Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/JNtxetYJrYKVTd3v4-1KbXXCbtQ.roa
File: JNtxetYJrYKVTd3v4-1KbXXCbtQ.roa (raw, json)
Hash identifier: U0lIJ59leidvzbCluoPST0w6bwER/ola58QhjKMygVA=
Subject key identifier: 24:DB:71:7A:D6:09:AD:82:95:4D:DD:EF:E3:ED:4A:6D:75:C2:6E:D4
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019427B3B2745610C320A6600F695F224C9C
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/JNtxetYJrYKVTd3v4-1KbXXCbtQ.roa
Signing time: Thu 02 Jan 2025 15:47:55 +0000
ROA not before: Thu 02 Jan 2025 15:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212477
IP address blocks: 45.130.119.0/24 maxlen: 24
45.137.198.0/23 maxlen: 24
45.137.204.0/23 maxlen: 24
45.137.206.0/24 maxlen: 24
45.137.207.0/24 maxlen: 24
45.138.19.0/24 maxlen: 24
45.139.50.0/23 maxlen: 24
45.140.140.0/22 maxlen: 24
45.140.188.0/22 maxlen: 24
45.140.212.0/23 maxlen: 23
45.140.212.0/24 maxlen: 24
45.140.213.0/24 maxlen: 24
193.37.248.0/24 maxlen: 24
193.176.244.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:b2:74:56:10:c3:20:a6:60:0f:69:5f:22:4c:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 15:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=24db717ad609ad82954dddefe3ed4a6d75c26ed4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:29:5b:c0:b3:97:f1:16:8c:32:92:cd:bd:83:
0e:1f:27:b1:d7:38:d3:bc:f5:f7:ce:66:85:00:4e:
24:49:da:c7:eb:4e:73:82:18:f8:74:71:36:9d:04:
14:c0:10:f8:1e:a3:cd:a6:12:a3:17:b5:8e:25:0a:
c3:11:2b:f4:f7:3c:e3:53:61:f9:2b:64:b6:0e:7b:
f7:de:29:15:1d:d5:39:b1:2a:3b:68:1e:5d:7f:ef:
ac:2a:b8:49:fe:13:23:66:99:18:2d:6f:00:4a:c3:
8c:67:4c:cf:68:7e:cb:53:41:bd:71:b6:77:88:9f:
88:f8:f6:03:01:e3:f8:1b:78:92:db:44:fa:64:fd:
14:7c:73:d0:0f:60:12:b1:72:4a:bf:c3:71:e3:2a:
52:e4:03:8b:d9:58:6d:33:df:3c:9c:9e:c8:cf:91:
d1:0e:16:d5:f3:b2:12:04:6c:2f:dd:e9:e7:bf:ea:
11:64:18:3a:3f:5b:a0:e4:4f:95:3e:0a:44:3a:81:
d6:eb:6c:49:75:a9:67:f8:cd:68:d8:83:71:04:10:
12:92:a3:07:4d:65:be:da:bc:af:6d:44:61:d5:c6:
de:df:73:fa:93:39:07:f6:3e:40:68:53:d5:83:2a:
fa:fa:48:29:4f:c3:10:f0:e5:5f:03:51:1e:eb:04:
50:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:DB:71:7A:D6:09:AD:82:95:4D:DD:EF:E3:ED:4A:6D:75:C2:6E:D4
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/JNtxetYJrYKVTd3v4-1KbXXCbtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.119.0/24
45.137.198.0/23
45.137.204.0/22
