Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/AI2atPkSwnQfidcUPlqPRiBwNGg.roa
File: AI2atPkSwnQfidcUPlqPRiBwNGg.roa (raw, json)
Hash identifier: vCKFEAuGZrsTTKsJb1cHJAP44AwwYyfQxmu7M6uYzzc=
Subject key identifier: 00:8D:9A:B4:F9:12:C2:74:1F:89:D7:14:3E:5A:8F:46:20:70:34:68
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01946E985D0594D294EB352608AE27B85280
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/AI2atPkSwnQfidcUPlqPRiBwNGg.roa
Signing time: Thu 16 Jan 2025 10:11:06 +0000
ROA not before: Thu 16 Jan 2025 10:11:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206092
IP address blocks: 45.86.200.0/24 maxlen: 24
45.86.202.0/24 maxlen: 24
45.92.229.0/24 maxlen: 24
45.146.54.0/24 maxlen: 24
45.154.137.0/24 maxlen: 24
45.154.138.0/24 maxlen: 24
45.157.112.0/24 maxlen: 24
136.144.17.0/24 maxlen: 24
136.144.19.0/24 maxlen: 24
136.144.33.0/24 maxlen: 24
136.144.42.0/24 maxlen: 24
193.36.224.0/24 maxlen: 24
193.36.225.0/24 maxlen: 24
193.37.32.0/24 maxlen: 24
193.37.33.0/24 maxlen: 24
193.176.211.0/24 maxlen: 24
194.5.48.0/24 maxlen: 24
194.5.53.0/24 maxlen: 24
194.34.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6e:98:5d:05:94:d2:94:eb:35:26:08:ae:27:b8:52:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 16 10:11:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=008d9ab4f912c2741f89d7143e5a8f4620703468
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:2e:cb:db:84:a6:f3:b0:5d:61:19:8b:e2:27:
44:22:4e:ce:4a:d7:59:6c:4a:43:b6:34:ac:42:06:
5b:26:95:3f:e3:03:96:5c:c6:65:da:01:4e:17:a5:
7d:03:ee:7b:55:9e:56:9e:8b:ff:32:7d:de:54:27:
aa:c4:4e:43:5e:8a:bc:83:b7:bc:1d:79:0d:66:db:
5c:94:ef:97:e2:21:2c:07:37:61:78:ec:71:2e:fe:
2a:0d:df:c6:0f:a4:26:4b:0c:23:7e:f8:d7:d9:f6:
ec:17:d5:75:af:5d:3e:a4:bc:09:ab:70:ae:fc:a2:
97:f4:3d:b3:ef:11:c9:74:1d:3d:c1:86:9b:c4:52:
96:a4:14:d9:9f:a8:95:20:53:e7:3a:29:ab:e4:4e:
93:75:98:ab:17:86:2e:64:79:a3:49:cd:44:7e:a1:
5b:e7:65:1f:c9:63:48:ad:de:cf:4a:9c:12:39:a5:
bf:c2:15:4f:20:59:39:30:d8:c8:fe:cd:aa:65:a7:
f9:4f:4f:ed:33:af:5b:19:13:e1:41:22:84:a3:5d:
2f:96:70:2a:13:43:d3:91:83:4f:62:41:0d:57:0b:
cf:d6:ed:31:47:8d:a2:0f:2c:7a:cf:c4:f0:98:d0:
bf:a2:0b:70:2b:74:69:df:6a:b9:3e:51:c1:71:ea:
b1:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:8D:9A:B4:F9:12:C2:74:1F:89:D7:14:3E:5A:8F:46:20:70:34:68
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/AI2atPkSwnQfidcUPlqPRiBwNGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.200.0/24
45.86.202.0/24
45.92.229.0/24
45.146.54.0/24
