Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/d4D4bsCJEG7DdEHz4Zyo967FoYE.roa
File: d4D4bsCJEG7DdEHz4Zyo967FoYE.roa (raw, json)
Hash identifier: X2ESGhFdtS8QKSZAaSMwmGvO8ruNw2AWTMfU9gqo9ns=
Subject key identifier: 77:80:F8:6E:C0:89:10:6E:C3:74:41:F3:E1:9C:A8:F7:AE:C5:A1:81
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 01942369CC94A243C76FA6188E4C9557EFEC
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/d4D4bsCJEG7DdEHz4Zyo967FoYE.roa
Signing time: Wed 01 Jan 2025 19:48:43 +0000
ROA not before: Wed 01 Jan 2025 19:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49505
IP address blocks: 45.10.108.0/24 maxlen: 24
45.133.32.0/22 maxlen: 22
77.83.80.0/24 maxlen: 24
185.235.247.0/24 maxlen: 24
193.9.126.0/24 maxlen: 24
193.56.188.0/24 maxlen: 24
193.56.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 12:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:cc:94:a2:43:c7:6f:a6:18:8e:4c:95:57:ef:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Jan 1 19:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7780f86ec089106ec37441f3e19ca8f7aec5a181
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4c:b4:a0:5e:b8:25:10:21:aa:68:85:c9:ce:
06:1b:ce:b5:fe:33:21:c1:8d:37:76:9e:3d:78:21:
83:f8:bc:c6:7a:76:a1:ae:40:0c:1e:e2:6b:5d:a5:
d4:e8:c8:a6:af:58:98:4d:a1:c1:09:4e:0f:fc:16:
1e:f9:bd:38:2f:a6:dc:e5:cd:fb:cd:1d:04:61:c5:
5a:77:71:d3:83:b8:ac:a8:60:39:7b:46:77:9c:f1:
e1:00:4f:f8:e7:97:91:96:19:a7:03:d6:a0:da:83:
b0:65:b9:6d:29:22:27:a7:10:ac:e0:48:e0:5d:23:
33:d9:f0:16:01:9e:95:b4:1b:8f:c6:5f:09:30:8a:
9b:52:41:67:45:f5:6c:f1:e9:b7:38:22:84:5c:21:
aa:5f:09:5d:c6:54:95:f8:82:dc:1b:e5:e6:50:31:
88:5a:c6:ef:d9:68:d6:93:a1:9f:78:2f:49:ff:63:
a7:26:a4:c5:ca:40:e6:f4:24:f7:db:61:a3:95:69:
07:c1:22:1a:0c:09:7a:53:e1:b9:10:91:e4:ad:38:
94:d3:1f:eb:4f:e3:88:38:d2:c5:f3:7e:b7:1a:f0:
82:7b:d2:eb:f0:3f:c0:1c:b1:ca:9e:96:58:8c:93:
be:47:7f:2e:03:71:99:84:6c:52:e7:6d:15:a2:c8:
18:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:80:F8:6E:C0:89:10:6E:C3:74:41:F3:E1:9C:A8:F7:AE:C5:A1:81
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/d4D4bsCJEG7DdEHz4Zyo967FoYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.108.0/24
45.133.32.0/22
77.83.80.0/24
185.235.247.0/24
193.9.126.0/24
193.56.188.0/24
193.56.190.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:2f:83:e9:d2:f6:a0:7a:33:3e:23:80:e6:24:15:d5:2c:33:
61:bc:b7:42:82:31:21:8d:88:e5:b5:3b:65:cf:62:26:73:94:
e5:8c:fb:b0:e0:6a:16:fe:2e:2e:70:3c:cf:61:62:61:d3:3f:
13:ab:c2:85:8e:d3:8c:85:a6:fe:a0:6b:7e:f6:f6:ed:cc:ff:
76:2e:00:e8:d7:e3:39:93:f9:66:94:4d:96:19:09:4b:bd:f2:
b2:2d:5e:d8:4a:cf:ce:1f:e1:88:bf:fc:7f:77:2b:bc:01:49:
db:6a:c9:d9:99:35:e7:bb:8e:b3:81:c2:d4:23:1c:0d:8d:3f:
42:9f:c9:f6:12:78:9b:7d:f3:a4:94:a5:22:d0:db:a8:d2:a5:
cf:86:77:83:68:19:98:86:3e:b5:e3:2a:56:51:f6:76:08:54:
53:7a:96:27:3b:99:06:fb:d1:cb:73:81:03:41:68:bb:d8:18:
1f:a4:02:46:37:9a:15:d0:5a:75:e7:fc:d3:5f:83:84:e2:1b:
6a:51:99:85:cd:12:3f:8b:2f:5b:7c:aa:cd:74:9e:63:99:5e:
47:09:65:3b:bf:70:c6:c9:31:5f:53:cd:19:fd:77:b1:ad:f7:
f6:a4:18:a5:f8:88:1c:f9:bb:64:66:14:c4:c7:d8:af:7f:92:
e6:cf:c3:23
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQjacyUokPHb6YYjkyVV+/sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjUwMTAxMTk0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzgwZjg2ZWMwODkxMDZlYzM3NDQxZjNlMTljYThmN2FlYzVhMTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoky0oF64JRAhqmiFyc4GG861/jMh
wY03dp49eCGD+LzGenahrkAMHuJrXaXU6Mimr1iYTaHBCU4P/BYe+b04L6bc5c37
zR0EYcVad3HTg7isqGA5e0Z3nPHhAE/455eRlhmnA9ag2oOwZbltKSInpxCs4Ejg
XSMz2fAWAZ6VtBuPxl8JMIqbUkFnRfVs8em3OCKEXCGqXwldxlSV+ILcG+XmUDGI
Wsbv2WjWk6GfeC9J/2OnJqTFykDm9CT322GjlWkHwSIaDAl6U+G5EJHkrTiU0x/r
T+OIONLF8363GvCCe9Lr8D/AHLHKnpZYjJO+R38uA3GZhGxS520VosgYrwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHeA+G7AiRBuw3RB8+GcqPeuxaGBMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvZDRENGJzQ0pFRzdEZEVIejRaeW85NjdGb1lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALQpsAwQC
LYUgAwQATVNQAwQAuev3AwQAwQl+AwQAwTi8AwQAwTi+MA0GCSqGSIb3DQEBCwUA
A4IBAQBcL4Pp0vagejM+I4DmJBXVLDNhvLdCgjEhjYjltTtlz2Imc5TljPuw4GoW
/i4ucDzPYWJh0z8Tq8KFjtOMhab+oGt+9vbtzP92LgDo1+M5k/lmlE2WGQlLvfKy
LV7YSs/OH+GIv/x/dyu8AUnbasnZmTXnu46zgcLUIxwNjT9Cn8n2EnibffOklKUi
0Nuo0qXPhneDaBmYhj614ypWUfZ2CFRTepYnO5kG+9HLc4EDQWi72BgfpAJGN5oV
0Fp15/zTX4OE4htqUZmFzRI/iy9bfKrNdJ5jmV5HCWU7v3DGyTFfU80Z/Xexrff2
pBil+Igc+btkZhTEx9ivf5Lmz8Mj
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:14:33 2025 by rpki-client