Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/4ZkOjFgV2e1KUp75jUuP6ECC2BM.roa
File: 4ZkOjFgV2e1KUp75jUuP6ECC2BM.roa (raw, json)
Hash identifier: b0PHTG66aimbIBfguAdcJY06hB30GFciT6o7o6hXolE=
Subject key identifier: E1:99:0E:8C:58:15:D9:ED:4A:52:9E:F9:8D:4B:8F:E8:40:82:D8:13
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 0194214409ACA9F383D9B01BBB28BFFD7FDC
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/4ZkOjFgV2e1KUp75jUuP6ECC2BM.roa
Signing time: Wed 01 Jan 2025 09:48:14 +0000
ROA not before: Wed 01 Jan 2025 09:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58061
IP address blocks: 5.182.117.0/24 maxlen: 24
31.40.250.0/24 maxlen: 24
31.222.230.0/24 maxlen: 24
37.72.128.0/24 maxlen: 24
45.129.197.0/24 maxlen: 24
62.204.52.0/24 maxlen: 24
77.83.193.0/24 maxlen: 24
78.142.238.0/24 maxlen: 24
91.212.103.0/24 maxlen: 24
91.242.234.0/24 maxlen: 24
130.255.172.0/24 maxlen: 24
130.255.175.0/24 maxlen: 24
185.251.22.0/24 maxlen: 24
185.253.4.0/24 maxlen: 24
193.17.88.0/24 maxlen: 24
193.42.119.0/24 maxlen: 24
193.201.10.0/24 maxlen: 24
194.69.164.0/24 maxlen: 24
195.64.127.0/24 maxlen: 24
195.96.159.0/24 maxlen: 24
212.24.120.0/24 maxlen: 24
212.52.18.0/24 maxlen: 24
212.107.26.0/24 maxlen: 24
213.109.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:09:ac:a9:f3:83:d9:b0:1b:bb:28:bf:fd:7f:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jan 1 09:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e1990e8c5815d9ed4a529ef98d4b8fe84082d813
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:7a:dd:ad:ee:f7:6e:e8:21:0f:90:bd:b9:d4:
b8:49:66:4e:d5:75:fc:35:12:72:90:ce:47:9c:90:
b4:3e:a6:01:40:c8:8b:c6:23:47:c8:59:74:5b:95:
f2:d8:e3:b5:91:83:7c:6f:f2:66:50:97:87:52:19:
4d:bc:3f:f8:06:ce:d5:fd:9f:2b:2b:d8:11:93:7e:
52:84:e9:5d:11:30:6f:e6:33:2c:93:f7:02:09:5b:
10:c1:e5:cd:9b:76:91:03:57:15:ea:8f:17:f2:86:
62:bc:76:47:57:3d:cc:ed:fc:d1:8a:79:d0:a1:f5:
c2:cf:dd:7e:ce:26:9d:a5:6c:07:09:b8:6d:89:b1:
6f:33:b0:7a:ae:d3:2e:2a:b2:61:18:40:09:30:56:
74:94:c1:0d:ce:f7:c8:50:ba:e4:7a:55:9c:4f:26:
ca:ac:4b:3f:f0:31:35:c3:f6:5d:94:71:7d:aa:27:
63:29:11:ea:45:91:e7:86:67:95:d7:b9:aa:c2:0e:
34:e6:5e:66:dc:17:4c:39:bc:d1:76:0d:a3:d8:f3:
b1:9a:6e:4e:d3:9e:dc:4f:ba:40:cb:b4:53:6b:c0:
2d:1d:17:13:18:66:6f:21:44:23:ef:fa:c3:bc:c3:
bf:02:dc:8c:b1:eb:cd:dc:50:56:a4:1d:67:0e:85:
cb:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:99:0E:8C:58:15:D9:ED:4A:52:9E:F9:8D:4B:8F:E8:40:82:D8:13
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/4ZkOjFgV2e1KUp75jUuP6ECC2BM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.117.0/24
31.40.250.0/24
31.222.230.0/24
37.72.128.0/24
45.129.197.0/24
