Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/f5FaJz8IG8Fycvd_ra4tdNQxe4k.roa
File: f5FaJz8IG8Fycvd_ra4tdNQxe4k.roa (raw, json)
Hash identifier: RfiXpPKE/aNXsx/US8k804GBbX1C1DcIw11BAkS/ZjM=
Subject key identifier: 7F:91:5A:27:3F:08:1B:C1:72:72:F7:7F:AD:AE:2D:74:D4:31:7B:89
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 01942369C2FF0FBE804EE08DEFED133477EE
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/f5FaJz8IG8Fycvd_ra4tdNQxe4k.roa
Signing time: Wed 01 Jan 2025 19:48:41 +0000
ROA not before: Wed 01 Jan 2025 19:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12722
IP address blocks: 45.10.109.0/24 maxlen: 24
45.11.212.0/24 maxlen: 24
45.88.208.0/24 maxlen: 24
45.88.211.0/24 maxlen: 24
176.53.187.0/24 maxlen: 24
193.56.185.0/24 maxlen: 24
193.160.211.0/24 maxlen: 24
194.32.124.0/24 maxlen: 24
194.32.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 12:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:c2:ff:0f:be:80:4e:e0:8d:ef:ed:13:34:77:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Jan 1 19:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7f915a273f081bc17272f77fadae2d74d4317b89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d8:30:4e:b5:a8:89:e0:9d:60:43:74:ab:fd:
fd:6f:24:7c:43:70:3f:23:c7:d3:2b:0c:57:e4:73:
99:85:44:36:f4:11:ef:e0:be:f8:71:f7:70:37:92:
93:3f:a1:61:6c:89:c7:4c:7e:67:3c:fc:07:31:a2:
9b:9f:83:b2:45:0c:7e:67:43:d1:2b:39:0f:09:4a:
04:ac:c8:e7:e1:60:a2:6d:06:73:08:a3:d2:84:34:
9c:b4:8c:54:da:06:35:83:0b:d1:4a:59:d4:ce:2e:
99:e2:0b:ce:22:17:69:e0:88:7c:3d:21:8b:96:23:
7d:fd:50:ba:52:19:bc:10:c9:df:2b:df:36:88:0e:
d9:53:3c:63:d8:e1:cb:fb:64:5c:ce:43:0a:37:55:
65:25:fd:e0:18:c8:f5:2d:5e:e2:9f:0f:b0:14:72:
eb:ef:48:2f:d5:79:5e:ba:03:b9:75:c6:a7:d2:03:
08:ed:9d:c6:b0:22:83:bc:91:d1:bb:2b:db:7d:4d:
4b:fc:df:e1:13:3a:f5:80:6b:63:af:f8:56:7e:ad:
60:ea:d6:50:5b:79:e8:f4:66:db:5a:b9:6a:09:c9:
52:02:7e:a4:b9:b9:e5:c9:ed:c7:83:f3:38:aa:6b:
2e:e9:e1:ae:e4:83:9b:fe:2e:28:a2:3c:bf:8d:f6:
0e:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:91:5A:27:3F:08:1B:C1:72:72:F7:7F:AD:AE:2D:74:D4:31:7B:89
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/f5FaJz8IG8Fycvd_ra4tdNQxe4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.109.0/24
45.11.212.0/24
45.88.208.0/24
45.88.211.0/24
176.53.187.0/24
193.56.185.0/24
193.160.211.0/24
194.32.124.0/24
194.32.126.0/24
Signature Algorithm: sha256WithRSAEncryption
79:01:fb:d5:cc:a8:31:c1:c0:db:47:3e:ed:50:e7:5e:df:41:
48:9f:9d:75:c3:84:ad:c4:8b:cf:18:8a:d2:c1:08:ea:88:7e:
0c:47:d8:27:d0:97:a1:66:ef:e4:ad:5a:f0:23:b1:36:3c:c9:
67:6d:f1:2f:a1:59:c4:9f:71:d4:10:ce:2b:35:4a:3b:2b:32:
e6:e3:4b:6c:50:99:54:9e:3a:ba:23:37:90:40:b4:27:a6:82:
d8:e0:f3:f4:c4:25:9c:6c:6e:3c:9f:21:ab:2e:6f:0a:fb:7c:
2c:0c:9b:0c:a2:97:88:80:73:79:9b:c3:47:b7:a4:8f:ff:8c:
fc:31:48:d8:6d:e7:56:5d:e4:19:93:1b:4f:0d:b5:fa:d7:e3:
6b:f6:cd:d8:4b:04:4f:93:1d:41:c1:a5:5e:3c:e5:a2:98:e2:
07:52:bc:84:d7:86:c9:d3:9c:37:00:29:40:2c:09:c1:ac:3e:
97:f7:0b:61:8e:1f:ce:ee:97:dc:a7:4b:79:71:30:ae:6f:df:
32:69:90:00:91:13:c2:00:34:7d:2d:15:62:d3:46:62:7d:03:
7b:0c:22:d7:e5:4c:f4:f8:e7:c9:d8:c6:f1:03:b2:c0:fa:e9:
f7:1d:e5:f8:20:9c:78:88:96:f5:4d:4b:9e:5f:dd:8d:ac:bd:
43:ef:1f:25
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQjacL/D76ATuCN7+0TNHfuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjUwMTAxMTk0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjkxNWEyNzNmMDgxYmMxNzI3MmY3N2ZhZGFlMmQ3NGQ0MzE3Yjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9gwTrWoieCdYEN0q/39byR8Q3A/
I8fTKwxX5HOZhUQ29BHv4L74cfdwN5KTP6FhbInHTH5nPPwHMaKbn4OyRQx+Z0PR
KzkPCUoErMjn4WCibQZzCKPShDSctIxU2gY1gwvRSlnUzi6Z4gvOIhdp4Ih8PSGL
liN9/VC6Uhm8EMnfK982iA7ZUzxj2OHL+2RczkMKN1VlJf3gGMj1LV7inw+wFHLr
70gv1XleugO5dcan0gMI7Z3GsCKDvJHRuyvbfU1L/N/hEzr1gGtjr/hWfq1g6tZQ
W3no9GbbWrlqCclSAn6kubnlye3Hg/M4qmsu6eGu5IOb/i4oojy/jfYOfQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFH+RWic/CBvBcnL3f62uLXTUMXuJMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvZjVGYUp6OElHOEZ5Y3ZkX3JhNHRkTlF4ZTRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALQptAwQA
LQvUAwQALVjQAwQALVjTAwQAsDW7AwQAwTi5AwQAwaDTAwQAwiB8AwQAwiB+MA0G
CSqGSIb3DQEBCwUAA4IBAQB5AfvVzKgxwcDbRz7tUOde30FIn511w4StxIvPGIrS
wQjqiH4MR9gn0JehZu/krVrwI7E2PMlnbfEvoVnEn3HUEM4rNUo7KzLm40tsUJlU
njq6IzeQQLQnpoLY4PP0xCWcbG48nyGrLm8K+3wsDJsMopeIgHN5m8NHt6SP/4z8
MUjYbedWXeQZkxtPDbX61+Nr9s3YSwRPkx1BwaVePOWimOIHUryE14bJ05w3AClA
LAnBrD6X9wthjh/O7pfcp0t5cTCub98yaZAAkRPCADR9LRVi00ZifQN7DCLX5Uz0
+OfJ2MbxA7LA+un3HeX4IJx4iJb1TUueX92NrL1D7x8l
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:15:37 2025 by rpki-client