Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/B4tXNlare14cowDjlo4rc0k_Zys.roa
File: B4tXNlare14cowDjlo4rc0k_Zys.roa (raw, json)
Hash identifier: LEb0l/0l4H7UFoxjjJjVz7LmnnvIxt4/UaJwY97TnpU=
Subject key identifier: 07:8B:57:36:56:AB:7B:5E:1C:A3:00:E3:96:8E:2B:73:49:3F:67:2B
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 0196A54BCCE3ABA8061B88BBD5CE5381603F
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/B4tXNlare14cowDjlo4rc0k_Zys.roa
Signing time: Tue 06 May 2025 11:12:10 +0000
ROA not before: Tue 06 May 2025 11:12:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212609
IP address blocks: 45.90.248.0/22 maxlen: 22
45.93.224.0/24 maxlen: 24
45.93.225.0/24 maxlen: 24
45.93.226.0/24 maxlen: 24
45.130.76.0/24 maxlen: 24
45.130.79.0/24 maxlen: 24
89.190.148.0/24 maxlen: 24
89.190.149.0/24 maxlen: 24
89.190.151.0/24 maxlen: 24
212.60.0.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a5:4b:cc:e3:ab:a8:06:1b:88:bb:d5:ce:53:81:60:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: May 6 11:12:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=078b573656ab7b5e1ca300e3968e2b73493f672b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:49:e4:fd:9e:c9:2c:e3:56:78:51:64:ed:a5:
80:f8:a3:b0:ce:02:9f:75:f5:45:1b:63:0b:6c:0c:
c3:ba:30:83:f0:ac:d7:45:93:58:93:60:48:d3:41:
13:4e:48:03:f0:9a:2f:0d:64:3a:f4:20:0d:6d:88:
34:d9:b4:50:42:8f:e4:4c:e4:ec:46:70:1f:37:f6:
ae:6b:24:ea:2e:09:17:a5:d8:a6:c1:d6:08:14:90:
8f:3d:19:90:6d:5b:d0:df:44:e7:cb:37:1c:52:17:
83:31:d0:36:42:05:b7:62:78:8f:5c:f0:f5:69:70:
d2:ad:af:1e:42:e9:a3:0a:a7:1d:25:e1:e3:de:e5:
06:9b:58:6a:73:7f:76:5a:8a:fc:aa:11:d7:ae:c7:
e2:b6:a2:7a:88:fa:40:06:b5:57:cf:16:de:6a:85:
1c:89:a6:fd:b5:0e:3a:67:6b:c0:da:8d:d4:bb:dd:
92:32:f8:a6:cd:cf:5c:5b:c3:a9:a4:6b:e3:fd:8f:
c2:17:58:a4:a1:3e:7e:73:d4:d0:24:15:f7:98:63:
b9:1e:4d:fa:b7:3e:ee:4a:d8:a7:4a:7f:b3:6d:a5:
eb:fa:b5:f9:c2:e3:c1:3f:cf:59:db:ed:0e:1c:cf:
43:0c:5f:fb:21:69:00:e7:6c:b2:ca:12:fd:17:ae:
66:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:8B:57:36:56:AB:7B:5E:1C:A3:00:E3:96:8E:2B:73:49:3F:67:2B
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/B4tXNlare14cowDjlo4rc0k_Zys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.248.0/22
45.93.224.0-45.93.226.255
45.130.76.0/24
45.130.79.0/24
89.190.148.0/23
89.190.151.0/24
212.60.0.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:c3:47:de:85:6e:63:8e:79:b9:1d:1f:20:81:4a:d4:c8:7a:
04:83:66:26:d2:a0:d1:a4:fd:af:f4:2a:e7:f5:98:3d:fe:87:
0b:57:22:e1:06:21:80:e0:6a:a5:21:dd:6b:55:f4:17:f9:27:
4f:3f:e1:0f:54:4f:8e:48:22:7e:e3:88:e6:be:3f:4b:2d:13:
de:4c:13:a0:81:28:aa:6a:e5:d8:0a:69:06:e0:aa:79:03:83:
b3:53:b5:0c:f3:0b:b5:42:13:99:09:aa:10:20:3b:e9:ca:11:
39:3b:15:e4:14:fe:f4:25:e6:17:76:d6:97:3e:e5:d8:c2:d2:
cc:cb:52:d8:fd:93:0d:73:6d:31:e9:55:e5:2e:aa:9e:b9:1b:
28:a4:3f:39:0d:db:fb:6f:59:eb:9e:ee:1a:17:46:49:7e:b0:
88:73:c2:73:21:07:93:87:fa:84:31:5c:55:4b:56:b4:e6:ee:
0b:8b:c8:db:b0:cd:d3:a3:e5:d7:97:1c:1d:b7:d0:dd:e9:8b:
04:c7:09:1a:37:7b:83:72:d6:f1:9f:5a:7b:e5:1f:a8:2e:bf:
2b:a8:1d:3e:57:0c:24:4c:e3:24:13:eb:49:6b:97:3d:a5:b4:
5c:eb:45:4a:1a:a6:b7:69:31:07:b9:b7:e5:c1:52:19:4f:e4:
a5:95:b3:d9
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZalS8zjq6gGG4i71c5TgWA/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjUwNTA2MTExMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzhiNTczNjU2YWI3YjVlMWNhMzAwZTM5NjhlMmI3MzQ5M2Y2NzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Unk/Z7JLONWeFFk7aWA+KOwzgKf
dfVFG2MLbAzDujCD8KzXRZNYk2BI00ETTkgD8JovDWQ69CANbYg02bRQQo/kTOTs
RnAfN/auayTqLgkXpdimwdYIFJCPPRmQbVvQ30TnyzccUheDMdA2QgW3YniPXPD1
aXDSra8eQumjCqcdJeHj3uUGm1hqc392Wor8qhHXrsfitqJ6iPpABrVXzxbeaoUc
iab9tQ46Z2vA2o3Uu92SMvimzc9cW8OppGvj/Y/CF1ikoT5+c9TQJBX3mGO5Hk36
tz7uStinSn+zbaXr+rX5wuPBP89Z2+0OHM9DDF/7IWkA52yyyhL9F65m2QIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFAeLVzZWq3teHKMA45aOK3NJP2crMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvQjR0WE5sYXJlMTRjb3dEamxvNHJjMGtfWnlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCLVr4MAwD
BAUtXeADBAAtXeIDBAAtgkwDBAAtgk8DBAFZvpQDBABZvpcDBALUPAAwDQYJKoZI
hvcNAQELBQADggEBAIzDR96FbmOOebkdHyCBStTIegSDZibSoNGk/a/0Kuf1mD3+
hwtXIuEGIYDgaqUh3WtV9Bf5J08/4Q9UT45IIn7jiOa+P0stE95ME6CBKKpq5dgK
aQbgqnkDg7NTtQzzC7VCE5kJqhAgO+nKETk7FeQU/vQl5hd21pc+5djC0szLUtj9
kw1zbTHpVeUuqp65GyikPzkN2/tvWeue7hoXRkl+sIhzwnMhB5OH+oQxXFVLVrTm
7guLyNuwzdOj5deXHB230N3piwTHCRo3e4Ny1vGfWnvlH6guvyuoHT5XDCRM4yQT
60lrlz2ltFzrRUoaprdpMQe5t+XBUhlP5KWVs9k=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:17:11 2025 by rpki-client