Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/053d39-374c-4387-9945-431f75ba8675/1/cvAMZ-azozJjAwqBJfc2rmmZkME.roa
File: cvAMZ-azozJjAwqBJfc2rmmZkME.roa (raw, json)
Hash identifier: Gewk40CVQw5q21r2SfPnFc/pGMGpE0T4SZt3vyzVUaM=
Subject key identifier: 72:F0:0C:67:E6:B3:A3:32:63:03:0A:81:25:F7:36:AE:69:99:90:C1
Certificate issuer: /CN=dce560f0ec850da8a7c0f8d6f3825102d4de4ace
Certificate serial: 01941F8C21A8B2F55012D6EACB38FEFDE97A
Authority key identifier: DC:E5:60:F0:EC:85:0D:A8:A7:C0:F8:D6:F3:82:51:02:D4:DE:4A:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3OVg8OyFDainwPjW84JRAtTeSs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/053d39-374c-4387-9945-431f75ba8675/1/cvAMZ-azozJjAwqBJfc2rmmZkME.roa
Signing time: Wed 01 Jan 2025 01:47:44 +0000
ROA not before: Wed 01 Jan 2025 01:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209853
IP address blocks: 45.151.248.0/24 maxlen: 24
45.151.249.0/24 maxlen: 24
45.151.250.0/24 maxlen: 24
45.151.251.0/24 maxlen: 24
78.142.208.0/24 maxlen: 24
78.142.209.0/24 maxlen: 24
78.142.210.0/24 maxlen: 24
78.142.211.0/24 maxlen: 24
185.149.100.0/24 maxlen: 24
185.149.101.0/24 maxlen: 24
185.149.102.0/24 maxlen: 24
185.149.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/053d39-374c-4387-9945-431f75ba8675/1/3OVg8OyFDainwPjW84JRAtTeSs4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/053d39-374c-4387-9945-431f75ba8675/1/3OVg8OyFDainwPjW84JRAtTeSs4.mft
rsync://rpki.ripe.net/repository/DEFAULT/3OVg8OyFDainwPjW84JRAtTeSs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:21:a8:b2:f5:50:12:d6:ea:cb:38:fe:fd:e9:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dce560f0ec850da8a7c0f8d6f3825102d4de4ace
Validity
Not Before: Jan 1 01:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72f00c67e6b3a33263030a8125f736ae699990c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:af:9d:8d:94:02:75:6d:fd:30:8a:9a:9b:c6:
3f:57:96:42:13:b3:c4:1f:88:d7:b9:5b:00:af:8b:
08:fc:16:bb:4a:4b:e6:b9:aa:cd:8c:d8:61:27:b4:
36:d4:dd:02:ab:e3:ed:35:55:c8:8b:8a:73:d4:f4:
e7:00:e1:51:c0:70:89:f0:b5:6b:57:b3:b9:e3:60:
31:c9:25:41:be:28:2d:87:38:fa:86:48:1d:12:63:
e1:9f:d5:10:fa:ff:30:6f:97:23:f8:63:38:09:d7:
a0:c9:3f:8b:4d:5c:dd:30:27:63:85:08:f4:e0:31:
a1:b5:f2:14:0a:a8:96:f1:4f:39:53:d6:ec:3f:ce:
8d:40:75:9a:63:da:c5:49:de:13:21:d6:df:8f:93:
26:76:43:72:26:bb:a4:41:24:0e:ff:81:8b:99:3e:
78:61:ad:0b:14:12:22:6c:47:15:96:df:d9:80:f9:
e5:85:48:9e:c8:1d:4f:8a:53:19:8f:93:97:a8:dc:
da:c1:a2:51:bd:a5:9c:ac:08:3e:54:90:46:87:c6:
0f:fb:4e:b2:97:b0:c2:c8:8b:11:8a:d2:00:07:90:
69:78:ae:1b:86:e2:20:a7:10:ac:6f:db:d1:3d:8e:
50:30:49:25:b9:a1:2d:57:a0:cc:38:81:d2:81:a2:
34:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:F0:0C:67:E6:B3:A3:32:63:03:0A:81:25:F7:36:AE:69:99:90:C1
X509v3 Authority Key Identifier:
