Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/ARezak8V-5mw6deSCADiac-Xj_w.roa
File: ARezak8V-5mw6deSCADiac-Xj_w.roa (raw, json)
Hash identifier: 9wzguKPWEYzNmwfk6z7NHzk2CG37G+xy/bZuEFspBZ4=
Subject key identifier: 01:17:B3:6A:4F:15:FB:99:B0:E9:D7:92:08:00:E2:69:CF:97:8F:FC
Certificate issuer: /CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Certificate serial: 0194DB07287B77DFCFA928C54B580165F82E
Authority key identifier: 0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/ARezak8V-5mw6deSCADiac-Xj_w.roa
Signing time: Thu 06 Feb 2025 11:31:06 +0000
ROA not before: Thu 06 Feb 2025 11:31:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 45.144.242.0/24 maxlen: 24
45.144.243.0/24 maxlen: 24
81.90.190.0/24 maxlen: 24
91.220.202.0/24 maxlen: 24
91.220.203.0/24 maxlen: 24
185.126.227.0/24 maxlen: 24
192.54.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.mft
rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:db:07:28:7b:77:df:cf:a9:28:c5:4b:58:01:65:f8:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Validity
Not Before: Feb 6 11:31:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0117b36a4f15fb99b0e9d7920800e269cf978ffc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:39:fd:3b:1a:dd:76:71:03:fb:c8:e3:d8:5f:
34:0d:c7:ad:9f:b8:f9:39:0f:db:ce:1b:80:7c:ff:
82:ea:f8:39:4b:51:3f:c5:c1:c8:b7:34:09:71:ec:
b0:c9:b4:9a:d7:7c:f5:fa:d0:eb:ce:42:a6:88:69:
48:2f:c5:e3:4e:f0:a9:73:7b:da:c2:54:35:2d:20:
b6:18:c6:8c:7c:f3:41:d3:1c:51:df:8d:0d:a4:f2:
3c:3d:43:7e:f0:bd:61:64:dc:b6:22:c4:8a:20:2d:
24:ce:2d:00:10:cf:27:bb:63:c4:91:6c:1a:b7:16:
7e:89:4c:7e:7d:36:72:65:3d:05:9e:c1:45:1a:8e:
8e:14:5d:e0:a8:86:a6:fe:e0:d9:b9:76:8e:87:9a:
b7:e4:1f:16:92:f5:7f:ee:8b:a1:cf:8c:2a:e7:75:
3f:95:8b:da:1e:88:7a:5c:4f:59:60:d3:a3:f3:be:
69:8b:3e:f8:b8:6b:01:1f:f0:5b:42:1e:06:f6:db:
07:8b:c6:18:fe:82:81:1b:67:2d:29:29:35:08:45:
94:0a:80:3b:46:5a:fc:a1:65:4c:d0:f2:17:fd:dd:
94:99:c5:3b:55:6e:f2:78:42:c6:ad:5d:25:51:f4:
c5:bc:d2:c2:7d:13:88:bc:3a:2d:80:99:4e:5b:c4:
bb:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:17:B3:6A:4F:15:FB:99:B0:E9:D7:92:08:00:E2:69:CF:97:8F:FC
X509v3 Authority Key Identifier:
keyid:0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/ARezak8V-5mw6deSCADiac-Xj_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.242.0/23
81.90.190.0/24
91.220.202.0/23
185.126.227.0/24
192.54.56.0/24
