Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/VLwqTH6B4TPTYv5s-MUcft_BZ5o.roa
File: VLwqTH6B4TPTYv5s-MUcft_BZ5o.roa (raw, json)
Hash identifier: rOh8jDOcKV3CEf7D3OD8TY+btsFrLhBc0HKI0Z0kPDU=
Subject key identifier: 54:BC:2A:4C:7E:81:E1:33:D3:62:FE:6C:F8:C5:1C:7E:DF:C1:67:9A
Certificate issuer: /CN=8b37183341a2ab6df3c59ec827ed71200b5a6244
Certificate serial: 0194E3772164A4228BC75FE5957D99899EF1
Authority key identifier: 8B:37:18:33:41:A2:AB:6D:F3:C5:9E:C8:27:ED:71:20:0B:5A:62:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/VLwqTH6B4TPTYv5s-MUcft_BZ5o.roa
Signing time: Sat 08 Feb 2025 02:50:22 +0000
ROA not before: Sat 08 Feb 2025 02:50:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6134
IP address blocks: 45.128.146.0/24 maxlen: 24
45.128.147.0/24 maxlen: 24
45.131.179.0/24 maxlen: 24
45.132.238.0/23 maxlen: 24
45.133.238.0/23 maxlen: 24
45.134.82.0/23 maxlen: 24
45.135.118.0/23 maxlen: 24
45.137.10.0/23 maxlen: 24
45.140.90.0/23 maxlen: 24
91.238.203.0/24 maxlen: 24
91.238.207.0/24 maxlen: 24
185.106.176.0/22 maxlen: 24
193.200.130.0/24 maxlen: 24
193.200.134.0/24 maxlen: 24
193.200.149.0/24 maxlen: 24
193.200.152.0/24 maxlen: 24
193.227.103.0/24 maxlen: 24
193.227.109.0/24 maxlen: 24
193.227.114.0/24 maxlen: 24
2a06:5040:21::/48 maxlen: 48
2a06:5040:22::/48 maxlen: 48
2a06:5040:23::/48 maxlen: 48
2a06:5040:24::/48 maxlen: 48
2a06:5040:25::/48 maxlen: 48
2a06:5040:30::/45 maxlen: 45
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 21:19:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:e3:77:21:64:a4:22:8b:c7:5f:e5:95:7d:99:89:9e:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b37183341a2ab6df3c59ec827ed71200b5a6244
Validity
Not Before: Feb 8 02:50:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=54bc2a4c7e81e133d362fe6cf8c51c7edfc1679a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:9f:5f:40:86:fb:36:8c:76:a0:5c:79:06:f6:
b3:58:22:d2:6b:a3:9e:df:5d:2d:5f:01:ff:81:45:
32:ef:84:af:d0:7a:28:1a:d7:e5:67:5d:d0:b5:48:
39:e3:10:42:fc:cf:99:e1:67:d1:d6:47:47:c2:5e:
4d:72:f3:59:3f:11:4a:9d:b0:bd:95:ce:de:d0:6e:
dc:09:21:1c:26:b6:32:56:b0:30:ac:7d:8e:ad:13:
29:bf:84:c4:52:db:01:06:5c:61:1d:c4:2c:6f:c3:
a5:ca:be:f6:fe:50:13:f6:27:b4:8b:4c:22:af:7d:
19:ba:ca:2d:4f:25:52:f4:e0:3c:ed:27:5f:ee:e2:
f9:18:80:f1:0a:77:bf:9f:77:9e:05:20:6a:7f:a2:
32:5d:41:80:be:7d:bc:f8:43:89:f7:92:89:29:97:
b6:1f:3f:f8:f7:5e:94:e8:e5:f0:21:6a:61:aa:e9:
0a:7a:23:5a:ff:a0:43:c7:6c:63:78:cb:c1:73:b8:
bd:c0:ac:dd:86:b7:9c:60:d5:4f:ff:df:d8:88:9c:
c9:09:60:80:a3:1d:6b:e3:21:91:49:8e:f0:c9:5a:
55:24:09:0c:b8:b1:a5:3d:c8:83:8b:f1:6d:3f:f6:
75:46:bf:38:26:11:4c:e9:cd:5e:ac:d4:79:04:ca:
b9:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:BC:2A:4C:7E:81:E1:33:D3:62:FE:6C:F8:C5:1C:7E:DF:C1:67:9A
X509v3 Authority Key Identifier:
keyid:8B:37:18:33:41:A2:AB:6D:F3:C5:9E:C8:27:ED:71:20:0B:5A:62:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/VLwqTH6B4TPTYv5s-MUcft_BZ5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.146.0/23
45.131.179.0/24
45.132.238.0/23
45.133.238.0/23
