Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/P1enAagVReVC4UU407f4wV3uZIM.roa
File: P1enAagVReVC4UU407f4wV3uZIM.roa (raw, json)
Hash identifier: OGzKbFwWHZxnlvm2rccGby03FY0Oan7iNMoa0Gs9u3E=
Subject key identifier: 3F:57:A7:01:A8:15:45:E5:42:E1:45:38:D3:B7:F8:C1:5D:EE:64:83
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019421440DD995C5262A7E9A301E8612908C
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/P1enAagVReVC4UU407f4wV3uZIM.roa
Signing time: Wed 01 Jan 2025 09:48:15 +0000
ROA not before: Wed 01 Jan 2025 09:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 45.87.254.0/24 maxlen: 24
45.91.9.0/24 maxlen: 24
77.83.192.0/24 maxlen: 24
77.83.194.0/24 maxlen: 24
77.83.195.0/24 maxlen: 24
146.255.185.0/24 maxlen: 24
193.19.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:0d:d9:95:c5:26:2a:7e:9a:30:1e:86:12:90:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jan 1 09:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f57a701a81545e542e14538d3b7f8c15dee6483
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:43:61:2f:bd:cb:46:e9:ec:38:c9:58:c8:01:
1e:76:09:be:87:17:74:f7:a7:02:18:5c:5f:d9:83:
be:61:1b:a0:8f:47:fb:63:f0:24:8c:97:84:fb:a8:
24:87:7d:7b:81:ca:2a:b4:7c:86:66:08:52:da:7d:
88:d1:e8:9c:15:65:80:78:b7:25:eb:63:81:b1:5a:
bf:c0:5c:e2:f9:b8:26:78:2c:d1:75:1c:01:68:0d:
3d:f1:f0:22:e2:13:f1:e6:19:4a:7a:f2:83:7a:49:
f5:b5:eb:a8:49:1a:09:45:03:b6:2d:8e:f2:ba:1f:
22:1d:bb:f7:15:df:87:5b:91:e0:40:9d:bc:66:ea:
bf:86:1f:7c:db:db:82:73:f1:af:15:70:45:91:16:
d9:71:e2:7a:8e:ed:b8:d8:09:90:f6:20:73:bc:13:
19:7d:05:2b:28:5b:18:92:ef:7d:58:fb:7c:8b:76:
dd:78:d7:b3:7a:dd:67:c2:1b:97:d4:dc:b3:f0:84:
63:b1:d9:7d:80:d2:d4:91:58:00:fd:82:77:7a:3f:
38:0f:83:f5:9a:a9:2a:79:03:f5:6d:0b:7d:fe:f8:
00:1a:7c:ad:b5:83:bb:f3:70:a4:48:01:14:0c:f0:
d8:ba:7d:ed:b6:1a:29:10:22:fb:03:f6:ab:44:a7:
f2:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:57:A7:01:A8:15:45:E5:42:E1:45:38:D3:B7:F8:C1:5D:EE:64:83
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/P1enAagVReVC4UU407f4wV3uZIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.254.0/24
45.91.9.0/24
77.83.192.0/24
77.83.194.0/23
146.255.185.0/24
193.19.191.0/24
Signature Algorithm: sha256WithRSAEncryption
62:67:41:af:e9:7a:1e:e6:0e:bb:01:29:b5:54:a1:fc:66:07:
a5:89:d4:14:e5:64:ab:56:d1:c3:c1:92:14:77:7e:67:e9:8c:
e8:09:64:e1:96:6c:9e:c6:14:cb:6d:00:b8:fd:4c:15:e6:9e:
b7:5b:47:54:7b:f0:42:5e:a5:75:84:8d:9f:78:49:c7:94:67:
42:a9:fb:5c:75:81:dd:ed:a9:ef:86:78:62:9e:c3:ab:30:8c:
00:95:d8:eb:84:a9:a6:05:3c:3f:31:fc:2b:84:ef:8d:8b:80:
34:ce:50:22:70:c1:dd:bd:2c:c1:93:22:aa:44:d1:e4:58:74:
be:87:d8:eb:48:99:cd:b3:75:1f:40:4f:68:ef:a6:e2:07:db:
82:20:07:f0:37:6a:c5:3a:ba:45:07:d8:98:33:16:91:75:59:
9f:06:f1:be:d7:15:44:c5:e2:9e:13:d2:21:b1:d3:3c:b0:b8:
3b:c0:46:40:59:1d:20:d3:fa:f2:65:7e:3f:b3:e5:61:8d:d6:
a9:17:b0:66:ef:37:d7:ad:13:b2:d8:6e:1c:d6:17:aa:2f:42:
b0:4c:60:ff:ea:8c:35:f8:c7:57:6c:ab:6a:38:59:1c:59:d0:
45:37:ac:9a:a0:1b:56:f8:d8:a7:23:53:8e:51:8b:81:77:87:
dd:ea:77:3d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQhRA3ZlcUmKn6aMB6GEpCMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwMTAxMDk0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjU3YTcwMWE4MTU0NWU1NDJlMTQ1MzhkM2I3ZjhjMTVkZWU2NDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ENhL73LRunsOMlYyAEedgm+hxd0
96cCGFxf2YO+YRugj0f7Y/AkjJeE+6gkh317gcoqtHyGZghS2n2I0eicFWWAeLcl
62OBsVq/wFzi+bgmeCzRdRwBaA098fAi4hPx5hlKevKDekn1teuoSRoJRQO2LY7y
uh8iHbv3Fd+HW5HgQJ28Zuq/hh9829uCc/GvFXBFkRbZceJ6ju242AmQ9iBzvBMZ
fQUrKFsYku99WPt8i3bdeNezet1nwhuX1Nyz8IRjsdl9gNLUkVgA/YJ3ej84D4P1
mqkqeQP1bQt9/vgAGnyttYO783CkSAEUDPDYun3tthopECL7A/arRKfy4QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFD9XpwGoFUXlQuFFONO3+MFd7mSDMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvUDFlbkFhZ1ZSZVZDNFVVNDA3ZjR3VjN1WklNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALVf+AwQA
LVsJAwQATVPAAwQBTVPCAwQAkv+5AwQAwRO/MA0GCSqGSIb3DQEBCwUAA4IBAQBi
Z0Gv6Xoe5g67ASm1VKH8ZgelidQU5WSrVtHDwZIUd35n6YzoCWThlmyexhTLbQC4
/UwV5p63W0dUe/BCXqV1hI2feEnHlGdCqftcdYHd7anvhnhinsOrMIwAldjrhKmm
BTw/MfwrhO+Ni4A0zlAicMHdvSzBkyKqRNHkWHS+h9jrSJnNs3UfQE9o76biB9uC
IAfwN2rFOrpFB9iYMxaRdVmfBvG+1xVExeKeE9IhsdM8sLg7wEZAWR0g0/ryZX4/
s+VhjdapF7Bm7zfXrROy2G4c1heqL0KwTGD/6ow1+MdXbKtqOFkcWdBFN6yaoBtW
+NinI1OOUYuBd4fd6nc9
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:08:17 2025 by rpki-client