Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/1-lpBuKXXx8g9yxpi6iuVgN2ZkaU.roa
File: 1-lpBuKXXx8g9yxpi6iuVgN2ZkaU.roa (raw, json)
Hash identifier: RgZnA77LWWsGNIxky5OwYiVUFovIqwLxtj+NYBSAZ9M=
Subject key identifier: FA:5A:41:B8:A5:D7:C7:C8:3D:CB:1A:62:EA:2B:95:80:DD:99:91:A5
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 019424455E369BE150CE8BCE48ED02D1A299
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/1-lpBuKXXx8g9yxpi6iuVgN2ZkaU.roa
Signing time: Wed 01 Jan 2025 23:48:33 +0000
ROA not before: Wed 01 Jan 2025 23:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16371
IP address blocks: 81.46.192.0/20 maxlen: 20
81.46.192.0/21 maxlen: 21
81.46.200.0/21 maxlen: 21
81.46.208.0/21 maxlen: 21
81.46.208.0/22 maxlen: 22
81.46.212.0/22 maxlen: 22
81.46.215.0/24 maxlen: 24
81.46.216.0/21 maxlen: 21
81.46.216.0/22 maxlen: 22
81.46.220.0/22 maxlen: 22
81.46.224.0/20 maxlen: 20
81.46.224.0/21 maxlen: 21
81.46.232.0/21 maxlen: 21
81.46.240.0/21 maxlen: 21
81.46.240.0/22 maxlen: 22
81.46.244.0/22 maxlen: 22
195.55.104.0/22 maxlen: 22
195.55.104.0/23 maxlen: 23
195.55.106.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.mft
rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 02:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:5e:36:9b:e1:50:ce:8b:ce:48:ed:02:d1:a2:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Jan 1 23:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa5a41b8a5d7c7c83dcb1a62ea2b9580dd9991a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:57:37:a5:f1:c2:d8:8e:00:99:8a:5f:4f:b9:
10:b7:b4:72:49:ce:a6:e7:85:54:ee:a4:dc:f0:fc:
e6:3b:da:88:ee:41:ee:a4:bf:9c:b9:5d:ed:2c:e5:
eb:a3:f0:5e:96:69:84:e8:06:64:47:0f:13:08:a4:
1f:6c:5e:a8:34:dc:8f:43:51:32:59:fb:bc:ca:2b:
20:1f:54:3a:31:83:31:52:67:1e:88:d8:18:5e:67:
71:8d:e4:8f:cc:bc:50:f7:7b:70:47:13:9b:73:e9:
0b:4c:9c:78:7f:50:bf:93:58:1f:54:de:13:84:76:
03:0a:80:c1:65:00:7b:8d:96:b4:f8:ca:01:46:16:
fb:7d:e2:e9:9f:0b:b4:ad:58:d0:13:b6:59:54:5c:
1c:b0:64:0f:ad:2e:39:c8:d2:31:1c:5f:26:5f:11:
7d:6c:59:5b:c3:02:16:ba:39:9e:66:6d:a8:cb:33:
72:60:7d:a7:33:2d:d0:c9:80:14:c4:a9:5a:e0:36:
8c:bd:1a:df:e5:92:43:c1:5c:0f:4d:f2:d0:83:ad:
d5:c5:3c:d9:94:4f:36:7b:b0:b5:99:dd:9c:69:e9:
72:70:35:a0:9d:ce:9e:52:b6:bf:da:27:6c:7c:dd:
15:72:a9:91:1d:e8:0b:5b:41:e8:0e:78:b9:09:74:
46:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:5A:41:B8:A5:D7:C7:C8:3D:CB:1A:62:EA:2B:95:80:DD:99:91:A5
