Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/_NpJEa0CTrj7qX7Y9tcXFOF6hNc.roa
File: _NpJEa0CTrj7qX7Y9tcXFOF6hNc.roa (raw, json)
Hash identifier: xp8Vb9C92E2btUmjr1NGEmmqOkcqpqtA246R+clxZN8=
Subject key identifier: FC:DA:49:11:AD:02:4E:B8:FB:A9:7E:D8:F6:D7:17:14:E1:7A:84:D7
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019427B3B031BBBB1E95CD94084CAB6220DE
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/_NpJEa0CTrj7qX7Y9tcXFOF6hNc.roa
Signing time: Thu 02 Jan 2025 15:47:55 +0000
ROA not before: Thu 02 Jan 2025 15:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211588
IP address blocks: 45.83.205.0/24 maxlen: 24
45.131.60.0/24 maxlen: 24
45.134.222.0/24 maxlen: 24
2a07:e345::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:b0:31:bb:bb:1e:95:cd:94:08:4c:ab:62:20:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 15:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fcda4911ad024eb8fba97ed8f6d71714e17a84d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:84:61:c0:b2:57:a5:56:c7:10:be:73:6d:fa:
92:2b:15:af:ad:11:6b:7f:c2:de:d5:63:37:f4:38:
c3:2f:ec:56:56:50:0e:e3:b0:64:14:26:d3:73:cd:
3f:12:38:69:53:d6:81:98:57:ef:aa:7f:22:c1:b0:
68:61:e7:eb:07:09:07:45:24:a9:e8:6b:57:88:5a:
61:44:d0:5e:4f:2a:ef:fb:80:75:a0:36:f8:4e:8d:
d9:70:8b:33:45:c1:5e:5f:e4:ec:8b:4b:6a:b0:f0:
e9:c3:67:3a:fd:31:b9:db:c3:fe:c0:ba:73:70:23:
92:b1:94:fd:23:b9:fe:98:b1:5a:03:df:2a:b0:fe:
7d:8c:80:4d:f7:87:4d:67:fc:22:26:5d:80:1a:f8:
f0:c1:44:8d:89:e0:86:cf:a7:20:6d:d0:b8:ff:7f:
55:91:45:70:1e:91:34:25:b6:5b:f6:47:ec:3d:e9:
47:4c:53:da:24:7e:b5:e0:bd:c6:b7:15:3f:9e:43:
f8:2b:eb:53:fc:8a:aa:75:e4:d2:89:eb:58:26:ed:
f1:d3:ea:ae:5e:c7:5f:84:68:17:ba:77:a2:15:2b:
41:43:cd:31:9b:dc:de:38:02:31:95:e8:78:b9:5b:
b5:8f:ce:2b:4f:54:c4:a8:e3:3f:23:ec:0f:a5:e9:
6c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:DA:49:11:AD:02:4E:B8:FB:A9:7E:D8:F6:D7:17:14:E1:7A:84:D7
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/_NpJEa0CTrj7qX7Y9tcXFOF6hNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.205.0/24
45.131.60.0/24
45.134.222.0/24
IPv6:
2a07:e345::/32
Signature Algorithm: sha256WithRSAEncryption
41:f9:8a:d6:50:bc:e1:8b:9f:b5:75:15:75:37:3c:7d:03:52:
12:dd:88:02:c5:31:55:f9:91:8c:b6:5a:27:14:18:c4:74:74:
5b:33:30:e2:a5:aa:65:a1:bd:95:e3:2e:cc:5c:1c:a3:2b:bc:
0a:99:47:0a:67:0e:0c:00:11:d2:21:1e:27:e9:3b:f7:46:3b:
1b:e8:7c:ce:87:86:03:0d:30:80:f8:d2:fc:a7:dc:72:fc:be:
87:c6:78:45:81:89:9a:d2:3b:69:5f:1d:98:59:10:52:80:e6:
cc:12:03:55:7b:4d:6f:47:80:01:78:ae:72:90:78:50:2e:76:
ab:d3:d6:c7:25:99:c1:da:5d:cd:b3:6f:0f:cf:d8:b9:53:71:
29:ec:41:ef:56:6f:73:c9:4c:3a:9e:5d:e2:d4:50:1a:42:a7:
05:e0:8c:81:98:3b:e5:36:e0:df:20:94:31:a7:94:6a:02:ff:
1c:06:bb:cd:c3:1e:4d:a7:e9:f7:c2:e4:cf:4d:bc:5b:26:d7:
f0:ea:3a:49:12:11:fc:c8:be:80:dd:e9:46:7c:e7:7c:3f:2a:
9f:cb:b2:6c:24:a5:f9:87:a4:93:39:fd:f8:41:4c:9b:38:37:
f7:d4:97:e8:31:19:67:4c:20:60:20:22:40:65:20:c1:71:c9:
16:41:47:af
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQns7Axu7selc2UCEyrYiDeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTAyMTU0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2RhNDkxMWFkMDI0ZWI4ZmJhOTdlZDhmNmQ3MTcxNGUxN2E4NGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIRhwLJXpVbHEL5zbfqSKxWvrRFr
f8Le1WM39DjDL+xWVlAO47BkFCbTc80/EjhpU9aBmFfvqn8iwbBoYefrBwkHRSSp
6GtXiFphRNBeTyrv+4B1oDb4To3ZcIszRcFeX+Tsi0tqsPDpw2c6/TG528P+wLpz
cCOSsZT9I7n+mLFaA98qsP59jIBN94dNZ/wiJl2AGvjwwUSNieCGz6cgbdC4/39V
kUVwHpE0JbZb9kfsPelHTFPaJH614L3GtxU/nkP4K+tT/IqqdeTSietYJu3x0+qu
XsdfhGgXuneiFStBQ80xm9zeOAIxleh4uVu1j84rT1TEqOM/I+wPpelsRQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPzaSRGtAk64+6l+2PbXFxTheoTXMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvX05wSkVhMENUcmo3cVg3WTl0Y1hGT0Y2aE5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQALVPNAwQA
LYM8AwQALYbeMA0EAgACMAcDBQAqB+NFMA0GCSqGSIb3DQEBCwUAA4IBAQBB+YrW
ULzhi5+1dRV1Nzx9A1IS3YgCxTFV+ZGMtlonFBjEdHRbMzDipaplob2V4y7MXByj
K7wKmUcKZw4MABHSIR4n6Tv3Rjsb6HzOh4YDDTCA+NL8p9xy/L6HxnhFgYma0jtp
Xx2YWRBSgObMEgNVe01vR4ABeK5ykHhQLnar09bHJZnB2l3Ns28Pz9i5U3Ep7EHv
Vm9zyUw6nl3i1FAaQqcF4IyBmDvlNuDfIJQxp5RqAv8cBrvNwx5Np+n3wuTPTbxb
Jtfw6jpJEhH8yL6A3elGfOd8Pyqfy7JsJKX5h6STOf34QUybODf31JfoMRlnTCBg
ICJAZSDBcckWQUev
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:59:44 2025 by rpki-client