Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/lRZTSaEYZ-BOlMZb6OLTch4S4bY.roa
File: lRZTSaEYZ-BOlMZb6OLTch4S4bY.roa (raw, json)
Hash identifier: NiW9E1FflZhSnk3rQzSSFrcwhm0oj/6ESswIXXqxdx8=
Subject key identifier: 95:16:53:49:A1:18:67:E0:4E:94:C6:5B:E8:E2:D3:72:1E:12:E1:B6
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 0194244488C56BBDA17F3312DAE39901D850
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/lRZTSaEYZ-BOlMZb6OLTch4S4bY.roa
Signing time: Wed 01 Jan 2025 23:47:38 +0000
ROA not before: Wed 01 Jan 2025 23:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 23858
IP address blocks: 45.14.105.0/24 maxlen: 32
45.14.107.0/24 maxlen: 32
45.87.92.0/24 maxlen: 32
45.87.93.0/24 maxlen: 32
45.87.95.0/24 maxlen: 32
45.135.40.0/22 maxlen: 32
45.139.192.0/24 maxlen: 32
45.139.195.0/24 maxlen: 32
92.118.188.0/24 maxlen: 32
185.194.54.0/24 maxlen: 32
185.248.87.0/24 maxlen: 32
195.245.219.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 15:18:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:88:c5:6b:bd:a1:7f:33:12:da:e3:99:01:d8:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 1 23:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95165349a11867e04e94c65be8e2d3721e12e1b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:35:fb:49:d5:bc:92:90:73:25:ac:5d:4a:f7:
53:84:90:8d:21:fd:7c:8b:4d:31:8b:0e:76:d5:47:
9d:ae:6b:f1:19:39:ee:6e:34:36:8e:20:2f:ea:6c:
9d:c4:9c:a5:89:1d:f5:29:25:49:20:0f:f7:9e:86:
53:79:1e:fa:3c:4d:2f:22:38:00:1f:78:41:9a:2b:
5d:19:77:ed:1d:15:d0:08:36:b4:70:d9:7b:f2:ec:
16:45:d0:99:c1:f7:81:9e:fc:14:72:84:8f:12:b8:
7e:07:c8:1a:d7:0d:f8:17:f3:aa:e2:2c:96:48:30:
a2:18:f2:33:9f:c2:3e:a6:d6:d2:b4:8c:b1:9b:86:
fd:ed:7a:d5:27:4b:34:db:4b:78:bc:4a:f3:ec:10:
c1:06:d9:3c:a4:c3:fe:bc:a9:c3:a5:ab:14:c3:26:
74:e2:3b:c6:c8:a5:59:34:bc:e0:8a:2a:70:8f:be:
7b:f8:40:fa:09:1b:23:a7:b9:9b:a4:60:00:82:e8:
5e:0a:24:2e:8e:e7:ef:78:5c:bb:86:b9:e3:21:f0:
69:92:3a:21:ca:78:7a:6d:4d:38:90:80:f2:2b:bc:
89:4e:ff:d9:57:fd:2f:cd:02:da:62:4c:3e:5e:1c:
7c:75:63:1a:7a:80:39:87:9f:b9:fc:ce:3f:47:b4:
8c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:16:53:49:A1:18:67:E0:4E:94:C6:5B:E8:E2:D3:72:1E:12:E1:B6
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/lRZTSaEYZ-BOlMZb6OLTch4S4bY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.105.0/24
45.14.107.0/24
45.87.92.0/23
45.87.95.0/24
