d9:ca:83:57:f7:15:25:eb:50:13:b3:9a:f8:58:1f:3c:40:9c:
41:64:6e:4a:da:6d:5c:34:35:61:46:c2:bc:ec:75:9c:85:47:
2d:02:5e:23
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQnR2FjVXo1BX3rsf5eAlpDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZWZmNjE2MjUwMmVhM2I1MmZkOGNhM2FlMTA4ZDEzZDZi
ZmY2NTIwHhcNMjUwMTAyMTM0OTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzg1MDNlYWEyZTI2NjE5NDMwM2MyMmY1YTAxODNlMTExNTk0ZTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPnADYwSCuqaMrtY7SiVIvC4zp7j
T0mbg21UnEwjmA9U4I1h5mF38JvrmImhGz8fHNIr0Hv5JHgSc4rRpiodyWrC3IRY
W1b19EKjWagLqfgaaK4DhpwkblDL53Z9TSh2kF5u9nM/pqgHoCo9W4uMOIy1yVj7
09IeCEaOqzNJt196x8zR/6rXFWYYqKIG5SA0Qeiu/5mgj5/2fQCxTKMOiIE6TT+0
cg6+Xfcp5tMtwU3SYefduz2GulWXloX0hhtPlHmtkbUsK+vd7/RBwLYez4IzI9K9
UVgu/cGJztQEHJfTNdq0APx4bZtSh0eWaP5CROTGYmPumgis716mIRmRzwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLyFA+qi4mYZQwPCL1oBg+ERWU4EMB8GA1UdIwQY
MBaAFJLv9hYlAuo7Uv2Mo64QjRPWv/ZSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3VfMkZpVUM2anRTX1l5anJoQ05FOWFfOWxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS83OTQzYTAtY2NhYi00MjYwLWJkNTEt
YWZlODlhYWNjNDkyLzEvdklVRDZxTGlaaGxEQThJdldnR0Q0UkZaVGdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS83OTQzYTAtY2NhYi00MjYwLWJkNTEtYWZlODlhYWNjNDky
LzEva3VfMkZpVUM2anRTX1l5anJoQ05FOWFfOWxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLZtsAwQA
PkRfAwQCubS4MA0EAgACMAcDBQMqCq2AMA0GCSqGSIb3DQEBCwUAA4IBAQCHEZaE
NeBs6O2t3ywTs2gwq+D7AM34sA5AtoWkP3AbRM0sXP0IhwIWGsLmk5qkxpb60XHO
IWb5ToBcKrstZMmtkwZT/GVxHCgkf85rRjcsarNfTV+IvQWp1XbOyon+BqSh8exj
5AAVSKjCx3vGnCUi6a5NAIboqtwr2aRA6r/U7Erj1y+5m8JmcznBVpdIJ2+VN4qq
aMj/+AZBP6YkV+RvbzRyNFqtZccOS4cMeYMHl8cw/fJXHU2cErJb9a9oqKzWwCPH
rJOGwjdveQ5TxH0uiBLMYA4ctsrZyoNX9xUl61ATs5r4WB88QJxBZG5K2m1cNDVh
RsK87HWchUctAl4j
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:12:39 2025 by rpki-client