Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/RYR4iLFVrQZ4pVEcF4zvMYoA6Uw.roa
File: RYR4iLFVrQZ4pVEcF4zvMYoA6Uw.roa (raw, json)
Hash identifier: XgkPzi7hR0QWZFfgOvsLMjLnElQiz51gM0FiMvOfZn8=
Subject key identifier: 45:84:78:88:B1:55:AD:06:78:A5:51:1C:17:8C:EF:31:8A:00:E9:4C
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 019527520B3D688BDA4B4140A028E16E4ABB
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/RYR4iLFVrQZ4pVEcF4zvMYoA6Uw.roa
Signing time: Fri 21 Feb 2025 07:04:03 +0000
ROA not before: Fri 21 Feb 2025 07:04:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49505
IP address blocks: 2.56.138.0/24 maxlen: 24
45.10.108.0/24 maxlen: 24
45.133.32.0/22 maxlen: 22
77.83.80.0/24 maxlen: 24
185.235.247.0/24 maxlen: 24
193.9.126.0/24 maxlen: 24
193.56.188.0/24 maxlen: 24
193.56.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 20:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:27:52:0b:3d:68:8b:da:4b:41:40:a0:28:e1:6e:4a:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Feb 21 07:04:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=45847888b155ad0678a5511c178cef318a00e94c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:d0:c8:84:9f:fc:91:f3:ee:e1:04:96:a1:7c:
7c:59:82:0a:a9:db:cc:85:1a:36:65:88:d5:0b:fc:
5e:84:93:a1:87:f9:ee:1d:55:07:9a:8f:74:57:bd:
5e:08:b6:24:8e:0f:f0:dd:22:80:91:96:5c:ee:5f:
24:5e:da:d2:25:4c:97:7e:ed:8a:78:9a:31:38:34:
8f:0f:c6:3e:11:bd:f5:1c:b6:e0:05:48:14:74:1c:
00:a4:13:1e:f4:a5:6c:72:15:c4:35:36:a2:bf:19:
79:56:ac:86:b4:0e:96:15:39:92:91:1b:4d:03:ca:
98:38:4d:8c:b5:cd:c5:d6:64:bc:98:81:f8:de:16:
5c:35:55:af:14:91:15:a3:b2:e6:b7:ab:f9:48:bb:
a5:09:3d:58:ac:69:dd:17:49:35:d3:58:e1:dc:9f:
aa:85:82:26:00:c8:56:bb:c8:11:63:18:69:17:e8:
3f:1a:98:e2:0b:c4:03:71:dd:48:c3:3d:39:e2:ff:
51:c0:8c:ee:e8:90:70:fb:ae:e9:3c:32:39:9f:9c:
d7:07:76:36:57:63:68:3e:32:cb:bf:e5:70:d0:e7:
fe:c6:0b:80:af:12:07:56:db:25:4c:5b:fe:b1:db:
6e:21:fc:a4:ca:9b:a2:21:0b:34:0b:f5:fb:40:3b:
1a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:84:78:88:B1:55:AD:06:78:A5:51:1C:17:8C:EF:31:8A:00:E9:4C
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/RYR4iLFVrQZ4pVEcF4zvMYoA6Uw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.138.0/24
45.10.108.0/24
45.133.32.0/22
77.83.80.0/24
185.235.247.0/24
193.9.126.0/24
193.56.188.0/24
193.56.190.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:f8:87:58:27:7c:36:37:09:ad:07:27:79:2e:16:65:5f:72:
6d:d5:b1:13:b2:6e:fd:fa:15:06:15:46:9c:94:61:26:3f:06:
75:b4:33:b8:84:4b:97:a3:3d:42:e5:b0:a5:c3:29:85:c8:52:
18:cd:dc:b8:c7:77:6b:0f:e4:81:b9:86:55:f4:34:47:4a:8d:
0f:5f:5a:1e:d0:7e:9d:96:b9:02:9e:ff:72:8a:1c:01:0c:ab:
d1:f2:f6:77:97:1e:5d:a3:06:a8:e2:c7:0d:91:68:9c:79:3d:
41:a9:2d:22:44:8e:ad:bf:93:07:dd:cc:0c:7b:94:86:6b:ac:
cb:bb:30:7a:ae:51:90:20:44:53:cd:c3:44:bb:a1:54:d7:d2:
53:57:3b:44:b4:06:4f:15:4a:34:97:9f:13:80:67:75:38:b8:
b8:e0:26:92:08:83:8f:c4:89:06:92:85:3f:78:ca:06:42:1b:
06:af:88:71:18:44:c6:2f:15:f6:e1:58:ed:e3:77:5d:56:95:
a3:34:ee:48:b0:b4:b7:e2:ce:db:d0:08:32:e9:68:43:02:75:
43:bb:5e:cb:b4:46:a0:55:26:8b:79:7f:6f:7c:de:2c:b6:ec:
f9:64:20:69:97:60:25:8a:51:0e:c1:e2:6f:d5:7e:28:6b:2e:
ba:c7:f4:cf
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZUnUgs9aIvaS0FAoCjhbkq7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjUwMjIxMDcwNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTg0Nzg4OGIxNTVhZDA2NzhhNTUxMWMxNzhjZWYzMThhMDBlOTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5dDIhJ/8kfPu4QSWoXx8WYIKqdvM
hRo2ZYjVC/xehJOhh/nuHVUHmo90V71eCLYkjg/w3SKAkZZc7l8kXtrSJUyXfu2K
eJoxODSPD8Y+Eb31HLbgBUgUdBwApBMe9KVschXENTaivxl5VqyGtA6WFTmSkRtN
A8qYOE2Mtc3F1mS8mIH43hZcNVWvFJEVo7Lmt6v5SLulCT1YrGndF0k101jh3J+q
hYImAMhWu8gRYxhpF+g/GpjiC8QDcd1Iwz054v9RwIzu6JBw+67pPDI5n5zXB3Y2
V2NoPjLLv+Vw0Of+xguArxIHVtslTFv+sdtuIfykypuiIQs0C/X7QDsa1QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFEWEeIixVa0GeKVRHBeM7zGKAOlMMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvUllSNGlMRlZyUVo0cFZFY0Y0enZNWW9BNlV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAAjiKAwQA
LQpsAwQCLYUgAwQATVNQAwQAuev3AwQAwQl+AwQAwTi8AwQAwTi+MA0GCSqGSIb3
DQEBCwUAA4IBAQAL+IdYJ3w2NwmtByd5LhZlX3Jt1bETsm79+hUGFUaclGEmPwZ1
tDO4hEuXoz1C5bClwymFyFIYzdy4x3drD+SBuYZV9DRHSo0PX1oe0H6dlrkCnv9y
ihwBDKvR8vZ3lx5dowao4scNkWiceT1BqS0iRI6tv5MH3cwMe5SGa6zLuzB6rlGQ
IERTzcNEu6FU19JTVztEtAZPFUo0l58TgGd1OLi44CaSCIOPxIkGkoU/eMoGQhsG
r4hxGETGLxX24Vjt43ddVpWjNO5IsLS34s7b0Agy6WhDAnVDu17LtEagVSaLeX9v
fN4stuz5ZCBpl2AlilEOweJv1X4oay66x/TP
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:57:04 2025 by rpki-client