Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/vUWHtEACbvjI0e-pActKL24z_hg.roa
File: vUWHtEACbvjI0e-pActKL24z_hg.roa (raw, json)
Hash identifier: OHBnh5ay+SQLxHmmfsapl2j8OIud+GGkaDXnzGmrzcA=
Subject key identifier: BD:45:87:B4:40:02:6E:F8:C8:D1:EF:A9:01:CB:4A:2F:6E:33:FE:18
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 0194738D4923E3F159E50E931DA19E284E9D
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/vUWHtEACbvjI0e-pActKL24z_hg.roa
Signing time: Fri 17 Jan 2025 09:17:06 +0000
ROA not before: Fri 17 Jan 2025 09:17:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200020
IP address blocks: 145.19.0.0/24 maxlen: 24
145.85.0.0/24 maxlen: 24
145.91.0.0/24 maxlen: 24
145.97.16.0/23 maxlen: 23
145.97.16.0/24 maxlen: 24
145.97.18.0/23 maxlen: 23
145.97.128.0/24 maxlen: 24
145.144.0.0/24 maxlen: 24
2001:610:2000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.mft
rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 04:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:73:8d:49:23:e3:f1:59:e5:0e:93:1d:a1:9e:28:4e:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Jan 17 09:17:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd4587b440026ef8c8d1efa901cb4a2f6e33fe18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:46:77:a1:39:18:8f:4f:e2:63:a7:82:04:7e:
d9:f9:77:4d:c5:01:8e:54:ef:2e:31:a7:df:11:f6:
ea:0e:a6:95:f6:61:08:2f:88:c3:aa:3c:a8:03:f5:
8c:df:ec:81:31:08:05:19:e0:4a:49:68:d7:7f:a9:
17:f2:5d:35:81:f5:86:70:48:06:23:07:8d:64:6b:
ca:c3:23:7b:61:fa:cd:6c:a6:4f:8a:23:a7:da:c6:
f5:06:d3:a1:67:6d:ae:d9:a6:29:c8:0a:95:27:83:
d9:19:7a:a2:99:ca:86:d7:f3:9a:b2:a9:db:c8:98:
6c:52:a9:b0:c3:37:b8:9b:f2:7e:6a:dd:53:ae:18:
c4:d4:02:87:3e:21:09:95:bf:17:1c:3a:ed:69:ec:
67:8c:ea:81:54:d5:01:6a:dd:9c:ac:6a:d8:e7:83:
5a:56:33:74:90:86:54:10:45:a3:4c:08:30:a5:53:
a0:c9:8b:ac:bb:0b:5c:b8:46:5c:fe:bd:03:8a:c2:
bc:11:fd:3f:ac:25:16:94:a9:5f:fe:ad:88:85:94:
31:49:20:1b:f9:1e:ee:32:b6:c8:98:51:2a:78:9d:
dc:76:d6:35:bc:ab:1c:96:8d:c7:f1:c6:1b:ef:4c:
d1:ee:5a:a8:e5:c4:b7:be:cf:e4:50:2f:f1:02:45:
95:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:45:87:B4:40:02:6E:F8:C8:D1:EF:A9:01:CB:4A:2F:6E:33:FE:18
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/vUWHtEACbvjI0e-pActKL24z_hg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.19.0.0/24
145.85.0.0/24
145.91.0.0/24
145.97.16.0/22
145.97.128.0/24
145.144.0.0/24
IPv6:
2001:610:2000::/48
Signature Algorithm: sha256WithRSAEncryption
b3:c2:b9:d0:d7:c2:58:66:c0:02:45:05:f3:03:18:41:e7:c3:
9b:8e:ee:5a:ae:68:b2:7b:fe:af:06:5d:70:45:06:91:09:1c:
d5:d6:73:de:42:6e:3f:99:71:7c:e8:23:65:0c:eb:aa:22:d9:
7b:2a:bf:e4:70:27:4d:ac:27:16:37:62:4a:72:c1:3f:1c:6d:
7b:30:9b:6b:23:3d:e6:9c:47:b4:6f:2a:5b:8f:0a:29:45:28:
c0:1e:46:68:23:9d:d9:35:76:f6:d8:7d:df:b5:98:51:8e:8b:
e7:1d:db:6a:1e:f2:51:11:f4:b6:6b:a0:1c:d2:39:50:8a:6b:
15:6a:61:be:16:71:21:3f:7f:2e:4c:81:66:25:70:f1:e8:69:
e9:e2:9a:29:2d:f6:76:35:72:50:80:b7:05:a3:9f:c9:4f:43:
88:42:b7:de:23:aa:22:be:47:2a:92:6d:d0:b3:71:14:7a:90:
69:f0:60:60:4a:3d:f0:5b:33:9b:20:dc:1f:44:30:7e:0f:8f:
7b:64:e9:0a:c5:1b:34:75:82:7c:40:55:74:8e:be:f7:96:44:
1c:99:9a:06:0f:6e:e0:75:13:bc:36:73:6d:a0:0d:06:75:09:
34:d3:b6:0a:58:22:1c:ff:82:6c:2f:bf:44:d6:89:24:a4:ec:
94:ca:6d:92
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZRzjUkj4/FZ5Q6THaGeKE6dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjUwMTE3MDkxNzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDQ1ODdiNDQwMDI2ZWY4YzhkMWVmYTkwMWNiNGEyZjZlMzNmZTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUZ3oTkYj0/iY6eCBH7Z+XdNxQGO
VO8uMaffEfbqDqaV9mEIL4jDqjyoA/WM3+yBMQgFGeBKSWjXf6kX8l01gfWGcEgG
IweNZGvKwyN7YfrNbKZPiiOn2sb1BtOhZ22u2aYpyAqVJ4PZGXqimcqG1/Oasqnb
yJhsUqmwwze4m/J+at1TrhjE1AKHPiEJlb8XHDrtaexnjOqBVNUBat2crGrY54Na
VjN0kIZUEEWjTAgwpVOgyYusuwtcuEZc/r0DisK8Ef0/rCUWlKlf/q2IhZQxSSAb
+R7uMrbImFEqeJ3cdtY1vKsclo3H8cYb70zR7lqo5cS3vs/kUC/xAkWVBQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFL1Fh7RAAm74yNHvqQHLSi9uM/4YMB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvdlVXSHRFQUNidmpJMGUtcEFjdEtMMjR6X2hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQAkRMAAwQA
kVUAAwQAkVsAAwQCkWEQAwQAkWGAAwQAkZAAMA8EAgACMAkDBwAgAQYQIAAwDQYJ
KoZIhvcNAQELBQADggEBALPCudDXwlhmwAJFBfMDGEHnw5uO7lquaLJ7/q8GXXBF
BpEJHNXWc95Cbj+ZcXzoI2UM66oi2Xsqv+RwJ02sJxY3YkpywT8cbXswm2sjPeac
R7RvKluPCilFKMAeRmgjndk1dvbYfd+1mFGOi+cd22oe8lER9LZroBzSOVCKaxVq
Yb4WcSE/fy5MgWYlcPHoaenimikt9nY1clCAtwWjn8lPQ4hCt94jqiK+RyqSbdCz
cRR6kGnwYGBKPfBbM5sg3B9EMH4Pj3tk6QrFGzR1gnxAVXSOvveWRByZmgYPbuB1
E7w2c22gDQZ1CTTTtgpYIhz/gmwvv0TWiSSk7JTKbZI=
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:00:52 2025 by rpki-client