Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/e7da9a-932a-467b-b2d2-97042891eb99/1/9p3RysO-CtOjkTkrDq-1QR8iEt8.roa
File: 9p3RysO-CtOjkTkrDq-1QR8iEt8.roa (raw, json)
Hash identifier: 7EEdwfYjIsLQLyh8n9mT3oh8OfyTFAKQe+oB+lllHm4=
Subject key identifier: F6:9D:D1:CA:C3:BE:0A:D3:A3:91:39:2B:0E:AF:B5:41:1F:22:12:DF
Certificate issuer: /CN=f382cb13dde12658cdac18cacae91fbbf5c58090
Certificate serial: 0194221FACC470AD5B38DB9619AF46D94D29
Authority key identifier: F3:82:CB:13:DD:E1:26:58:CD:AC:18:CA:CA:E9:1F:BB:F5:C5:80:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/84LLE93hJljNrBjKyukfu_XFgJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/e7da9a-932a-467b-b2d2-97042891eb99/1/9p3RysO-CtOjkTkrDq-1QR8iEt8.roa
Signing time: Wed 01 Jan 2025 13:48:08 +0000
ROA not before: Wed 01 Jan 2025 13:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207190
IP address blocks: 45.141.68.0/22 maxlen: 22
45.141.68.0/24 maxlen: 24
45.141.69.0/24 maxlen: 24
45.141.70.0/24 maxlen: 24
45.141.71.0/24 maxlen: 24
178.236.40.0/21 maxlen: 21
178.236.40.0/23 maxlen: 23
178.236.40.0/24 maxlen: 24
178.236.41.0/24 maxlen: 24
178.236.42.0/23 maxlen: 23
178.236.42.0/24 maxlen: 24
178.236.43.0/24 maxlen: 24
178.236.44.0/22 maxlen: 22
178.236.44.0/24 maxlen: 24
178.236.45.0/24 maxlen: 24
178.236.46.0/24 maxlen: 24
178.236.47.0/24 maxlen: 24
193.203.214.0/23 maxlen: 23
193.203.214.0/24 maxlen: 24
193.203.215.0/24 maxlen: 24
193.218.38.0/23 maxlen: 23
193.218.38.0/24 maxlen: 24
193.218.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/e7da9a-932a-467b-b2d2-97042891eb99/1/84LLE93hJljNrBjKyukfu_XFgJA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/e7da9a-932a-467b-b2d2-97042891eb99/1/84LLE93hJljNrBjKyukfu_XFgJA.mft
rsync://rpki.ripe.net/repository/DEFAULT/84LLE93hJljNrBjKyukfu_XFgJA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ac:c4:70:ad:5b:38:db:96:19:af:46:d9:4d:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f382cb13dde12658cdac18cacae91fbbf5c58090
Validity
Not Before: Jan 1 13:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f69dd1cac3be0ad3a391392b0eafb5411f2212df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:07:d9:16:fe:a3:ee:10:96:8d:86:be:98:2c:
80:63:22:11:81:e9:ba:17:11:f4:fa:c5:7d:2f:39:
2a:fb:6b:82:3d:d1:3a:bb:7b:c6:d2:55:c7:e0:3f:
42:bf:c0:57:b4:70:67:61:34:1b:7b:ce:d2:db:21:
aa:c8:fe:ba:61:db:78:73:08:6e:07:7a:3a:00:92:
a0:2b:5c:da:af:34:9b:96:24:7d:df:0f:a7:4f:40:
