Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/18soxXSUfAbHaiOUTFjxqAcj5Mo.roa
File: 18soxXSUfAbHaiOUTFjxqAcj5Mo.roa (raw, json)
Hash identifier: sqacOTiQfwXRVIPv/e5j51vS8dJOJUjEVlDCZQ2cJUo=
Subject key identifier: D7:CB:28:C5:74:94:7C:06:C7:6A:23:94:4C:58:F1:A8:07:23:E4:CA
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 01954784CCA54125FCA70E2BF13ED3A97851
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/18soxXSUfAbHaiOUTFjxqAcj5Mo.roa
Signing time: Thu 27 Feb 2025 13:07:20 +0000
ROA not before: Thu 27 Feb 2025 13:07:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199959
IP address blocks: 45.43.147.0/24 maxlen: 24
45.43.152.0/24 maxlen: 24
64.137.111.0/24 maxlen: 24
104.222.191.0/24 maxlen: 24
104.233.56.0/24 maxlen: 24
104.233.58.0/24 maxlen: 24
104.238.24.0/24 maxlen: 24
104.238.28.0/24 maxlen: 24
104.239.47.0/24 maxlen: 24
104.239.66.0/24 maxlen: 24
104.239.74.0/24 maxlen: 24
104.239.79.0/24 maxlen: 24
104.239.83.0/24 maxlen: 24
104.239.89.0/24 maxlen: 24
104.239.100.0/24 maxlen: 24
104.239.102.0/24 maxlen: 24
104.239.109.0/24 maxlen: 24
104.239.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Mar 2025 10:01:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:47:84:cc:a5:41:25:fc:a7:0e:2b:f1:3e:d3:a9:78:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Feb 27 13:07:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d7cb28c574947c06c76a23944c58f1a80723e4ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:8e:96:f5:23:d0:b5:ce:aa:4d:08:dc:01:b3:
4b:a0:ca:f2:da:39:83:d1:9a:f0:01:36:8b:97:9c:
a3:c5:b2:c7:28:aa:f3:af:ae:c4:95:74:d3:c7:fb:
2e:38:b0:e8:80:8a:e2:e3:7b:94:4a:4d:fc:4a:bf:
21:a3:40:00:46:da:ec:33:58:84:e9:12:ab:ad:40:
66:98:bd:ad:11:f0:52:63:27:72:07:3b:9b:4b:b7:
10:12:e5:6b:d7:04:70:66:76:9e:ae:ff:4e:37:6e:
50:b1:e3:e1:1d:a8:c1:98:c9:1b:61:f5:b7:37:39:
d4:46:6f:4f:f8:6a:42:85:ee:29:d7:44:0d:de:96:
8d:69:50:28:e3:13:9d:ea:d9:8e:ef:3e:99:ce:a7:
33:72:28:9d:d9:e8:25:8c:1e:8d:a3:0b:ac:01:10:
d1:fa:9a:b2:9e:e9:44:45:e3:83:f2:e7:27:f5:ad:
08:a3:93:fd:4f:bc:3a:3d:a3:dc:ac:fb:82:41:5f:
70:09:01:a6:17:ad:7c:d7:c9:f8:e5:5b:9f:da:0a:
7b:f1:67:32:82:6e:a0:74:35:42:b9:aa:16:41:4a:
94:cf:57:9e:4b:c3:6d:50:35:2e:91:95:78:49:2c:
b9:86:bd:89:5e:f5:a8:08:a8:9a:99:27:1b:27:f7:
0b:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:CB:28:C5:74:94:7C:06:C7:6A:23:94:4C:58:F1:A8:07:23:E4:CA
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/18soxXSUfAbHaiOUTFjxqAcj5Mo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.147.0/24
45.43.152.0/24
64.137.111.0/24
