Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/lJp4jFGRtUmWwWnNZm6sfjLCKPQ.roa
File: lJp4jFGRtUmWwWnNZm6sfjLCKPQ.roa (raw, json)
Hash identifier: K96FJVR7h9vCyvgt2r0cicSYaVBsbR5weMMVOPqtiYs=
Subject key identifier: 94:9A:78:8C:51:91:B5:49:96:C1:69:CD:66:6E:AC:7E:32:C2:28:F4
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 0196349FF3144CF31A0C0CE43523B0E08787
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/lJp4jFGRtUmWwWnNZm6sfjLCKPQ.roa
Signing time: Mon 14 Apr 2025 14:06:59 +0000
ROA not before: Mon 14 Apr 2025 14:06:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58061
IP address blocks: 45.8.89.0/24 maxlen: 24
45.15.75.0/24 maxlen: 24
77.83.95.0/24 maxlen: 24
92.119.128.0/24 maxlen: 24
92.119.130.0/24 maxlen: 24
93.157.105.0/24 maxlen: 24
194.93.3.0/24 maxlen: 24
194.169.161.0/24 maxlen: 24
194.169.162.0/24 maxlen: 24
213.139.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 04:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:34:9f:f3:14:4c:f3:1a:0c:0c:e4:35:23:b0:e0:87:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Apr 14 14:06:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=949a788c5191b54996c169cd666eac7e32c228f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:52:e3:7c:e1:3a:7d:02:36:18:3a:f9:ec:f6:
bc:14:32:fb:7c:ae:6a:28:7b:87:df:9e:df:ea:a8:
c9:6b:92:de:88:a0:94:58:18:f2:65:e1:11:7c:ce:
c5:c6:d0:c1:f9:93:d9:e4:e7:c4:65:34:93:ac:14:
fd:79:33:04:70:27:c3:fe:a0:90:99:c8:86:8a:65:
2c:3c:dc:c7:e3:af:2f:4a:dc:50:6a:24:0d:1c:56:
43:94:0e:f3:05:67:b0:ac:c3:03:d2:b3:79:6e:19:
2a:bd:0f:48:38:e8:c3:2a:3a:be:b4:c3:22:b8:b9:
1b:0a:63:46:91:e0:2e:0f:a8:40:2c:96:3b:ab:b3:
34:28:f6:18:eb:bc:27:df:1a:eb:f4:3a:82:76:70:
c3:fa:c1:5c:cd:90:cc:92:cf:05:cf:88:d8:16:7d:
6f:5d:95:dd:84:f8:f8:0f:2b:b9:4d:41:d7:fd:d8:
d1:76:d6:04:17:e7:c0:81:d6:30:69:a2:b6:f2:04:
6f:ae:7d:fa:1d:93:3e:95:65:b4:db:68:31:e8:5a:
7d:d7:04:54:b4:e4:50:de:2e:e8:03:0a:8a:fb:37:
96:0d:df:02:8c:68:14:92:f8:a2:f1:ec:32:dd:08:
82:e7:bc:f4:7d:e6:16:1f:8b:f8:9f:d0:5c:c6:a5:
13:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:9A:78:8C:51:91:B5:49:96:C1:69:CD:66:6E:AC:7E:32:C2:28:F4
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/lJp4jFGRtUmWwWnNZm6sfjLCKPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.89.0/24
45.15.75.0/24
77.83.95.0/24
92.119.128.0/24
92.119.130.0/24
93.157.105.0/24
194.93.3.0/24
194.169.161.0-194.169.162.255
213.139.203.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:fc:9e:5c:d2:75:0d:39:ca:83:46:73:88:e6:e8:fb:d5:41:
50:07:c1:ab:80:a0:f0:bc:0b:f5:2e:1d:96:4e:f1:40:fa:87:
0b:b4:04:2e:21:2e:ab:83:2e:57:5a:ae:16:8b:26:be:03:b3:
f9:24:a6:95:89:2e:21:22:95:eb:1c:c0:89:60:c3:3f:ab:51:
cf:62:42:f2:d6:f8:d7:41:16:64:82:fb:1d:c1:ac:b8:13:05:
2f:5c:4d:32:0d:26:31:47:77:af:2d:78:ad:ea:a8:32:6a:09:
ce:3d:48:be:fd:30:9d:49:e4:6a:27:88:05:52:fe:e8:7a:e6:
9c:03:b9:d7:df:3d:51:57:65:20:95:0b:0f:bf:14:22:42:1c:
02:fb:70:fa:fa:87:55:b0:37:f2:0a:2b:31:da:ce:3f:08:7a:
3e:4b:83:bb:a0:da:a6:25:72:33:b6:9f:4b:51:9d:da:29:1e:
f0:25:3a:15:5e:86:21:1a:e6:8d:df:8e:4c:d4:a0:30:06:f4:
f2:0d:e3:a4:3a:4c:82:f1:4b:79:b1:d5:fe:a7:87:c3:c5:29:
d7:b0:79:ff:a6:52:89:3f:1c:33:ed:5e:4a:47:16:e7:93:26:
07:b5:a1:0a:db:d9:93:b0:38:e9:ee:6b:32:b9:9e:be:bf:a3:
69:0a:9d:fa
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZY0n/MUTPMaDAzkNSOw4IeHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjUwNDE0MTQwNjU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDlhNzg4YzUxOTFiNTQ5OTZjMTY5Y2Q2NjZlYWM3ZTMyYzIyOGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlLjfOE6fQI2GDr57Pa8FDL7fK5q
KHuH357f6qjJa5LeiKCUWBjyZeERfM7FxtDB+ZPZ5OfEZTSTrBT9eTMEcCfD/qCQ
mciGimUsPNzH468vStxQaiQNHFZDlA7zBWewrMMD0rN5bhkqvQ9IOOjDKjq+tMMi
uLkbCmNGkeAuD6hALJY7q7M0KPYY67wn3xrr9DqCdnDD+sFczZDMks8Fz4jYFn1v
XZXdhPj4Dyu5TUHX/djRdtYEF+fAgdYwaaK28gRvrn36HZM+lWW022gx6Fp91wRU
tORQ3i7oAwqK+zeWDd8CjGgUkvii8ewy3QiC57z0feYWH4v4n9BcxqUT+wIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFJSaeIxRkbVJlsFpzWZurH4ywij0MB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvbEpwNGpGR1J0VW1Xd1duTlptNnNmakxDS1BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQALQhZAwQA
LQ9LAwQATVNfAwQAXHeAAwQAXHeCAwQAXZ1pAwQAwl0DMAwDBADCqaEDBADCqaID
BADVi8swDQYJKoZIhvcNAQELBQADggEBAC/8nlzSdQ05yoNGc4jm6PvVQVAHwauA
oPC8C/UuHZZO8UD6hwu0BC4hLquDLldarhaLJr4Ds/kkppWJLiEilescwIlgwz+r
Uc9iQvLW+NdBFmSC+x3BrLgTBS9cTTINJjFHd68teK3qqDJqCc49SL79MJ1J5Gon
iAVS/uh65pwDudffPVFXZSCVCw+/FCJCHAL7cPr6h1WwN/IKKzHazj8Iej5Lg7ug
2qYlcjO2n0tRndopHvAlOhVehiEa5o3fjkzUoDAG9PIN46Q6TILxS3mx1f6nh8PF
Kdewef+mUok/HDPtXkpHFueTJge1oQrb2ZOwOOnuazK5nr6/o2kKnfo=
-----END CERTIFICATE-----
Generated at Fri Apr 18 12:45:31 2025 by rpki-client