Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/gAF5yk6vmaOq2Uung0D_8Gub1gc.roa
File: gAF5yk6vmaOq2Uung0D_8Gub1gc.roa (raw, json)
Hash identifier: eVAKmeO8heHGdx9Kcy2Kx3p7IXGpACADu9i5ILdct+c=
Subject key identifier: 80:01:79:CA:4E:AF:99:A3:AA:D9:4B:A7:83:40:FF:F0:6B:9B:D6:07
Certificate issuer: /CN=bc464ba9d26385f54df6254ac248926d370445b0
Certificate serial: 0194228D976EC817D2A81E5F9E7999C379D1
Authority key identifier: BC:46:4B:A9:D2:63:85:F5:4D:F6:25:4A:C2:48:92:6D:37:04:45:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEZLqdJjhfVN9iVKwkiSbTcERbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/gAF5yk6vmaOq2Uung0D_8Gub1gc.roa
Signing time: Wed 01 Jan 2025 15:48:12 +0000
ROA not before: Wed 01 Jan 2025 15:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8540
IP address blocks: 45.155.184.0/22 maxlen: 24
146.19.52.0/24 maxlen: 24
185.151.20.0/22 maxlen: 24
185.209.204.0/22 maxlen: 24
185.227.88.0/23 maxlen: 24
185.227.91.0/24 maxlen: 24
185.236.164.0/23 maxlen: 24
185.236.166.0/24 maxlen: 24
195.128.151.0/24 maxlen: 24
2a07:7540::/29 maxlen: 32
2a0b:4c40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/vEZLqdJjhfVN9iVKwkiSbTcERbA.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/vEZLqdJjhfVN9iVKwkiSbTcERbA.mft
rsync://rpki.ripe.net/repository/DEFAULT/vEZLqdJjhfVN9iVKwkiSbTcERbA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:97:6e:c8:17:d2:a8:1e:5f:9e:79:99:c3:79:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc464ba9d26385f54df6254ac248926d370445b0
Validity
Not Before: Jan 1 15:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=800179ca4eaf99a3aad94ba78340fff06b9bd607
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ce:54:fd:57:7f:20:11:a1:06:5e:4c:f0:d3:
da:a8:4e:08:0e:02:f6:e6:6d:2b:a0:0d:70:eb:5c:
5e:6a:20:af:41:50:a0:e2:28:55:4f:da:ae:29:26:
f9:f7:21:3d:21:31:ba:b9:b4:6d:b7:eb:f4:61:b1:
4c:94:aa:33:99:90:b1:0f:2b:30:16:52:b9:4c:63:
ee:7b:cc:52:61:e0:5f:86:fa:ea:92:88:3c:f5:7b:
31:6a:05:f3:67:6c:04:59:34:5b:7f:51:40:a5:f5:
b6:a2:52:73:2c:6e:b3:ce:b5:b4:11:7e:7e:79:13:
22:99:a1:1e:01:93:7c:a2:a5:f1:41:fd:1f:df:fe:
46:8d:14:78:e3:97:de:bc:74:c5:56:9d:9b:a1:05:
5f:b3:3e:a0:bf:b9:92:10:42:f5:99:8d:3e:e8:80:
a2:8b:20:61:36:e8:c8:43:cc:b4:93:fc:51:1c:b0:
dd:59:cb:fe:63:32:79:c5:00:c6:ef:10:f2:db:3c:
35:a8:4b:7f:10:ea:06:72:00:dd:5e:b2:13:49:23:
83:8b:db:55:5c:1a:39:61:91:30:72:50:79:ca:1a:
11:31:99:f6:96:0d:16:f2:1f:5e:46:c5:1f:d1:30:
25:f5:72:8d:1d:2f:ee:3a:68:89:0a:36:08:cd:cc:
f3:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:01:79:CA:4E:AF:99:A3:AA:D9:4B:A7:83:40:FF:F0:6B:9B:D6:07
X509v3 Authority Key Identifier:
keyid:BC:46:4B:A9:D2:63:85:F5:4D:F6:25:4A:C2:48:92:6D:37:04:45:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEZLqdJjhfVN9iVKwkiSbTcERbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/gAF5yk6vmaOq2Uung0D_8Gub1gc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/501f2b-fd1f-45ea-b494-d73dc4b41ce1/1/vEZLqdJjhfVN9iVKwkiSbTcERbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.184.0/22