45.138.19.0/24
45.139.50.0/23
45.140.140.0/22
45.140.188.0/22
45.140.212.0/23
193.37.248.0/24
193.176.244.0/23
Signature Algorithm: sha256WithRSAEncryption
95:cb:e1:55:1e:11:bd:cc:2e:ae:e7:4b:83:a9:fe:68:63:92:
2f:d9:41:a8:a7:4e:d1:b9:e1:6a:20:ac:1f:64:e3:07:cf:31:
7b:a1:1f:40:a4:b3:bf:a8:e8:fb:d5:e4:e8:df:ab:0b:b6:f7:
a9:75:ae:ea:47:4b:d9:97:83:45:72:35:ae:80:c7:ae:89:45:
04:89:b3:9f:0a:53:29:23:dc:26:76:1d:65:67:8b:ca:bf:3f:
31:3a:db:8a:f2:69:6a:bb:e3:f3:67:34:20:10:80:e3:82:c0:
cf:cd:52:9b:5d:42:65:49:63:fd:de:01:e6:cb:ad:f0:fa:37:
91:7a:0d:3e:bc:fb:61:e8:f1:bb:43:5e:35:d5:f2:72:b2:d1:
27:c3:58:82:07:7e:8b:bc:25:8d:7e:74:a2:04:ed:be:aa:f0:
97:04:5e:90:0f:ba:1a:8d:db:a2:95:14:10:db:7b:5a:c5:07:
92:59:bf:ea:bb:3b:7c:db:66:b0:3b:91:b4:27:81:73:8d:38:
7a:55:23:ee:70:fd:6b:a3:52:63:73:f3:59:f0:8f:af:76:1c:
45:6d:cc:95:e2:61:41:df:23:ed:cb:19:8d:d4:8c:94:75:9d:
18:f0:87:fe:db:1f:c1:90:43:0d:05:4c:38:64:fd:16:12:ab:
17:83:5f:39
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZQns7J0VhDDIKZgD2lfIkycMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTAyMTU0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGRiNzE3YWQ2MDlhZDgyOTU0ZGRkZWZlM2VkNGE2ZDc1YzI2ZWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuClbwLOX8RaMMpLNvYMOHyex1zjT
vPX3zmaFAE4kSdrH605zghj4dHE2nQQUwBD4HqPNphKjF7WOJQrDESv09zzjU2H5
K2S2Dnv33ikVHdU5sSo7aB5df++sKrhJ/hMjZpkYLW8ASsOMZ0zPaH7LU0G9cbZ3
iJ+I+PYDAeP4G3iS20T6ZP0UfHPQD2ASsXJKv8Nx4ypS5AOL2VhtM988nJ7Iz5HR
DhbV87ISBGwv3ennv+oRZBg6P1ug5E+VPgpEOoHW62xJdaln+M1o2INxBBASkqMH
TWW+2ryvbURh1cbe33P6kzkH9j5AaFPVgyr6+kgpT8MQ8OVfA1Ee6wRQDQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFCTbcXrWCa2ClU3d7+PtSm11wm7UMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvSk50eGV0WUpyWUtWVGQzdjQtMUtiWFhDYnRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALYJ3AwQB
LYnGAwQCLYnMAwQALYoTAwQBLYsyAwQCLYyMAwQCLYy8AwQBLYzUAwQAwSX4AwQB
wbD0MA0GCSqGSIb3DQEBCwUAA4IBAQCVy+FVHhG9zC6u50uDqf5oY5Iv2UGop07R
ueFqIKwfZOMHzzF7oR9ApLO/qOj71eTo36sLtvepda7qR0vZl4NFcjWugMeuiUUE
ibOfClMpI9wmdh1lZ4vKvz8xOtuK8mlqu+PzZzQgEIDjgsDPzVKbXUJlSWP93gHm
y63w+jeReg0+vPth6PG7Q1411fJystEnw1iCB36LvCWNfnSiBO2+qvCXBF6QD7oa
jduilRQQ23taxQeSWb/quzt822awO5G0J4FzjTh6VSPucP1ro1Jjc/NZ8I+vdhxF
bcyV4mFB3yPtyxmN1IyUdZ0Y8If+2x/BkEMNBUw4ZP0WEqsXg185
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:38:54 2025 by rpki-client