Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/139ebd-5abf-4254-8933-6f97dfc10fe7/1/T9LZjeWP7v9MjImSQxwCyXQEIjQ.roa
File: T9LZjeWP7v9MjImSQxwCyXQEIjQ.roa (raw, json)
Hash identifier: ryZ/pHb+xQxL2NrfTWfDmvDfQVr6T5F6jZbDhNZwl/4=
Subject key identifier: 4F:D2:D9:8D:E5:8F:EE:FF:4C:8C:89:92:43:1C:02:C9:74:04:22:34
Certificate issuer: /CN=4fcf77105f95075ce585d427e97754e8f007a8b9
Certificate serial: 01941F8C0025D4F795362E288D986F062CAF
Authority key identifier: 4F:CF:77:10:5F:95:07:5C:E5:85:D4:27:E9:77:54:E8:F0:07:A8:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T893EF-VB1zlhdQn6XdU6PAHqLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/139ebd-5abf-4254-8933-6f97dfc10fe7/1/T9LZjeWP7v9MjImSQxwCyXQEIjQ.roa
Signing time: Wed 01 Jan 2025 01:47:36 +0000
ROA not before: Wed 01 Jan 2025 01:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199805
IP address blocks: 185.45.144.0/23 maxlen: 23
185.45.146.0/24 maxlen: 24
185.45.147.0/24 maxlen: 24
2a01:7e20::/32 maxlen: 32
2a01:7e21::/32 maxlen: 32
2a01:7e27::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/139ebd-5abf-4254-8933-6f97dfc10fe7/1/T893EF-VB1zlhdQn6XdU6PAHqLk.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/139ebd-5abf-4254-8933-6f97dfc10fe7/1/T893EF-VB1zlhdQn6XdU6PAHqLk.mft
rsync://rpki.ripe.net/repository/DEFAULT/T893EF-VB1zlhdQn6XdU6PAHqLk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 10:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:00:25:d4:f7:95:36:2e:28:8d:98:6f:06:2c:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fcf77105f95075ce585d427e97754e8f007a8b9
Validity
Not Before: Jan 1 01:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4fd2d98de58feeff4c8c8992431c02c974042234
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:36:62:98:9d:e6:2d:86:59:f0:ec:4c:ba:5e:
29:96:17:b5:81:aa:98:40:a6:1e:d8:49:ae:53:f5:
6a:0a:e4:31:05:a9:f3:02:2c:9d:1d:92:67:63:0d:
80:d9:0b:cf:21:b4:7c:b8:53:1f:1a:5c:99:ba:12:
86:58:f2:c4:ab:92:02:20:06:d5:3e:b1:93:1a:da:
d1:89:85:54:85:ee:c6:93:1f:c4:88:46:b9:f2:ad:
0d:c7:a1:62:1e:9c:f3:7a:3a:4d:12:a9:f5:6d:a6:
92:77:40:05:51:e0:dc:e7:7c:95:d6:42:0b:a5:a7:
63:e3:03:16:10:b6:1c:53:bb:64:19:ed:03:2f:fd:
e6:a0:0e:02:80:45:a6:1c:d2:69:31:88:f1:7c:dd:
b6:6d:e7:2e:11:cb:90:eb:08:95:93:1d:f3:e8:36:
69:91:53:8a:b3:ca:e1:89:3d:6b:27:66:34:5c:fb:
fe:32:bf:bd:95:9b:b3:0c:2e:bc:e5:76:f9:84:ae:
39:94:8c:c5:bb:0d:d8:2a:f3:7a:d0:a9:8c:27:48:
8e:6b:81:55:e6:98:fa:3a:64:9a:ca:b7:9d:49:b0:
9a:6f:0b:0e:65:e1:a1:b6:6b:f0:e5:ea:70:fb:6f:
e2:bc:94:94:60:49:78:fc:23:7f:7a:b5:96:e6:34:
a3:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:D2:D9:8D:E5:8F:EE:FF:4C:8C:89:92:43:1C:02:C9:74:04:22:34
X509v3 Authority Key Identifier:
