Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/afe373-e5bc-4010-8ad6-6aab2b1b922c/1/Dmq6rzRBY22zQprWtgsSucnmPfw.roa
File: Dmq6rzRBY22zQprWtgsSucnmPfw.roa (raw, json)
Hash identifier: 53HdmBv78dIaQNhdTstURpa3FkH5iHS78bcTm103dts=
Subject key identifier: 0E:6A:BA:AF:34:41:63:6D:B3:42:9A:D6:B6:0B:12:B9:C9:E6:3D:FC
Certificate issuer: /CN=6fa86d1c1676a59a46acf37336192e985cff0e5b
Certificate serial: 019427B50B3FE1EA3BA378BCD6D1F48EB366
Authority key identifier: 6F:A8:6D:1C:16:76:A5:9A:46:AC:F3:73:36:19:2E:98:5C:FF:0E:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b6htHBZ2pZpGrPNzNhkumFz_Dls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/afe373-e5bc-4010-8ad6-6aab2b1b922c/1/Dmq6rzRBY22zQprWtgsSucnmPfw.roa
Signing time: Thu 02 Jan 2025 15:49:23 +0000
ROA not before: Thu 02 Jan 2025 15:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209242
IP address blocks: 45.14.174.0/24 maxlen: 24
45.80.109.0/24 maxlen: 24
45.80.111.0/24 maxlen: 24
80.94.83.0/24 maxlen: 24
188.244.122.0/24 maxlen: 24
193.9.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/afe373-e5bc-4010-8ad6-6aab2b1b922c/1/b6htHBZ2pZpGrPNzNhkumFz_Dls.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/afe373-e5bc-4010-8ad6-6aab2b1b922c/1/b6htHBZ2pZpGrPNzNhkumFz_Dls.mft
rsync://rpki.ripe.net/repository/DEFAULT/b6htHBZ2pZpGrPNzNhkumFz_Dls.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:0b:3f:e1:ea:3b:a3:78:bc:d6:d1:f4:8e:b3:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fa86d1c1676a59a46acf37336192e985cff0e5b
Validity
Not Before: Jan 2 15:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e6abaaf3441636db3429ad6b60b12b9c9e63dfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:85:b4:79:45:2f:40:10:36:34:bb:a0:58:c5:
59:2a:b5:57:12:9b:75:be:27:16:ba:5e:3e:00:9d:
72:62:84:b8:9a:78:6e:1a:2b:f6:79:59:34:10:b4:
0b:ad:6b:6f:92:5b:e1:3d:5b:a7:3f:0d:18:0e:7b:
04:9a:d4:44:3d:40:2d:34:a0:20:4b:37:42:2f:30:
f4:b8:0f:e8:6c:17:fb:dc:ac:77:b4:f3:aa:0a:c7:
90:c5:ce:84:ac:9f:96:37:e8:e3:01:11:c8:49:ae:
d5:c6:24:82:7f:62:87:0f:dd:58:0f:a4:95:8f:51:
c5:8c:59:ab:9e:70:5d:33:d9:e8:d1:2b:3c:03:aa:
5a:84:b2:29:bb:1e:8a:06:3f:29:36:e3:3a:e2:a5:
e7:96:57:31:9c:39:08:6c:17:ac:7b:88:57:72:fa:
c8:28:87:6a:e2:ba:c7:1f:ed:63:08:d0:4d:97:32:
59:93:df:50:f0:1a:ee:6a:3c:0c:54:9b:b8:42:13:
4e:71:9e:6d:83:b5:3f:8e:ad:36:c8:35:54:d8:aa:
24:8b:6d:f5:42:99:72:e7:04:9a:c3:56:e5:c3:ce:
5d:d3:56:91:60:92:80:e0:90:49:6c:40:1a:3e:0a:
de:ef:3a:c7:8b:24:f9:04:1e:79:5c:77:bc:90:1c:
b2:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:6A:BA:AF:34:41:63:6D:B3:42:9A:D6:B6:0B:12:B9:C9:E6:3D:FC
X509v3 Authority Key Identifier:
keyid:6F:A8:6D:1C:16:76:A5:9A:46:AC:F3:73:36:19:2E:98:5C:FF:0E:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6htHBZ2pZpGrPNzNhkumFz_Dls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/afe373-e5bc-4010-8ad6-6aab2b1b922c/1/Dmq6rzRBY22zQprWtgsSucnmPfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/afe373-e5bc-4010-8ad6-6aab2b1b922c/1/b6htHBZ2pZpGrPNzNhkumFz_Dls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.174.0/24