104.222.191.0/24
104.233.56.0/24
104.233.58.0/24
104.238.24.0/24
104.238.28.0/24
104.239.47.0/24
104.239.66.0/24
104.239.74.0/24
104.239.79.0/24
104.239.83.0/24
104.239.89.0/24
104.239.100.0/24
104.239.102.0/24
104.239.109.0/24
104.239.127.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:20:2e:e6:fd:60:ea:7b:44:84:29:df:cc:a8:2f:44:25:72:
9a:ff:04:cf:cc:17:1f:0d:ff:30:66:db:91:ab:60:df:63:1b:
af:7a:07:6f:9f:07:78:df:03:70:1a:34:18:d0:d1:ae:0c:5c:
01:e2:7c:21:69:3f:53:d6:58:0d:d1:b7:04:9f:88:39:09:a8:
40:b7:56:17:f9:34:e4:49:9d:1b:51:09:b7:86:08:7c:cf:d4:
a1:7e:d7:d6:c6:31:e2:07:fd:40:54:db:da:e5:85:3a:c2:33:
a3:e3:16:31:8f:5c:4b:6e:eb:87:b1:f7:f2:a0:b5:5b:1a:d6:
cb:d9:f3:5f:f3:d0:4f:4d:8b:c0:52:12:15:80:3b:40:8f:0d:
a5:e8:cd:06:8e:f2:39:c3:2a:59:10:16:db:da:ff:10:33:73:
d1:4f:21:54:d2:6b:76:80:e4:51:ac:dc:96:8f:23:41:9f:24:
e6:c1:77:9e:ef:8f:b6:df:05:c6:46:0f:4d:82:65:8f:ea:f1:
57:0b:fb:60:f7:ea:61:77:72:2c:60:eb:99:60:41:0c:f1:1d:
a8:e3:2f:be:1c:a2:c3:e0:cb:bf:b0:97:ad:f5:45:34:ca:8b:
1f:3f:fb:27:c4:8f:45:91:52:9d:68:cc:21:9c:2e:5c:28:8f:
af:90:2e:de
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZVHhMylQSX8pw4r8T7TqXhRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwMjI3MTMwNzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2NiMjhjNTc0OTQ3YzA2Yzc2YTIzOTQ0YzU4ZjFhODA3MjNlNGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyI6W9SPQtc6qTQjcAbNLoMry2jmD
0ZrwATaLl5yjxbLHKKrzr67ElXTTx/suOLDogIri43uUSk38Sr8ho0AARtrsM1iE
6RKrrUBmmL2tEfBSYydyBzubS7cQEuVr1wRwZnaerv9ON25QsePhHajBmMkbYfW3
NznURm9P+GpChe4p10QN3paNaVAo4xOd6tmO7z6Zzqczciid2egljB6NowusARDR
+pqynulEReOD8ucn9a0Io5P9T7w6PaPcrPuCQV9wCQGmF61818n45Vuf2gp78Wcy
gm6gdDVCuaoWQUqUz1eeS8NtUDUukZV4SSy5hr2JXvWoCKiamScbJ/cLEwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFNfLKMV0lHwGx2ojlExY8agHI+TKMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvMThzb3hYU1VmQWJIYWlPVVRGanhxQWNqNU1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAC0rkwME
AC0rmAMEAECJbwMEAGjevwMEAGjpOAMEAGjpOgMEAGjuGAMEAGjuHAMEAGjvLwME
AGjvQgMEAGjvSgMEAGjvTwMEAGjvUwMEAGjvWQMEAGjvZAMEAGjvZgMEAGjvbQME
AGjvfzANBgkqhkiG9w0BAQsFAAOCAQEAXCAu5v1g6ntEhCnfzKgvRCVymv8Ez8wX
Hw3/MGbbkatg32Mbr3oHb58HeN8DcBo0GNDRrgxcAeJ8IWk/U9ZYDdG3BJ+IOQmo
QLdWF/k05EmdG1EJt4YIfM/UoX7X1sYx4gf9QFTb2uWFOsIzo+MWMY9cS27rh7H3
8qC1WxrWy9nzX/PQT02LwFISFYA7QI8NpejNBo7yOcMqWRAW29r/EDNz0U8hVNJr
doDkUazclo8jQZ8k5sF3nu+Ptt8FxkYPTYJlj+rxVwv7YPfqYXdyLGDrmWBBDPEd
qOMvvhyiw+DLv7CXrfVFNMqLHz/7J8SPRZFSnWjMIZwuXCiPr5Au3g==
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:31:46 2025 by rpki-client