Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/29a6cd-3ac6-4749-8cfe-dceaa2ae0a74/1/rT2NKGhh-IbqjO8Z7nYfbW1wOX8.roa
File: rT2NKGhh-IbqjO8Z7nYfbW1wOX8.roa (raw, json)
Hash identifier: iTv3B38u9yzbs8hr8RvbnohLnyRQDgptr0b4/9herOw=
Subject key identifier: AD:3D:8D:28:68:61:F8:86:EA:8C:EF:19:EE:76:1F:6D:6D:70:39:7F
Certificate issuer: /CN=351f1c75a1dc864dfbf98743c506ee186924f643
Certificate serial: 0195914E689251E58608933B9E4F49D2DDC8
Authority key identifier: 35:1F:1C:75:A1:DC:86:4D:FB:F9:87:43:C5:06:EE:18:69:24:F6:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NR8cdaHchk37-YdDxQbuGGkk9kM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/29a6cd-3ac6-4749-8cfe-dceaa2ae0a74/1/rT2NKGhh-IbqjO8Z7nYfbW1wOX8.roa
Signing time: Thu 13 Mar 2025 20:59:49 +0000
ROA not before: Thu 13 Mar 2025 20:59:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57359
IP address blocks: 45.82.108.0/22 maxlen: 22
62.220.232.0/21 maxlen: 21
146.19.200.0/24 maxlen: 24
185.130.64.0/22 maxlen: 22
185.242.149.0/24 maxlen: 24
195.8.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/29a6cd-3ac6-4749-8cfe-dceaa2ae0a74/1/NR8cdaHchk37-YdDxQbuGGkk9kM.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/29a6cd-3ac6-4749-8cfe-dceaa2ae0a74/1/NR8cdaHchk37-YdDxQbuGGkk9kM.mft
rsync://rpki.ripe.net/repository/DEFAULT/NR8cdaHchk37-YdDxQbuGGkk9kM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 15:33:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:91:4e:68:92:51:e5:86:08:93:3b:9e:4f:49:d2:dd:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351f1c75a1dc864dfbf98743c506ee186924f643
Validity
Not Before: Mar 13 20:59:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad3d8d286861f886ea8cef19ee761f6d6d70397f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:c5:0e:4f:68:3b:00:00:5b:e0:e9:16:76:f7:
5d:24:d0:d0:d0:71:f5:fa:cf:85:81:54:2b:bd:3d:
f2:f8:94:0f:0e:de:76:5c:cc:ca:60:84:80:e7:30:
0e:ee:37:ab:c1:30:70:ae:ed:e8:42:a3:4e:5b:58:
a9:c4:76:3f:ef:cd:df:f4:13:05:bf:4e:d4:21:da:
07:75:43:e3:b8:48:6e:0c:d8:7c:fb:21:64:26:c9:
db:2f:2f:ff:85:22:48:4f:bc:77:9c:05:bb:32:aa:
b0:65:70:a0:4f:65:67:c2:6a:3d:30:2e:c5:8a:7e:
79:15:b4:2e:f5:6c:27:56:fc:ad:0d:97:36:7d:88:
db:7c:2d:fa:7a:3e:e4:6d:c3:51:bf:6a:8c:51:72:
4b:ec:f2:5e:8a:80:1f:17:79:b8:6a:08:c8:3f:8c:
10:c7:e7:10:72:21:f5:e8:a7:c9:8b:7d:2f:6f:e0:
df:cc:a6:8c:a1:96:d6:87:d4:c0:eb:fc:02:65:94:
14:7f:16:12:7a:cc:0c:60:cf:1d:47:18:ab:0c:70:
bb:85:b1:82:76:3f:85:6d:b0:4b:53:22:d8:e9:a4:
37:83:00:80:29:e9:78:74:3b:9e:4f:e3:0b:19:ea:
b6:78:40:3b:09:2f:37:a8:7f:b8:2d:36:24:a4:38:
d1:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:3D:8D:28:68:61:F8:86:EA:8C:EF:19:EE:76:1F:6D:6D:70:39:7F
X509v3 Authority Key Identifier:
