Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/4TAvnt0eG7JuKsSMWZUEgsGMvao.roa
File: 4TAvnt0eG7JuKsSMWZUEgsGMvao.roa (raw, json)
Hash identifier: n2Kdbh6aM1gzVM7r4e4o1E7EcRngRjFAuhxJZjUQisg=
Subject key identifier: E1:30:2F:9E:DD:1E:1B:B2:6E:2A:C4:8C:59:95:04:82:C1:8C:BD:AA
Certificate issuer: /CN=293e0cd8b3e044edb823aef688aafb0b75de8675
Certificate serial: 0194266C001676C34743FD781F2173ABAFD6
Authority key identifier: 29:3E:0C:D8:B3:E0:44:ED:B8:23:AE:F6:88:AA:FB:0B:75:DE:86:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/4TAvnt0eG7JuKsSMWZUEgsGMvao.roa
Signing time: Thu 02 Jan 2025 09:49:59 +0000
ROA not before: Thu 02 Jan 2025 09:49:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208555
IP address blocks: 45.129.36.0/22 maxlen: 22
45.129.36.0/24 maxlen: 24
45.129.37.0/24 maxlen: 24
45.129.38.0/23 maxlen: 23
45.129.38.0/24 maxlen: 24
45.129.39.0/24 maxlen: 24
185.53.140.0/22 maxlen: 24
185.53.140.0/23 maxlen: 23
185.53.140.0/24 maxlen: 24
185.53.141.0/24 maxlen: 24
185.53.142.0/23 maxlen: 23
185.53.142.0/24 maxlen: 24
185.53.143.0/24 maxlen: 24
185.126.202.0/23 maxlen: 23
185.126.202.0/24 maxlen: 24
185.126.203.0/24 maxlen: 24
2a0a:2fc4::/64 maxlen: 64
2a0e:4a40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/KT4M2LPgRO24I672iKr7C3XehnU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/KT4M2LPgRO24I672iKr7C3XehnU.mft
rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:00:16:76:c3:47:43:fd:78:1f:21:73:ab:af:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=293e0cd8b3e044edb823aef688aafb0b75de8675
Validity
Not Before: Jan 2 09:49:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e1302f9edd1e1bb26e2ac48c59950482c18cbdaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e8:78:4d:e8:f8:e1:23:80:61:a0:1b:4c:2a:
f0:49:0d:84:b8:f8:28:76:d6:bd:69:bb:e5:4f:af:
d8:2e:03:cf:bb:70:98:41:ad:69:e5:b4:c4:a8:fd:
f7:19:8a:e8:63:a6:99:3b:e3:99:bc:f9:a1:39:c2:
e3:8f:52:d2:18:b5:8f:3c:f6:1f:4d:ad:e5:4c:8d:
dd:ae:34:14:ff:8c:58:64:f9:81:ce:72:d5:f9:50:
59:ce:d5:a5:20:19:88:61:e2:62:0b:ab:de:27:7d:
73:c5:20:81:6b:33:84:55:3d:41:2c:1b:fb:04:70:
91:5b:28:3b:22:69:83:ae:81:18:91:bb:1d:1b:f9:
87:8d:98:2d:af:6e:1c:05:d2:0c:d4:5c:7e:04:c7:
89:a5:3f:51:fc:de:ec:48:1a:fb:e0:78:63:81:b5:
2e:6b:ff:ca:a9:dd:6c:05:15:50:26:ce:1e:d9:2b:
da:1b:25:14:e6:f8:84:d9:c6:16:c8:2c:d8:c7:e2:
ff:d9:08:1f:0e:53:17:fd:1c:f5:7f:28:8c:ef:9b:
81:0b:b2:78:e4:ee:ec:e8:7f:13:01:5b:97:ed:dd:
98:ca:aa:2f:af:31:55:67:45:18:19:3d:4c:19:41:
e5:99:04:f7:0c:c0:00:9b:67:05:ce:07:c8:e2:9f:
9e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:30:2F:9E:DD:1E:1B:B2:6E:2A:C4:8C:59:95:04:82:C1:8C:BD:AA
X509v3 Authority Key Identifier:
