Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/ea1725-dcd5-4990-9448-0eb3ba51374c/1/IGFfOsfuRBLRoDQXZrvrXPV6GDg.roa
File: IGFfOsfuRBLRoDQXZrvrXPV6GDg.roa (raw, json)
Hash identifier: GBdaIeCW55nvw4wNP3jzu/1bBBTCqNE/C3I0UV/65Vc=
Subject key identifier: 20:61:5F:3A:C7:EE:44:12:D1:A0:34:17:66:BB:EB:5C:F5:7A:18:38
Certificate issuer: /CN=e6ad50ce461db5cb37a583e729b7154998ecb117
Certificate serial: 01941F8CA5201FC982F08FB79CB6759C083D
Authority key identifier: E6:AD:50:CE:46:1D:B5:CB:37:A5:83:E7:29:B7:15:49:98:EC:B1:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5q1QzkYdtcs3pYPnKbcVSZjssRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/ea1725-dcd5-4990-9448-0eb3ba51374c/1/IGFfOsfuRBLRoDQXZrvrXPV6GDg.roa
Signing time: Wed 01 Jan 2025 01:48:18 +0000
ROA not before: Wed 01 Jan 2025 01:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48675
IP address blocks: 45.15.148.0/24 maxlen: 24
45.15.149.0/24 maxlen: 24
45.15.150.0/24 maxlen: 24
45.15.151.0/24 maxlen: 24
185.177.104.0/24 maxlen: 24
185.177.105.0/24 maxlen: 24
185.177.106.0/24 maxlen: 24
185.177.107.0/24 maxlen: 24
195.8.50.0/23 maxlen: 23
195.8.50.0/24 maxlen: 24
195.8.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/ea1725-dcd5-4990-9448-0eb3ba51374c/1/5q1QzkYdtcs3pYPnKbcVSZjssRc.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/ea1725-dcd5-4990-9448-0eb3ba51374c/1/5q1QzkYdtcs3pYPnKbcVSZjssRc.mft
rsync://rpki.ripe.net/repository/DEFAULT/5q1QzkYdtcs3pYPnKbcVSZjssRc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 10:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:a5:20:1f:c9:82:f0:8f:b7:9c:b6:75:9c:08:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6ad50ce461db5cb37a583e729b7154998ecb117
Validity
Not Before: Jan 1 01:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20615f3ac7ee4412d1a0341766bbeb5cf57a1838
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:98:e2:a8:1d:ed:7b:01:6c:72:5e:e5:1d:c2:
65:59:91:3a:96:4f:2b:47:81:b2:08:cf:4a:1e:09:
d8:3c:c6:88:b2:20:c3:8a:30:5e:34:02:a9:27:09:
22:c6:c2:c2:ae:00:95:35:a6:79:b6:59:b8:00:72:
a0:64:b3:fc:68:c9:17:89:f3:ec:2c:59:e8:9f:86:
8f:89:7a:5c:d9:fd:c9:47:4d:df:f6:0d:09:cb:0c:
66:01:6b:1c:20:ad:cb:24:0b:93:0b:ff:10:ee:2a:
3c:d6:25:a8:ed:97:de:59:2e:fe:9e:d7:1c:bd:dd:
2e:82:f6:27:61:fe:37:56:28:7d:43:c3:a0:d1:1a:
ff:c6:81:5b:03:36:17:33:50:88:44:50:6a:ac:be:
12:fc:fd:28:5c:aa:15:6b:bf:b9:fe:c6:84:62:50:
31:1c:74:40:2f:1e:bf:6c:d2:45:37:b3:c8:e2:21:
50:85:1e:7a:bb:25:fa:80:50:6f:9e:c7:3c:b2:a8:
ff:a0:23:15:34:e9:74:d3:49:04:c5:5b:b0:89:4c:
6a:40:56:ce:72:ac:19:4a:92:fb:92:6d:cd:c9:e7:
db:ea:32:fa:4e:4b:ea:23:0c:ec:4f:27:a7:33:36:
61:49:c3:be:65:c8:0e:35:d1:34:5e:84:c4:31:2f:
83:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:61:5F:3A:C7:EE:44:12:D1:A0:34:17:66:BB:EB:5C:F5:7A:18:38
X509v3 Authority Key Identifier:
