Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/db5989-19f6-468d-9fc3-f8a3780c348e/1/Kd39P6546NpKkTMGeJ0Di1Tm-dg.roa
File: Kd39P6546NpKkTMGeJ0Di1Tm-dg.roa (raw, json)
Hash identifier: whkcH/ShQkUqu7p697My2+ymwjNji4wGQLqM0wmvkYA=
Subject key identifier: 29:DD:FD:3F:AE:78:E8:DA:4A:91:33:06:78:9D:03:8B:54:E6:F9:D8
Certificate issuer: /CN=b4506bce3f7e1ae3a7e2cb9ad205c4cdfb02ddb5
Certificate serial: 01942067C9E901D98D613A35667F0AD63FA6
Authority key identifier: B4:50:6B:CE:3F:7E:1A:E3:A7:E2:CB:9A:D2:05:C4:CD:FB:02:DD:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tFBrzj9-GuOn4sua0gXEzfsC3bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/db5989-19f6-468d-9fc3-f8a3780c348e/1/Kd39P6546NpKkTMGeJ0Di1Tm-dg.roa
Signing time: Wed 01 Jan 2025 05:47:40 +0000
ROA not before: Wed 01 Jan 2025 05:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39287
IP address blocks: 45.142.140.0/22 maxlen: 22
45.158.116.0/22 maxlen: 22
80.78.16.0/20 maxlen: 20
95.215.16.0/22 maxlen: 22
185.193.124.0/22 maxlen: 22
185.193.125.0/24 maxlen: 24
185.193.126.0/23 maxlen: 23
195.14.20.0/24 maxlen: 24
2001:67c:2354::/48 maxlen: 48
2001:67c:2358::/48 maxlen: 48
2a02:6f8::/32 maxlen: 32
2a0a:3840::/29 maxlen: 29
2a0e:d9c0::/29 maxlen: 29
2a0f:5e80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/db5989-19f6-468d-9fc3-f8a3780c348e/1/tFBrzj9-GuOn4sua0gXEzfsC3bU.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/db5989-19f6-468d-9fc3-f8a3780c348e/1/tFBrzj9-GuOn4sua0gXEzfsC3bU.mft
rsync://rpki.ripe.net/repository/DEFAULT/tFBrzj9-GuOn4sua0gXEzfsC3bU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:c9:e9:01:d9:8d:61:3a:35:66:7f:0a:d6:3f:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4506bce3f7e1ae3a7e2cb9ad205c4cdfb02ddb5
Validity
Not Before: Jan 1 05:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=29ddfd3fae78e8da4a913306789d038b54e6f9d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:14:37:9f:b8:c8:7f:00:2b:72:72:9d:de:6d:
02:ef:68:f0:80:eb:7a:08:98:78:83:4d:20:57:9f:
18:0a:e7:28:71:15:e0:32:ab:8a:e8:36:04:5a:ad:
14:72:dc:c8:dc:ff:f2:f8:e1:43:27:ab:ed:8b:0c:
9e:2b:18:30:01:f5:00:2d:aa:50:1c:a1:36:55:0a:
9f:25:5e:3b:9a:e1:9b:31:67:ca:8a:5d:80:09:72:
73:80:b7:82:19:d8:51:f5:2c:be:2e:83:97:a7:c6:
e9:83:c2:ad:38:ab:00:28:b3:6d:8d:60:1e:52:7c:
7e:07:74:e2:b0:49:06:c7:9d:54:1b:73:c1:1d:1a:
dc:95:2e:a5:6d:25:92:36:c3:54:b1:ac:03:e9:2c:
7b:79:64:ca:d7:13:e2:87:06:05:fa:66:15:77:ce:
42:ca:2b:b9:67:45:b4:47:ea:f0:90:91:c3:f0:ae:
59:6d:45:f9:17:a9:d1:64:e6:b2:aa:61:76:e9:f4:
47:1a:de:09:13:a7:be:e8:6f:93:9e:f9:d7:2a:eb:
3e:2b:1a:81:11:c7:d6:bc:ce:cf:ff:ac:a7:36:2f:
48:79:7a:80:26:b8:b3:44:dd:d9:c1:0b:87:fa:6c:
69:6d:a6:a7:1f:fc:f7:99:ad:0d:91:70:95:f6:41:
7c:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:DD:FD:3F:AE:78:E8:DA:4A:91:33:06:78:9D:03:8B:54:E6:F9:D8
X509v3 Authority Key Identifier:
keyid:B4:50:6B:CE:3F:7E:1A:E3:A7:E2:CB:9A:D2:05:C4:CD:FB:02:DD:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFBrzj9-GuOn4sua0gXEzfsC3bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/db5989-19f6-468d-9fc3-f8a3780c348e/1/Kd39P6546NpKkTMGeJ0Di1Tm-dg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/db5989-19f6-468d-9fc3-f8a3780c348e/1/tFBrzj9-GuOn4sua0gXEzfsC3bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.140.0/22
45.158.116.0/22
80.78.16.0/20
95.215.16.0/22
185.193.124.0/22
195.14.20.0/24
IPv6:
2001:67c:2354::/48
2001:67c:2358::/48
2a02:6f8::/32
2a0a:3840::/29
2a0e:d9c0::/29
2a0f:5e80::/29
Signature Algorithm: sha256WithRSAEncryption
80:14:54:d1:3b:99:ef:a8:a1:77:22:ab:f7:1b:cc:e4:09:4f:
1a:6f:41:ff:c2:ec:a4:85:15:54:e5:17:cd:15:91:22:d8:c9:
e2:98:79:2e:c5:05:b4:cb:63:f5:7a:a0:85:0c:e7:88:ca:a3:
37:36:b4:48:99:5f:0b:8b:d5:d8:a1:e9:54:01:b0:cb:0f:9b:
72:96:dd:0f:69:aa:ca:9f:54:a2:9c:ac:9d:f7:85:f2:66:59:
1e:b3:d8:7c:51:69:68:3e:65:b9:6c:c2:0e:bd:3b:d1:0c:60:
d8:1f:13:39:6b:35:1b:b0:dc:c1:2e:c1:38:22:bc:8f:43:71:
a4:56:e6:80:c1:4a:69:69:9f:d5:5c:83:59:5b:66:0d:f6:9e:
dc:b3:84:0c:9f:5c:e3:2c:ff:e5:28:e3:95:09:70:9d:fa:70:
6c:ba:cf:e5:2c:f4:ed:dd:b9:e0:65:3d:0a:ce:7e:e2:d3:43:
f6:82:11:61:1b:97:03:ec:1c:6c:7c:48:4b:69:46:9a:21:eb:
b3:57:cb:04:2a:42:df:90:47:47:39:c1:f3:8e:b5:6c:90:6f:
14:6c:80:b3:69:79:7f:5a:19:cd:a6:80:1b:79:bd:df:14:a8:
08:5a:2f:61:32:10:7b:0c:2b:bb:0c:78:f8:1b:18:b3:c3:82:
be:07:24:ad
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZQgZ8npAdmNYTo1Zn8K1j+mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NTA2YmNlM2Y3ZTFhZTNhN2UyY2I5YWQyMDVjNGNkZmIw
MmRkYjUwHhcNMjUwMTAxMDU0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWRkZmQzZmFlNzhlOGRhNGE5MTMzMDY3ODlkMDM4YjU0ZTZmOWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxQ3n7jIfwArcnKd3m0C72jwgOt6
CJh4g00gV58YCucocRXgMquK6DYEWq0UctzI3P/y+OFDJ6vtiwyeKxgwAfUALapQ
HKE2VQqfJV47muGbMWfKil2ACXJzgLeCGdhR9Sy+LoOXp8bpg8KtOKsAKLNtjWAe
Unx+B3TisEkGx51UG3PBHRrclS6lbSWSNsNUsawD6Sx7eWTK1xPihwYF+mYVd85C
yiu5Z0W0R+rwkJHD8K5ZbUX5F6nRZOayqmF26fRHGt4JE6e+6G+TnvnXKus+KxqB
EcfWvM7P/6ynNi9IeXqAJrizRN3ZwQuH+mxpbaanH/z3ma0NkXCV9kF8RwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFCnd/T+ueOjaSpEzBnidA4tU5vnYMB8GA1UdIwQY
MBaAFLRQa84/fhrjp+LLmtIFxM37At21MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEZCcnpqOS1HdU9uNHN1YTBnWEV6ZnNDM2JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9kYjU5ODktMTlmNi00NjhkLTlmYzMt
ZjhhMzc4MGMzNDhlLzEvS2QzOVA2NTQ2TnBLa1RNR2VKMERpMVRtLWRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9kYjU5ODktMTlmNi00NjhkLTlmYzMtZjhhMzc4MGMzNDhl
LzEvdEZCcnpqOS1HdU9uNHN1YTBnWEV6ZnNDM2JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjAqBAIAATAkAwQCLY6MAwQC
LZ50AwQEUE4QAwQCX9cQAwQCucF8AwQAww4UMDQEAgACMC4DBwAgAQZ8I1QDBwAg
AQZ8I1gDBQAqAgb4AwUDKgo4QAMFAyoO2cADBQMqD16AMA0GCSqGSIb3DQEBCwUA
A4IBAQCAFFTRO5nvqKF3Iqv3G8zkCU8ab0H/wuykhRVU5RfNFZEi2MnimHkuxQW0
y2P1eqCFDOeIyqM3NrRImV8Li9XYoelUAbDLD5tylt0PaarKn1SinKyd94XyZlke
s9h8UWloPmW5bMIOvTvRDGDYHxM5azUbsNzBLsE4IryPQ3GkVuaAwUppaZ/VXINZ
W2YN9p7cs4QMn1zjLP/lKOOVCXCd+nBsus/lLPTt3bngZT0Kzn7i00P2ghFhG5cD
7BxsfEhLaUaaIeuzV8sEKkLfkEdHOcHzjrVskG8UbICzaXl/WhnNpoAbeb3fFKgI
Wi9hMhB7DCu7DHj4Gxizw4K+BySt
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:02:00 2025 by rpki-client