Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/yHXb4w8rg7iYaFzkdhW1vmg_Cwc.roa
File: yHXb4w8rg7iYaFzkdhW1vmg_Cwc.roa (raw, json)
Hash identifier: 1gu3bUpEb6AqanmIQ4FGwJlnSIs9bihFazz5LbkzwpE=
Subject key identifier: C8:75:DB:E3:0F:2B:83:B8:98:68:5C:E4:76:15:B5:BE:68:3F:0B:07
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019427B3991DE00EFC6632DDA15F3D801765
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/yHXb4w8rg7iYaFzkdhW1vmg_Cwc.roa
Signing time: Thu 02 Jan 2025 15:47:49 +0000
ROA not before: Thu 02 Jan 2025 15:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39855
IP address blocks: 45.83.188.0/22 maxlen: 24
45.85.224.0/22 maxlen: 24
45.86.248.0/22 maxlen: 24
45.87.22.0/24 maxlen: 24
45.88.120.0/24 maxlen: 24
45.88.122.0/24 maxlen: 24
45.129.232.0/22 maxlen: 24
45.133.252.0/24 maxlen: 24
45.133.254.0/24 maxlen: 24
45.136.72.0/22 maxlen: 24
45.143.192.0/24 maxlen: 24
45.143.194.0/24 maxlen: 24
45.144.216.0/22 maxlen: 24
45.146.52.0/24 maxlen: 24
45.146.56.0/22 maxlen: 24
45.148.24.0/24 maxlen: 24
45.149.0.0/24 maxlen: 24
45.150.92.0/24 maxlen: 24
45.150.94.0/24 maxlen: 24
45.154.136.0/24 maxlen: 24
45.154.139.0/24 maxlen: 24
45.157.96.0/23 maxlen: 24
45.157.113.0/24 maxlen: 24
45.157.114.0/23 maxlen: 24
45.159.244.0/23 maxlen: 24
45.159.247.0/24 maxlen: 24
89.36.36.0/24 maxlen: 24
89.38.38.0/24 maxlen: 24
89.46.46.0/24 maxlen: 24
89.251.1.0/24 maxlen: 24
89.251.3.0/24 maxlen: 24
136.144.16.0/24 maxlen: 24
136.144.18.0/24 maxlen: 24
136.144.24.0/24 maxlen: 24
136.144.32.0/24 maxlen: 24
136.144.34.0/24 maxlen: 24
185.51.193.0/24 maxlen: 24
185.51.194.0/23 maxlen: 23
185.114.60.0/22 maxlen: 22
185.227.32.0/24 maxlen: 24
185.243.244.0/24 maxlen: 24
185.243.246.0/24 maxlen: 24
188.208.38.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:99:1d:e0:0e:fc:66:32:dd:a1:5f:3d:80:17:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 15:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c875dbe30f2b83b898685ce47615b5be683f0b07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:5e:21:fc:54:48:7b:f9:2e:e9:a6:e9:35:4a:
ea:3a:a4:60:c6:20:86:b9:1b:b1:ec:8c:e5:c9:55:
62:36:46:b8:b4:45:be:bf:39:c6:0a:06:56:a4:8d:
2a:0f:3e:7e:8f:8d:fc:7a:43:86:29:1d:43:b5:d1:
11:a2:e1:7c:e0:05:b6:07:23:bc:5b:28:eb:50:87:
6e:f5:0f:b9:f9:4f:7c:6f:b3:9e:7d:47:18:4a:cd:
e7:ec:62:b5:d9:03:32:f6:40:04:a2:5e:1a:5f:ad:
f4:08:44:5e:54:1f:94:3b:f0:c4:a0:6f:13:aa:37:
77:12:12:e2:d9:2c:d3:ea:62:aa:1c:9d:af:60:4b:
2a:99:11:f6:3d:61:e6:5b:6c:61:ce:60:68:8c:a7:
50:89:7d:ef:83:e1:ea:e4:ae:2b:a7:c5:00:ea:59:
73:4a:f2:1d:3d:5b:90:fb:70:15:d2:bb:ce:ec:17:
a5:ae:7e:f9:f5:50:14:31:20:d0:71:5d:08:dd:fd:
0d:b4:1a:b8:ca:1b:6b:d1:de:6a:97:e6:d0:d8:a7:
41:76:1b:df:8e:eb:23:e7:a0:68:03:0d:d2:50:5e:
5c:16:15:9d:da:1d:d7:c4:f0:0c:7e:9f:0e:7b:17:
96:45:39:8c:31:4e:4b:de:9a:80:70:13:c2:1f:dd:
75:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:75:DB:E3:0F:2B:83:B8:98:68:5C:E4:76:15:B5:BE:68:3F:0B:07
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/yHXb4w8rg7iYaFzkdhW1vmg_Cwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.188.0/22
45.85.224.0/22
45.86.248.0/22
45.87.22.0/24
45.88.120.0/24
