Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/4f37a8-b937-4c6a-9912-6e545b6c43b0/1/0JN2vyzDQDc8hqznZuHYx59iVgw.roa
File: 0JN2vyzDQDc8hqznZuHYx59iVgw.roa (raw, json)
Hash identifier: f3XiZFi6nbVWq/4L3lB2rfwMDECeZB1pzVtF3apTcoA=
Subject key identifier: D0:93:76:BF:2C:C3:40:37:3C:86:AC:E7:66:E1:D8:C7:9F:62:56:0C
Certificate issuer: /CN=004cf07c7d059302b56066aaf6cbeec135186a44
Certificate serial: 0195F0EA1DB3A49CAC2F3733235FDEC0DC1A
Authority key identifier: 00:4C:F0:7C:7D:05:93:02:B5:60:66:AA:F6:CB:EE:C1:35:18:6A:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AEzwfH0FkwK1YGaq9svuwTUYakQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/4f37a8-b937-4c6a-9912-6e545b6c43b0/1/0JN2vyzDQDc8hqznZuHYx59iVgw.roa
Signing time: Tue 01 Apr 2025 10:33:49 +0000
ROA not before: Tue 01 Apr 2025 10:33:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199348
IP address blocks: 45.86.148.0/22 maxlen: 22
46.31.132.0/22 maxlen: 22
176.105.152.0/22 maxlen: 22
185.20.64.0/22 maxlen: 22
185.76.140.0/22 maxlen: 22
2a04:1540::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/4f37a8-b937-4c6a-9912-6e545b6c43b0/1/AEzwfH0FkwK1YGaq9svuwTUYakQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/4f37a8-b937-4c6a-9912-6e545b6c43b0/1/AEzwfH0FkwK1YGaq9svuwTUYakQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/AEzwfH0FkwK1YGaq9svuwTUYakQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f0:ea:1d:b3:a4:9c:ac:2f:37:33:23:5f:de:c0:dc:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=004cf07c7d059302b56066aaf6cbeec135186a44
Validity
Not Before: Apr 1 10:33:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d09376bf2cc340373c86ace766e1d8c79f62560c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a1:47:03:58:1c:55:7e:c2:4f:a3:13:e0:6d:
9d:64:5e:e7:cd:6d:da:28:0a:d4:82:34:21:69:81:
f7:d3:ca:ea:bb:8f:86:ce:f4:6c:cf:f8:d0:65:70:
e5:7d:80:bb:3b:e6:33:4c:09:58:04:de:96:8e:bd:
8e:a1:d7:c8:d7:a9:24:35:49:4e:7a:b7:f1:f3:a0:
84:a2:4c:a5:b4:b9:cf:18:aa:5b:cf:6f:32:03:41:
84:1f:d8:1d:6d:bb:28:9a:9d:bd:a4:fc:2d:39:08:
d2:39:85:45:e5:7d:37:40:ca:4b:60:56:7b:01:d1:
b1:2c:3a:07:f6:72:20:98:f9:92:83:69:68:ad:e1:
13:9c:2d:5d:ea:6f:39:92:b9:60:e7:a5:23:04:f5:
d2:f0:07:44:9d:8b:25:fc:e2:49:52:4a:f7:86:98:
f9:3f:d8:39:9f:05:0b:ff:09:dc:3a:c9:05:49:94:
65:29:28:85:1e:59:d0:da:49:13:a4:5b:0a:5e:bc:
e0:37:d8:f1:ff:c6:dc:74:3b:c8:f1:e9:35:15:00:
d0:49:05:d3:bc:c4:a4:f4:bb:4b:ca:fc:f5:41:71:
08:ee:20:db:51:af:9e:28:61:85:e7:33:48:20:8e:
de:d8:80:3e:64:88:62:fe:73:e0:c1:1f:62:19:a4:
65:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:93:76:BF:2C:C3:40:37:3C:86:AC:E7:66:E1:D8:C7:9F:62:56:0C
X509v3 Authority Key Identifier:
keyid:00:4C:F0:7C:7D:05:93:02:B5:60:66:AA:F6:CB:EE:C1:35:18:6A:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AEzwfH0FkwK1YGaq9svuwTUYakQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/4f37a8-b937-4c6a-9912-6e545b6c43b0/1/0JN2vyzDQDc8hqznZuHYx59iVgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/4f37a8-b937-4c6a-9912-6e545b6c43b0/1/AEzwfH0FkwK1YGaq9svuwTUYakQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.148.0/22
