Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/hrYxeiKitWtZr5fQYZyqUbiDFgI.roa
File: hrYxeiKitWtZr5fQYZyqUbiDFgI.roa (raw, json)
Hash identifier: JxHglmXzVrWbhIyfGSjUvCLnk5iCrw7AjtjIH98v8Uk=
Subject key identifier: 86:B6:31:7A:22:A2:B5:6B:59:AF:97:D0:61:9C:AA:51:B8:83:16:02
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 019420D5D66AC667A46F93E1EC3256A2AC2E
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/hrYxeiKitWtZr5fQYZyqUbiDFgI.roa
Signing time: Wed 01 Jan 2025 07:47:52 +0000
ROA not before: Wed 01 Jan 2025 07:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62240
IP address blocks: 31.41.38.0/24 maxlen: 24
31.41.39.0/24 maxlen: 24
45.11.25.0/24 maxlen: 24
45.133.219.0/24 maxlen: 24
45.137.52.0/24 maxlen: 24
45.137.55.0/24 maxlen: 24
45.137.188.0/24 maxlen: 24
45.137.191.0/24 maxlen: 24
45.139.28.0/24 maxlen: 24
45.139.29.0/24 maxlen: 24
45.139.31.0/24 maxlen: 24
45.140.171.0/24 maxlen: 24
45.145.2.0/24 maxlen: 24
45.145.90.0/24 maxlen: 24
45.145.161.0/24 maxlen: 24
45.149.80.0/24 maxlen: 24
45.149.81.0/24 maxlen: 24
45.149.82.0/24 maxlen: 24
45.149.134.0/24 maxlen: 24
45.150.62.0/24 maxlen: 24
45.150.63.0/24 maxlen: 24
45.152.227.0/24 maxlen: 24
77.83.4.0/24 maxlen: 24
77.83.5.0/24 maxlen: 24
77.83.6.0/24 maxlen: 24
77.83.7.0/24 maxlen: 24
185.179.198.0/24 maxlen: 24
194.156.95.0/24 maxlen: 24
195.245.111.0/24 maxlen: 24
213.139.192.0/24 maxlen: 24
213.139.193.0/24 maxlen: 24
213.139.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Apr 2025 13:43:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:d6:6a:c6:67:a4:6f:93:e1:ec:32:56:a2:ac:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jan 1 07:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86b6317a22a2b56b59af97d0619caa51b8831602
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ce:ad:87:e5:37:a6:4e:f8:0f:f9:be:a2:f3:
0c:83:f5:e7:03:9e:cd:e7:33:d8:00:3f:db:06:20:
d3:73:be:a1:65:49:75:61:4f:a3:79:c8:a2:80:74:
bb:83:d1:80:42:f6:e7:98:8b:5f:8a:ab:17:55:d8:
36:2d:a4:0c:d6:c9:06:c2:d8:00:1a:2e:24:7a:fa:
c9:29:c4:c6:60:a1:12:b7:30:ee:5c:86:63:1d:a1:
be:03:d0:72:a5:89:9b:86:9a:8a:fc:4e:47:c4:c2:
0e:b0:d6:41:84:3c:20:b0:a4:9f:5e:17:40:77:df:
a1:c7:d8:f6:be:21:4f:32:ad:95:2e:2f:a7:2d:74:
fa:0a:13:de:f2:3a:8f:14:bd:0b:88:a0:19:cc:fc:
55:8e:0f:ad:39:24:e1:87:ad:cf:a7:f4:65:22:66:
5f:76:92:c0:92:01:e1:15:8d:4b:42:13:4f:f2:ed:
86:71:85:cb:d4:b4:3b:b1:15:04:3b:4d:bf:0b:d6:
eb:4f:0a:c4:9d:0f:cc:ae:30:a0:e4:9e:e6:14:20:
7f:a1:8e:aa:27:5f:52:0c:56:41:04:45:f5:46:5c:
9b:40:2f:f5:87:1f:ab:2a:0d:ac:a1:4a:0f:bf:cb:
ce:45:ed:4f:57:ab:3f:1a:50:42:c2:18:55:9b:c4:
75:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:B6:31:7A:22:A2:B5:6B:59:AF:97:D0:61:9C:AA:51:B8:83:16:02
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/hrYxeiKitWtZr5fQYZyqUbiDFgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.38.0/23
