Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/PsG0AtBemY9a4yDfPpt9i4Kr2GY.roa
File: PsG0AtBemY9a4yDfPpt9i4Kr2GY.roa (raw, json)
Hash identifier: sBzY2h3ELjAXI6xknFWXGyJRwY7PSfLmEfEaa7NAk3M=
Subject key identifier: 3E:C1:B4:02:D0:5E:99:8F:5A:E3:20:DF:3E:9B:7D:8B:82:AB:D8:66
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 01942827FAAA1C18B70FA266F29DDD7AF8E4
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/PsG0AtBemY9a4yDfPpt9i4Kr2GY.roa
Signing time: Thu 02 Jan 2025 17:54:56 +0000
ROA not before: Thu 02 Jan 2025 17:54:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9123
IP address blocks: 5.44.46.0/24 maxlen: 24
5.44.47.0/24 maxlen: 24
37.220.80.0/24 maxlen: 24
37.220.81.0/24 maxlen: 24
37.220.82.0/24 maxlen: 24
37.220.83.0/24 maxlen: 24
37.220.84.0/24 maxlen: 24
37.220.85.0/24 maxlen: 24
37.220.87.0/24 maxlen: 24
45.8.96.0/24 maxlen: 24
45.8.97.0/24 maxlen: 24
45.8.98.0/24 maxlen: 24
45.8.99.0/24 maxlen: 24
45.89.190.0/24 maxlen: 24
45.95.234.0/24 maxlen: 24
45.95.235.0/24 maxlen: 24
46.19.64.0/24 maxlen: 24
46.19.65.0/24 maxlen: 24
46.19.66.0/24 maxlen: 24
46.19.67.0/24 maxlen: 24
46.19.68.0/24 maxlen: 24
46.19.69.0/24 maxlen: 24
81.200.144.0/24 maxlen: 24
81.200.145.0/24 maxlen: 24
81.200.146.0/24 maxlen: 24
81.200.147.0/24 maxlen: 24
81.200.148.0/24 maxlen: 24
81.200.149.0/24 maxlen: 24
81.200.150.0/24 maxlen: 24
81.200.151.0/24 maxlen: 24
81.200.152.0/24 maxlen: 24
81.200.153.0/24 maxlen: 24
81.200.154.0/24 maxlen: 24
81.200.155.0/24 maxlen: 24
81.200.156.0/24 maxlen: 24
81.200.157.0/24 maxlen: 24
81.200.158.0/24 maxlen: 24
85.92.108.0/24 maxlen: 24
85.92.110.0/24 maxlen: 24
85.92.111.0/24 maxlen: 24
89.191.226.0/24 maxlen: 24
92.118.113.0/24 maxlen: 24
92.118.114.0/24 maxlen: 24
92.118.115.0/24 maxlen: 24
94.198.216.0/24 maxlen: 24
94.198.217.0/24 maxlen: 24
94.198.218.0/24 maxlen: 24
94.198.219.0/24 maxlen: 24
94.198.220.0/24 maxlen: 24
94.198.221.0/24 maxlen: 24
94.198.223.0/24 maxlen: 24
141.98.235.0/24 maxlen: 24
185.166.196.0/24 maxlen: 24
185.166.197.0/24 maxlen: 24
185.247.185.0/24 maxlen: 24
194.31.173.0/24 maxlen: 24
194.31.174.0/24 maxlen: 24
194.31.175.0/24 maxlen: 24
195.80.50.0/24 maxlen: 24
195.80.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.mft
rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:fa:aa:1c:18:b7:0f:a2:66:f2:9d:dd:7a:f8:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jan 2 17:54:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ec1b402d05e998f5ae320df3e9b7d8b82abd866
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e6:47:e5:ae:55:f6:99:a4:c8:7e:1b:31:74:
1a:92:62:c7:6c:e6:56:97:a5:b8:5c:f3:f9:9e:72:
d8:5d:cf:be:3b:2b:53:fa:e5:28:b9:70:24:92:64:
04:b6:4a:bc:1e:bd:4c:d3:48:14:3d:c3:a1:a6:87:
71:03:56:77:e8:1f:b7:ae:70:d4:c8:90:e6:69:a2:
4f:4e:e0:0e:b6:94:3f:15:79:79:5f:00:2f:61:2d:
70:b2:4d:19:3d:b6:7f:09:fc:27:1a:83:70:37:bd:
7d:c8:eb:e1:6b:cf:50:49:5f:2e:34:7f:ac:33:b1:
26:3e:cc:5c:20:a7:c5:c1:7a:40:5e:20:5f:50:20:
cd:d4:49:8e:12:61:6d:86:f8:3b:f9:af:07:ff:51:
1f:a2:0c:e7:6e:80:b9:fb:fc:b5:77:c2:69:0c:39:
71:70:88:84:10:cc:ce:17:35:f9:32:0f:46:c8:2e:
02:5f:62:65:fb:4d:45:c0:f8:73:08:f8:ff:8d:c7:
1a:32:ac:e3:02:d0:a3:3f:49:5d:65:d7:16:ee:44:
71:62:ba:7c:25:9a:b1:90:c4:9a:51:27:63:9d:7c:
28:54:2f:0d:af:11:9f:1c:bf:3a:7c:03:c0:73:3a:
7c:04:73:a5:75:66:c9:e4:b9:37:a8:2d:a6:9c:49:
b4:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:C1:B4:02:D0:5E:99:8F:5A:E3:20:DF:3E:9B:7D:8B:82:AB:D8:66
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/PsG0AtBemY9a4yDfPpt9i4Kr2GY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.46.0/23
37.220.80.0-37.220.85.255
37.220.87.0/24
45.8.96.0/22
45.89.190.0/24
45.95.234.0/23
46.19.64.0-46.19.69.255
81.200.144.0-81.200.158.255
85.92.108.0/24
85.92.110.0/23
89.191.226.0/24
92.118.113.0-92.118.115.255
94.198.216.0-94.198.221.255
94.198.223.0/24
141.98.235.0/24
185.166.196.0/23
185.247.185.0/24
194.31.173.0-194.31.175.255
195.80.50.0/23
Signature Algorithm: sha256WithRSAEncryption
55:db:72:a1:15:63:b5:0c:33:30:eb:71:57:34:6c:50:aa:03:
44:9d:1d:24:df:34:6e:e1:d8:b1:e5:b1:17:37:c6:35:62:b3:
ae:3b:18:23:c7:bc:ec:c4:fd:14:cb:f9:35:27:e7:dd:83:df:
da:10:93:8d:63:bc:3e:e0:b8:01:0b:2d:c7:18:7b:cd:16:74:
29:b1:8e:49:29:cb:23:ba:58:54:e6:2b:34:f0:46:f6:a2:17:
9d:6e:26:44:8c:8e:d6:f3:38:17:f2:65:82:70:52:33:2d:12:
18:5c:7a:bc:c3:45:74:0a:53:5b:cb:a9:60:d2:78:73:37:32:
b4:1c:5a:f5:a8:a3:6d:34:aa:ae:11:78:93:aa:3a:05:65:d9:
e4:d5:6f:e9:73:41:3d:2c:ee:88:7e:e0:9e:65:3c:50:7f:aa:
8a:59:bb:b4:68:48:ab:b3:96:a6:10:bd:87:65:45:b4:09:d4:
ab:90:33:f0:5e:a8:1c:aa:12:13:3c:bd:a3:13:fd:b0:94:72:
1d:49:d6:58:49:f3:d7:9a:b5:5c:77:e0:73:3d:bb:94:22:f3:
bb:2b:69:7e:fa:cc:49:3f:d9:6b:3a:3f:71:9f:15:55:49:30:
56:3a:31:78:fe:1b:38:29:14:cf:0c:05:c5:72:e9:69:a9:73:
f3:fa:22:2c
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAZQoJ/qqHBi3D6Jm8p3devjkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjUwMTAyMTc1NDU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWMxYjQwMmQwNWU5OThmNWFlMzIwZGYzZTliN2Q4YjgyYWJkODY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuZH5a5V9pmkyH4bMXQakmLHbOZW
l6W4XPP5nnLYXc++OytT+uUouXAkkmQEtkq8Hr1M00gUPcOhpodxA1Z36B+3rnDU
yJDmaaJPTuAOtpQ/FXl5XwAvYS1wsk0ZPbZ/CfwnGoNwN719yOvha89QSV8uNH+s
M7EmPsxcIKfFwXpAXiBfUCDN1EmOEmFthvg7+a8H/1EfogznboC5+/y1d8JpDDlx
cIiEEMzOFzX5Mg9GyC4CX2Jl+01FwPhzCPj/jccaMqzjAtCjP0ldZdcW7kRxYrp8
JZqxkMSaUSdjnXwoVC8NrxGfHL86fAPAczp8BHOldWbJ5Lk3qC2mnEm0QQIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFD7BtALQXpmPWuMg3z6bfYuCq9hmMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvUHNHMEF0QmVtWTlhNHlEZlBwdDlpNEtyMkdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBqQQCAAEwgaIDBAEF
LC4wDAMEBCXcUAMEASXcVAMEACXcVwMEAi0IYAMEAC1ZvgMEAS1f6jAMAwQGLhNA
AwQBLhNEMAwDBARRyJADBABRyJ4DBABVXGwDBAFVXG4DBABZv+IwDAMEAFx2cQME
Alx2cDAMAwQDXsbYAwQBXsbcAwQAXsbfAwQAjWLrAwQBuabEAwQAufe5MAwDBADC
H60DBATCH6ADBAHDUDIwDQYJKoZIhvcNAQELBQADggEBAFXbcqEVY7UMMzDrcVc0
bFCqA0SdHSTfNG7h2LHlsRc3xjVis647GCPHvOzE/RTL+TUn592D39oQk41jvD7g
uAELLccYe80WdCmxjkkpyyO6WFTmKzTwRvaiF51uJkSMjtbzOBfyZYJwUjMtEhhc
erzDRXQKU1vLqWDSeHM3MrQcWvWoo200qq4ReJOqOgVl2eTVb+lzQT0s7oh+4J5l
PFB/qopZu7RoSKuzlqYQvYdlRbQJ1KuQM/BeqByqEhM8vaMT/bCUch1J1lhJ89ea
tVx34HM9u5Qi87sraX76zEk/2Ws6P3GfFVVJMFY6MXj+GzgpFM8MBcVy6Wmpc/P6
Iiw=
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:27:50 2025 by rpki-client