Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/X0JdjNd6m4MFmlieGIcRiC38L7g.roa
File: X0JdjNd6m4MFmlieGIcRiC38L7g.roa (raw, json)
Hash identifier: cvNoBV24LI2WyWcDxwYJ2rHceIC8ouaot01hyZg8IO0=
Subject key identifier: 5F:42:5D:8C:D7:7A:9B:83:05:9A:58:9E:18:87:11:88:2D:FC:2F:B8
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019504CF333796CD94EE8D3C99C8FE3558DB
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/X0JdjNd6m4MFmlieGIcRiC38L7g.roa
Signing time: Fri 14 Feb 2025 14:14:02 +0000
ROA not before: Fri 14 Feb 2025 14:14:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58061
IP address blocks: 45.88.14.0/24 maxlen: 24
45.88.15.0/24 maxlen: 24
62.192.152.0/24 maxlen: 24
77.81.182.0/24 maxlen: 24
79.110.227.0/24 maxlen: 24
85.204.18.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
89.35.129.0/24 maxlen: 24
89.37.192.0/24 maxlen: 24
89.40.36.0/24 maxlen: 24
89.40.215.0/24 maxlen: 24
89.45.35.0/24 maxlen: 24
89.47.36.0/24 maxlen: 24
93.115.107.0/24 maxlen: 24
93.118.36.0/24 maxlen: 24
93.119.154.0/24 maxlen: 24
94.198.171.0/24 maxlen: 24
128.0.41.0/24 maxlen: 24
176.223.188.0/24 maxlen: 24
185.198.233.0/24 maxlen: 24
188.215.31.0/24 maxlen: 24
188.241.221.0/24 maxlen: 24
193.178.134.0/24 maxlen: 24
195.133.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:04:cf:33:37:96:cd:94:ee:8d:3c:99:c8:fe:35:58:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Feb 14 14:14:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f425d8cd77a9b83059a589e188711882dfc2fb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b2:34:b5:dc:37:c2:d2:d9:4b:8e:76:93:b5:
bf:8f:df:f4:05:fb:f3:1e:7c:75:63:d8:cd:9d:a8:
46:12:94:c3:eb:6d:58:88:f1:db:ad:53:81:39:66:
80:de:f4:03:60:b4:4d:69:c3:2e:9e:02:16:b0:64:
b1:90:b7:17:a0:82:db:58:66:c5:25:12:27:b2:4f:
bd:85:62:23:e4:c1:d9:51:32:55:c3:b9:bd:5a:ec:
ff:4c:1a:23:26:44:ec:fe:e6:2c:d3:ca:51:00:91:
c0:de:af:b1:c2:f3:bd:25:99:d9:a2:56:67:ad:c1:
0f:f6:b4:49:15:ff:9f:99:db:7b:98:4b:8c:68:29:
a6:df:ed:c0:bc:38:44:a6:d0:e8:0a:21:d8:ec:a7:
87:a4:85:68:42:31:62:60:2f:39:33:d3:d1:2d:e9:
af:a3:2e:a1:c5:de:57:02:7e:28:63:e9:39:b3:62:
d4:99:23:90:4b:c9:68:6d:4e:cb:6a:98:39:d6:36:
65:30:96:40:4b:03:da:8a:70:32:47:ad:d0:4d:75:
d3:2d:92:a9:ae:45:44:40:31:bb:78:82:62:42:bc:
2c:32:f8:fe:5d:ae:7d:a0:8b:30:45:08:93:d0:0c:
0e:9d:95:40:9f:c1:68:d2:a3:5a:5a:ab:39:73:33:
02:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:42:5D:8C:D7:7A:9B:83:05:9A:58:9E:18:87:11:88:2D:FC:2F:B8
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/X0JdjNd6m4MFmlieGIcRiC38L7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.14.0/23
62.192.152.0/24
77.81.182.0/24
79.110.227.0/24