keyid:35:1F:1C:75:A1:DC:86:4D:FB:F9:87:43:C5:06:EE:18:69:24:F6:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NR8cdaHchk37-YdDxQbuGGkk9kM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/29a6cd-3ac6-4749-8cfe-dceaa2ae0a74/1/rT2NKGhh-IbqjO8Z7nYfbW1wOX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/29a6cd-3ac6-4749-8cfe-dceaa2ae0a74/1/NR8cdaHchk37-YdDxQbuGGkk9kM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.108.0/22
62.220.232.0/21
146.19.200.0/24
185.130.64.0/22
185.242.149.0/24
195.8.63.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:eb:65:54:67:46:0c:47:3a:2b:8f:cd:62:19:9c:ef:7f:3a:
72:e7:59:dc:76:5a:f8:ca:4a:30:ef:ef:2e:0e:07:ba:4d:62:
81:e3:70:17:69:38:41:57:21:a5:e7:88:e1:d7:21:d7:c5:7b:
34:f4:d6:61:69:0e:e5:cd:52:e5:8a:0c:21:2c:e8:13:f6:de:
d1:27:b3:a2:04:e9:e1:d3:37:66:fc:ed:89:97:2d:c1:b6:6d:
d1:45:26:a6:06:f9:89:34:34:13:54:be:1b:29:4d:05:f1:44:
54:d8:ea:e1:f0:10:3c:91:84:89:27:6f:64:e9:eb:96:a9:2d:
37:2f:c8:3f:cc:cb:c9:5f:e7:9a:77:93:fb:f0:57:eb:f2:e9:
63:9a:2c:4c:f2:4a:67:6d:bf:8c:ea:76:49:1c:c8:18:70:f3:
b1:3f:cc:a2:d1:ca:ce:cd:81:ea:c2:8a:cf:2c:31:c8:34:02:
90:f1:b2:de:26:98:d5:53:4d:84:97:9d:76:0d:c2:bb:f2:34:
3d:97:e9:7e:d9:af:1f:bf:cd:87:80:76:af:14:cf:bd:b3:02:
a7:4e:86:8f:11:83:92:e3:44:55:fb:dd:69:4f:15:56:40:7c:
44:b3:18:34:61:8d:4e:5b:cc:4f:32:32:78:65:32:1d:e0:4f:
b9:42:8d:2e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZWRTmiSUeWGCJM7nk9J0t3IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWYxYzc1YTFkYzg2NGRmYmY5ODc0M2M1MDZlZTE4Njky
NGY2NDMwHhcNMjUwMzEzMjA1OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDNkOGQyODY4NjFmODg2ZWE4Y2VmMTllZTc2MWY2ZDZkNzAzOTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8MUOT2g7AABb4OkWdvddJNDQ0HH1
+s+FgVQrvT3y+JQPDt52XMzKYISA5zAO7jerwTBwru3oQqNOW1ipxHY/783f9BMF
v07UIdoHdUPjuEhuDNh8+yFkJsnbLy//hSJIT7x3nAW7MqqwZXCgT2Vnwmo9MC7F
in55FbQu9WwnVvytDZc2fYjbfC36ej7kbcNRv2qMUXJL7PJeioAfF3m4agjIP4wQ
x+cQciH16KfJi30vb+DfzKaMoZbWh9TA6/wCZZQUfxYSeswMYM8dRxirDHC7hbGC
dj+FbbBLUyLY6aQ3gwCAKel4dDueT+MLGeq2eEA7CS83qH+4LTYkpDjRowIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFK09jShoYfiG6ozvGe52H21tcDl/MB8GA1UdIwQY
MBaAFDUfHHWh3IZN+/mHQ8UG7hhpJPZDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlI4Y2RhSGNoazM3LVlkRHhRYnVHR2trOWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8yOWE2Y2QtM2FjNi00NzQ5LThjZmUt
ZGNlYWEyYWUwYTc0LzEvclQyTktHaGgtSWJxak84WjduWWZiVzF3T1g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8yOWE2Y2QtM2FjNi00NzQ5LThjZmUtZGNlYWEyYWUwYTc0
LzEvTlI4Y2RhSGNoazM3LVlkRHhRYnVHR2trOWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLVJsAwQD
PtzoAwQAkhPIAwQCuYJAAwQAufKVAwQAwwg/MA0GCSqGSIb3DQEBCwUAA4IBAQCw
62VUZ0YMRzorj81iGZzvfzpy51ncdlr4ykow7+8uDge6TWKB43AXaThBVyGl54jh
1yHXxXs09NZhaQ7lzVLligwhLOgT9t7RJ7OiBOnh0zdm/O2Jly3Btm3RRSamBvmJ
NDQTVL4bKU0F8URU2Orh8BA8kYSJJ29k6euWqS03L8g/zMvJX+ead5P78Ffr8ulj
mixM8kpnbb+M6nZJHMgYcPOxP8yi0crOzYHqworPLDHINAKQ8bLeJpjVU02El512
DcK78jQ9l+l+2a8fv82HgHavFM+9swKnToaPEYOS40RV+91pTxVWQHxEsxg0YY1O
W8xPMjJ4ZTId4E+5Qo0u
-----END CERTIFICATE-----
Generated at Thu Apr 17 20:21:32 2025 by rpki-client