Signature Algorithm: sha256WithRSAEncryption
87:77:dc:4a:ee:c1:db:f1:0b:45:ff:68:a0:cd:c0:51:05:76:
1a:09:32:53:fc:51:af:d2:46:57:da:0b:36:ac:e5:a2:68:e9:
9f:50:70:dd:c3:49:5e:69:37:9f:af:27:fc:f5:e3:c3:22:8d:
f5:c2:5b:fb:82:ca:58:bf:58:bb:c4:e2:fd:27:22:52:2d:a6:
87:47:19:61:7f:fc:96:bb:4d:28:ce:00:76:cc:85:e6:c1:03:
25:d0:20:fb:73:c7:f2:cf:81:ad:ce:ed:61:35:a7:a3:b2:cd:
88:64:25:33:3f:f6:36:65:ad:4a:60:89:e9:28:ca:11:e1:fd:
07:ad:c5:1c:44:7c:14:ff:e9:fc:b7:03:a0:47:b2:bc:bb:19:
c1:6c:43:0b:92:a6:9c:4b:34:8d:ec:01:97:a1:31:c6:96:fe:
d7:19:70:ac:6d:98:58:14:73:c7:8b:93:a3:3e:26:e5:4c:8a:
28:8b:bc:8a:df:fa:da:65:5a:9f:f1:da:5c:38:99:c0:45:cf:
27:4c:ee:92:67:90:61:8f:90:1c:e6:25:5a:02:73:76:68:dc:
0c:49:d5:ab:12:3e:e7:7e:45:ca:bc:df:4a:1c:8e:b3:95:3e:
ce:88:ee:83:d4:73:19:0b:b7:df:de:2f:c4:1f:66:c1:8a:06:
ad:7a:45:53
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZTbByh7d9/PqSjFS1gBZfguMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMjQ3ZTczMzkxZWM5ZDZhMmE0NmYyY2IwYjAyZmM5OTQy
ODhmMTMwHhcNMjUwMjA2MTEzMTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTE3YjM2YTRmMTVmYjk5YjBlOWQ3OTIwODAwZTI2OWNmOTc4ZmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjn9OxrddnED+8jj2F80Dcetn7j5
OQ/bzhuAfP+C6vg5S1E/xcHItzQJceywybSa13z1+tDrzkKmiGlIL8XjTvCpc3va
wlQ1LSC2GMaMfPNB0xxR340NpPI8PUN+8L1hZNy2IsSKIC0kzi0AEM8nu2PEkWwa
txZ+iUx+fTZyZT0FnsFFGo6OFF3gqIam/uDZuXaOh5q35B8WkvV/7ouhz4wq53U/
lYvaHoh6XE9ZYNOj875piz74uGsBH/BbQh4G9tsHi8YY/oKBG2ctKSk1CEWUCoA7
Rlr8oWVM0PIX/d2UmcU7VW7yeELGrV0lUfTFvNLCfROIvDotgJlOW8S7uwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAEXs2pPFfuZsOnXkggA4mnPl4/8MB8GA1UdIwQY
MBaAFAskfnM5HsnWoqRvLLCwL8mUKI8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMt
NzM2Nzg5ZWU2ZmQwLzEvQVJlemFrOFYtNW13NmRlU0NBRGlhYy1Yal93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMtNzM2Nzg5ZWU2ZmQw
LzEvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBLZDyAwQA
UVq+AwQBW9zKAwQAuX7jAwQAwDY4MA0GCSqGSIb3DQEBCwUAA4IBAQCHd9xK7sHb
8QtF/2igzcBRBXYaCTJT/FGv0kZX2gs2rOWiaOmfUHDdw0leaTefryf89ePDIo31
wlv7gspYv1i7xOL9JyJSLaaHRxlhf/yWu00ozgB2zIXmwQMl0CD7c8fyz4Gtzu1h
Naejss2IZCUzP/Y2Za1KYInpKMoR4f0HrcUcRHwU/+n8twOgR7K8uxnBbEMLkqac
SzSN7AGXoTHGlv7XGXCsbZhYFHPHi5OjPiblTIooi7yK3/raZVqf8dpcOJnARc8n
TO6SZ5Bhj5Ac5iVaAnN2aNwMSdWrEj7nfkXKvN9KHI6zlT7OiO6D1HMZC7ff3i/E
H2bBigatekVT
-----END CERTIFICATE-----
Generated at Sat Apr 12 07:54:25 2025 by rpki-client