Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/_b52ArLDlZ_yQc0WMyeAO68TceE.roa
File: _b52ArLDlZ_yQc0WMyeAO68TceE.roa (raw, json)
Hash identifier: y3ac8Z9Z1T2Xx7yJr7rkNsl8s6Rg9MBlGxhcIsXuxo4=
Subject key identifier: FD:BE:76:02:B2:C3:95:9F:F2:41:CD:16:33:27:80:3B:AF:13:71:E1
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 019422203E127732FA7DDC18A63DA949D100
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/_b52ArLDlZ_yQc0WMyeAO68TceE.roa
Signing time: Wed 01 Jan 2025 13:48:45 +0000
ROA not before: Wed 01 Jan 2025 13:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212477
IP address blocks: 45.123.41.0/24 maxlen: 24
45.123.42.0/23 maxlen: 24
45.141.200.0/23 maxlen: 24
45.141.202.0/24 maxlen: 24
45.141.203.0/24 maxlen: 24
89.47.89.0/24 maxlen: 24
91.190.100.0/24 maxlen: 24
92.114.107.0/24 maxlen: 24
103.212.82.0/24 maxlen: 24
185.9.55.0/24 maxlen: 24
185.35.136.0/23 maxlen: 24
185.35.138.0/24 maxlen: 24
185.35.139.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.241.214.0/24 maxlen: 24
2a0b:64c0::/32 maxlen: 48
2a10:6c02::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:3e:12:77:32:fa:7d:dc:18:a6:3d:a9:49:d1:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 13:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fdbe7602b2c3959ff241cd163327803baf1371e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f6:54:fb:bb:3c:07:22:dc:40:a3:58:fd:3f:
41:96:dd:93:53:d6:db:52:f9:69:e9:04:a0:9d:24:
4b:62:73:b1:95:03:66:f6:b3:fc:77:ad:0f:2b:67:
37:0e:8a:3b:4d:c9:4c:4e:1d:60:e0:43:5e:14:87:
08:63:50:f2:d5:d3:68:aa:53:96:66:62:ff:58:7b:
ed:ba:a7:f1:ba:a8:e6:2a:76:c9:7f:6f:7f:08:be:
ce:93:d8:a2:53:35:f5:4a:81:76:0b:ab:b7:42:d5:
6b:fc:7f:2a:db:bb:6a:8e:75:d0:0b:46:dd:1e:37:
23:81:7b:3f:8b:35:eb:ed:b0:be:b9:d0:d1:5d:7e:
ad:01:ce:11:19:0e:3c:00:8e:af:e7:0b:52:d0:78:
8b:54:d5:92:d2:db:2b:ea:f7:28:dc:db:7f:89:07:
94:be:9b:a8:60:b4:70:46:36:f8:17:7f:25:e1:82:
83:92:ef:88:6e:87:be:67:6e:52:df:46:1f:49:c3:
b9:af:28:b3:c4:95:e9:59:f6:f3:29:9b:23:4a:f1:
e9:1d:23:ff:ad:de:52:aa:c5:fe:c3:c3:8d:1f:cc:
c9:ac:14:de:74:6b:bc:da:04:4d:24:1b:ce:24:a8:
4a:f0:20:16:a1:d9:15:f8:11:ba:2d:fa:6e:03:1d:
98:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:BE:76:02:B2:C3:95:9F:F2:41:CD:16:33:27:80:3B:AF:13:71:E1
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/_b52ArLDlZ_yQc0WMyeAO68TceE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.123.41.0-45.123.43.255
45.141.200.0/22
89.47.89.0/24
