Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/a2ea51-87a6-4814-9b82-278cbb0b4e73/1/sxNlViRMFBeyCKHK1V0sQojloaU.roa
File: sxNlViRMFBeyCKHK1V0sQojloaU.roa (raw, json)
Hash identifier: B7neqRuXw3EzuRHFQ3Xdq+BC5xmWvSgD18hq8QHGols=
Subject key identifier: B3:13:65:56:24:4C:14:17:B2:08:A1:CA:D5:5D:2C:42:88:E5:A1:A5
Certificate issuer: /CN=7d2ae80cde5cd769c8f144e6c266113bfaedec3e
Certificate serial: 019421B1D28946C485AC69C545E3C120CD72
Authority key identifier: 7D:2A:E8:0C:DE:5C:D7:69:C8:F1:44:E6:C2:66:11:3B:FA:ED:EC:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fSroDN5c12nI8UTmwmYRO_rt7D4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/a2ea51-87a6-4814-9b82-278cbb0b4e73/1/sxNlViRMFBeyCKHK1V0sQojloaU.roa
Signing time: Wed 01 Jan 2025 11:48:09 +0000
ROA not before: Wed 01 Jan 2025 11:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205668
IP address blocks: 45.148.168.0/22 maxlen: 24
185.44.128.0/22 maxlen: 24
185.129.68.0/22 maxlen: 24
185.129.68.0/24 maxlen: 24
185.129.69.0/24 maxlen: 24
185.129.70.0/24 maxlen: 24
185.129.71.0/24 maxlen: 24
185.200.100.0/24 maxlen: 24
185.200.101.0/24 maxlen: 24
185.200.102.0/24 maxlen: 24
185.200.103.0/24 maxlen: 24
2a01:74e0::/32 maxlen: 32
2a0a:aa40::/32 maxlen: 32
2a0a:aa42::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/a2ea51-87a6-4814-9b82-278cbb0b4e73/1/fSroDN5c12nI8UTmwmYRO_rt7D4.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/a2ea51-87a6-4814-9b82-278cbb0b4e73/1/fSroDN5c12nI8UTmwmYRO_rt7D4.mft
rsync://rpki.ripe.net/repository/DEFAULT/fSroDN5c12nI8UTmwmYRO_rt7D4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 10 Mar 2025 15:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:d2:89:46:c4:85:ac:69:c5:45:e3:c1:20:cd:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d2ae80cde5cd769c8f144e6c266113bfaedec3e
Validity
Not Before: Jan 1 11:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3136556244c1417b208a1cad55d2c4288e5a1a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c4:fb:32:99:32:12:e9:35:9e:c3:b1:f7:ff:
be:6d:5b:d9:30:1d:f9:df:d8:cf:08:23:95:3f:ed:
cf:dc:a0:8b:e1:34:41:0d:3f:83:d0:a9:05:60:83:
7f:9e:be:e7:7e:74:a9:1d:11:aa:ba:99:4e:c4:40:
7c:1c:4e:5c:b7:3e:cb:65:29:ac:ff:a9:df:82:d8:
32:27:99:d1:59:4b:69:e1:8c:ee:ca:23:34:0a:0f:
11:83:34:4b:20:d1:af:22:03:f7:59:80:8e:d8:ae:
63:fa:00:52:b9:3a:70:75:63:b6:05:d1:4c:65:a8:
c2:16:f5:97:e8:f6:d8:ba:4e:ff:32:1b:ad:65:72:
1d:ed:c5:b5:98:38:d9:09:7b:22:75:0d:c9:00:88:
69:98:1e:24:03:f4:79:ba:7d:3c:6d:66:71:60:41:
5b:f0:c9:ae:d8:ec:8e:83:da:3f:0f:44:40:8f:f6:
8f:31:af:11:ac:ed:0a:13:0c:9e:11:01:84:f3:6e:
23:f5:d0:45:fb:65:41:b8:c9:f7:3b:90:9a:c9:92:
dc:c7:2a:6f:2a:37:c2:54:ee:3a:f0:6a:4b:24:2b:
c5:54:94:a2:19:b2:15:c9:91:23:37:82:0f:fa:2a:
5d:30:e3:56:ce:6b:bf:29:62:7f:0e:14:0e:90:37:
72:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:13:65:56:24:4C:14:17:B2:08:A1:CA:D5:5D:2C:42:88:E5:A1:A5
X509v3 Authority Key Identifier:
