Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/9dd5mW5P3p0P81Wc3Brq5XNWtjQ.roa
File: 9dd5mW5P3p0P81Wc3Brq5XNWtjQ.roa (raw, json)
Hash identifier: N5xCMOFSZOI4OxST45DCEb63e4+Pq/g9vi5wqxe99jI=
Subject key identifier: F5:D7:79:99:6E:4F:DE:9D:0F:F3:55:9C:DC:1A:EA:E5:73:56:B6:34
Certificate issuer: /CN=c1d369e66cdbe30d7b3aff6081f20c17a98fdc5b
Certificate serial: 019420D64A042D79B856870EF64A0E1D8A3E
Authority key identifier: C1:D3:69:E6:6C:DB:E3:0D:7B:3A:FF:60:81:F2:0C:17:A9:8F:DC:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/9dd5mW5P3p0P81Wc3Brq5XNWtjQ.roa
Signing time: Wed 01 Jan 2025 07:48:22 +0000
ROA not before: Wed 01 Jan 2025 07:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204601
IP address blocks: 45.88.78.0/24 maxlen: 24
81.91.176.0/24 maxlen: 24
81.91.177.0/24 maxlen: 24
81.91.178.0/24 maxlen: 24
81.91.179.0/24 maxlen: 24
95.215.205.0/24 maxlen: 24
103.246.144.0/24 maxlen: 24
103.246.145.0/24 maxlen: 24
103.246.146.0/24 maxlen: 24
103.246.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:4a:04:2d:79:b8:56:87:0e:f6:4a:0e:1d:8a:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1d369e66cdbe30d7b3aff6081f20c17a98fdc5b
Validity
Not Before: Jan 1 07:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f5d779996e4fde9d0ff3559cdc1aeae57356b634
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:79:f0:2e:06:66:f2:bc:4d:83:9d:60:bb:c6:
35:91:91:14:9a:83:70:a2:47:7f:61:d9:ea:43:89:
94:fe:8f:b2:f4:d3:58:91:f8:81:a9:0e:2a:f3:91:
0f:f0:8c:2d:4a:ee:57:dd:22:0d:d6:4e:75:8b:6a:
fa:02:d7:2a:07:e9:60:68:9c:2b:df:08:7c:78:61:
f7:b4:5f:15:76:e5:db:93:57:b7:b3:95:5f:df:fe:
54:b3:fe:1e:ca:7e:84:b6:d3:3c:83:23:33:d9:73:
62:5c:d7:b7:94:fe:e3:ff:e2:b9:59:ce:da:b3:21:
ca:21:da:aa:2a:3a:da:e1:84:e1:9f:36:e8:d6:02:
15:2d:88:b4:78:8b:bd:e6:a3:62:73:df:d0:be:5c:
3f:bb:a7:2f:ce:6e:37:81:55:2e:79:e7:ac:50:ab:
cc:41:95:26:1f:dd:18:de:0f:d6:67:91:8d:52:4a:
62:ae:9b:5c:b8:53:47:47:18:bf:79:32:b8:4e:82:
34:47:4d:26:6a:71:d9:74:2a:ce:a1:c6:9a:43:05:
8b:ef:0a:16:78:01:a3:fb:59:87:ee:04:c0:67:b7:
7e:7a:ac:ce:ac:9a:34:36:aa:2f:04:48:8f:cf:4f:
ce:a1:4e:53:00:1f:92:f6:03:60:69:b9:4f:dd:aa:
1b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:D7:79:99:6E:4F:DE:9D:0F:F3:55:9C:DC:1A:EA:E5:73:56:B6:34
X509v3 Authority Key Identifier:
keyid:C1:D3:69:E6:6C:DB:E3:0D:7B:3A:FF:60:81:F2:0C:17:A9:8F:DC:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/9dd5mW5P3p0P81Wc3Brq5XNWtjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.78.0/24
81.91.176.0/22
95.215.205.0/24