45.11.25.0/24
45.133.219.0/24
45.137.52.0/24
45.137.55.0/24
45.137.188.0/24
45.137.191.0/24
45.139.28.0/23
45.139.31.0/24
45.140.171.0/24
45.145.2.0/24
45.145.90.0/24
45.145.161.0/24
45.149.80.0-45.149.82.255
45.149.134.0/24
45.150.62.0/23
45.152.227.0/24
77.83.4.0/22
185.179.198.0/24
194.156.95.0/24
195.245.111.0/24
213.139.192.0/23
213.139.195.0/24
Signature Algorithm: sha256WithRSAEncryption
74:72:47:3e:eb:dc:6d:aa:c8:76:75:23:75:67:7f:31:fa:5b:
7c:26:4a:0a:37:9d:eb:21:14:70:57:ba:56:5d:a1:9e:f6:0a:
37:47:be:d5:da:93:e0:b8:ef:c5:9b:b0:97:1d:50:0f:5f:32:
a2:19:ea:f3:d4:df:81:b3:61:a5:1d:27:73:69:07:2f:c6:bc:
2a:d3:4c:39:66:d3:a9:71:dd:f8:a7:44:eb:30:e3:21:34:6e:
38:24:04:2d:75:f0:ba:75:43:23:42:83:fd:b4:fc:d3:c2:ce:
ff:16:9f:77:d6:04:00:fc:2a:ad:6c:a5:11:77:9c:9e:56:28:
97:1b:4f:5f:36:52:26:5a:ff:17:70:7b:62:0e:87:7f:85:41:
62:c6:c2:77:f6:99:8a:ea:f4:7c:54:14:76:3d:9b:02:eb:6b:
8d:4d:13:0f:aa:e4:bc:7c:d6:65:36:c1:02:9e:96:48:a0:09:
4d:99:ac:e8:83:07:6d:0d:a4:96:48:af:5e:ea:e3:c4:68:31:
97:0f:23:be:5d:50:bd:f3:e3:4e:90:b9:ab:3c:4e:96:17:ca:
9f:3e:eb:15:07:ac:86:7b:e2:fc:79:da:94:d5:35:ac:87:aa:
28:c4:89:bf:34:0c:67:74:43:ad:26:a4:38:a6:d1:65:8e:2f:
7a:d8:e5:93
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAZQg1dZqxmekb5Ph7DJWoqwuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjUwMTAxMDc0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmI2MzE3YTIyYTJiNTZiNTlhZjk3ZDA2MTljYWE1MWI4ODMxNjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3s6th+U3pk74D/m+ovMMg/XnA57N
5zPYAD/bBiDTc76hZUl1YU+jeciigHS7g9GAQvbnmItfiqsXVdg2LaQM1skGwtgA
Gi4kevrJKcTGYKEStzDuXIZjHaG+A9BypYmbhpqK/E5HxMIOsNZBhDwgsKSfXhdA
d9+hx9j2viFPMq2VLi+nLXT6ChPe8jqPFL0LiKAZzPxVjg+tOSThh63Pp/RlImZf
dpLAkgHhFY1LQhNP8u2GcYXL1LQ7sRUEO02/C9brTwrEnQ/MrjCg5J7mFCB/oY6q
J19SDFZBBEX1RlybQC/1hx+rKg2soUoPv8vORe1PV6s/GlBCwhhVm8R12wIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFIa2MXoiorVrWa+X0GGcqlG4gxYCMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvaHJZeGVpS2l0V3RacjVmUVlaeXFVYmlERmdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBmQQCAAEwgZIDBAEf
KSYDBAAtCxkDBAAthdsDBAAtiTQDBAAtiTcDBAAtibwDBAAtib8DBAEtixwDBAAt
ix8DBAAtjKsDBAAtkQIDBAAtkVoDBAAtkaEwDAMEBC2VUAMEAC2VUgMEAC2VhgME
AS2WPgMEAC2Y4wMEAk1TBAMEALmzxgMEAMKcXwMEAMP1bwMEAdWLwAMEANWLwzAN
BgkqhkiG9w0BAQsFAAOCAQEAdHJHPuvcbarIdnUjdWd/MfpbfCZKCjed6yEUcFe6
Vl2hnvYKN0e+1dqT4LjvxZuwlx1QD18yohnq89TfgbNhpR0nc2kHL8a8KtNMOWbT
qXHd+KdE6zDjITRuOCQELXXwunVDI0KD/bT808LO/xafd9YEAPwqrWylEXecnlYo
lxtPXzZSJlr/F3B7Yg6Hf4VBYsbCd/aZiur0fFQUdj2bAutrjU0TD6rkvHzWZTbB
Ap6WSKAJTZms6IMHbQ2klkivXurjxGgxlw8jvl1QvfPjTpC5qzxOlhfKnz7rFQes
hnvi/HnalNU1rIeqKMSJvzQMZ3RDrSakOKbRZY4vetjlkw==
-----END CERTIFICATE-----
Generated at Thu Apr 3 22:34:20 2025 by rpki-client