Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/ShVLDfr0nCPPmAG9YgcrRM6blWE.roa
File: ShVLDfr0nCPPmAG9YgcrRM6blWE.roa (raw, json)
Hash identifier: c/2BADHntc+f3S4ZmTv+7bSEpY4YlmzXN/M9PN+NA8A=
Subject key identifier: 4A:15:4B:0D:FA:F4:9C:23:CF:98:01:BD:62:07:2B:44:CE:9B:95:61
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 019420D5C6E57D42D7AD11C1B269BD693BCC
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/ShVLDfr0nCPPmAG9YgcrRM6blWE.roa
Signing time: Wed 01 Jan 2025 07:47:48 +0000
ROA not before: Wed 01 Jan 2025 07:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34665
IP address blocks: 45.94.23.0/24 maxlen: 24
45.137.52.0/24 maxlen: 24
45.137.55.0/24 maxlen: 24
45.137.188.0/24 maxlen: 24
45.137.191.0/24 maxlen: 24
45.139.28.0/24 maxlen: 24
45.139.29.0/24 maxlen: 24
45.139.31.0/24 maxlen: 24
45.140.171.0/24 maxlen: 24
45.145.163.0/24 maxlen: 24
45.145.168.0/24 maxlen: 24
45.145.171.0/24 maxlen: 24
84.54.28.0/22 maxlen: 22
109.94.211.0/24 maxlen: 24
213.139.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 13:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:c6:e5:7d:42:d7:ad:11:c1:b2:69:bd:69:3b:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jan 1 07:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a154b0dfaf49c23cf9801bd62072b44ce9b9561
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:cb:72:dc:30:5e:d9:98:12:b7:07:f8:f7:fd:
cf:38:b1:88:d6:5b:a5:13:c8:7d:12:6a:56:3c:78:
15:9b:91:f3:fb:66:2b:b4:0d:0c:be:d5:c2:53:61:
10:b8:ed:41:07:d7:f8:9d:d6:f5:cb:4b:7a:94:01:
7e:7f:d7:c7:af:d9:20:34:80:a9:25:43:26:bb:56:
83:fe:18:94:5b:e6:7c:0b:38:2d:0b:a3:ed:aa:fa:
a8:d3:93:1d:ac:3d:00:2d:59:6e:bc:a5:92:66:7f:
cc:c5:55:c4:68:d4:f9:76:ff:1a:30:00:b2:e7:02:
78:ac:7f:85:1f:5d:dd:a3:3f:b9:2b:16:70:17:93:
bd:fe:71:97:55:09:c6:f6:2d:59:bb:f5:7f:e5:a9:
2e:36:58:83:7f:dd:19:78:3d:55:17:ce:0f:03:ca:
c4:7f:48:44:10:a2:c9:23:4e:d9:4b:50:14:4e:90:
73:f1:1a:65:28:03:07:31:d0:87:4d:a1:a1:60:e1:
89:8d:4c:4e:60:28:f5:a5:d9:f6:cb:a7:7f:e1:54:
d2:81:0b:56:6b:60:26:7f:2c:be:56:9d:3e:96:a3:
1a:62:f3:f8:42:5f:30:04:fd:4f:52:15:cd:ab:1f:
63:f6:dc:3a:35:f8:38:40:43:a4:f8:e5:db:1e:99:
d6:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:15:4B:0D:FA:F4:9C:23:CF:98:01:BD:62:07:2B:44:CE:9B:95:61
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/ShVLDfr0nCPPmAG9YgcrRM6blWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.23.0/24
45.137.52.0/24
45.137.55.0/24