85.204.18.0/24
89.34.106.0/24
89.35.129.0/24
89.37.192.0/24
89.40.36.0/24
89.40.215.0/24
89.45.35.0/24
89.47.36.0/24
93.115.107.0/24
93.118.36.0/24
93.119.154.0/24
94.198.171.0/24
128.0.41.0/24
176.223.188.0/24
185.198.233.0/24
188.215.31.0/24
188.241.221.0/24
193.178.134.0/24
195.133.192.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:58:c0:e3:be:f6:43:f6:cb:f3:69:13:86:df:0f:57:5b:e7:
81:5a:76:e1:6c:6b:61:c5:d9:98:0d:06:d4:fe:75:18:72:46:
83:2a:11:7e:2c:33:ea:c1:4d:de:fa:9c:aa:dd:95:97:ce:9a:
d2:0d:76:fa:e0:b2:c7:38:21:4c:f2:03:a0:88:21:85:2e:d1:
c2:68:39:0d:da:ec:fa:f5:d4:86:1f:8d:25:a9:fc:20:78:32:
27:34:fe:3a:94:25:5c:1c:6a:a1:24:0c:ab:dd:47:81:b8:ef:
d0:83:48:79:e2:83:a1:64:96:dc:f7:3c:6f:6c:8d:f6:d1:a3:
81:87:cc:f4:1c:9e:dc:7c:b5:86:cc:3a:2d:da:65:57:1d:00:
0a:62:5b:b6:ca:58:2e:53:f1:08:11:63:9d:7b:35:08:3c:e9:
37:17:4d:a3:a4:c2:71:77:50:7c:a9:af:63:4b:39:83:11:e6:
a4:bf:36:a9:3e:17:cf:0f:fb:9f:70:3d:0b:8e:13:ff:55:bf:
c8:05:00:59:f8:7f:23:43:70:29:bf:6a:ed:91:a2:c4:26:66:
84:fb:76:b8:ed:78:c6:ad:76:6e:27:92:02:7a:ca:60:35:ac:
ef:8b:22:c1:73:e2:79:7b:6b:1f:b7:6b:ab:a5:be:c0:43:63:
30:1f:1b:39
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZUEzzM3ls2U7o08mcj+NVjbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwMjE0MTQxNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjQyNWQ4Y2Q3N2E5YjgzMDU5YTU4OWUxODg3MTE4ODJkZmMyZmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLI0tdw3wtLZS452k7W/j9/0Bfvz
Hnx1Y9jNnahGEpTD621YiPHbrVOBOWaA3vQDYLRNacMungIWsGSxkLcXoILbWGbF
JRInsk+9hWIj5MHZUTJVw7m9Wuz/TBojJkTs/uYs08pRAJHA3q+xwvO9JZnZolZn
rcEP9rRJFf+fmdt7mEuMaCmm3+3AvDhEptDoCiHY7KeHpIVoQjFiYC85M9PRLemv
oy6hxd5XAn4oY+k5s2LUmSOQS8lobU7Lapg51jZlMJZASwPainAyR63QTXXTLZKp
rkVEQDG7eIJiQrwsMvj+Xa59oIswRQiT0AwOnZVAn8Fo0qNaWqs5czMCbwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFF9CXYzXepuDBZpYnhiHEYgt/C+4MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvWDBKZGpOZDZtNE1GbWxpZUdJY1JpQzM4TDdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAEt
WA4DBAA+wJgDBABNUbYDBABPbuMDBABVzBIDBABZImoDBABZI4EDBABZJcADBABZ
KCQDBABZKNcDBABZLSMDBABZLyQDBABdc2sDBABddiQDBABdd5oDBABexqsDBACA
ACkDBACw37wDBAC5xukDBAC81x8DBAC88d0DBADBsoYDBADDhcAwDQYJKoZIhvcN
AQELBQADggEBAG5YwOO+9kP2y/NpE4bfD1db54FaduFsa2HF2ZgNBtT+dRhyRoMq
EX4sM+rBTd76nKrdlZfOmtINdvrgssc4IUzyA6CIIYUu0cJoOQ3a7Pr11IYfjSWp
/CB4Mic0/jqUJVwcaqEkDKvdR4G479CDSHnig6Fkltz3PG9sjfbRo4GHzPQcntx8
tYbMOi3aZVcdAApiW7bKWC5T8QgRY517NQg86TcXTaOkwnF3UHypr2NLOYMR5qS/
Nqk+F88P+59wPQuOE/9Vv8gFAFn4fyNDcCm/au2RosQmZoT7drjteMatdm4nkgJ6
ymA1rO+LIsFz4nl7ax+3a6ulvsBDYzAfGzk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:20:18 2025 by rpki-client