45.88.122.0/24
45.129.232.0/22
45.133.252.0/24
45.133.254.0/24
45.136.72.0/22
45.143.192.0/24
45.143.194.0/24
45.144.216.0/22
45.146.52.0/24
45.146.56.0/22
45.148.24.0/24
45.149.0.0/24
45.150.92.0/24
45.150.94.0/24
45.154.136.0/24
45.154.139.0/24
45.157.96.0/23
45.157.113.0-45.157.115.255
45.159.244.0/23
45.159.247.0/24
89.36.36.0/24
89.38.38.0/24
89.46.46.0/24
89.251.1.0/24
89.251.3.0/24
136.144.16.0/24
136.144.18.0/24
136.144.24.0/24
136.144.32.0/24
136.144.34.0/24
185.51.193.0-185.51.195.255
185.114.60.0/22
185.227.32.0/24
185.243.244.0/24
185.243.246.0/24
188.208.38.0/23
Signature Algorithm: sha256WithRSAEncryption
be:95:ba:f9:ca:e0:f5:94:0c:06:9b:1d:37:07:01:b5:76:56:
b4:e3:c6:eb:d3:17:9a:9d:bc:96:ca:f2:de:b9:c7:98:be:9f:
5f:50:24:b7:f2:e5:d8:e9:06:8a:02:16:1c:c0:1d:05:e6:c7:
ca:40:16:6c:d1:7f:38:ee:d9:87:23:f9:2b:07:9f:22:95:79:
14:07:f9:d1:01:0b:77:9f:2e:2f:bb:06:42:25:d4:a1:d6:d8:
4f:4f:18:f9:9e:86:75:94:27:b3:1f:ce:45:87:e4:e5:bb:79:
51:14:21:cc:55:6b:47:b6:7c:b7:6b:ea:7b:b3:e8:81:65:3c:
c9:17:1c:e2:ea:25:56:f6:14:6f:9a:25:67:80:ce:3b:33:c3:
ce:d2:ab:0a:07:ad:0c:a6:86:ac:17:70:1b:1d:75:04:fc:e2:
20:58:a7:51:3b:fa:93:9f:cc:23:31:51:ff:60:b8:06:20:49:
dc:d4:46:b3:84:d2:de:1c:d8:5b:11:e1:1c:52:85:74:ba:ef:
13:14:e8:04:0b:a5:47:b7:cb:23:35:86:7d:f1:2e:0b:e8:67:
a9:dd:7c:2d:b5:8f:ff:48:b5:65:e7:b7:37:e2:90:bc:f8:75:
71:78:b6:c6:45:73:fe:23:d9:d4:c4:eb:b7:d2:fb:7e:34:93:
43:4c:54:82
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgISAZQns5kd4A78ZjLdoV89gBdlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTAyMTU0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODc1ZGJlMzBmMmI4M2I4OTg2ODVjZTQ3NjE1YjViZTY4M2YwYjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0F4h/FRIe/ku6abpNUrqOqRgxiCG
uRux7IzlyVViNka4tEW+vznGCgZWpI0qDz5+j438ekOGKR1DtdERouF84AW2ByO8
WyjrUIdu9Q+5+U98b7OefUcYSs3n7GK12QMy9kAEol4aX630CEReVB+UO/DEoG8T
qjd3EhLi2SzT6mKqHJ2vYEsqmRH2PWHmW2xhzmBojKdQiX3vg+Hq5K4rp8UA6llz
SvIdPVuQ+3AV0rvO7Belrn759VAUMSDQcV0I3f0NtBq4yhtr0d5ql+bQ2KdBdhvf
jusj56BoAw3SUF5cFhWd2h3XxPAMfp8OexeWRTmMMU5L3pqAcBPCH911BQIDAQAB
o4IDEzCCAw8wHQYDVR0OBBYEFMh12+MPK4O4mGhc5HYVtb5oPwsHMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEveUhYYjR3OHJnN2lZYUZ6a2RoVzF2bWdfQ3djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJwYIKwYBBQUHAQcBAf8EggEWMIIBEjCCAQ4EAgABMIIB
BgMEAi1TvAMEAi1V4AMEAi1W+AMEAC1XFgMEAC1YeAMEAC1YegMEAi2B6AMEAC2F
/AMEAC2F/gMEAi2ISAMEAC2PwAMEAC2PwgMEAi2Q2AMEAC2SNAMEAi2SOAMEAC2U
GAMEAC2VAAMEAC2WXAMEAC2WXgMEAC2aiAMEAC2aiwMEAS2dYDAMAwQALZ1xAwQC
LZ1wAwQBLZ/0AwQALZ/3AwQAWSQkAwQAWSYmAwQAWS4uAwQAWfsBAwQAWfsDAwQA
iJAQAwQAiJASAwQAiJAYAwQAiJAgAwQAiJAiMAwDBAC5M8EDBAK5M8ADBAK5cjwD
BAC54yADBAC58/QDBAC58/YDBAG80CYwDQYJKoZIhvcNAQELBQADggEBAL6VuvnK
4PWUDAabHTcHAbV2VrTjxuvTF5qdvJbK8t65x5i+n19QJLfy5djpBooCFhzAHQXm
x8pAFmzRfzju2Ycj+SsHnyKVeRQH+dEBC3efLi+7BkIl1KHW2E9PGPmehnWUJ7Mf
zkWH5OW7eVEUIcxVa0e2fLdr6nuz6IFlPMkXHOLqJVb2FG+aJWeAzjszw87SqwoH
rQymhqwXcBsddQT84iBYp1E7+pOfzCMxUf9guAYgSdzURrOE0t4c2FsR4RxShXS6
7xMU6AQLpUe3yyM1hn3xLgvoZ6ndfC21j/9ItWXntzfikLz4dXF4tsZFc/4j2dTE
67fS+340k0NMVII=
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:58:16 2025 by rpki-client