Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/I5vHd7lVuPhXCFCVsngGzRiZCQ8.roa
File: I5vHd7lVuPhXCFCVsngGzRiZCQ8.roa (raw, json)
Hash identifier: w6dB9/2/3Ylmx4FqH2XdUEpGWNbQcgKGdMRT0Ysa7sA=
Subject key identifier: 23:9B:C7:77:B9:55:B8:F8:57:08:50:95:B2:78:06:CD:18:99:09:0F
Certificate issuer: /CN=293e0cd8b3e044edb823aef688aafb0b75de8675
Certificate serial: 0194266BFF7F31BCC2E10BE7291622548FA8
Authority key identifier: 29:3E:0C:D8:B3:E0:44:ED:B8:23:AE:F6:88:AA:FB:0B:75:DE:86:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/I5vHd7lVuPhXCFCVsngGzRiZCQ8.roa
Signing time: Thu 02 Jan 2025 09:49:59 +0000
ROA not before: Thu 02 Jan 2025 09:49:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51026
IP address blocks: 45.129.36.0/24 maxlen: 24
45.129.37.0/24 maxlen: 24
45.129.38.0/24 maxlen: 24
45.129.39.0/24 maxlen: 24
185.53.141.0/24 maxlen: 24
185.53.142.0/24 maxlen: 24
185.53.143.0/24 maxlen: 24
185.126.202.0/24 maxlen: 24
2a0a:2fc4::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/KT4M2LPgRO24I672iKr7C3XehnU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/KT4M2LPgRO24I672iKr7C3XehnU.mft
rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 15:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:ff:7f:31:bc:c2:e1:0b:e7:29:16:22:54:8f:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=293e0cd8b3e044edb823aef688aafb0b75de8675
Validity
Not Before: Jan 2 09:49:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=239bc777b955b8f857085095b27806cd1899090f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:79:e9:c7:bd:15:d2:52:52:69:42:bf:f7:a2:
41:0c:8a:e4:98:73:78:38:a0:55:32:d7:d5:2d:9d:
31:20:22:f6:4c:a1:5a:a9:11:e0:21:27:8a:09:cf:
c3:56:a4:b5:2a:15:a8:1f:37:da:fa:4e:d9:13:fc:
16:fa:bc:c1:e6:ed:7e:e0:b6:ee:0f:fd:be:12:ce:
79:dd:9e:7f:42:72:5f:56:f1:de:98:57:e3:98:02:
5f:25:7f:a0:2f:54:4a:26:21:30:ec:7c:2f:6e:36:
a5:d2:0a:16:15:78:52:6e:0a:c1:21:6a:7b:fc:99:
82:01:a0:44:eb:24:15:64:d0:c9:86:63:3b:04:88:
a4:2d:98:d3:c5:cf:8c:0e:62:6b:30:4f:d6:c4:3e:
aa:be:3a:04:0f:91:df:f9:d3:41:92:03:60:15:59:
ae:16:f5:af:7b:e5:f1:d7:4a:7f:de:63:43:94:7f:
55:92:34:93:44:da:fe:06:5a:09:92:58:0d:0f:da:
e7:30:d2:bd:73:15:a4:02:62:43:2f:a2:de:a2:4c:
8c:1c:71:71:e0:1f:19:37:03:07:a4:75:1e:e3:4b:
15:83:96:43:8d:71:55:3f:ac:a4:ef:c6:66:f9:d3:
dd:ac:fc:a9:98:6d:33:9a:5d:c5:52:5b:42:ae:ca:
48:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:9B:C7:77:B9:55:B8:F8:57:08:50:95:B2:78:06:CD:18:99:09:0F
X509v3 Authority Key Identifier:
keyid:29:3E:0C:D8:B3:E0:44:ED:B8:23:AE:F6:88:AA:FB:0B:75:DE:86:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/I5vHd7lVuPhXCFCVsngGzRiZCQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/KT4M2LPgRO24I672iKr7C3XehnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.36.0/22