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/1-lpBuKXXx8g9yxpi6iuVgN2ZkaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.46.192.0-81.46.247.255
195.55.104.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:cc:4c:c8:e2:fc:97:ee:62:0f:73:47:46:b0:31:f9:39:8f:
20:d9:4f:8c:9e:ae:ae:ab:97:4c:7b:10:e3:a8:a6:83:9b:3f:
99:76:75:f0:ec:6a:d7:0f:2b:fe:f6:c0:4e:4c:39:e4:5f:05:
2a:22:b0:09:c1:b7:57:ff:13:7f:7c:fe:96:b9:71:07:b6:3c:
91:1e:4b:cd:68:ec:89:cd:3b:f0:61:62:17:f0:6f:56:51:37:
1b:80:59:10:b5:c7:58:74:35:6d:68:30:97:31:86:a0:8b:ee:
9b:cc:e9:bd:dc:28:2b:b4:11:97:7e:60:f8:a4:b1:7a:aa:50:
d0:d4:06:51:2c:3f:96:97:60:41:34:ee:a2:6d:cc:93:1a:8c:
67:04:c1:94:53:ca:60:74:f2:10:69:03:3a:fe:6b:88:36:3c:
ab:2c:74:fa:d3:f9:08:2d:48:f9:32:64:a7:99:92:ec:40:b7:
a9:ac:5c:e6:df:10:21:9f:b4:5b:19:39:79:2b:60:b1:f2:38:
18:82:3b:06:0e:13:6b:06:ce:09:f5:9d:97:c6:2b:6d:f6:e6:
66:e9:8e:2b:f6:10:af:3b:4e:be:54:35:01:7a:1e:40:c7:d3:
9d:30:61:e9:3f:92:41:26:e5:40:bb:71:c2:f2:79:cb:1b:f7:
31:ea:60:de
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQkRV42m+FQzovOSO0C0aKZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjUwMTAxMjM0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTVhNDFiOGE1ZDdjN2M4M2RjYjFhNjJlYTJiOTU4MGRkOTk5MWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Vc3pfHC2I4AmYpfT7kQt7RySc6m
54VU7qTc8PzmO9qI7kHupL+cuV3tLOXro/BelmmE6AZkRw8TCKQfbF6oNNyPQ1Ey
Wfu8yisgH1Q6MYMxUmceiNgYXmdxjeSPzLxQ93twRxObc+kLTJx4f1C/k1gfVN4T
hHYDCoDBZQB7jZa0+MoBRhb7feLpnwu0rVjQE7ZZVFwcsGQPrS45yNIxHF8mXxF9
bFlbwwIWujmeZm2oyzNyYH2nMy3QyYAUxKla4DaMvRrf5ZJDwVwPTfLQg63VxTzZ
lE82e7C1md2caelycDWgnc6eUra/2idsfN0VcqmRHegLW0HoDni5CXRGVwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPpaQbil18fIPcsaYuorlYDdmZGlMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvMS1scEJ1S1hYeDhnOXl4cGk2aXVWZ04yWmthVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjcvZGNmZDQ4LWM1NGEtNGM3OC1hNGVkLTRiYTJmOGYxZjgz
Yi8xL01IOWY0blFLSzIza3czQ2RLV1FSV3p5V2ZhRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAtBggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQGUS7A
AwQDUS7wAwQCwzdoMA0GCSqGSIb3DQEBCwUAA4IBAQAszEzI4vyX7mIPc0dGsDH5
OY8g2U+Mnq6uq5dMexDjqKaDmz+ZdnXw7GrXDyv+9sBOTDnkXwUqIrAJwbdX/xN/
fP6WuXEHtjyRHkvNaOyJzTvwYWIX8G9WUTcbgFkQtcdYdDVtaDCXMYagi+6bzOm9
3CgrtBGXfmD4pLF6qlDQ1AZRLD+Wl2BBNO6ibcyTGoxnBMGUU8pgdPIQaQM6/muI
NjyrLHT60/kILUj5MmSnmZLsQLeprFzm3xAhn7RbGTl5K2Cx8jgYgjsGDhNrBs4J
9Z2Xxitt9uZm6Y4r9hCvO06+VDUBeh5Ax9OdMGHpP5JBJuVAu3HC8nnLG/cx6mDe
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:40:59 2025 by rpki-client