Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/alu_mr0SbHu87BQrWPxTd_isXuk.roa
File: alu_mr0SbHu87BQrWPxTd_isXuk.roa (raw, json)
Hash identifier: hY1T2LexYb2QH15xhVKDuD/K+aFR2eKzFF17sn5hwoo=
Subject key identifier: 6A:5B:BF:9A:BD:12:6C:7B:BC:EC:14:2B:58:FC:53:77:F8:AC:5E:E9
Certificate issuer: /CN=c1d369e66cdbe30d7b3aff6081f20c17a98fdc5b
Certificate serial: 019420D64B0406EB1FB8BD414F83E2381D1E
Authority key identifier: C1:D3:69:E6:6C:DB:E3:0D:7B:3A:FF:60:81:F2:0C:17:A9:8F:DC:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/alu_mr0SbHu87BQrWPxTd_isXuk.roa
Signing time: Wed 01 Jan 2025 07:48:22 +0000
ROA not before: Wed 01 Jan 2025 07:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211381
IP address blocks: 45.88.76.0/24 maxlen: 24
45.88.105.0/24 maxlen: 24
45.91.200.0/24 maxlen: 24
45.91.201.0/24 maxlen: 24
45.91.202.0/24 maxlen: 24
45.132.107.0/24 maxlen: 24
45.147.196.0/24 maxlen: 24
77.83.175.0/24 maxlen: 24
91.211.248.0/24 maxlen: 24
91.211.249.0/24 maxlen: 24
91.211.250.0/24 maxlen: 24
92.119.114.0/24 maxlen: 24
95.215.204.0/24 maxlen: 24
95.215.206.0/24 maxlen: 24
95.215.207.0/24 maxlen: 24
185.203.240.0/24 maxlen: 24
185.203.241.0/24 maxlen: 24
185.209.20.0/24 maxlen: 24
185.209.21.0/24 maxlen: 24
185.219.81.0/24 maxlen: 24
185.219.83.0/24 maxlen: 24
185.224.132.0/24 maxlen: 24
185.231.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:4b:04:06:eb:1f:b8:bd:41:4f:83:e2:38:1d:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1d369e66cdbe30d7b3aff6081f20c17a98fdc5b
Validity
Not Before: Jan 1 07:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a5bbf9abd126c7bbcec142b58fc5377f8ac5ee9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ac:1d:6e:df:78:77:7f:33:f3:52:d4:ea:c9:
33:12:91:2e:4d:d0:79:73:48:64:93:29:93:86:19:
6a:58:f9:6b:dd:ae:40:d0:84:43:f1:79:c1:ff:83:
b4:dd:5e:ca:a6:6f:0f:0c:1d:4b:b8:2d:45:43:c3:
a0:2c:c6:6c:8c:f1:f5:f1:b4:35:1b:08:68:7a:68:
9b:21:a9:5c:02:92:da:37:64:68:43:a6:29:d3:63:
bf:ef:03:46:d7:3f:ee:51:67:59:2f:a3:b5:5c:62:
4f:87:96:e6:00:02:ad:df:34:34:50:4e:9a:f5:41:
8d:59:69:c9:cc:35:eb:db:29:e5:cc:0c:4d:6d:48:
4e:c8:87:cd:43:fa:3f:d6:82:b6:1b:ed:9e:71:bc:
35:3d:f2:10:84:7f:c9:40:f6:ea:0d:ee:60:ee:32:
c5:80:71:f2:14:d7:43:4d:de:61:e8:17:5d:a2:7d:
e1:91:9e:c7:7b:e6:af:5e:1b:11:91:11:c8:69:24:
2d:63:3b:44:22:de:d0:8d:42:96:8b:bf:dd:03:9b:
fb:da:66:9b:79:63:97:d6:f8:98:66:49:c9:dc:58:
8c:32:94:94:fc:43:c1:7d:95:c5:67:5f:bc:33:61:
c2:57:68:e0:18:7c:29:3f:57:11:19:fc:57:18:0c:
6f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:5B:BF:9A:BD:12:6C:7B:BC:EC:14:2B:58:FC:53:77:F8:AC:5E:E9
X509v3 Authority Key Identifier:
keyid:C1:D3:69:E6:6C:DB:E3:0D:7B:3A:FF:60:81:F2:0C:17:A9:8F:DC:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/alu_mr0SbHu87BQrWPxTd_isXuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.76.0/24
45.88.105.0/24
45.91.200.0-45.91.202.255
45.132.107.0/24
