Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/fb39a8-623b-4435-94fe-cec92b578006/1/bldtfvyuIcb6nqjUAl8Ak0zMF30.roa
File: bldtfvyuIcb6nqjUAl8Ak0zMF30.roa (raw, json)
Hash identifier: dx6ZT1WJQ+QEzva9Bd5tv/adJVLszcwVSLKhJy+UO24=
Subject key identifier: 6E:57:6D:7E:FC:AE:21:C6:FA:9E:A8:D4:02:5F:00:93:4C:CC:17:7D
Certificate issuer: /CN=535be45376d58987452bd0646b9a74cf9eb6cb2d
Certificate serial: 0194228DD31DEAE97DDAFF26EABF172456DA
Authority key identifier: 53:5B:E4:53:76:D5:89:87:45:2B:D0:64:6B:9A:74:CF:9E:B6:CB:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U1vkU3bViYdFK9Bka5p0z562yy0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/fb39a8-623b-4435-94fe-cec92b578006/1/bldtfvyuIcb6nqjUAl8Ak0zMF30.roa
Signing time: Wed 01 Jan 2025 15:48:27 +0000
ROA not before: Wed 01 Jan 2025 15:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200069
IP address blocks: 45.14.148.0/22 maxlen: 24
87.253.232.0/21 maxlen: 24
87.253.232.0/24 maxlen: 24
185.189.236.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/fb39a8-623b-4435-94fe-cec92b578006/1/U1vkU3bViYdFK9Bka5p0z562yy0.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/fb39a8-623b-4435-94fe-cec92b578006/1/U1vkU3bViYdFK9Bka5p0z562yy0.mft
rsync://rpki.ripe.net/repository/DEFAULT/U1vkU3bViYdFK9Bka5p0z562yy0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 18:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:d3:1d:ea:e9:7d:da:ff:26:ea:bf:17:24:56:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=535be45376d58987452bd0646b9a74cf9eb6cb2d
Validity
Not Before: Jan 1 15:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e576d7efcae21c6fa9ea8d4025f00934ccc177d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f8:f5:a9:b6:76:ec:7c:58:6f:f0:e8:0d:20:
04:37:61:33:18:d0:f0:99:30:6f:c9:0c:34:95:02:
f7:8a:77:fa:61:54:17:8e:6a:2e:b2:44:62:34:62:
0c:97:1e:36:b8:3b:d3:72:87:53:79:f4:03:cc:3c:
ad:72:66:42:a1:7e:18:d2:ba:f4:71:cf:3b:c6:48:
14:2c:2f:23:44:88:da:c1:75:e6:3f:af:3d:55:0e:
e6:ee:07:b2:14:5d:ea:29:1f:3c:71:d5:71:e9:c3:
33:b4:e0:31:62:76:24:3c:57:56:a9:ae:4c:db:8b:
64:04:03:4d:48:a4:ca:fb:83:e3:cd:fd:46:72:b5:
f5:c7:d2:7b:0b:e8:29:ba:0b:e8:48:7c:c5:ba:b6:
17:da:c2:56:1a:6e:51:8a:6c:9f:9c:c5:7e:ef:58:
82:0c:de:71:b1:f6:7f:73:3c:59:94:5d:db:51:f0:
72:45:63:f2:85:2d:47:77:7b:cf:80:1c:2b:25:f0:
c0:82:15:91:54:a9:07:fb:d7:e4:4b:4a:41:24:e0:
37:6b:03:d0:45:06:7a:8e:db:41:68:cf:e9:f7:bb:
74:75:0b:2b:4b:b0:ae:78:dc:98:d7:54:ee:c0:b8:
13:3f:be:98:64:2c:0f:31:b6:38:25:68:56:46:ce:
7a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:57:6D:7E:FC:AE:21:C6:FA:9E:A8:D4:02:5F:00:93:4C:CC:17:7D
X509v3 Authority Key Identifier:
