Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/0HtxlG1tnNzIep81031kd9p-fBw.roa
File: 0HtxlG1tnNzIep81031kd9p-fBw.roa (raw, json)
Hash identifier: OXzBPa2feSryqGHpXn/FEvG/w29ffxoaGIUchPvm3mk=
Subject key identifier: D0:7B:71:94:6D:6D:9C:DC:C8:7A:9F:35:D3:7D:64:77:DA:7E:7C:1C
Certificate issuer: /CN=44e888a76e99851b01fb86cec537d4d8e610de16
Certificate serial: 019427B5900D4953FC2D92C60C46A5315646
Authority key identifier: 44:E8:88:A7:6E:99:85:1B:01:FB:86:CE:C5:37:D4:D8:E6:10:DE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/0HtxlG1tnNzIep81031kd9p-fBw.roa
Signing time: Thu 02 Jan 2025 15:49:57 +0000
ROA not before: Thu 02 Jan 2025 15:49:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48095
IP address blocks: 91.132.248.0/23 maxlen: 23
91.132.250.0/23 maxlen: 23
91.197.36.0/22 maxlen: 22
109.196.168.0/23 maxlen: 23
109.196.170.0/23 maxlen: 23
185.245.245.0/24 maxlen: 24
185.249.0.0/22 maxlen: 22
192.144.24.0/23 maxlen: 23
192.144.26.0/23 maxlen: 23
193.39.88.0/22 maxlen: 22
193.228.12.0/22 maxlen: 22
194.76.32.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 09:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:90:0d:49:53:fc:2d:92:c6:0c:46:a5:31:56:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44e888a76e99851b01fb86cec537d4d8e610de16
Validity
Not Before: Jan 2 15:49:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d07b71946d6d9cdcc87a9f35d37d6477da7e7c1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b7:7f:6e:7c:9b:5f:4d:d1:f4:a5:53:14:d5:
c1:3d:36:4e:49:04:64:23:34:28:53:e6:31:04:c7:
56:c4:57:3f:8e:8e:2f:83:5b:07:bb:b7:82:bb:0f:
00:31:8c:0d:62:63:fe:66:ba:a9:c9:94:7e:1a:27:
ce:e8:87:26:c4:0a:4a:f3:14:14:ad:5d:c4:87:17:
36:7b:16:78:fe:b8:50:2a:a8:fb:19:bb:d7:90:45:
d4:3e:5b:2c:ef:86:44:79:d6:84:4a:66:2d:de:86:
a0:66:f8:00:ec:8c:da:4a:21:16:3a:19:8f:fc:1e:
ac:e3:38:2f:15:78:b7:37:12:1c:4c:0e:74:10:e5:
5c:2e:99:24:a9:af:39:fc:f0:52:ea:46:7b:d1:5e:
ea:c0:ee:e0:11:d0:9f:88:9a:48:6c:ac:0f:c7:8d:
88:4e:83:f3:d5:8e:82:ff:2f:1a:cf:f4:aa:e4:50:
60:1d:24:34:eb:49:3e:12:ea:af:df:c4:41:8f:9e:
78:53:81:82:1a:44:2a:54:84:a5:5e:3d:7a:a7:00:
c0:5b:f1:05:94:5d:57:83:5a:b2:0b:29:51:de:c3:
57:90:c9:b1:19:22:a9:79:a8:64:af:f7:da:bd:41:
37:bc:f8:6b:e3:44:95:fb:83:9c:e6:9b:bb:0c:19:
83:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:7B:71:94:6D:6D:9C:DC:C8:7A:9F:35:D3:7D:64:77:DA:7E:7C:1C
X509v3 Authority Key Identifier:
keyid:44:E8:88:A7:6E:99:85:1B:01:FB:86:CE:C5:37:D4:D8:E6:10:DE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/0HtxlG1tnNzIep81031kd9p-fBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.248.0/22
91.197.36.0/22
109.196.168.0/22
185.245.245.0/24
185.249.0.0/22
