Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/Y2_bnui3NBLO8jQirmiUuAzGyRw.roa
File: Y2_bnui3NBLO8jQirmiUuAzGyRw.roa (raw, json)
Hash identifier: Sj4Gp5iophRPrZcWhz+iS2BZX0tuH2ZNqq3e2/zFjig=
Subject key identifier: 63:6F:DB:9E:E8:B7:34:12:CE:F2:34:22:AE:68:94:B8:0C:C6:C9:1C
Certificate issuer: /CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Certificate serial: 0194228D7B8F1542F64741BBCD63FC1F4CFD
Authority key identifier: 57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/Y2_bnui3NBLO8jQirmiUuAzGyRw.roa
Signing time: Wed 01 Jan 2025 15:48:05 +0000
ROA not before: Wed 01 Jan 2025 15:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205836
IP address blocks: 45.92.184.0/24 maxlen: 24
45.92.185.0/24 maxlen: 24
45.92.186.0/24 maxlen: 24
45.92.187.0/24 maxlen: 24
46.149.106.0/24 maxlen: 24
185.157.128.0/24 maxlen: 24
185.157.129.0/24 maxlen: 24
185.157.130.0/24 maxlen: 24
185.157.131.0/24 maxlen: 24
185.204.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.mft
rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:7b:8f:15:42:f6:47:41:bb:cd:63:fc:1f:4c:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Validity
Not Before: Jan 1 15:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=636fdb9ee8b73412cef23422ae6894b80cc6c91c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:6e:83:6a:20:17:61:40:b9:af:04:50:fd:ea:
02:65:c5:19:e3:70:6f:14:5f:bc:0d:93:4e:ad:6e:
fd:b8:86:75:c0:70:b0:95:2c:a5:05:0a:cc:69:9c:
8e:b3:4a:74:31:e2:e2:c0:95:a6:f2:42:06:b0:5f:
a2:f7:be:3a:b2:e0:63:92:e2:fe:d0:81:11:dc:04:
e1:07:d3:a6:22:0a:01:87:a5:5c:31:07:71:1f:c8:
c5:d5:63:2e:47:a0:5d:10:e6:16:17:b8:8b:8b:d8:
f3:a1:b5:92:03:8a:ea:a3:82:7d:86:70:6d:2b:58:
5c:87:74:93:5a:41:2e:9b:9f:35:e6:59:55:33:b1:
58:c0:7f:4d:76:de:f7:42:35:22:f4:4a:f3:c7:16:
f2:53:d7:ca:88:26:aa:58:fb:5b:87:a8:6b:8a:10:
bb:f3:60:7f:ca:b0:e4:dd:c1:17:8a:dd:39:9c:d8:
35:52:74:01:5c:37:17:da:de:01:50:2f:b9:1c:18:
46:87:da:b6:8c:91:bc:92:7d:77:31:01:6c:6b:52:
50:22:34:5a:a7:9d:6f:5c:dc:45:b2:fb:34:39:3a:
ff:14:14:39:ca:0e:16:49:8f:a5:0a:55:b8:30:40:
4a:da:0c:1e:f3:28:f2:3b:29:28:81:c3:6c:24:63:
8d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:6F:DB:9E:E8:B7:34:12:CE:F2:34:22:AE:68:94:B8:0C:C6:C9:1C
X509v3 Authority Key Identifier:
keyid:57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/Y2_bnui3NBLO8jQirmiUuAzGyRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.184.0/22
46.149.106.0/24