45.80.109.0/24
45.80.111.0/24
80.94.83.0/24
188.244.122.0/24
193.9.49.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:c5:bb:d0:4c:d4:63:55:d5:f2:07:75:c0:48:b1:6f:5c:4d:
e9:58:ce:05:be:2b:0b:9e:ac:70:bb:95:57:9d:fc:5f:1d:f8:
2d:d6:6a:3e:d3:ad:5f:ac:fb:13:a9:93:4e:c2:28:cf:04:66:
12:7e:2f:86:84:5d:c3:62:42:0d:73:7a:ef:fd:80:8c:a8:03:
c4:86:a9:f5:31:72:47:6d:39:c7:28:7c:e6:04:29:20:d1:5c:
37:a8:e6:95:bb:59:01:2a:cb:b7:2a:5d:21:e2:5a:e4:94:52:
2e:32:c9:e4:29:e9:5c:97:78:23:08:85:db:74:e8:4d:67:32:
51:65:34:c4:83:e9:6d:1c:0f:ac:e2:27:53:14:f4:0e:78:c6:
93:a8:ff:61:77:9b:7d:75:73:e5:e0:5c:19:8e:e0:56:2d:37:
e8:77:c3:ae:3b:4a:7e:cd:0d:bb:40:2d:54:a6:d9:8f:f0:ba:
65:c0:02:fb:af:79:41:51:85:79:3d:39:00:b3:18:10:4e:6f:
90:42:0a:d9:fc:b2:fd:0e:54:af:cb:2b:b3:a5:74:8e:59:47:
9e:0e:91:7b:d3:74:6c:9b:6d:b8:4f:c3:57:2b:b6:ea:af:f5:
41:93:99:8a:04:26:c2:40:74:8f:32:ac:8b:ab:49:42:b4:8b:
83:48:2c:3c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQntQs/4eo7o3i81tH0jrNmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYTg2ZDFjMTY3NmE1OWE0NmFjZjM3MzM2MTkyZTk4NWNm
ZjBlNWIwHhcNMjUwMTAyMTU0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTZhYmFhZjM0NDE2MzZkYjM0MjlhZDZiNjBiMTJiOWM5ZTYzZGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoW0eUUvQBA2NLugWMVZKrVXEpt1
vicWul4+AJ1yYoS4mnhuGiv2eVk0ELQLrWtvklvhPVunPw0YDnsEmtREPUAtNKAg
SzdCLzD0uA/obBf73Kx3tPOqCseQxc6ErJ+WN+jjARHISa7VxiSCf2KHD91YD6SV
j1HFjFmrnnBdM9no0Ss8A6pahLIpux6KBj8pNuM64qXnllcxnDkIbBese4hXcvrI
KIdq4rrHH+1jCNBNlzJZk99Q8BruajwMVJu4QhNOcZ5tg7U/jq02yDVU2Koki231
Qply5wSaw1blw85d01aRYJKA4JBJbEAaPgre7zrHiyT5BB55XHe8kByy7wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFA5quq80QWNts0Ka1rYLErnJ5j38MB8GA1UdIwQY
MBaAFG+obRwWdqWaRqzzczYZLphc/w5bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjZodEhCWjJwWnBHclBOek5oa3VtRnpfRGxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hZmUzNzMtZTViYy00MDEwLThhZDYt
NmFhYjJiMWI5MjJjLzEvRG1xNnJ6UkJZMjJ6UXByV3Rnc1N1Y25tUGZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9hZmUzNzMtZTViYy00MDEwLThhZDYtNmFhYjJiMWI5MjJj
LzEvYjZodEhCWjJwWnBHclBOek5oa3VtRnpfRGxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALQ6uAwQA
LVBtAwQALVBvAwQAUF5TAwQAvPR6AwQAwQkxMA0GCSqGSIb3DQEBCwUAA4IBAQBK
xbvQTNRjVdXyB3XASLFvXE3pWM4FvisLnqxwu5VXnfxfHfgt1mo+061frPsTqZNO
wijPBGYSfi+GhF3DYkINc3rv/YCMqAPEhqn1MXJHbTnHKHzmBCkg0Vw3qOaVu1kB
Ksu3Kl0h4lrklFIuMsnkKelcl3gjCIXbdOhNZzJRZTTEg+ltHA+s4idTFPQOeMaT
qP9hd5t9dXPl4FwZjuBWLTfod8OuO0p+zQ27QC1UptmP8LplwAL7r3lBUYV5PTkA
sxgQTm+QQgrZ/LL9DlSvyyuzpXSOWUeeDpF703Rsm224T8NXK7bqr/VBk5mKBCbC
QHSPMqyLq0lCtIuDSCw8
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:37:24 2025 by rpki-client