keyid:7D:2A:E8:0C:DE:5C:D7:69:C8:F1:44:E6:C2:66:11:3B:FA:ED:EC:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fSroDN5c12nI8UTmwmYRO_rt7D4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/a2ea51-87a6-4814-9b82-278cbb0b4e73/1/sxNlViRMFBeyCKHK1V0sQojloaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/a2ea51-87a6-4814-9b82-278cbb0b4e73/1/fSroDN5c12nI8UTmwmYRO_rt7D4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.168.0/22
185.44.128.0/22
185.129.68.0/22
185.200.100.0/22
IPv6:
2a01:74e0::/32
2a0a:aa40::/32
2a0a:aa42::/32
Signature Algorithm: sha256WithRSAEncryption
6f:7d:83:bb:16:1e:51:e5:45:1a:80:ea:0b:97:36:51:fe:26:
c7:6c:20:c9:ca:97:4c:b6:16:11:1a:52:bc:c9:40:bf:96:fc:
4b:94:00:01:40:e9:f7:e1:bb:54:82:3e:2f:7b:3e:a8:43:c2:
67:f4:f0:a0:2a:4f:2d:ef:e5:7a:48:fd:4a:11:bd:e7:44:0d:
07:7b:7e:5b:f5:6b:cd:3a:7c:f5:c1:81:48:a5:e2:ee:63:ea:
58:30:a3:20:0e:69:b5:4a:40:40:e3:90:d6:40:a7:41:84:1d:
f9:b4:e2:99:a2:61:a4:0a:44:4c:b6:2c:0c:68:e2:b7:3f:97:
6c:a2:c1:99:33:af:93:62:ed:70:4d:1c:38:b4:20:6f:a7:da:
f1:33:19:0b:9b:9a:50:20:ff:1d:c0:89:e5:d9:49:02:03:f4:
8f:5d:08:35:84:da:3a:30:47:1b:8c:21:dc:fc:0b:62:79:23:
9f:d7:c9:81:3f:e0:e0:50:c9:cb:8a:56:e2:77:fb:c7:25:37:
75:00:be:d9:9b:43:a0:73:49:36:44:23:2d:66:80:c2:73:0e:
2b:2c:bd:8f:9e:d6:ae:38:b5:78:3d:6d:a8:f0:84:cd:95:bc:
b4:f9:79:65:a6:f1:31:9b:61:ea:5d:14:39:e5:43:5c:97:0a:
5b:e8:b7:15
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZQhsdKJRsSFrGnFRePBIM1yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMmFlODBjZGU1Y2Q3NjljOGYxNDRlNmMyNjYxMTNiZmFl
ZGVjM2UwHhcNMjUwMTAxMTE0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzEzNjU1NjI0NGMxNDE3YjIwOGExY2FkNTVkMmM0Mjg4ZTVhMWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcT7MpkyEuk1nsOx9/++bVvZMB35
39jPCCOVP+3P3KCL4TRBDT+D0KkFYIN/nr7nfnSpHRGquplOxEB8HE5ctz7LZSms
/6nfgtgyJ5nRWUtp4YzuyiM0Cg8RgzRLINGvIgP3WYCO2K5j+gBSuTpwdWO2BdFM
ZajCFvWX6PbYuk7/MhutZXId7cW1mDjZCXsidQ3JAIhpmB4kA/R5un08bWZxYEFb
8Mmu2OyOg9o/D0RAj/aPMa8RrO0KEwyeEQGE824j9dBF+2VBuMn3O5CayZLcxypv
KjfCVO468GpLJCvFVJSiGbIVyZEjN4IP+ipdMONWzmu/KWJ/DhQOkDdy7wIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFLMTZVYkTBQXsgihytVdLEKI5aGlMB8GA1UdIwQY
MBaAFH0q6AzeXNdpyPFE5sJmETv67ew+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlNyb0RONWMxMm5JOFVUbXdtWVJPX3J0N0Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9hMmVhNTEtODdhNi00ODE0LTliODIt
Mjc4Y2JiMGI0ZTczLzEvc3hObFZpUk1GQmV5Q0tISzFWMHNRb2psb2FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9hMmVhNTEtODdhNi00ODE0LTliODItMjc4Y2JiMGI0ZTcz
LzEvZlNyb0RONWMxMm5JOFVUbXdtWVJPX3J0N0Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAeBAIAATAYAwQCLZSoAwQC
uSyAAwQCuYFEAwQCuchkMBsEAgACMBUDBQAqAXTgAwUAKgqqQAMFACoKqkIwDQYJ
KoZIhvcNAQELBQADggEBAG99g7sWHlHlRRqA6guXNlH+JsdsIMnKl0y2FhEaUrzJ
QL+W/EuUAAFA6ffhu1SCPi97PqhDwmf08KAqTy3v5XpI/UoRvedEDQd7flv1a806
fPXBgUil4u5j6lgwoyAOabVKQEDjkNZAp0GEHfm04pmiYaQKREy2LAxo4rc/l2yi
wZkzr5Ni7XBNHDi0IG+n2vEzGQubmlAg/x3AieXZSQID9I9dCDWE2jowRxuMIdz8
C2J5I5/XyYE/4OBQycuKVuJ3+8clN3UAvtmbQ6BzSTZEIy1mgMJzDissvY+e1q44
tXg9bajwhM2VvLT5eWWm8TGbYepdFDnlQ1yXClvotxU=
-----END CERTIFICATE-----
Generated at Mon Mar 10 00:49:21 2025 by rpki-client