91.190.100.0/24
92.114.107.0/24
103.212.82.0/24
185.9.55.0/24
185.35.136.0/22
188.212.133.0/24
188.241.214.0/24
IPv6:
2a0b:64c0::/32
2a10:6c02::/32
Signature Algorithm: sha256WithRSAEncryption
8d:b3:e5:89:9a:e1:dd:11:d1:da:c9:1f:b5:b8:83:f7:6d:d3:
e4:23:66:bc:a4:8c:03:ca:e7:bb:11:71:01:f1:56:11:f0:eb:
66:94:8c:e9:85:44:38:57:56:13:fe:1e:14:84:3c:8b:45:54:
eb:4b:24:25:63:e6:49:79:98:2f:13:9c:24:99:a2:e0:b4:37:
54:9c:6b:bb:8c:5d:00:5e:7f:63:91:5c:df:b4:9a:6f:54:3d:
23:fa:b1:10:e1:5c:ed:6b:fe:3b:49:38:f6:e3:4d:04:94:de:
e9:48:c9:aa:b2:0c:ac:c0:49:c3:22:94:25:b2:c7:9f:37:1c:
fe:99:ef:c6:e3:60:cc:63:1f:16:b0:71:85:b2:08:5c:62:f4:
48:79:b9:3c:a0:a2:7a:98:92:df:75:d5:2c:e3:64:e8:32:d4:
16:38:f4:27:f6:04:79:d0:a3:ea:40:ed:5c:56:7c:82:ee:6c:
0e:5b:d2:1d:f6:34:a8:fc:1b:20:1a:18:5f:9a:e3:f8:a6:9f:
27:12:df:3f:2d:c7:6a:23:66:c6:84:56:37:0d:82:bc:38:10:
f4:88:c1:37:76:db:d2:78:8d:5b:72:a9:33:9f:45:27:c9:76:
87:60:b6:a6:d4:36:38:ee:39:4d:68:8c:a2:7f:de:8b:6a:5e:
b2:48:48:43
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZQiID4SdzL6fdwYpj2pSdEAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjUwMTAxMTM0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGJlNzYwMmIyYzM5NTlmZjI0MWNkMTYzMzI3ODAzYmFmMTM3MWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPZU+7s8ByLcQKNY/T9Blt2TU9bb
Uvlp6QSgnSRLYnOxlQNm9rP8d60PK2c3Doo7TclMTh1g4ENeFIcIY1Dy1dNoqlOW
ZmL/WHvtuqfxuqjmKnbJf29/CL7Ok9iiUzX1SoF2C6u3QtVr/H8q27tqjnXQC0bd
HjcjgXs/izXr7bC+udDRXX6tAc4RGQ48AI6v5wtS0HiLVNWS0tsr6vco3Nt/iQeU
vpuoYLRwRjb4F38l4YKDku+Iboe+Z25S30YfScO5ryizxJXpWfbzKZsjSvHpHSP/
rd5SqsX+w8ONH8zJrBTedGu82gRNJBvOJKhK8CAWodkV+BG6LfpuAx2Y7QIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFP2+dgKyw5Wf8kHNFjMngDuvE3HhMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvX2I1MkFyTERsWl95UWMwV015ZUFPNjhUY2VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBKBAIAATBEMAwDBAAteykD
BAIteygDBAItjcgDBABZL1kDBABbvmQDBABccmsDBABn1FIDBAC5CTcDBAK5I4gD
BAC81IUDBAC88dYwFAQCAAIwDgMFACoLZMADBQAqEGwCMA0GCSqGSIb3DQEBCwUA
A4IBAQCNs+WJmuHdEdHayR+1uIP3bdPkI2a8pIwDyue7EXEB8VYR8OtmlIzphUQ4
V1YT/h4UhDyLRVTrSyQlY+ZJeZgvE5wkmaLgtDdUnGu7jF0AXn9jkVzftJpvVD0j
+rEQ4Vzta/47STj2400ElN7pSMmqsgyswEnDIpQlssefNxz+me/G42DMYx8WsHGF
sghcYvRIebk8oKJ6mJLfddUs42ToMtQWOPQn9gR50KPqQO1cVnyC7mwOW9Id9jSo
/BsgGhhfmuP4pp8nEt8/LcdqI2bGhFY3DYK8OBD0iME3dtvSeI1bcqkzn0UnyXaH
YLam1DY47jlNaIyif96Lal6ySEhD
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:50:32 2025 by rpki-client