keyid:53:5B:E4:53:76:D5:89:87:45:2B:D0:64:6B:9A:74:CF:9E:B6:CB:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1vkU3bViYdFK9Bka5p0z562yy0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/fb39a8-623b-4435-94fe-cec92b578006/1/bldtfvyuIcb6nqjUAl8Ak0zMF30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/fb39a8-623b-4435-94fe-cec92b578006/1/U1vkU3bViYdFK9Bka5p0z562yy0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.148.0/22
87.253.232.0/21
185.189.236.0/22
Signature Algorithm: sha256WithRSAEncryption
30:a1:0e:62:70:62:80:ac:2b:84:5f:9d:f8:72:aa:27:05:c5:
a8:9d:c9:b1:9c:bd:a3:00:76:7c:cf:ab:44:cd:08:a6:7a:32:
48:68:6f:fa:3b:a9:3d:8f:ea:77:20:2e:ad:f5:60:9b:ae:5f:
57:37:83:05:e6:52:e0:01:5d:82:e8:6b:e5:94:c6:68:37:00:
bd:89:1e:00:a6:78:3d:d4:ca:b8:c4:1a:07:dc:e0:dc:8a:9b:
cc:99:83:56:9d:c3:49:fb:fd:16:ae:4c:cb:49:81:e3:49:ec:
cb:ca:f9:17:04:0f:a9:18:28:53:41:1e:e0:e8:07:d6:3f:80:
3f:e5:4b:b7:7d:6e:21:78:4c:60:34:af:fa:78:08:80:e3:a3:
59:82:ae:4b:6f:60:5d:12:99:5c:87:9e:14:43:a0:a2:ac:89:
42:dc:80:86:cf:32:74:13:b4:b0:54:a2:0a:94:d8:8b:c4:d7:
fb:ac:27:a8:b4:59:8c:ab:9a:29:8d:fe:50:75:b8:4c:c1:cf:
4e:2f:e6:23:b9:f4:84:8c:3a:f1:31:7c:4d:de:a3:45:eb:9e:
1c:b0:2a:3c:5e:2c:48:10:d3:d8:eb:b8:93:91:72:da:0c:36:
fa:48:f7:92:6c:76:6a:54:99:49:2c:ae:ac:c5:8f:5d:e4:4f:
f9:70:56:27
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQijdMd6ul92v8m6r8XJFbaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNWJlNDUzNzZkNTg5ODc0NTJiZDA2NDZiOWE3NGNmOWVi
NmNiMmQwHhcNMjUwMTAxMTU0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTU3NmQ3ZWZjYWUyMWM2ZmE5ZWE4ZDQwMjVmMDA5MzRjY2MxNzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvj1qbZ27HxYb/DoDSAEN2EzGNDw
mTBvyQw0lQL3inf6YVQXjmouskRiNGIMlx42uDvTcodTefQDzDytcmZCoX4Y0rr0
cc87xkgULC8jRIjawXXmP689VQ7m7geyFF3qKR88cdVx6cMztOAxYnYkPFdWqa5M
24tkBANNSKTK+4Pjzf1GcrX1x9J7C+gpugvoSHzFurYX2sJWGm5RimyfnMV+71iC
DN5xsfZ/czxZlF3bUfByRWPyhS1Hd3vPgBwrJfDAghWRVKkH+9fkS0pBJOA3awPQ
RQZ6jttBaM/p97t0dQsrS7CueNyY11TuwLgTP76YZCwPMbY4JWhWRs56GwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG5XbX78riHG+p6o1AJfAJNMzBd9MB8GA1UdIwQY
MBaAFFNb5FN21YmHRSvQZGuadM+etsstMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTF2a1UzYlZpWWRGSzlCa2E1cDB6NTYyeXkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9mYjM5YTgtNjIzYi00NDM1LTk0ZmUt
Y2VjOTJiNTc4MDA2LzEvYmxkdGZ2eXVJY2I2bnFqVUFsOEFrMHpNRjMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9mYjM5YTgtNjIzYi00NDM1LTk0ZmUtY2VjOTJiNTc4MDA2
LzEvVTF2a1UzYlZpWWRGSzlCa2E1cDB6NTYyeXkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLQ6UAwQD
V/3oAwQCub3sMA0GCSqGSIb3DQEBCwUAA4IBAQAwoQ5icGKArCuEX534cqonBcWo
ncmxnL2jAHZ8z6tEzQimejJIaG/6O6k9j+p3IC6t9WCbrl9XN4MF5lLgAV2C6Gvl
lMZoNwC9iR4Apng91Mq4xBoH3ODcipvMmYNWncNJ+/0WrkzLSYHjSezLyvkXBA+p
GChTQR7g6AfWP4A/5Uu3fW4heExgNK/6eAiA46NZgq5Lb2BdEplch54UQ6CirIlC
3ICGzzJ0E7SwVKIKlNiLxNf7rCeotFmMq5opjf5QdbhMwc9OL+YjufSEjDrxMXxN
3qNF654csCo8XixIENPY67iTkXLaDDb6SPeSbHZqVJlJLK6sxY9d5E/5cFYn
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:13:37 2025 by rpki-client