45.134.82.0/23
45.135.118.0/23
45.137.10.0/23
45.140.90.0/23
91.238.203.0/24
91.238.207.0/24
185.106.176.0/22
193.200.130.0/24
193.200.134.0/24
193.200.149.0/24
193.200.152.0/24
193.227.103.0/24
193.227.109.0/24
193.227.114.0/24
IPv6:
2a06:5040:21::-2a06:5040:25:ffff:ffff:ffff:ffff:ffff
2a06:5040:30::/45
Signature Algorithm: sha256WithRSAEncryption
cc:d9:50:ab:0f:e5:cc:17:20:b0:92:55:2c:4f:48:cd:c6:13:
76:3d:cd:07:f5:cb:b9:69:9f:ff:95:ad:b9:a0:77:33:e3:fd:
2e:42:e4:69:38:16:23:f5:74:8a:8b:86:1a:e5:4b:5e:d6:4d:
54:65:65:d6:d2:68:fb:65:00:b4:fc:ea:d2:51:00:8e:5c:5c:
1e:f4:35:83:10:ac:e5:27:ed:d3:24:c3:6d:07:c2:90:3d:b2:
4f:ed:ac:94:69:d1:e5:7b:0f:e6:05:f7:6c:43:d4:9d:cf:35:
ab:d1:f8:0b:29:f6:3c:54:d3:0f:25:65:82:37:a2:dc:25:d9:
21:17:cd:97:9d:4b:3d:ab:69:14:30:b0:b4:83:c7:e3:ab:88:
cc:b7:a5:73:21:90:2e:04:58:96:3a:78:e4:b1:8f:9e:b8:fb:
65:de:d8:5b:b5:e6:73:97:ed:bc:46:49:a1:29:4d:29:37:8a:
d5:5e:42:44:ce:43:83:97:3d:55:e6:a7:55:ed:12:b3:b3:8f:
47:c5:d1:15:1f:95:68:1a:d5:34:43:19:b3:0f:8a:7d:e2:22:
71:da:38:53:a6:c2:54:c8:58:bd:25:c4:9d:ae:10:01:84:60:
46:03:12:00:61:f3:41:26:3c:38:eb:12:e4:f1:54:57:59:d8:
47:7b:62:8b
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAZTjdyFkpCKLx1/llX2ZiZ7xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMzcxODMzNDFhMmFiNmRmM2M1OWVjODI3ZWQ3MTIwMGI1
YTYyNDQwHhcNMjUwMjA4MDI1MDIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGJjMmE0YzdlODFlMTMzZDM2MmZlNmNmOGM1MWM3ZWRmYzE2NzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA059fQIb7Nox2oFx5BvazWCLSa6Oe
310tXwH/gUUy74Sv0HooGtflZ13QtUg54xBC/M+Z4WfR1kdHwl5NcvNZPxFKnbC9
lc7e0G7cCSEcJrYyVrAwrH2OrRMpv4TEUtsBBlxhHcQsb8Olyr72/lAT9ie0i0wi
r30ZusotTyVS9OA87Sdf7uL5GIDxCne/n3eeBSBqf6IyXUGAvn28+EOJ95KJKZe2
Hz/4916U6OXwIWphqukKeiNa/6BDx2xjeMvBc7i9wKzdhrecYNVP/9/YiJzJCWCA
ox1r4yGRSY7wyVpVJAkMuLGlPciDi/FtP/Z1Rr84JhFM6c1erNR5BMq5fwIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFFS8Kkx+geEz02L+bPjFHH7fwWeaMB8GA1UdIwQY
MBaAFIs3GDNBoqtt88WeyCftcSALWmJEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXpjWU0wR2lxMjN6eFo3SUotMXhJQXRhWWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8xYzc4ZTMtNjdkNi00ZTkwLWFlYjUt
MDg1MmNiMzUzMjkzLzEvVkx3cVRINkI0VFBUWXY1cy1NVWNmdF9CWjVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8xYzc4ZTMtNjdkNi00ZTkwLWFlYjUtMDg1MmNiMzUzMjkz
LzEvaXpjWU0wR2lxMjN6eFo3SUotMXhJQXRhWWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTByBAIAATBsAwQBLYCS
AwQALYOzAwQBLYTuAwQBLYXuAwQBLYZSAwQBLYd2AwQBLYkKAwQBLYxaAwQAW+7L
AwQAW+7PAwQCuWqwAwQAwciCAwQAwciGAwQAwciVAwQAwciYAwQAweNnAwQAweNt
AwQAweNyMCMEAgACMB0wEgMHACoGUEAAIQMHASoGUEAAJAMHAyoGUEAAMDANBgkq
hkiG9w0BAQsFAAOCAQEAzNlQqw/lzBcgsJJVLE9IzcYTdj3NB/XLuWmf/5WtuaB3
M+P9LkLkaTgWI/V0iouGGuVLXtZNVGVl1tJo+2UAtPzq0lEAjlxcHvQ1gxCs5Sft
0yTDbQfCkD2yT+2slGnR5XsP5gX3bEPUnc81q9H4Cyn2PFTTDyVlgjei3CXZIRfN
l51LPatpFDCwtIPH46uIzLelcyGQLgRYljp45LGPnrj7Zd7YW7Xmc5ftvEZJoSlN
KTeK1V5CRM5Dg5c9VeanVe0Ss7OPR8XRFR+VaBrVNEMZsw+KfeIicdo4U6bCVMhY
vSXEna4QAYRgRgMSAGHzQSY8OOsS5PFUV1nYR3tiiw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:26:13 2025 by rpki-client