46.31.132.0/22
176.105.152.0/22
185.20.64.0/22
185.76.140.0/22
IPv6:
2a04:1540::/29
Signature Algorithm: sha256WithRSAEncryption
87:7c:72:6a:6a:0e:b0:b8:07:80:13:26:15:e8:b8:3b:75:79:
32:20:59:8e:3c:05:28:2a:a9:87:40:b2:5b:89:07:f0:3c:8f:
84:72:b2:d4:93:9f:59:d1:36:c2:fb:52:08:be:f3:1c:77:17:
04:77:d8:31:d3:09:55:68:a2:e0:f8:6a:8b:e9:50:f0:af:f6:
1c:0c:5d:84:95:41:a8:f4:2b:31:f1:ad:53:57:7a:d9:04:3d:
c8:41:52:8f:85:78:ab:8b:46:5a:74:73:d1:da:4f:29:fe:df:
35:f5:93:2a:65:18:66:ff:8f:86:3b:21:d2:76:34:b6:07:60:
aa:84:70:3a:09:d4:cf:39:36:0d:8e:2e:86:48:33:c3:64:69:
1f:90:5a:f0:c2:e8:bd:91:40:93:20:9b:7d:51:5a:da:a5:fe:
9d:2f:87:d8:2e:54:45:ff:50:bf:b2:db:ec:ec:37:2f:97:98:
60:31:28:69:87:ac:2b:98:12:26:07:a1:c2:38:14:9d:db:4c:
88:79:19:be:e6:ea:c2:09:ce:ac:a7:d1:b8:81:cc:58:a1:4a:
73:98:a5:d1:08:42:bd:c4:bd:30:bd:a2:5e:5c:dd:9d:75:ef:
e6:b2:5e:28:fe:5d:cf:7f:06:83:54:62:9c:04:b8:9b:98:6c:
d2:44:7b:3c
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZXw6h2zpJysLzczI1/ewNwaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNGNmMDdjN2QwNTkzMDJiNTYwNjZhYWY2Y2JlZWMxMzUx
ODZhNDQwHhcNMjUwNDAxMTAzMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDkzNzZiZjJjYzM0MDM3M2M4NmFjZTc2NmUxZDhjNzlmNjI1NjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaFHA1gcVX7CT6MT4G2dZF7nzW3a
KArUgjQhaYH308rqu4+GzvRsz/jQZXDlfYC7O+YzTAlYBN6Wjr2OodfI16kkNUlO
erfx86CEokyltLnPGKpbz28yA0GEH9gdbbsomp29pPwtOQjSOYVF5X03QMpLYFZ7
AdGxLDoH9nIgmPmSg2loreETnC1d6m85krlg56UjBPXS8AdEnYsl/OJJUkr3hpj5
P9g5nwUL/wncOskFSZRlKSiFHlnQ2kkTpFsKXrzgN9jx/8bcdDvI8ek1FQDQSQXT
vMSk9LtLyvz1QXEI7iDbUa+eKGGF5zNIII7e2IA+ZIhi/nPgwR9iGaRlawIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNCTdr8sw0A3PIas52bh2MefYlYMMB8GA1UdIwQY
MBaAFABM8Hx9BZMCtWBmqvbL7sE1GGpEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUV6d2ZIMEZrd0sxWUdhcTlzdnV3VFVZYWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi80ZjM3YTgtYjkzNy00YzZhLTk5MTIt
NmU1NDViNmM0M2IwLzEvMEpOMnZ5ekRRRGM4aHF6blp1SFl4NTlpVmd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi80ZjM3YTgtYjkzNy00YzZhLTk5MTItNmU1NDViNmM0M2Iw
LzEvQUV6d2ZIMEZrd0sxWUdhcTlzdnV3VFVZYWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLVaUAwQC
Lh+EAwQCsGmYAwQCuRRAAwQCuUyMMA0EAgACMAcDBQMqBBVAMA0GCSqGSIb3DQEB
CwUAA4IBAQCHfHJqag6wuAeAEyYV6Lg7dXkyIFmOPAUoKqmHQLJbiQfwPI+EcrLU
k59Z0TbC+1IIvvMcdxcEd9gx0wlVaKLg+GqL6VDwr/YcDF2ElUGo9Csx8a1TV3rZ
BD3IQVKPhXiri0ZadHPR2k8p/t819ZMqZRhm/4+GOyHSdjS2B2CqhHA6CdTPOTYN
ji6GSDPDZGkfkFrwwui9kUCTIJt9UVrapf6dL4fYLlRF/1C/stvs7Dcvl5hgMShp
h6wrmBImB6HCOBSd20yIeRm+5urCCc6sp9G4gcxYoUpzmKXRCEK9xL0wvaJeXN2d
de/msl4o/l3PfwaDVGKcBLibmGzSRHs8
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:49:55 2025 by rpki-client