Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/vSrlp8tHt3XsCyJowRasFBJ8chA.roa
File: vSrlp8tHt3XsCyJowRasFBJ8chA.roa (raw, json)
Hash identifier: 5A+3LHH93gnvV9oFZMByuSBJZtkMJNe++GsQLskXy5w=
Subject key identifier: BD:2A:E5:A7:CB:47:B7:75:EC:0B:22:68:C1:16:AC:14:12:7C:72:10
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 01942369D9D056DEFBBB37752A6296339B47
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/vSrlp8tHt3XsCyJowRasFBJ8chA.roa
Signing time: Wed 01 Jan 2025 19:48:47 +0000
ROA not before: Wed 01 Jan 2025 19:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212667
IP address blocks: 45.10.109.0/24 maxlen: 24
45.11.212.0/24 maxlen: 24
45.88.208.0/24 maxlen: 24
45.88.211.0/24 maxlen: 24
176.53.187.0/24 maxlen: 24
193.56.185.0/24 maxlen: 24
193.160.211.0/24 maxlen: 24
194.32.124.0/24 maxlen: 24
194.32.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 12:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:d9:d0:56:de:fb:bb:37:75:2a:62:96:33:9b:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Jan 1 19:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd2ae5a7cb47b775ec0b2268c116ac14127c7210
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d0:c6:76:d6:66:0a:41:18:6d:ab:54:53:d2:
a8:e9:e2:da:a8:7d:16:f2:3a:3c:be:8d:e2:e7:e4:
d2:83:56:42:ae:b8:1f:f4:b7:23:89:ed:11:34:d6:
13:d1:1a:79:79:50:5e:7a:67:98:89:8e:39:41:14:
7f:bc:b5:2f:b3:a5:4b:7c:32:d5:ee:10:7c:24:30:
e0:ff:fc:50:ab:15:df:b4:25:65:c5:1d:4a:8b:b0:
b6:0e:d8:ed:44:8d:c3:b6:44:cf:46:7e:b6:f3:45:
a7:c2:8c:9f:37:31:23:25:f8:c1:33:11:ab:98:52:
66:ba:44:d2:1a:ec:f1:a9:ca:0d:ae:22:53:f5:be:
ab:b8:93:15:79:a7:68:3f:c8:69:28:73:68:d9:37:
b8:f8:a1:3e:58:08:38:64:a9:3c:93:ad:df:fc:43:
f1:5b:10:7c:de:2b:42:28:30:ab:cc:1e:83:31:0a:
a6:e8:c4:ba:73:40:81:b5:c6:57:1f:df:69:7d:e2:
5d:25:37:6e:d4:cb:e7:e6:b3:0c:e7:4e:f3:1f:6f:
23:e7:64:1c:f2:8d:03:7a:a5:33:22:9c:d4:1c:6d:
d3:92:83:fb:8c:fa:89:72:02:01:b7:7a:89:bf:1f:
63:ad:6f:5b:8b:2d:26:9b:86:24:38:00:bc:2a:03:
f7:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:2A:E5:A7:CB:47:B7:75:EC:0B:22:68:C1:16:AC:14:12:7C:72:10
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/vSrlp8tHt3XsCyJowRasFBJ8chA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.109.0/24
45.11.212.0/24
45.88.208.0/24
45.88.211.0/24
176.53.187.0/24
193.56.185.0/24
193.160.211.0/24
194.32.124.0/24
194.32.126.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:cd:8a:cf:65:08:68:1b:c9:49:eb:e3:59:37:7b:3a:7f:7a:
24:c7:1d:85:63:b5:5d:06:6e:db:6a:d1:7c:ac:ee:39:6d:07:
50:c7:a2:88:1d:9b:70:09:80:62:5f:20:0f:6a:6b:d9:f8:3b:
15:42:4a:6d:15:8a:19:6a:b4:f6:9d:f1:aa:de:ab:8e:c8:fc:
34:a4:20:e3:af:db:0b:79:bc:e6:6c:a5:e1:d0:a4:e3:79:4a:
0d:59:3f:6c:85:e9:0f:ae:19:6c:e9:52:22:83:2d:f1:70:bd:
40:aa:d8:84:67:3e:79:71:12:88:af:43:fc:3e:39:a7:b9:18:
6c:50:8d:99:69:44:0d:2b:d6:cd:0e:07:41:30:cc:69:cd:e2:
26:be:16:69:fb:9e:c2:c9:3d:16:e2:57:40:b9:2d:a7:61:d6:
f8:61:f6:69:4a:1c:19:99:9c:a9:7e:4f:5a:26:5f:b1:9a:de:
68:6c:b5:3c:aa:86:06:44:c1:c3:17:73:be:19:ff:c5:82:3e:
cb:e2:30:91:86:42:b4:d8:8d:fd:a2:3b:15:39:70:d9:0a:22:
68:70:eb:5a:b4:5f:34:b3:1d:0c:a8:58:af:6c:e2:73:4c:e3:
cc:33:8b:5d:a9:38:60:1a:e1:ec:9f:4b:d1:ac:fd:b4:49:57:
3f:64:12:91
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQjadnQVt77uzd1KmKWM5tHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjUwMTAxMTk0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDJhZTVhN2NiNDdiNzc1ZWMwYjIyNjhjMTE2YWMxNDEyN2M3MjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytDGdtZmCkEYbatUU9Ko6eLaqH0W
8jo8vo3i5+TSg1ZCrrgf9Lcjie0RNNYT0Rp5eVBeemeYiY45QRR/vLUvs6VLfDLV
7hB8JDDg//xQqxXftCVlxR1Ki7C2DtjtRI3DtkTPRn6280WnwoyfNzEjJfjBMxGr
mFJmukTSGuzxqcoNriJT9b6ruJMVeadoP8hpKHNo2Te4+KE+WAg4ZKk8k63f/EPx
WxB83itCKDCrzB6DMQqm6MS6c0CBtcZXH99pfeJdJTdu1Mvn5rMM507zH28j52Qc
8o0DeqUzIpzUHG3TkoP7jPqJcgIBt3qJvx9jrW9biy0mm4YkOAC8KgP3fwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFL0q5afLR7d17AsiaMEWrBQSfHIQMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvdlNybHA4dEh0M1hzQ3lKb3dSYXNGQko4Y2hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALQptAwQA
LQvUAwQALVjQAwQALVjTAwQAsDW7AwQAwTi5AwQAwaDTAwQAwiB8AwQAwiB+MA0G
CSqGSIb3DQEBCwUAA4IBAQBrzYrPZQhoG8lJ6+NZN3s6f3okxx2FY7VdBm7batF8
rO45bQdQx6KIHZtwCYBiXyAPamvZ+DsVQkptFYoZarT2nfGq3quOyPw0pCDjr9sL
ebzmbKXh0KTjeUoNWT9shekPrhls6VIigy3xcL1AqtiEZz55cRKIr0P8PjmnuRhs
UI2ZaUQNK9bNDgdBMMxpzeImvhZp+57CyT0W4ldAuS2nYdb4YfZpShwZmZypfk9a
Jl+xmt5obLU8qoYGRMHDF3O+Gf/Fgj7L4jCRhkK02I39ojsVOXDZCiJocOtatF80
sx0MqFivbOJzTOPMM4tdqThgGuHsn0vRrP20SVc/ZBKR
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:23:07 2025 by rpki-client