45.154.137.0-45.154.138.255
45.157.112.0/24
136.144.17.0/24
136.144.19.0/24
136.144.33.0/24
136.144.42.0/24
193.36.224.0/23
193.37.32.0/23
193.176.211.0/24
194.5.48.0/24
194.5.53.0/24
194.34.173.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:ec:12:2a:d0:77:be:60:f3:c7:48:3f:9e:98:bb:cb:bf:4f:
7f:81:16:6e:ec:bd:aa:7e:fc:20:aa:0f:ae:7d:18:5f:40:df:
1b:7b:d7:69:12:bb:43:56:4d:ae:38:d6:14:f3:6e:2d:c8:21:
8c:bf:18:20:05:3e:e6:80:e9:bd:75:40:16:d0:d6:e1:bf:bc:
34:e3:21:de:bc:43:42:19:ce:ed:38:dd:21:dd:e0:cb:4f:1b:
ea:39:a2:69:40:a2:82:d0:c8:40:ec:9b:64:4a:af:66:07:de:
3c:0e:48:cf:43:e4:e3:1d:f8:d7:13:23:2d:fa:5e:a2:8c:2e:
df:33:90:6b:df:42:e0:6b:31:a7:e6:35:b2:af:f4:22:5a:ad:
11:31:b3:87:13:e0:38:e3:bf:a7:53:38:e4:33:b7:29:dd:69:
04:a5:2e:db:93:51:ac:11:16:7a:12:0b:ed:7a:9b:8a:0e:be:
43:7f:06:f2:0c:bb:b2:dd:e1:18:fa:ca:12:e8:32:40:1a:1f:
92:a4:27:94:ef:2a:4d:46:97:01:f7:fa:d0:d1:d0:60:61:8f:
0d:0d:6d:91:0d:79:c4:e1:1f:eb:21:2e:4a:e1:06:06:1b:d8:
68:dc:6e:22:60:a7:99:b3:f2:ba:97:ec:32:63:b9:1e:34:42:
eb:b4:2e:fa
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZRumF0FlNKU6zUmCK4nuFKAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTE2MTAxMTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDhkOWFiNGY5MTJjMjc0MWY4OWQ3MTQzZTVhOGY0NjIwNzAzNDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAki7L24Sm87BdYRmL4idEIk7OStdZ
bEpDtjSsQgZbJpU/4wOWXMZl2gFOF6V9A+57VZ5Wnov/Mn3eVCeqxE5DXoq8g7e8
HXkNZttclO+X4iEsBzdheOxxLv4qDd/GD6QmSwwjfvjX2fbsF9V1r10+pLwJq3Cu
/KKX9D2z7xHJdB09wYabxFKWpBTZn6iVIFPnOimr5E6TdZirF4YuZHmjSc1EfqFb
52UfyWNIrd7PSpwSOaW/whVPIFk5MNjI/s2qZaf5T0/tM69bGRPhQSKEo10vlnAq
E0PTkYNPYkENVwvP1u0xR42iDyx6z8TwmNC/ogtwK3Rp32q5PlHBceqxiwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFACNmrT5EsJ0H4nXFD5aj0YgcDRoMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvQUkyYXRQa1N3blFmaWRjVVBscVBSaUJ3TkdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAC1WyAME
AC1WygMEAC1c5QMEAC2SNjAMAwQALZqJAwQALZqKAwQALZ1wAwQAiJARAwQAiJAT
AwQAiJAhAwQAiJAqAwQBwSTgAwQBwSUgAwQAwbDTAwQAwgUwAwQAwgU1AwQAwiKt
MA0GCSqGSIb3DQEBCwUAA4IBAQCn7BIq0He+YPPHSD+emLvLv09/gRZu7L2qfvwg
qg+ufRhfQN8be9dpErtDVk2uONYU824tyCGMvxggBT7mgOm9dUAW0Nbhv7w04yHe
vENCGc7tON0h3eDLTxvqOaJpQKKC0MhA7JtkSq9mB948DkjPQ+TjHfjXEyMt+l6i
jC7fM5Br30LgazGn5jWyr/QiWq0RMbOHE+A447+nUzjkM7cp3WkEpS7bk1GsERZ6
EgvtepuKDr5DfwbyDLuy3eEY+soS6DJAGh+SpCeU7ypNRpcB9/rQ0dBgYY8NDW2R
DXnE4R/rIS5K4QYGG9ho3G4iYKeZs/K6l+wyY7keNELrtC76
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:56:17 2025 by rpki-client