45.147.196.0/24
77.83.175.0/24
91.211.248.0-91.211.250.255
92.119.114.0/24
95.215.204.0/24
95.215.206.0/23
185.203.240.0/23
185.209.20.0/23
185.219.81.0/24
185.219.83.0/24
185.224.132.0/24
185.231.69.0/24
Signature Algorithm: sha256WithRSAEncryption
84:e8:98:27:74:7b:3f:2c:02:4e:21:b2:f4:65:66:0d:d9:7a:
f2:0e:f0:e0:cb:5d:0b:6c:d7:b6:35:11:7b:c1:7a:4b:69:b9:
7d:06:be:97:10:43:49:5e:4b:4d:8b:9a:c3:68:cf:7b:5d:f3:
1f:92:1d:5e:f4:ff:dd:9c:78:21:e3:98:12:6c:d6:86:35:89:
e3:ad:89:32:e8:9a:7d:fb:b8:8a:4d:26:6b:4d:08:ad:c8:26:
35:28:e5:e9:9f:d3:53:a7:11:d9:ca:c7:0b:11:ca:f2:04:83:
69:32:8c:a4:80:96:1f:1c:08:d2:9a:6d:c4:99:2b:e9:df:ae:
40:b5:1b:ab:2d:21:61:c9:a9:6e:ab:41:dd:00:bd:52:c2:e8:
dd:4a:c7:4e:c2:e5:0b:f0:c6:0f:ad:95:92:6b:8c:fa:0b:b1:
67:cd:96:ae:78:ea:4c:6b:91:5d:32:10:68:e7:20:b1:ef:0c:
17:2b:f0:90:d7:9b:58:26:c0:51:4c:91:50:bd:08:78:1f:35:
4a:01:a5:70:97:a8:45:04:44:53:ab:85:54:a7:c8:8b:70:c2:
57:da:1c:16:75:98:37:6d:ee:d2:4e:97:29:a2:6b:7b:08:70:
df:83:c5:96:c4:d1:b8:2a:19:6c:48:06:d2:e4:e5:95:28:bb:
8e:48:d9:6e
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZQg1ksEBusfuL1BT4PiOB0eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZDM2OWU2NmNkYmUzMGQ3YjNhZmY2MDgxZjIwYzE3YTk4
ZmRjNWIwHhcNMjUwMTAxMDc0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTViYmY5YWJkMTI2YzdiYmNlYzE0MmI1OGZjNTM3N2Y4YWM1ZWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqwdbt94d38z81LU6skzEpEuTdB5
c0hkkymThhlqWPlr3a5A0IRD8XnB/4O03V7Kpm8PDB1LuC1FQ8OgLMZsjPH18bQ1
GwhoemibIalcApLaN2RoQ6Yp02O/7wNG1z/uUWdZL6O1XGJPh5bmAAKt3zQ0UE6a
9UGNWWnJzDXr2ynlzAxNbUhOyIfNQ/o/1oK2G+2ecbw1PfIQhH/JQPbqDe5g7jLF
gHHyFNdDTd5h6Bddon3hkZ7He+avXhsRkRHIaSQtYztEIt7QjUKWi7/dA5v72mab
eWOX1viYZknJ3FiMMpSU/EPBfZXFZ1+8M2HCV2jgGHwpP1cRGfxXGAxvQQIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFGpbv5q9Emx7vOwUK1j8U3f4rF7pMB8GA1UdIwQY
MBaAFMHTaeZs2+MNezr/YIHyDBepj9xbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2ROcDVtemI0dzE3T3Y5Z2dmSU1GNm1QM0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yMjQzNTEtM2E0Ny00MDE0LWIzOTUt
YTYzNDc5NjEwOTY4LzEvYWx1X21yMFNiSHU4N0JRcldQeFRkX2lzWHVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yMjQzNTEtM2E0Ny00MDE0LWIzOTUtYTYzNDc5NjEwOTY4
LzEvd2ROcDVtemI0dzE3T3Y5Z2dmSU1GNm1QM0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAC1YTAME
AC1YaTAMAwQDLVvIAwQALVvKAwQALYRrAwQALZPEAwQATVOvMAwDBANb0/gDBABb
0/oDBABcd3IDBABf18wDBAFf184DBAG5y/ADBAG50RQDBAC521EDBAC521MDBAC5
4IQDBAC550UwDQYJKoZIhvcNAQELBQADggEBAITomCd0ez8sAk4hsvRlZg3ZevIO
8ODLXQts17Y1EXvBektpuX0GvpcQQ0leS02LmsNoz3td8x+SHV70/92ceCHjmBJs
1oY1ieOtiTLomn37uIpNJmtNCK3IJjUo5emf01OnEdnKxwsRyvIEg2kyjKSAlh8c
CNKabcSZK+nfrkC1G6stIWHJqW6rQd0AvVLC6N1Kx07C5Qvwxg+tlZJrjPoLsWfN
lq546kxrkV0yEGjnILHvDBcr8JDXm1gmwFFMkVC9CHgfNUoBpXCXqEUERFOrhVSn
yItwwlfaHBZ1mDdt7tJOlymia3sIcN+DxZbE0bgqGWxIBtLk5ZUou45I2W4=
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:49:47 2025 by rpki-client