Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/5-mX138eXj7bwG3w641jjzYdKPY.roa
File: 5-mX138eXj7bwG3w641jjzYdKPY.roa (raw, json)
Hash identifier: MeTRaYegHfPWIg4W8Bgsr0RndWp7BNwUZP6p5FCsM6Q=
Subject key identifier: E7:E9:97:D7:7F:1E:5E:3E:DB:C0:6D:F0:EB:8D:63:8F:36:1D:28:F6
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019427B3AEC6AC2F8477D237C730156255C6
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/5-mX138eXj7bwG3w641jjzYdKPY.roa
Signing time: Thu 02 Jan 2025 15:47:54 +0000
ROA not before: Thu 02 Jan 2025 15:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210636
IP address blocks: 45.88.246.0/24 maxlen: 24
45.88.247.0/24 maxlen: 24
45.94.28.0/24 maxlen: 24
45.132.192.0/24 maxlen: 24
45.148.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:ae:c6:ac:2f:84:77:d2:37:c7:30:15:62:55:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 15:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e7e997d77f1e5e3edbc06df0eb8d638f361d28f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:db:aa:a6:e2:b0:a4:ad:a6:62:99:ca:60:54:
19:e1:c0:cc:59:ee:02:29:a8:9f:29:86:3a:0a:9a:
9e:bb:85:3c:a6:c3:16:36:02:e0:c5:b5:30:d1:e5:
90:bb:bf:22:97:c3:65:76:23:3b:c3:46:e3:3d:43:
a0:c9:a8:70:bf:21:55:d6:36:93:f5:fe:71:25:a3:
ec:d9:be:9b:5c:5b:54:b3:c0:0e:d3:33:28:c1:af:
c6:d1:2a:6c:10:75:3e:35:2e:49:ac:76:ac:b9:e6:
a4:f5:c8:77:98:01:e3:ad:c9:aa:cb:51:7c:86:38:
f3:87:5b:0d:34:c1:3b:14:6d:32:92:40:c5:b2:89:
6d:c9:be:dd:65:f7:f7:17:30:b1:61:01:a3:43:d8:
0a:4c:56:ad:6c:63:b8:9a:df:0a:48:b0:ac:e5:54:
9f:f8:f0:40:fb:65:e8:35:0e:80:c3:ac:40:df:c9:
69:d1:ef:2e:f2:14:75:72:b1:3a:f2:e3:8d:43:bb:
f0:3d:ad:87:23:5c:e8:f0:4b:5c:c3:8a:01:e3:c0:
79:f9:47:fd:af:ec:a3:3b:e5:a2:18:50:27:4f:0e:
68:81:ca:2d:6d:4a:2a:0b:8f:c5:10:32:06:a1:90:
54:16:f6:6e:c6:14:d0:60:39:35:52:ee:44:35:57:
16:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:E9:97:D7:7F:1E:5E:3E:DB:C0:6D:F0:EB:8D:63:8F:36:1D:28:F6
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/5-mX138eXj7bwG3w641jjzYdKPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.246.0/23
45.94.28.0/24
45.132.192.0/24
45.148.26.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:7b:18:08:b0:07:18:4f:34:3d:98:3b:10:c4:b3:03:06:fc:
5f:21:fb:09:6a:7b:14:be:fc:3c:87:da:be:ce:e5:ea:20:02:
b1:1c:6a:07:0d:9f:34:57:89:2f:0b:1e:4c:95:74:70:50:bf:
b6:70:9e:77:e8:be:cb:be:28:0e:5e:76:d7:7a:59:9c:da:51:
ee:bd:11:68:7d:af:9a:d2:7a:91:af:4c:43:4f:8c:cf:69:cb:
28:ba:97:fe:06:49:be:1a:eb:aa:55:e8:cb:86:26:1b:16:a0:
c9:47:10:4a:a9:8a:2a:5a:dd:77:ed:d0:82:42:14:7a:1c:0e:
89:5c:fc:df:9f:fa:41:ba:d2:0e:5f:46:fd:ee:8e:4f:50:11:
ed:dc:5b:94:bf:44:d9:c5:ad:0d:9d:80:24:07:f2:ed:24:98:
e1:12:bf:ee:90:b0:eb:c9:37:a2:ff:5b:0b:1f:3b:33:ab:41:
9b:2a:28:3a:65:76:0f:36:aa:cf:5c:4c:c7:16:9e:86:b8:6c:
5b:d3:59:13:6a:7f:ba:d6:af:e3:ab:98:03:be:ae:a9:fe:a4:
a5:6d:91:4d:7e:6b:7c:e9:b1:3c:d9:ce:41:23:76:02:b0:46:
9c:b5:9d:93:2b:e7:fe:d3:c9:e8:8f:6a:5f:74:e4:8c:4d:87:
6c:03:72:89
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQns67GrC+Ed9I3xzAVYlXGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTAyMTU0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2U5OTdkNzdmMWU1ZTNlZGJjMDZkZjBlYjhkNjM4ZjM2MWQyOGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqduqpuKwpK2mYpnKYFQZ4cDMWe4C
KaifKYY6Cpqeu4U8psMWNgLgxbUw0eWQu78il8NldiM7w0bjPUOgyahwvyFV1jaT
9f5xJaPs2b6bXFtUs8AO0zMowa/G0SpsEHU+NS5JrHasueak9ch3mAHjrcmqy1F8
hjjzh1sNNME7FG0ykkDFsoltyb7dZff3FzCxYQGjQ9gKTFatbGO4mt8KSLCs5VSf
+PBA+2XoNQ6Aw6xA38lp0e8u8hR1crE68uONQ7vwPa2HI1zo8Etcw4oB48B5+Uf9
r+yjO+WiGFAnTw5ogcotbUoqC4/FEDIGoZBUFvZuxhTQYDk1Uu5ENVcWcQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOfpl9d/Hl4+28Bt8OuNY482HSj2MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvNS1tWDEzOGVYajdid0czdzY0MWpqellkS1BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLVj2AwQA
LV4cAwQALYTAAwQALZQaMA0GCSqGSIb3DQEBCwUAA4IBAQCnexgIsAcYTzQ9mDsQ
xLMDBvxfIfsJansUvvw8h9q+zuXqIAKxHGoHDZ80V4kvCx5MlXRwUL+2cJ536L7L
vigOXnbXelmc2lHuvRFofa+a0nqRr0xDT4zPacsoupf+Bkm+GuuqVejLhiYbFqDJ
RxBKqYoqWt137dCCQhR6HA6JXPzfn/pButIOX0b97o5PUBHt3FuUv0TZxa0NnYAk
B/LtJJjhEr/ukLDryTei/1sLHzszq0GbKig6ZXYPNqrPXEzHFp6GuGxb01kTan+6
1q/jq5gDvq6p/qSlbZFNfmt86bE82c5BI3YCsEactZ2TK+f+08noj2pfdOSMTYds
A3KJ
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:42:04 2025 by rpki-client