62.204.52.0/24
77.83.193.0/24
78.142.238.0/24
91.212.103.0/24
91.242.234.0/24
130.255.172.0/24
130.255.175.0/24
185.251.22.0/24
185.253.4.0/24
193.17.88.0/24
193.42.119.0/24
193.201.10.0/24
194.69.164.0/24
195.64.127.0/24
195.96.159.0/24
212.24.120.0/24
212.52.18.0/24
212.107.26.0/24
213.109.153.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:d3:6c:9f:73:85:b5:60:87:52:93:5b:2f:c9:23:69:ba:c9:
d7:68:81:35:33:b0:80:dc:fd:b9:f0:7c:14:c1:e1:2b:c0:3b:
d3:98:ae:95:50:6c:59:2f:6c:8c:0c:69:dd:40:24:99:8b:0b:
95:d1:ef:e6:50:6c:d8:f4:68:ed:41:8c:37:c2:f8:a3:e9:3c:
da:a5:c7:b7:4d:87:aa:23:13:4c:02:cf:8d:62:a9:48:d6:f4:
73:0c:d9:dd:6d:13:cd:d1:21:5d:f0:eb:5b:e7:4a:a7:86:f9:
63:fc:6b:42:df:c1:3e:2a:7e:7b:ab:32:71:bc:2e:02:4b:30:
33:cc:6c:12:3e:15:fe:bd:dd:8f:f7:e9:48:6c:93:a5:fe:73:
9c:ff:22:23:2b:9e:3c:3f:ce:1a:8a:f8:6e:d2:60:68:e5:51:
f0:c5:f8:a8:4f:76:10:04:74:12:7d:84:3f:bd:b8:c7:d1:77:
01:35:47:50:ae:0e:ac:5c:f7:4c:f7:e1:35:43:3c:f5:0b:78:
91:cd:34:f6:18:9a:9b:27:31:fa:ac:80:06:c0:f2:c1:7c:0d:
90:33:71:cc:19:72:08:0d:55:98:c7:aa:b6:ae:2b:be:37:aa:
10:8d:85:65:a0:34:23:ea:ea:66:18:42:0e:43:ce:6a:26:6a:
67:38:95:d4
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAZQhRAmsqfOD2bAbuyi//X/cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwMTAxMDk0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTk5MGU4YzU4MTVkOWVkNGE1MjllZjk4ZDRiOGZlODQwODJkODEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA63rdre73bughD5C9udS4SWZO1XX8
NRJykM5HnJC0PqYBQMiLxiNHyFl0W5Xy2OO1kYN8b/JmUJeHUhlNvD/4Bs7V/Z8r
K9gRk35ShOldETBv5jMsk/cCCVsQweXNm3aRA1cV6o8X8oZivHZHVz3M7fzRinnQ
ofXCz91+ziadpWwHCbhtibFvM7B6rtMuKrJhGEAJMFZ0lMENzvfIULrkelWcTybK
rEs/8DE1w/ZdlHF9qidjKRHqRZHnhmeV17mqwg405l5m3BdMObzRdg2j2POxmm5O
057cT7pAy7RTa8AtHRcTGGZvIUQj7/rDvMO/AtyMsevN3FBWpB1nDoXL9wIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFOGZDoxYFdntSlKe+Y1Lj+hAgtgTMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvNFprT2pGZ1YyZTFLVXA3NWpVdVA2RUNDMkJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBAAF
tnUDBAAfKPoDBAAf3uYDBAAlSIADBAAtgcUDBAA+zDQDBABNU8EDBABOju4DBABb
1GcDBABb8uoDBACC/6wDBACC/68DBAC5+xYDBAC5/QQDBADBEVgDBADBKncDBADB
yQoDBADCRaQDBADDQH8DBADDYJ8DBADUGHgDBADUNBIDBADUaxoDBADVbZkwDQYJ
KoZIhvcNAQELBQADggEBAC3TbJ9zhbVgh1KTWy/JI2m6yddogTUzsIDc/bnwfBTB
4SvAO9OYrpVQbFkvbIwMad1AJJmLC5XR7+ZQbNj0aO1BjDfC+KPpPNqlx7dNh6oj
E0wCz41iqUjW9HMM2d1tE83RIV3w61vnSqeG+WP8a0LfwT4qfnurMnG8LgJLMDPM
bBI+Ff693Y/36Uhsk6X+c5z/IiMrnjw/zhqK+G7SYGjlUfDF+KhPdhAEdBJ9hD+9
uMfRdwE1R1CuDqxc90z34TVDPPULeJHNNPYYmpsnMfqsgAbA8sF8DZAzccwZcggN
VZjHqrauK743qhCNhWWgNCPq6mYYQg5Dzmomamc4ldQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:15:18 2025 by rpki-client