keyid:4F:CF:77:10:5F:95:07:5C:E5:85:D4:27:E9:77:54:E8:F0:07:A8:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T893EF-VB1zlhdQn6XdU6PAHqLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/139ebd-5abf-4254-8933-6f97dfc10fe7/1/T9LZjeWP7v9MjImSQxwCyXQEIjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/139ebd-5abf-4254-8933-6f97dfc10fe7/1/T893EF-VB1zlhdQn6XdU6PAHqLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.45.144.0/22
IPv6:
2a01:7e20::/31
2a01:7e27::/32
Signature Algorithm: sha256WithRSAEncryption
99:15:72:e1:0d:ea:3f:a3:33:98:83:2b:1f:60:da:5a:d8:bf:
dd:d7:e9:a1:8d:d3:a6:82:bf:95:d1:1c:7e:6a:72:44:a1:0d:
53:7e:f1:a2:6f:62:65:0f:9d:83:81:bf:cd:51:54:38:8d:37:
79:24:67:8f:75:3a:82:59:23:98:1b:fd:ed:0c:21:dc:3a:38:
1c:e4:09:3a:aa:9d:77:88:b8:48:3f:57:44:b4:d8:3d:36:8b:
cc:42:42:c3:65:55:0c:13:b0:67:8b:60:9b:02:f3:3f:16:e0:
fb:c6:59:42:4a:5b:3f:79:b2:bc:33:5a:2d:01:48:51:4e:77:
44:45:93:43:e1:4e:07:57:a8:8f:5d:eb:71:ca:38:94:a8:d4:
24:ad:81:4d:fa:39:86:2a:7f:6e:ce:97:cb:17:d8:63:cf:e3:
b1:8b:3d:40:a1:d9:3e:9e:87:4d:4e:7c:15:5b:ec:14:0e:7c:
ca:3f:12:a8:04:5f:92:31:01:74:9c:e3:bc:a1:57:8d:f0:b6:
81:fa:d1:a0:0d:83:6a:9e:ac:17:3e:33:5c:f8:7a:e9:41:88:
fe:85:30:7f:fc:71:11:35:9d:27:6d:4f:bf:13:0d:77:be:39:
67:aa:f3:d7:df:d9:39:9f:30:08:c5:a0:14:8c:27:6b:d6:b5:
31:4a:79:18
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQfjAAl1PeVNi4ojZhvBiyvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmY2Y3NzEwNWY5NTA3NWNlNTg1ZDQyN2U5Nzc1NGU4ZjAw
N2E4YjkwHhcNMjUwMTAxMDE0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmQyZDk4ZGU1OGZlZWZmNGM4Yzg5OTI0MzFjMDJjOTc0MDQyMjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7TZimJ3mLYZZ8OxMul4plhe1gaqY
QKYe2EmuU/VqCuQxBanzAiydHZJnYw2A2QvPIbR8uFMfGlyZuhKGWPLEq5ICIAbV
PrGTGtrRiYVUhe7Gkx/EiEa58q0Nx6FiHpzzejpNEqn1baaSd0AFUeDc53yV1kIL
padj4wMWELYcU7tkGe0DL/3moA4CgEWmHNJpMYjxfN22becuEcuQ6wiVkx3z6DZp
kVOKs8rhiT1rJ2Y0XPv+Mr+9lZuzDC685Xb5hK45lIzFuw3YKvN60KmMJ0iOa4FV
5pj6OmSayredSbCabwsOZeGhtmvw5epw+2/ivJSUYEl4/CN/erWW5jSjkwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFE/S2Y3lj+7/TIyJkkMcAsl0BCI0MB8GA1UdIwQY
MBaAFE/PdxBflQdc5YXUJ+l3VOjwB6i5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDg5M0VGLVZCMXpsaGRRbjZYZFU2UEFIcUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8xMzllYmQtNWFiZi00MjU0LTg5MzMt
NmY5N2RmYzEwZmU3LzEvVDlMWmplV1A3djlNakltU1F4d0N5WFFFSWpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8xMzllYmQtNWFiZi00MjU0LTg5MzMtNmY5N2RmYzEwZmU3
LzEvVDg5M0VGLVZCMXpsaGRRbjZYZFU2UEFIcUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCuS2QMBQE
AgACMA4DBQEqAX4gAwUAKgF+JzANBgkqhkiG9w0BAQsFAAOCAQEAmRVy4Q3qP6Mz
mIMrH2DaWti/3dfpoY3TpoK/ldEcfmpyRKENU37xom9iZQ+dg4G/zVFUOI03eSRn
j3U6glkjmBv97Qwh3Do4HOQJOqqdd4i4SD9XRLTYPTaLzEJCw2VVDBOwZ4tgmwLz
Pxbg+8ZZQkpbP3myvDNaLQFIUU53REWTQ+FOB1eoj13rcco4lKjUJK2BTfo5hip/
bs6XyxfYY8/jsYs9QKHZPp6HTU58FVvsFA58yj8SqARfkjEBdJzjvKFXjfC2gfrR
oA2Dap6sFz4zXPh66UGI/oUwf/xxETWdJ21PvxMNd745Z6rz19/ZOZ8wCMWgFIwn
a9a1MUp5GA==
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:53:17 2025 by rpki-client