keyid:DC:E5:60:F0:EC:85:0D:A8:A7:C0:F8:D6:F3:82:51:02:D4:DE:4A:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3OVg8OyFDainwPjW84JRAtTeSs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/053d39-374c-4387-9945-431f75ba8675/1/cvAMZ-azozJjAwqBJfc2rmmZkME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/053d39-374c-4387-9945-431f75ba8675/1/3OVg8OyFDainwPjW84JRAtTeSs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.248.0/22
78.142.208.0/22
185.149.100.0/22
Signature Algorithm: sha256WithRSAEncryption
57:4a:5a:02:34:15:3a:68:2b:35:2b:a8:da:b5:a9:32:06:d1:
2c:2a:24:23:a8:c5:9e:64:d7:a9:52:52:45:9b:e4:03:3d:75:
fd:15:4f:f8:29:40:7a:c7:67:e8:31:6e:39:f4:7c:02:52:c0:
89:5b:39:9b:61:9a:4f:4f:57:e2:7f:b2:17:cb:c2:9e:87:61:
63:ef:37:8a:42:3d:bd:e3:c4:bb:09:15:68:55:7a:e0:35:4b:
fb:2a:e4:69:2a:5f:4e:04:d4:83:51:e3:09:38:ff:16:14:53:
06:3f:12:a5:68:fc:75:e6:d5:0d:7a:c9:dc:2e:7e:f4:72:e3:
6b:27:23:b9:3c:f9:e1:8f:2f:5b:13:79:2a:88:4b:68:08:98:
07:5e:d6:ee:0e:66:ea:45:69:1c:f7:b0:8c:29:ef:c8:49:8e:
a0:b3:dd:ae:3e:cf:c4:b7:f9:2e:c6:30:dc:4c:dc:20:89:84:
7e:00:72:26:d6:18:2a:50:cf:98:33:cb:5e:73:f7:2c:ba:e1:
8a:32:83:1b:c1:4d:ac:d8:8d:3b:d2:6e:01:0e:be:76:b2:14:
b3:75:bb:46:d1:2c:d6:79:3c:c0:f2:3a:17:0e:6f:6f:1b:75:
f8:af:9b:76:15:b6:b6:79:b4:60:ea:d5:fb:30:14:d5:85:dc:
3d:57:55:2c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQfjCGosvVQEtbqyzj+/el6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZTU2MGYwZWM4NTBkYThhN2MwZjhkNmYzODI1MTAyZDRk
ZTRhY2UwHhcNMjUwMTAxMDE0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmYwMGM2N2U2YjNhMzMyNjMwMzBhODEyNWY3MzZhZTY5OTk5MGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9K+djZQCdW39MIqam8Y/V5ZCE7PE
H4jXuVsAr4sI/Ba7SkvmuarNjNhhJ7Q21N0Cq+PtNVXIi4pz1PTnAOFRwHCJ8LVr
V7O542AxySVBvigthzj6hkgdEmPhn9UQ+v8wb5cj+GM4CdegyT+LTVzdMCdjhQj0
4DGhtfIUCqiW8U85U9bsP86NQHWaY9rFSd4TIdbfj5MmdkNyJrukQSQO/4GLmT54
Ya0LFBIibEcVlt/ZgPnlhUieyB1PilMZj5OXqNzawaJRvaWcrAg+VJBGh8YP+06y
l7DCyIsRitIAB5BpeK4bhuIgpxCsb9vRPY5QMEkluaEtV6DMOIHSgaI0JwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHLwDGfms6MyYwMKgSX3Nq5pmZDBMB8GA1UdIwQY
MBaAFNzlYPDshQ2op8D41vOCUQLU3krOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM09WZzhPeUZEYWlud1BqVzg0SlJBdFRlU3M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8wNTNkMzktMzc0Yy00Mzg3LTk5NDUt
NDMxZjc1YmE4Njc1LzEvY3ZBTVotYXpvekpqQXdxQkpmYzJybW1aa01FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8wNTNkMzktMzc0Yy00Mzg3LTk5NDUtNDMxZjc1YmE4Njc1
LzEvM09WZzhPeUZEYWlud1BqVzg0SlJBdFRlU3M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZf4AwQC
To7QAwQCuZVkMA0GCSqGSIb3DQEBCwUAA4IBAQBXSloCNBU6aCs1K6jatakyBtEs
KiQjqMWeZNepUlJFm+QDPXX9FU/4KUB6x2foMW459HwCUsCJWzmbYZpPT1fif7IX
y8Keh2Fj7zeKQj2948S7CRVoVXrgNUv7KuRpKl9OBNSDUeMJOP8WFFMGPxKlaPx1
5tUNesncLn70cuNrJyO5PPnhjy9bE3kqiEtoCJgHXtbuDmbqRWkc97CMKe/ISY6g
s92uPs/Et/kuxjDcTNwgiYR+AHIm1hgqUM+YM8tec/csuuGKMoMbwU2s2I070m4B
Dr52shSzdbtG0SzWeTzA8joXDm9vG3X4r5t2Fba2ebRg6tX7MBTVhdw9V1Us
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:39:22 2025 by rpki-client