Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/kWjqLRjRaT96KNw_HYHF-qJyaTQ.roa
File: kWjqLRjRaT96KNw_HYHF-qJyaTQ.roa (raw, json)
Hash identifier: 0cGS1kIMQnLs5LwT6OrKA5n60rMgUacO/CZ1rhGvB3g=
Subject key identifier: 91:68:EA:2D:18:D1:69:3F:7A:28:DC:3F:1D:81:C5:FA:A2:72:69:34
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 0194F93F4D23F121C7D75E6053592D6F9FC7
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/kWjqLRjRaT96KNw_HYHF-qJyaTQ.roa
Signing time: Wed 12 Feb 2025 08:21:02 +0000
ROA not before: Wed 12 Feb 2025 08:21:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 45.139.68.0/23 maxlen: 24
45.150.80.0/23 maxlen: 24
95.214.38.0/24 maxlen: 24
95.214.39.0/24 maxlen: 24
193.36.162.0/24 maxlen: 24
193.36.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.mft
rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f9:3f:4d:23:f1:21:c7:d7:5e:60:53:59:2d:6f:9f:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Feb 12 08:21:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9168ea2d18d1693f7a28dc3f1d81c5faa2726934
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ba:9e:ae:15:47:64:c7:ed:d6:9d:67:cb:db:
45:87:68:87:8e:4b:0c:af:e2:76:86:3d:79:45:12:
9f:95:80:99:c5:39:54:9b:69:9b:3c:f8:a8:c9:0d:
c1:cb:92:39:99:74:1f:ae:83:98:0a:2d:53:42:22:
1e:03:6b:13:45:14:7a:b0:ee:60:7a:6b:b3:55:31:
bb:d8:aa:04:2b:5a:6b:a9:49:c9:4b:29:31:e4:b8:
90:c0:67:64:45:cf:0c:b9:c3:2e:e3:bf:0a:15:20:
22:26:1c:e7:42:ab:30:55:31:99:17:d1:2f:0b:ca:
00:b4:81:4f:a2:b4:50:64:6d:41:d2:cd:b2:93:a7:
b0:b2:55:3d:31:91:e9:21:7b:a2:6e:9f:2a:bb:b2:
ce:04:c6:39:8e:d8:89:18:80:6d:68:39:a2:1a:9c:
46:78:37:13:a3:7f:62:57:9c:36:58:1f:5b:c3:7d:
68:c0:57:9d:8e:89:b1:82:f9:fa:ce:e7:e3:b8:84:
8c:75:ec:6b:19:00:26:67:57:2e:82:23:b4:4e:21:
ac:ee:0a:f5:56:a4:0a:10:7b:2c:df:43:d8:99:e0:
e1:e5:cf:a3:cc:5a:96:d1:1d:9c:1e:4b:67:c8:12:
c9:f5:83:c3:f7:44:f1:b9:ea:dc:1c:82:9a:18:b4:
25:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:68:EA:2D:18:D1:69:3F:7A:28:DC:3F:1D:81:C5:FA:A2:72:69:34
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/kWjqLRjRaT96KNw_HYHF-qJyaTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.68.0/23
45.150.80.0/23
95.214.38.0/23
193.36.162.0/23
Signature Algorithm: sha256WithRSAEncryption
be:e4:8f:1e:f8:93:61:2c:7f:8b:2a:5e:ee:f0:0f:e2:98:50:
03:86:b8:6c:f0:94:c3:af:59:e9:87:1e:55:7b:59:54:fc:84:
af:2c:30:90:f6:70:64:8f:40:9e:92:64:6d:00:0f:7b:68:18:
fe:c7:2a:1a:57:ea:51:e7:64:44:0c:cf:5a:20:91:8e:8b:db:
2b:59:3c:1c:1d:54:06:9c:e2:b5:e3:c9:06:35:28:34:f9:e7:
c4:e3:9b:b5:c9:d5:d8:4a:b7:b0:fa:67:84:72:07:e6:92:da:
10:80:03:4c:64:76:90:81:e9:bf:d0:4f:3a:f9:06:5d:16:66:
04:97:db:49:6a:c9:26:21:c4:12:81:cf:5d:34:3a:25:27:6c:
ce:0e:bb:04:94:34:38:8a:1e:9d:a2:5d:32:2f:56:cc:af:a5:
c0:39:28:e1:82:92:3d:60:8d:9b:d0:16:02:e7:13:93:95:a4:
ce:e2:2a:3f:26:28:9f:92:01:02:26:e7:3a:d7:ff:fe:8e:fa:
5c:1b:33:b8:02:4c:ed:f7:ce:a8:03:c1:9f:29:5d:88:44:28:
5c:3d:95:4d:9b:f6:9a:d3:90:96:54:db:15:c2:53:94:f7:9b:
28:91:45:99:ff:6e:79:6b:82:bb:8a:9d:91:5d:f3:36:b7:d1:
5b:a1:2c:ea
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZT5P00j8SHH115gU1ktb5/HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjUwMjEyMDgyMTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTY4ZWEyZDE4ZDE2OTNmN2EyOGRjM2YxZDgxYzVmYWEyNzI2OTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7qerhVHZMft1p1ny9tFh2iHjksM
r+J2hj15RRKflYCZxTlUm2mbPPioyQ3By5I5mXQfroOYCi1TQiIeA2sTRRR6sO5g
emuzVTG72KoEK1prqUnJSykx5LiQwGdkRc8MucMu478KFSAiJhznQqswVTGZF9Ev
C8oAtIFPorRQZG1B0s2yk6ewslU9MZHpIXuibp8qu7LOBMY5jtiJGIBtaDmiGpxG
eDcTo39iV5w2WB9bw31owFedjomxgvn6zufjuISMdexrGQAmZ1cugiO0TiGs7gr1
VqQKEHss30PYmeDh5c+jzFqW0R2cHktnyBLJ9YPD90TxuercHIKaGLQlRQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJFo6i0Y0Wk/eijcPx2Bxfqicmk0MB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEva1dqcUxSalJhVDk2S053X0hZSEYtcUp5YVRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLYtEAwQB
LZZQAwQBX9YmAwQBwSSiMA0GCSqGSIb3DQEBCwUAA4IBAQC+5I8e+JNhLH+LKl7u
8A/imFADhrhs8JTDr1nphx5Ve1lU/ISvLDCQ9nBkj0CekmRtAA97aBj+xyoaV+pR
52REDM9aIJGOi9srWTwcHVQGnOK148kGNSg0+efE45u1ydXYSrew+meEcgfmktoQ
gANMZHaQgem/0E86+QZdFmYEl9tJaskmIcQSgc9dNDolJ2zODrsElDQ4ih6dol0y
L1bMr6XAOSjhgpI9YI2b0BYC5xOTlaTO4io/JiifkgECJuc61//+jvpcGzO4Akzt
986oA8GfKV2IRChcPZVNm/aa05CWVNsVwlOU95sokUWZ/255a4K7ip2RXfM2t9Fb
oSzq
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:21 2025 by rpki-client