185.157.128.0/22
185.204.202.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:53:0a:c2:a1:a5:b4:c7:91:e4:a7:cb:0d:a1:88:46:19:f0:
6d:09:3c:91:14:aa:66:f1:51:3a:cd:fc:22:a1:4a:a6:aa:05:
1d:6a:7c:12:b6:70:3e:99:39:fc:8c:05:41:d9:f5:0b:76:2f:
a3:a4:82:fa:2e:a0:d6:dc:a2:4a:be:ce:e2:15:17:35:f3:fe:
8f:a8:9b:63:e3:56:96:ed:1d:2e:a6:e4:74:cd:e0:b4:fd:a3:
5c:9c:c8:fd:cd:b9:12:b1:c8:35:60:63:60:04:8d:a0:55:44:
79:f7:40:dd:26:32:54:e8:59:48:4e:c2:ee:c4:f3:e5:6d:e8:
3c:71:50:91:3d:47:47:3b:cb:64:9d:93:d6:c5:f0:8a:3c:e2:
e9:cb:ce:e4:2a:5d:c0:1f:81:9d:21:76:70:9e:c3:2c:ff:36:
93:c1:a4:60:03:ca:7b:3d:98:8c:6d:e9:d8:2b:17:56:94:91:
d0:33:a6:79:d0:c5:11:66:29:03:0d:bf:2b:24:f4:28:d5:0b:
71:85:03:56:ef:58:e2:30:68:d8:69:86:eb:83:d8:5d:ae:d5:
f9:38:f0:f1:fe:10:f8:50:d9:6d:83:6b:a4:a5:7c:72:60:17:
2d:dc:b8:f6:b8:69:43:2a:1a:8e:ae:f3:e7:dc:68:ac:90:97:
79:da:f4:9e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQijXuPFUL2R0G7zWP8H0z9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NzAyMWRjZGY0NGI2YWZkZDM4MTA1NDdjNTVhNzliZDFh
OWZhM2IwHhcNMjUwMTAxMTU0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzZmZGI5ZWU4YjczNDEyY2VmMjM0MjJhZTY4OTRiODBjYzZjOTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv26DaiAXYUC5rwRQ/eoCZcUZ43Bv
FF+8DZNOrW79uIZ1wHCwlSylBQrMaZyOs0p0MeLiwJWm8kIGsF+i9746suBjkuL+
0IER3AThB9OmIgoBh6VcMQdxH8jF1WMuR6BdEOYWF7iLi9jzobWSA4rqo4J9hnBt
K1hch3STWkEum5815llVM7FYwH9Ndt73QjUi9ErzxxbyU9fKiCaqWPtbh6hrihC7
82B/yrDk3cEXit05nNg1UnQBXDcX2t4BUC+5HBhGh9q2jJG8kn13MQFsa1JQIjRa
p51vXNxFsvs0OTr/FBQ5yg4WSY+lClW4MEBK2gwe8yjyOykogcNsJGONmQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGNv257otzQSzvI0Iq5olLgMxskcMB8GA1UdIwQY
MBaAFFdwIdzfRLav3TgQVHxVp5vRqfo7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQt
YzkwN2FlMWMyMTFlLzEvWTJfYm51aTNOQkxPOGpRaXJtaVV1QXpHeVJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQtYzkwN2FlMWMyMTFl
LzEvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLVy4AwQA
LpVqAwQCuZ2AAwQAuczKMA0GCSqGSIb3DQEBCwUAA4IBAQC8UwrCoaW0x5Hkp8sN
oYhGGfBtCTyRFKpm8VE6zfwioUqmqgUdanwStnA+mTn8jAVB2fULdi+jpIL6LqDW
3KJKvs7iFRc18/6PqJtj41aW7R0upuR0zeC0/aNcnMj9zbkSscg1YGNgBI2gVUR5
90DdJjJU6FlITsLuxPPlbeg8cVCRPUdHO8tknZPWxfCKPOLpy87kKl3AH4GdIXZw
nsMs/zaTwaRgA8p7PZiMbenYKxdWlJHQM6Z50MURZikDDb8rJPQo1QtxhQNW71ji
MGjYaYbrg9hdrtX5OPDx/hD4UNltg2ukpXxyYBct3Lj2uGlDKhqOrvPn3GiskJd5
2vSe
-----END CERTIFICATE-----
Generated at Wed Apr 16 22:07:04 2025 by rpki-client