Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/f95ac5-0b8b-45d6-be9a-2db2245f2985/1/eXxQ74lf_D70ri2LePLnjdcMkBc.roa
File: eXxQ74lf_D70ri2LePLnjdcMkBc.roa (raw, json)
Hash identifier: n78D7QenzcNLmShQTibMqzzt2qmVHcGGjBzWjuUDoBA=
Subject key identifier: 79:7C:50:EF:89:5F:FC:3E:F4:AE:2D:8B:78:F2:E7:8D:D7:0C:90:17
Certificate issuer: /CN=c546e15819eacd05bccebf80019ca3cb7c4a38e0
Certificate serial: 019427481C17F0019EEFC7F7AA4276BD47DB
Authority key identifier: C5:46:E1:58:19:EA:CD:05:BC:CE:BF:80:01:9C:A3:CB:7C:4A:38:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xUbhWBnqzQW8zr-AAZyjy3xKOOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/f95ac5-0b8b-45d6-be9a-2db2245f2985/1/eXxQ74lf_D70ri2LePLnjdcMkBc.roa
Signing time: Thu 02 Jan 2025 13:50:24 +0000
ROA not before: Thu 02 Jan 2025 13:50:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57389
IP address blocks: 45.14.92.0/22 maxlen: 22
45.146.0.0/22 maxlen: 22
81.16.192.0/20 maxlen: 20
81.16.204.0/22 maxlen: 22
81.16.204.0/23 maxlen: 23
81.16.206.0/23 maxlen: 23
141.98.248.0/22 maxlen: 22
185.5.228.0/22 maxlen: 22
185.5.228.0/23 maxlen: 23
185.5.230.0/23 maxlen: 23
185.106.112.0/22 maxlen: 22
185.130.176.0/23 maxlen: 23
185.130.178.0/24 maxlen: 24
185.174.16.0/22 maxlen: 22
185.180.88.0/22 maxlen: 22
185.182.212.0/22 maxlen: 22
185.182.212.0/23 maxlen: 23
185.182.214.0/23 maxlen: 23
185.205.248.0/22 maxlen: 22
185.221.140.0/22 maxlen: 23
185.232.80.0/22 maxlen: 22
194.48.174.0/23 maxlen: 23
194.48.188.0/23 maxlen: 23
2a07:1100::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/f95ac5-0b8b-45d6-be9a-2db2245f2985/1/xUbhWBnqzQW8zr-AAZyjy3xKOOA.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/f95ac5-0b8b-45d6-be9a-2db2245f2985/1/xUbhWBnqzQW8zr-AAZyjy3xKOOA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xUbhWBnqzQW8zr-AAZyjy3xKOOA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:1c:17:f0:01:9e:ef:c7:f7:aa:42:76:bd:47:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c546e15819eacd05bccebf80019ca3cb7c4a38e0
Validity
Not Before: Jan 2 13:50:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=797c50ef895ffc3ef4ae2d8b78f2e78dd70c9017
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:75:1c:51:6e:7a:3c:42:3b:1f:c9:14:b4:06:
5d:31:2e:74:98:8b:03:8a:1f:2d:90:54:2e:18:4a:
c6:27:39:16:25:97:2a:bd:44:f2:7a:ef:7c:00:c4:
5f:8a:ad:84:be:90:82:ae:ce:b6:d9:6e:af:f3:ac:
3c:7d:1e:95:c6:95:09:21:61:49:7b:6e:2c:28:e4:
46:85:c1:2a:60:57:58:9b:67:0b:2e:ee:55:50:79:
d4:98:b6:b0:3e:ed:91:be:e4:9c:38:c9:a3:fb:94:
1e:37:59:5c:1c:8f:05:ab:31:cd:48:32:70:93:c0:
02:4d:3e:f7:f3:86:04:05:5b:c9:c2:80:13:72:7d:
e0:9d:60:c8:bc:09:14:02:94:3c:a0:fa:48:39:83:
39:bb:c6:e6:75:b3:fb:73:1a:d7:06:55:a5:47:ee:
3e:c3:45:85:63:83:e5:24:38:fe:81:3a:65:ca:4c:
be:49:c3:88:de:5b:6c:77:05:82:ac:af:d5:f0:65:
72:40:91:80:cc:de:52:a5:96:dc:59:65:a4:40:75:
67:0d:33:32:43:81:35:78:3b:a4:cb:25:54:97:ae:
ad:73:03:c5:f3:61:68:26:a3:17:5f:d5:31:52:32:
1b:27:03:23:47:ed:6e:bf:d2:ce:24:ee:1f:b8:3d:
b2:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:7C:50:EF:89:5F:FC:3E:F4:AE:2D:8B:78:F2:E7:8D:D7:0C:90:17
X509v3 Authority Key Identifier:
keyid:C5:46:E1:58:19:EA:CD:05:BC:CE:BF:80:01:9C:A3:CB:7C:4A:38:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xUbhWBnqzQW8zr-AAZyjy3xKOOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f95ac5-0b8b-45d6-be9a-2db2245f2985/1/eXxQ74lf_D70ri2LePLnjdcMkBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f95ac5-0b8b-45d6-be9a-2db2245f2985/1/xUbhWBnqzQW8zr-AAZyjy3xKOOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.92.0/22
45.146.0.0/22
81.16.192.0/20
141.98.248.0/22
185.5.228.0/22
185.106.112.0/22
185.130.176.0-185.130.178.255
185.174.16.0/22
185.180.88.0/22
185.182.212.0/22
185.205.248.0/22
185.221.140.0/22
185.232.80.0/22
194.48.174.0/23
194.48.188.0/23
IPv6:
2a07:1100::/29
Signature Algorithm: sha256WithRSAEncryption
79:45:ec:20:c6:70:89:ea:21:69:5d:bb:cc:de:80:cd:4d:8e:
40:06:02:f6:18:2f:a6:ec:ca:8e:d0:a8:c7:76:d6:55:80:d3:
f0:62:a2:98:65:7d:3e:8b:96:3c:66:c4:62:c5:e5:0c:37:7a:
55:0d:ca:a8:ae:97:a8:b0:5a:a0:49:17:81:8a:cb:62:f6:98:
6a:16:a8:15:41:67:cf:e2:24:33:ce:48:e0:6f:3d:73:de:7c:
8c:53:95:34:6e:c9:36:ae:04:a3:52:a3:d9:a7:0f:34:d8:c6:
79:16:32:37:80:94:a6:c0:85:b3:fc:15:f3:95:b5:ec:f5:42:
13:79:9a:47:0d:2f:0e:6d:f8:af:67:58:73:31:d4:bd:cc:9a:
21:25:5c:b7:cb:ca:db:81:be:e4:64:d4:9a:7b:21:c4:9f:a5:
cc:1c:b7:4c:e4:29:ed:7c:3f:6c:5c:45:a0:69:2f:40:b4:4a:
2a:d4:5a:95:ff:98:a3:52:eb:6c:34:b3:83:7c:09:c3:57:07:
f5:15:ca:5a:33:5f:d3:36:de:61:77:73:a7:3f:98:38:cb:1f:
b9:c4:d8:20:30:98:1f:10:8e:74:89:8d:b8:fe:14:ed:94:d5:
e2:a5:65:d1:eb:e6:b5:42:d2:00:be:45:ee:f3:1b:dd:0c:68:
c4:29:59:d8
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAZQnSBwX8AGe78f3qkJ2vUfbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1NDZlMTU4MTllYWNkMDViY2NlYmY4MDAxOWNhM2NiN2M0
YTM4ZTAwHhcNMjUwMTAyMTM1MDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTdjNTBlZjg5NWZmYzNlZjRhZTJkOGI3OGYyZTc4ZGQ3MGM5MDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3UcUW56PEI7H8kUtAZdMS50mIsD
ih8tkFQuGErGJzkWJZcqvUTyeu98AMRfiq2EvpCCrs622W6v86w8fR6VxpUJIWFJ
e24sKORGhcEqYFdYm2cLLu5VUHnUmLawPu2RvuScOMmj+5QeN1lcHI8FqzHNSDJw
k8ACTT7384YEBVvJwoATcn3gnWDIvAkUApQ8oPpIOYM5u8bmdbP7cxrXBlWlR+4+
w0WFY4PlJDj+gTplyky+ScOI3ltsdwWCrK/V8GVyQJGAzN5SpZbcWWWkQHVnDTMy
Q4E1eDukyyVUl66tcwPF82FoJqMXX9UxUjIbJwMjR+1uv9LOJO4fuD2yIQIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFHl8UO+JX/w+9K4ti3jy543XDJAXMB8GA1UdIwQY
MBaAFMVG4VgZ6s0FvM6/gAGco8t8SjjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFViaFdCbnF6UVc4enItQUFaeWp5M3hLT09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9mOTVhYzUtMGI4Yi00NWQ2LWJlOWEt
MmRiMjI0NWYyOTg1LzEvZVh4UTc0bGZfRDcwcmkyTGVQTG5qZGNNa0JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9mOTVhYzUtMGI4Yi00NWQ2LWJlOWEtMmRiMjI0NWYyOTg1
LzEveFViaFdCbnF6UVc4enItQUFaeWp5M3hLT09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwaAQCAAEwYgMEAi0OXAME
Ai2SAAMEBFEQwAMEAo1i+AMEArkF5AMEArlqcDAMAwQEuYKwAwQAuYKyAwQCua4Q
AwQCubRYAwQCubbUAwQCuc34AwQCud2MAwQCuehQAwQBwjCuAwQBwjC8MA0EAgAC
MAcDBQMqBxEAMA0GCSqGSIb3DQEBCwUAA4IBAQB5RewgxnCJ6iFpXbvM3oDNTY5A
BgL2GC+m7MqO0KjHdtZVgNPwYqKYZX0+i5Y8ZsRixeUMN3pVDcqorpeosFqgSReB
isti9phqFqgVQWfP4iQzzkjgbz1z3nyMU5U0bsk2rgSjUqPZpw802MZ5FjI3gJSm
wIWz/BXzlbXs9UITeZpHDS8ObfivZ1hzMdS9zJohJVy3y8rbgb7kZNSaeyHEn6XM
HLdM5CntfD9sXEWgaS9AtEoq1FqV/5ijUutsNLODfAnDVwf1FcpaM1/TNt5hd3On
P5g4yx+5xNggMJgfEI50iY24/hTtlNXipWXR6+a1QtIAvkXu8xvdDGjEKVnY
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:35:07 2025 by rpki-client