185.53.141.0-185.53.143.255
185.126.202.0/24
IPv6:
2a0a:2fc4::/32
Signature Algorithm: sha256WithRSAEncryption
82:da:4d:21:22:56:77:ad:6e:fd:87:f6:64:9a:36:42:c6:01:
ba:ba:e2:c8:78:13:7e:aa:67:8b:6b:a1:21:e6:72:08:e8:a1:
c9:84:ba:e0:0c:b2:17:88:86:ef:24:24:41:b3:29:13:95:06:
fd:e3:ee:71:45:ae:cc:3d:4c:83:27:71:58:85:96:be:ab:4a:
d1:94:c2:c5:82:1e:95:c1:fe:b5:2f:eb:a6:7f:19:17:58:a5:
5e:38:a7:af:37:a9:52:4d:08:19:d3:e8:be:2e:9c:6e:8b:ae:
18:8d:da:8b:b8:b5:b5:f5:54:11:9f:46:66:0e:d0:48:61:1b:
07:5e:80:3b:0c:ad:ea:b0:4e:e9:7f:dc:d7:78:10:68:61:07:
48:7e:0b:17:fb:b5:91:ee:0c:b1:f0:7e:39:65:56:4b:ce:48:
53:42:f3:7e:1c:4a:6f:61:92:dc:58:55:d6:b3:d6:9b:c4:56:
05:8c:e1:b4:78:4c:70:b5:4c:fc:64:38:da:34:43:a7:68:4b:
d7:14:6f:fc:79:d9:ba:4f:b1:b1:79:87:fe:7b:52:87:8a:d9:
c2:83:62:d4:86:2d:fb:aa:8e:77:4e:72:ff:11:0c:f3:2f:67:
5d:54:55:5e:0e:86:4f:d0:a1:35:67:eb:0f:55:8b:97:c1:50:
f3:d0:ea:6b
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQma/9/MbzC4QvnKRYiVI+oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5M2UwY2Q4YjNlMDQ0ZWRiODIzYWVmNjg4YWFmYjBiNzVk
ZTg2NzUwHhcNMjUwMTAyMDk0OTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzliYzc3N2I5NTViOGY4NTcwODUwOTViMjc4MDZjZDE4OTkwOTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXnpx70V0lJSaUK/96JBDIrkmHN4
OKBVMtfVLZ0xICL2TKFaqRHgISeKCc/DVqS1KhWoHzfa+k7ZE/wW+rzB5u1+4Lbu
D/2+Es553Z5/QnJfVvHemFfjmAJfJX+gL1RKJiEw7Hwvbjal0goWFXhSbgrBIWp7
/JmCAaBE6yQVZNDJhmM7BIikLZjTxc+MDmJrME/WxD6qvjoED5Hf+dNBkgNgFVmu
FvWve+Xx10p/3mNDlH9VkjSTRNr+BloJklgND9rnMNK9cxWkAmJDL6LeokyMHHFx
4B8ZNwMHpHUe40sVg5ZDjXFVP6yk78Zm+dPdrPypmG0zml3FUltCrspI9QIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFCObx3e5Vbj4VwhQlbJ4Bs0YmQkPMB8GA1UdIwQY
MBaAFCk+DNiz4ETtuCOu9oiq+wt13oZ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1Q0TTJMUGdSTzI0STY3MmlLcjdDM1hlaG5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC82ZGExYzItMjUyZC00YmQyLWI1NmMt
YmIyMTdjYzNiNzhkLzEvSTV2SGQ3bFZ1UGhYQ0ZDVnNuZ0d6UmlaQ1E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC82ZGExYzItMjUyZC00YmQyLWI1NmMtYmIyMTdjYzNiNzhk
LzEvS1Q0TTJMUGdSTzI0STY3MmlLcjdDM1hlaG5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCLYEkMAwD
BAC5NY0DBAS5NYADBAC5fsowDQQCAAIwBwMFACoKL8QwDQYJKoZIhvcNAQELBQAD
ggEBAILaTSEiVnetbv2H9mSaNkLGAbq64sh4E36qZ4troSHmcgjoocmEuuAMsheI
hu8kJEGzKROVBv3j7nFFrsw9TIMncViFlr6rStGUwsWCHpXB/rUv66Z/GRdYpV44
p683qVJNCBnT6L4unG6LrhiN2ou4tbX1VBGfRmYO0EhhGwdegDsMreqwTul/3Nd4
EGhhB0h+Cxf7tZHuDLHwfjllVkvOSFNC834cSm9hktxYVdaz1pvEVgWM4bR4THC1
TPxkONo0Q6doS9cUb/x52bpPsbF5h/57UoeK2cKDYtSGLfuqjndOcv8RDPMvZ11U
VV4Ohk/QoTVn6w9Vi5fBUPPQ6ms=
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:31:27 2025 by rpki-client