192.144.24.0/22
193.39.88.0/22
193.228.12.0/22
194.76.32.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:fd:8d:23:5b:e7:39:a5:58:82:d9:69:65:dd:8f:94:dd:23:
97:52:48:a1:c5:18:a3:2d:5c:ff:7c:74:2b:0a:c6:11:b3:23:
c8:a2:9e:49:c4:6c:40:7f:2f:80:af:ef:5b:d1:fd:d8:5f:93:
99:71:1b:84:13:12:d8:c4:63:31:80:8d:15:97:a0:3a:c2:3c:
e1:bc:23:a1:d1:2e:21:da:86:0b:c7:b0:21:79:e4:c4:59:38:
d0:11:cd:b7:39:aa:8c:21:1e:d2:8b:a1:d2:0c:01:4f:a1:51:
d8:9b:91:e6:fa:1f:ba:b7:61:08:2a:e5:6f:d3:53:ac:a0:32:
b4:ba:12:16:5d:f2:45:a6:47:e4:0f:e3:f0:18:01:c2:47:39:
0a:8c:85:73:c3:de:97:bf:86:e1:52:fa:74:2f:e0:7b:a0:40:
1e:a0:dc:96:fa:93:1e:d8:c5:49:b5:c0:eb:8a:8b:93:d8:2d:
9a:c4:3e:2e:04:4e:6c:33:c3:5b:2f:5b:4b:5f:30:5f:bc:37:
fd:d4:2f:13:60:0b:4d:cf:fd:34:c3:e7:3a:1e:6c:0d:cc:2f:
42:e0:82:3b:81:78:e5:7a:03:dd:a4:aa:bb:ad:45:21:a7:4d:
b3:a5:45:32:00:40:a4:3e:de:9c:54:7e:9e:4a:eb:7f:a4:7f:
30:58:6d:1c
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQntZANSVP8LZLGDEalMVZGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZTg4OGE3NmU5OTg1MWIwMWZiODZjZWM1MzdkNGQ4ZTYx
MGRlMTYwHhcNMjUwMTAyMTU0OTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDdiNzE5NDZkNmQ5Y2RjYzg3YTlmMzVkMzdkNjQ3N2RhN2U3YzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbd/bnybX03R9KVTFNXBPTZOSQRk
IzQoU+YxBMdWxFc/jo4vg1sHu7eCuw8AMYwNYmP+ZrqpyZR+GifO6IcmxApK8xQU
rV3Ehxc2exZ4/rhQKqj7GbvXkEXUPlss74ZEedaESmYt3oagZvgA7IzaSiEWOhmP
/B6s4zgvFXi3NxIcTA50EOVcLpkkqa85/PBS6kZ70V7qwO7gEdCfiJpIbKwPx42I
ToPz1Y6C/y8az/Sq5FBgHSQ060k+Euqv38RBj554U4GCGkQqVISlXj16pwDAW/EF
lF1Xg1qyCylR3sNXkMmxGSKpeahkr/favUE3vPhr40SV+4Oc5pu7DBmDgwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFNB7cZRtbZzcyHqfNdN9ZHfafnwcMB8GA1UdIwQY
MBaAFEToiKdumYUbAfuGzsU31NjmEN4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk9pSXAyNlpoUnNCLTRiT3hUZlUyT1lRM2hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS84MmUyYmEtNDQyYy00MmIwLTkzMTUt
YmMwZGJhOTMyYjM1LzEvMEh0eGxHMXRuTnpJZXA4MTAzMWtkOXAtZkJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS84MmUyYmEtNDQyYy00MmIwLTkzMTUtYmMwZGJhOTMyYjM1
LzEvUk9pSXAyNlpoUnNCLTRiT3hUZlUyT1lRM2hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCW4T4AwQC
W8UkAwQCbcSoAwQAufX1AwQCufkAAwQCwJAYAwQCwSdYAwQCweQMAwQCwkwgMA0G
CSqGSIb3DQEBCwUAA4IBAQBc/Y0jW+c5pViC2Wll3Y+U3SOXUkihxRijLVz/fHQr
CsYRsyPIop5JxGxAfy+Ar+9b0f3YX5OZcRuEExLYxGMxgI0Vl6A6wjzhvCOh0S4h
2oYLx7AheeTEWTjQEc23OaqMIR7Si6HSDAFPoVHYm5Hm+h+6t2EIKuVv01OsoDK0
uhIWXfJFpkfkD+PwGAHCRzkKjIVzw96Xv4bhUvp0L+B7oEAeoNyW+pMe2MVJtcDr
iouT2C2axD4uBE5sM8NbL1tLXzBfvDf91C8TYAtNz/00w+c6HmwNzC9C4II7gXjl
egPdpKq7rUUhp02zpUUyAECkPt6cVH6eSut/pH8wWG0c
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:30:58 2025 by rpki-client