45.135.40.0/22
45.139.192.0/24
45.139.195.0/24
92.118.188.0/24
185.194.54.0/24
185.248.87.0/24
195.245.219.0/24
Signature Algorithm: sha256WithRSAEncryption
44:01:9e:e9:50:93:24:c3:5c:aa:70:82:ea:1b:53:91:30:8c:
2c:0c:5b:b6:71:0d:89:c8:c5:4b:38:b2:a8:91:d6:fa:24:fa:
67:f0:fe:fa:b9:29:48:08:24:64:51:ad:21:94:1a:30:8c:2b:
bd:2c:af:4c:24:a1:ee:15:dd:a3:45:36:0d:59:1d:0c:8d:fa:
06:4b:e4:1b:13:f7:a7:15:4e:4c:15:57:46:30:c0:fd:b1:2c:
fc:96:7c:a0:ab:ca:49:b7:ac:7a:18:c4:d2:aa:70:07:03:cc:
98:3b:ce:44:49:b6:2a:d8:99:d4:22:ae:30:1d:a6:5f:de:11:
19:8c:4f:f1:cc:a5:6b:47:c8:bd:e4:28:63:e6:30:a3:27:b2:
42:91:a6:1f:0d:63:2b:26:cd:d2:ed:eb:53:d7:55:cc:69:9a:
d9:7f:40:79:7d:18:25:05:b4:28:19:61:27:02:14:b4:9a:35:
83:60:11:a7:d4:df:fe:f2:c4:44:64:f7:cf:b8:32:41:fb:2e:
7a:92:0b:2b:55:fc:5c:16:20:be:61:6d:bd:00:a3:0b:6d:fa:
35:26:a1:7c:20:cd:0f:f1:ff:a2:ed:57:f0:18:92:b1:aa:72:
ff:1f:5e:6c:80:e2:3c:40:72:7b:c9:be:40:fc:c0:cf:42:cf:
17:5a:5f:f2
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZQkRIjFa72hfzMS2uOZAdhQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjUwMTAxMjM0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTE2NTM0OWExMTg2N2UwNGU5NGM2NWJlOGUyZDM3MjFlMTJlMWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTX7SdW8kpBzJaxdSvdThJCNIf18
i00xiw521UedrmvxGTnubjQ2jiAv6mydxJyliR31KSVJIA/3noZTeR76PE0vIjgA
H3hBmitdGXftHRXQCDa0cNl78uwWRdCZwfeBnvwUcoSPErh+B8ga1w34F/Oq4iyW
SDCiGPIzn8I+ptbStIyxm4b97XrVJ0s020t4vErz7BDBBtk8pMP+vKnDpasUwyZ0
4jvGyKVZNLzgiipwj757+ED6CRsjp7mbpGAAguheCiQujufveFy7hrnjIfBpkjoh
ynh6bU04kIDyK7yJTv/ZV/0vzQLaYkw+Xhx8dWMaeoA5h5+5/M4/R7SMhwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFJUWU0mhGGfgTpTGW+ji03IeEuG2MB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvbFJaVFNhRVlaLUJPbE1aYjZPTFRjaDRTNGJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQALQ5pAwQA
LQ5rAwQBLVdcAwQALVdfAwQCLYcoAwQALYvAAwQALYvDAwQAXHa8AwQAucI2AwQA
ufhXAwQAw/XbMA0GCSqGSIb3DQEBCwUAA4IBAQBEAZ7pUJMkw1yqcILqG1ORMIws
DFu2cQ2JyMVLOLKokdb6JPpn8P76uSlICCRkUa0hlBowjCu9LK9MJKHuFd2jRTYN
WR0MjfoGS+QbE/enFU5MFVdGMMD9sSz8lnygq8pJt6x6GMTSqnAHA8yYO85ESbYq
2JnUIq4wHaZf3hEZjE/xzKVrR8i95Chj5jCjJ7JCkaYfDWMrJs3S7etT11XMaZrZ
f0B5fRglBbQoGWEnAhS0mjWDYBGn1N/+8sREZPfPuDJB+y56kgsrVfxcFiC+YW29
AKMLbfo1JqF8IM0P8f+i7VfwGJKxqnL/H15sgOI8QHJ7yb5A/MDPQs8XWl/y
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:22:49 2025 by rpki-client