keyid:E6:AD:50:CE:46:1D:B5:CB:37:A5:83:E7:29:B7:15:49:98:EC:B1:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5q1QzkYdtcs3pYPnKbcVSZjssRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/ea1725-dcd5-4990-9448-0eb3ba51374c/1/IGFfOsfuRBLRoDQXZrvrXPV6GDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/ea1725-dcd5-4990-9448-0eb3ba51374c/1/5q1QzkYdtcs3pYPnKbcVSZjssRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.148.0/22
185.177.104.0/22
195.8.50.0/23
Signature Algorithm: sha256WithRSAEncryption
b0:69:0b:c7:19:53:5d:ec:c4:43:6c:2c:39:c0:5c:11:71:7e:
b3:3d:06:5d:e3:8e:5c:10:9b:cc:b5:93:3c:bf:39:70:47:d9:
cd:a9:a7:1e:ae:29:f5:1c:ae:5c:c4:03:de:32:a3:51:3e:ae:
7a:e6:e1:49:5c:f0:e1:b9:6d:9d:e5:a4:fb:55:b7:51:b0:71:
a9:11:9d:06:6c:ef:85:0a:a8:54:5f:5a:51:32:7b:5a:80:4c:
fa:c5:8a:e3:c6:72:52:33:cc:73:90:e1:33:45:99:ee:e7:ac:
18:db:20:2c:0c:60:3b:02:24:35:0a:ed:c0:69:bc:3c:6f:0e:
fa:8b:3c:26:7b:d4:59:af:40:5f:bd:3b:9b:fd:b8:52:91:c6:
9f:cb:8b:2f:81:97:9c:2a:4e:1f:80:79:0f:8a:f4:58:24:84:
bf:47:bc:0d:a9:8e:cc:22:8d:25:29:5a:50:30:04:7b:26:3f:
3d:1d:95:5e:77:88:fa:1d:ed:e2:9b:f6:a1:b5:73:94:e0:5c:
31:c7:fb:af:24:d2:d1:19:84:b0:00:28:ff:48:31:6d:ad:cf:
23:22:0f:fe:0d:1d:d7:48:72:aa:fc:20:2d:66:21:e1:5e:9a:
a2:de:70:a2:d7:88:2a:0b:bf:69:6b:0d:dd:ec:fb:0b:69:12:
4b:b9:da:96
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQfjKUgH8mC8I+3nLZ1nAg9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2YWQ1MGNlNDYxZGI1Y2IzN2E1ODNlNzI5YjcxNTQ5OThl
Y2IxMTcwHhcNMjUwMTAxMDE0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDYxNWYzYWM3ZWU0NDEyZDFhMDM0MTc2NmJiZWI1Y2Y1N2ExODM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5jiqB3tewFscl7lHcJlWZE6lk8r
R4GyCM9KHgnYPMaIsiDDijBeNAKpJwkixsLCrgCVNaZ5tlm4AHKgZLP8aMkXifPs
LFnon4aPiXpc2f3JR03f9g0JywxmAWscIK3LJAuTC/8Q7io81iWo7ZfeWS7+ntcc
vd0ugvYnYf43Vih9Q8Og0Rr/xoFbAzYXM1CIRFBqrL4S/P0oXKoVa7+5/saEYlAx
HHRALx6/bNJFN7PI4iFQhR56uyX6gFBvnsc8sqj/oCMVNOl000kExVuwiUxqQFbO
cqwZSpL7km3Nyefb6jL6TkvqIwzsTyenMzZhScO+ZcgONdE0XoTEMS+DmwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCBhXzrH7kQS0aA0F2a761z1ehg4MB8GA1UdIwQY
MBaAFOatUM5GHbXLN6WD5ym3FUmY7LEXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXExUXprWWR0Y3MzcFlQbktiY1ZTWmpzc1JjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9lYTE3MjUtZGNkNS00OTkwLTk0NDgt
MGViM2JhNTEzNzRjLzEvSUdGZk9zZnVSQkxSb0RRWFpydnJYUFY2R0RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9lYTE3MjUtZGNkNS00OTkwLTk0NDgtMGViM2JhNTEzNzRj
LzEvNXExUXprWWR0Y3MzcFlQbktiY1ZTWmpzc1JjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLQ+UAwQC
ubFoAwQBwwgyMA0GCSqGSIb3DQEBCwUAA4IBAQCwaQvHGVNd7MRDbCw5wFwRcX6z
PQZd445cEJvMtZM8vzlwR9nNqacerin1HK5cxAPeMqNRPq565uFJXPDhuW2d5aT7
VbdRsHGpEZ0GbO+FCqhUX1pRMntagEz6xYrjxnJSM8xzkOEzRZnu56wY2yAsDGA7
AiQ1Cu3Aabw8bw76izwme9RZr0BfvTub/bhSkcafy4svgZecKk4fgHkPivRYJIS/
R7wNqY7MIo0lKVpQMAR7Jj89HZVed4j6He3im/ahtXOU4Fwxx/uvJNLRGYSwACj/
SDFtrc8jIg/+DR3XSHKq/CAtZiHhXpqi3nCi14gqC79paw3d7PsLaRJLudqW
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:05:44 2025 by rpki-client