146.19.52.0/24
185.151.20.0/22
185.209.204.0/22
185.227.88.0/23
185.227.91.0/24
185.236.164.0-185.236.166.255
195.128.151.0/24
IPv6:
2a07:7540::/29
2a0b:4c40::/29
Signature Algorithm: sha256WithRSAEncryption
25:9f:d5:ef:ce:b1:91:fc:c5:b3:f8:64:fe:64:e2:b6:cf:91:
d0:dc:31:4b:3b:30:e7:96:c6:34:0a:3e:c5:dc:bd:ed:97:08:
c4:63:0e:e1:cc:37:8b:ae:4d:b5:9c:6f:5b:83:41:00:f4:19:
ce:e0:52:26:4b:f6:5c:ff:94:ed:f2:d2:ee:ea:fd:1e:73:21:
d0:cf:f2:48:2d:a5:1c:56:6a:b1:b0:a3:f7:ff:25:c3:0a:8e:
93:e0:91:62:b8:1d:8d:ff:1d:9d:dd:b9:f2:08:f0:05:83:37:
9a:3d:96:b3:61:3f:c1:cc:9e:25:10:8d:b1:9d:a9:f5:cb:88:
73:f1:23:df:b1:3d:d7:e6:7d:36:94:b5:50:da:55:38:ab:52:
e8:e9:18:48:16:a7:7c:9b:32:11:b0:78:78:6c:cf:d3:27:a6:
f3:15:73:e4:28:41:99:dc:5d:aa:3e:81:91:18:9d:2d:86:ac:
21:d1:88:52:44:c3:8d:ed:12:4a:4e:52:49:95:bb:cf:0f:8d:
83:ba:d8:5c:26:79:9b:7d:f5:15:39:c6:22:bd:bc:07:c1:60:
07:d9:24:93:8e:04:37:46:de:7c:80:e5:0d:80:6a:60:a8:f5:
7c:c3:8a:c5:d7:7d:fa:d2:88:25:a1:14:f6:09:5d:32:3d:a8:
4f:75:b8:ad
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZQijZduyBfSqB5fnnmZw3nRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNDY0YmE5ZDI2Mzg1ZjU0ZGY2MjU0YWMyNDg5MjZkMzcw
NDQ1YjAwHhcNMjUwMTAxMTU0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDAxNzljYTRlYWY5OWEzYWFkOTRiYTc4MzQwZmZmMDZiOWJkNjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuM5U/Vd/IBGhBl5M8NPaqE4IDgL2
5m0roA1w61xeaiCvQVCg4ihVT9quKSb59yE9ITG6ubRtt+v0YbFMlKozmZCxDysw
FlK5TGPue8xSYeBfhvrqkog89XsxagXzZ2wEWTRbf1FApfW2olJzLG6zzrW0EX5+
eRMimaEeAZN8oqXxQf0f3/5GjRR445fevHTFVp2boQVfsz6gv7mSEEL1mY0+6ICi
iyBhNujIQ8y0k/xRHLDdWcv+YzJ5xQDG7xDy2zw1qEt/EOoGcgDdXrITSSODi9tV
XBo5YZEwclB5yhoRMZn2lg0W8h9eRsUf0TAl9XKNHS/uOmiJCjYIzczzswIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFIABecpOr5mjqtlLp4NA//Brm9YHMB8GA1UdIwQY
MBaAFLxGS6nSY4X1TfYlSsJIkm03BEWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkVaTHFkSmpoZlZOOWlWS3draVNiVGNFUmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS81MDFmMmItZmQxZi00NWVhLWI0OTQt
ZDczZGM0YjQxY2UxLzEvZ0FGNXlrNnZtYU9xMlV1bmcwRF84R3ViMWdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS81MDFmMmItZmQxZi00NWVhLWI0OTQtZDczZGM0YjQxY2Ux
LzEvdkVaTHFkSmpoZlZOOWlWS3draVNiVGNFUmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjA+BAIAATA4AwQCLZu4AwQA
khM0AwQCuZcUAwQCudHMAwQBueNYAwQAueNbMAwDBAK57KQDBAC57KYDBADDgJcw
FAQCAAIwDgMFAyoHdUADBQMqC0xAMA0GCSqGSIb3DQEBCwUAA4IBAQAln9XvzrGR
/MWz+GT+ZOK2z5HQ3DFLOzDnlsY0Cj7F3L3tlwjEYw7hzDeLrk21nG9bg0EA9BnO
4FImS/Zc/5Tt8tLu6v0ecyHQz/JILaUcVmqxsKP3/yXDCo6T4JFiuB2N/x2d3bny
CPAFgzeaPZazYT/BzJ4lEI2xnan1y4hz8SPfsT3X5n02lLVQ2lU4q1Lo6RhIFqd8
mzIRsHh4bM/TJ6bzFXPkKEGZ3F2qPoGRGJ0thqwh0YhSRMON7RJKTlJJlbvPD42D
uthcJnmbffUVOcYivbwHwWAH2SSTjgQ3Rt58gOUNgGpgqPV8w4rF13360ogloRT2
CV0yPahPdbit
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:30 2025 by rpki-client