keyid:29:3E:0C:D8:B3:E0:44:ED:B8:23:AE:F6:88:AA:FB:0B:75:DE:86:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/4TAvnt0eG7JuKsSMWZUEgsGMvao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/KT4M2LPgRO24I672iKr7C3XehnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.36.0/22
185.53.140.0/22
185.126.202.0/23
IPv6:
2a0a:2fc4::/64
2a0e:4a40::/29
Signature Algorithm: sha256WithRSAEncryption
20:6d:74:16:ff:b5:21:c2:8a:6b:68:f1:68:88:7d:a4:3f:5d:
8a:4f:4b:c6:6f:de:88:b9:0a:50:3c:a1:ad:42:60:fb:0d:70:
80:5a:7d:b1:c9:9c:44:ff:13:8e:0f:c0:a4:29:e1:e9:f4:8f:
3d:a5:aa:8a:23:6e:f5:05:9a:fd:3c:af:46:3a:60:10:56:ff:
aa:96:67:3a:57:0a:98:87:36:cf:53:09:54:42:8b:7b:38:b3:
5b:69:a9:c8:eb:e2:f6:ac:6f:48:aa:7d:b6:89:dc:55:f1:56:
73:85:21:27:00:5d:a7:64:8d:c0:f4:41:06:d2:8e:cb:77:8a:
7c:40:a4:44:0b:66:53:6d:e2:52:c7:c4:86:d3:69:7f:f0:d8:
7d:c3:92:0c:0b:a6:5e:df:1e:07:de:3b:1f:d8:cc:69:f3:ee:
ea:d6:8c:a5:fb:9a:5c:6e:04:de:83:66:87:0d:2a:95:11:e3:
4e:96:bd:e1:4c:05:d5:64:ae:d4:f3:3e:85:12:50:c1:22:b2:
fb:a7:f8:f9:41:3e:f9:71:ef:67:78:11:48:8d:f8:de:7f:ba:
06:e7:6f:0a:51:49:3c:fa:53:4c:37:37:64:20:78:a4:5c:4d:
d7:dd:05:af:23:e8:ae:5d:73:e3:9a:fd:0b:50:ae:b8:c5:8e:
ae:76:48:ce
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZQmbAAWdsNHQ/14HyFzq6/WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5M2UwY2Q4YjNlMDQ0ZWRiODIzYWVmNjg4YWFmYjBiNzVk
ZTg2NzUwHhcNMjUwMTAyMDk0OTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTMwMmY5ZWRkMWUxYmIyNmUyYWM0OGM1OTk1MDQ4MmMxOGNiZGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOh4Tej44SOAYaAbTCrwSQ2EuPgo
dta9abvlT6/YLgPPu3CYQa1p5bTEqP33GYroY6aZO+OZvPmhOcLjj1LSGLWPPPYf
Ta3lTI3drjQU/4xYZPmBznLV+VBZztWlIBmIYeJiC6veJ31zxSCBazOEVT1BLBv7
BHCRWyg7ImmDroEYkbsdG/mHjZgtr24cBdIM1Fx+BMeJpT9R/N7sSBr74HhjgbUu
a//Kqd1sBRVQJs4e2SvaGyUU5viE2cYWyCzYx+L/2QgfDlMX/Rz1fyiM75uBC7J4
5O7s6H8TAVuX7d2YyqovrzFVZ0UYGT1MGUHlmQT3DMAAm2cFzgfI4p+ewQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFOEwL57dHhuybirEjFmVBILBjL2qMB8GA1UdIwQY
MBaAFCk+DNiz4ETtuCOu9oiq+wt13oZ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1Q0TTJMUGdSTzI0STY3MmlLcjdDM1hlaG5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC82ZGExYzItMjUyZC00YmQyLWI1NmMt
YmIyMTdjYzNiNzhkLzEvNFRBdm50MGVHN0p1S3NTTVdaVUVnc0dNdmFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC82ZGExYzItMjUyZC00YmQyLWI1NmMtYmIyMTdjYzNiNzhk
LzEvS1Q0TTJMUGdSTzI0STY3MmlLcjdDM1hlaG5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQCLYEkAwQC
uTWMAwQBuX7KMBgEAgACMBIDCQAqCi/EAAAAAAMFAyoOSkAwDQYJKoZIhvcNAQEL
BQADggEBACBtdBb/tSHCimto8WiIfaQ/XYpPS8Zv3oi5ClA8oa1CYPsNcIBafbHJ
nET/E44PwKQp4en0jz2lqoojbvUFmv08r0Y6YBBW/6qWZzpXCpiHNs9TCVRCi3s4
s1tpqcjr4vasb0iqfbaJ3FXxVnOFIScAXadkjcD0QQbSjst3inxApEQLZlNt4lLH
xIbTaX/w2H3DkgwLpl7fHgfeOx/YzGnz7urWjKX7mlxuBN6DZocNKpUR406WveFM
BdVkrtTzPoUSUMEisvun+PlBPvlx72d4EUiN+N5/ugbnbwpRSTz6U0w3N2QgeKRc
TdfdBa8j6K5dc+Oa/QtQrrjFjq52SM4=
-----END CERTIFICATE-----
Generated at Thu Apr 17 20:46:31 2025 by rpki-client