45.137.188.0/24
45.137.191.0/24
45.139.28.0/23
45.139.31.0/24
45.140.171.0/24
45.145.163.0/24
45.145.168.0/24
45.145.171.0/24
84.54.28.0/22
109.94.211.0/24
213.139.229.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:2c:45:60:a5:3a:1d:c1:23:c9:63:80:cc:b5:a7:11:88:05:
ac:9d:cf:8d:c9:b4:bb:66:a7:d3:0d:2e:12:62:65:cc:dd:7b:
8a:7a:0d:0d:f4:37:01:52:55:52:18:a4:ae:56:b2:a8:4e:5f:
4f:96:3e:43:85:78:f8:fe:21:07:ab:ad:fe:ea:4f:e6:48:2c:
ca:01:d3:46:0a:76:7d:60:d6:e1:c8:e7:f9:1c:c3:fe:7e:8d:
7e:1f:89:1b:a0:05:be:5f:b3:5d:a7:58:57:d7:64:5d:2e:22:
7f:c2:aa:d8:8f:38:c7:98:7c:74:0f:39:f9:05:ce:77:3a:93:
d1:94:ec:a4:f7:ca:75:ce:83:8d:65:b0:1f:e6:e5:95:20:27:
29:08:8b:c2:ad:61:33:c8:83:02:a8:7d:b8:64:8e:c9:7c:67:
af:ac:56:13:54:9d:2d:68:3b:6e:27:4f:3a:dc:2b:64:29:a6:
ba:58:69:a1:2c:64:3e:a6:a1:a6:17:1e:7a:0f:a9:96:30:50:
2d:c5:1e:7f:f5:d5:fd:75:33:1e:82:a2:52:17:bf:03:44:b3:
f4:74:80:bf:6c:b3:c9:f2:16:ea:d5:e1:c3:1a:74:65:e1:cf:
b2:70:9b:6b:42:55:ac:d5:c8:dd:ea:9a:66:05:fe:d7:47:dd:
e7:36:4b:0d
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZQg1cblfULXrRHBsmm9aTvMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjUwMTAxMDc0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTE1NGIwZGZhZjQ5YzIzY2Y5ODAxYmQ2MjA3MmI0NGNlOWI5NTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsty3DBe2ZgStwf49/3POLGI1lul
E8h9EmpWPHgVm5Hz+2YrtA0MvtXCU2EQuO1BB9f4ndb1y0t6lAF+f9fHr9kgNICp
JUMmu1aD/hiUW+Z8CzgtC6Ptqvqo05MdrD0ALVluvKWSZn/MxVXEaNT5dv8aMACy
5wJ4rH+FH13doz+5KxZwF5O9/nGXVQnG9i1Zu/V/5akuNliDf90ZeD1VF84PA8rE
f0hEEKLJI07ZS1AUTpBz8RplKAMHMdCHTaGhYOGJjUxOYCj1pdn2y6d/4VTSgQtW
a2Amfyy+Vp0+lqMaYvP4Ql8wBP1PUhXNqx9j9tw6Nfg4QEOk+OXbHpnWGQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFEoVSw369Jwjz5gBvWIHK0TOm5VhMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvU2hWTERmcjBuQ1BQbUFHOVlnY3JSTTZibFdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQALV4XAwQA
LYk0AwQALYk3AwQALYm8AwQALYm/AwQBLYscAwQALYsfAwQALYyrAwQALZGjAwQA
LZGoAwQALZGrAwQCVDYcAwQAbV7TAwQA1YvlMA0GCSqGSIb3DQEBCwUAA4IBAQCy
LEVgpTodwSPJY4DMtacRiAWsnc+NybS7ZqfTDS4SYmXM3XuKeg0N9DcBUlVSGKSu
VrKoTl9Plj5DhXj4/iEHq63+6k/mSCzKAdNGCnZ9YNbhyOf5HMP+fo1+H4kboAW+
X7Ndp1hX12RdLiJ/wqrYjzjHmHx0Dzn5Bc53OpPRlOyk98p1zoONZbAf5uWVICcp
CIvCrWEzyIMCqH24ZI7JfGevrFYTVJ0taDtuJ0863CtkKaa6WGmhLGQ+pqGmFx56
D6mWMFAtxR5/9dX9dTMegqJSF78DRLP0dIC/bLPJ8hbq1eHDGnRl4c+ycJtrQlWs
1cjd6ppmBf7XR93nNksN
-----END CERTIFICATE-----
Generated at Tue Apr 15 19:38:27 2025 by rpki-client