103.246.144.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:99:3a:b9:29:6f:1e:59:11:88:2f:c0:8d:5c:1b:5e:7f:57:
f4:e1:d4:52:19:f9:2a:2c:15:f6:20:38:6f:11:96:f4:42:84:
c3:3d:1f:a1:af:4e:05:d0:71:c5:97:9b:a3:5b:10:7c:13:d6:
64:ef:e7:22:80:dc:88:b9:8c:8d:03:49:61:d9:d1:44:23:45:
fb:40:2c:69:9e:7b:d1:f2:24:2a:fb:64:71:b3:d9:25:b8:5a:
10:e5:57:0b:d9:27:a1:f2:c5:11:97:da:92:84:51:9a:29:8d:
e9:a9:26:dd:2f:bc:69:c2:9c:f9:84:e3:bf:05:01:70:1e:ac:
64:17:cf:94:01:7f:74:9b:8f:75:f9:9b:d8:03:e1:0f:d0:80:
48:cc:b1:73:3c:95:02:13:75:29:37:1c:f7:37:92:2b:70:e0:
68:bc:96:91:c1:21:e5:12:36:08:49:6c:ab:b7:31:8f:14:23:
31:0c:bd:98:7e:d6:4c:93:92:ea:63:00:72:57:9d:c0:e9:fc:
f7:67:ac:cc:fa:fb:c1:cf:b7:6b:8d:03:d9:96:b3:fc:5f:7e:
5b:f3:5d:17:fb:bf:a6:0e:80:39:1f:c3:74:26:d5:06:d9:11:
78:19:c1:34:ed:d9:a4:b7:88:aa:2c:57:77:b4:ee:bd:d8:7a:
17:63:1e:00
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQg1koELXm4VocO9koOHYo+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZDM2OWU2NmNkYmUzMGQ3YjNhZmY2MDgxZjIwYzE3YTk4
ZmRjNWIwHhcNMjUwMTAxMDc0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWQ3Nzk5OTZlNGZkZTlkMGZmMzU1OWNkYzFhZWFlNTczNTZiNjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHnwLgZm8rxNg51gu8Y1kZEUmoNw
okd/YdnqQ4mU/o+y9NNYkfiBqQ4q85EP8IwtSu5X3SIN1k51i2r6AtcqB+lgaJwr
3wh8eGH3tF8VduXbk1e3s5Vf3/5Us/4eyn6EttM8gyMz2XNiXNe3lP7j/+K5Wc7a
syHKIdqqKjra4YThnzbo1gIVLYi0eIu95qNic9/Qvlw/u6cvzm43gVUueeesUKvM
QZUmH90Y3g/WZ5GNUkpirptcuFNHRxi/eTK4ToI0R00manHZdCrOocaaQwWL7woW
eAGj+1mH7gTAZ7d+eqzOrJo0NqovBEiPz0/OoU5TAB+S9gNgablP3aobXQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPXXeZluT96dD/NVnNwa6uVzVrY0MB8GA1UdIwQY
MBaAFMHTaeZs2+MNezr/YIHyDBepj9xbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2ROcDVtemI0dzE3T3Y5Z2dmSU1GNm1QM0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yMjQzNTEtM2E0Ny00MDE0LWIzOTUt
YTYzNDc5NjEwOTY4LzEvOWRkNW1XNVAzcDBQODFXYzNCcnE1WE5XdGpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yMjQzNTEtM2E0Ny00MDE0LWIzOTUtYTYzNDc5NjEwOTY4
LzEvd2ROcDVtemI0dzE3T3Y5Z2dmSU1GNm1QM0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVhOAwQC
UVuwAwQAX9fNAwQCZ/aQMA0GCSqGSIb3DQEBCwUAA4IBAQBdmTq5KW8eWRGIL8CN
XBtef1f04dRSGfkqLBX2IDhvEZb0QoTDPR+hr04F0HHFl5ujWxB8E9Zk7+cigNyI
uYyNA0lh2dFEI0X7QCxpnnvR8iQq+2Rxs9kluFoQ5VcL2Seh8sURl9qShFGaKY3p
qSbdL7xpwpz5hOO/BQFwHqxkF8+UAX90m491+ZvYA+EP0IBIzLFzPJUCE3UpNxz3
N5IrcOBovJaRwSHlEjYISWyrtzGPFCMxDL2YftZMk5LqYwByV53A6fz3Z6zM+vvB
z7drjQPZlrP8X35b810X+7+mDoA5H8N0JtUG2RF4GcE07dmkt4iqLFd3tO692HoX
Yx4A
-----END CERTIFICATE-----
Generated at Wed Apr 16 21:12:46 2025 by rpki-client