48:bf:f3:a6:66:b4:8d:a4:93:16:7c:61:3a:c6:1b:
99:c1:72:57:3e:b9:fe:27:0f:34:c0:e3:f0:23:b6:
f7:c3:c4:c1:e9:fa:f9:7e:3d:9a:9b:1e:ff:18:85:
6b:f4:1e:47:14:50:51:b2:f2:f6:71:06:af:34:70:
18:60:e4:55:b3:4a:1d:48:0c:f3:91:92:5e:90:33:
45:8e:88:70:d0:2b:b3:6d:08:42:a4:7a:b7:ca:8b:
21:8c:7e:b9:75:9b:e3:e9:73:3e:cd:bb:7d:dc:fb:
ae:cf:3a:c4:f3:de:5f:3d:af:77:c7:6f:5b:f5:a0:
3d:a2:b0:0c:79:3f:0e:2c:a2:45:28:97:da:6c:a0:
98:c6:d1:8a:e5:d2:70:83:96:3b:0e:46:af:88:a2:
0d:62:db:48:89:9e:3e:15:9a:58:89:9b:e3:ed:20:
6c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:9D:D1:CA:C3:BE:0A:D3:A3:91:39:2B:0E:AF:B5:41:1F:22:12:DF
X509v3 Authority Key Identifier:
keyid:F3:82:CB:13:DD:E1:26:58:CD:AC:18:CA:CA:E9:1F:BB:F5:C5:80:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/84LLE93hJljNrBjKyukfu_XFgJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/e7da9a-932a-467b-b2d2-97042891eb99/1/9p3RysO-CtOjkTkrDq-1QR8iEt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/e7da9a-932a-467b-b2d2-97042891eb99/1/84LLE93hJljNrBjKyukfu_XFgJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.68.0/22
178.236.40.0/21
193.203.214.0/23
193.218.38.0/23
Signature Algorithm: sha256WithRSAEncryption
a8:6a:b5:2a:71:7a:f8:ab:03:57:8f:d3:b7:8a:01:6f:0d:3d:
44:b6:5e:3c:53:d3:0a:56:9a:5b:b0:71:07:62:cb:78:88:f4:
4f:c9:0e:7c:0b:b7:19:26:66:13:33:c1:6e:6d:65:9d:84:09:
fb:70:8b:17:e2:89:65:b9:1a:d2:7f:be:ee:83:41:52:dd:c4:
df:47:16:c7:cf:7f:f4:40:b1:84:81:eb:65:16:fc:88:5c:8d:
5d:50:43:65:b4:ef:12:3f:be:0d:7e:76:5c:73:11:0d:3c:e4:
35:27:7d:79:a1:cb:63:2a:07:db:e9:34:52:6e:c8:9d:ad:45:
f3:ef:4b:72:36:28:b1:ff:03:bd:ea:8c:20:b3:34:14:82:34:
d7:6e:85:d7:27:8c:b4:f7:3e:b9:9d:3b:0b:89:ef:c3:74:a0:
92:87:9d:7a:10:0f:1c:8f:3a:51:ba:4b:74:03:f6:e1:e8:10:
3a:ea:99:54:e8:a0:79:49:14:c9:7f:9e:3e:a0:6a:57:af:e4:
31:20:89:6d:fb:45:ef:88:93:f9:dd:bd:10:18:28:25:88:8d:
a2:59:a5:af:95:b8:72:06:15:af:31:bf:fe:8f:84:51:4c:19:
19:7f:85:62:88:71:20:c1:4a:1f:a3:29:0f:38:cb:91:24:ed:
43:ce:bd:bd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQiH6zEcK1bONuWGa9G2U0pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzODJjYjEzZGRlMTI2NThjZGFjMThjYWNhZTkxZmJiZjVj
NTgwOTAwHhcNMjUwMTAxMTM0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjlkZDFjYWMzYmUwYWQzYTM5MTM5MmIwZWFmYjU0MTFmMjIxMmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgfZFv6j7hCWjYa+mCyAYyIRgem6
FxH0+sV9Lzkq+2uCPdE6u3vG0lXH4D9Cv8BXtHBnYTQbe87S2yGqyP66Ydt4cwhu
B3o6AJKgK1zarzSbliR93w+nT0BIv/OmZrSNpJMWfGE6xhuZwXJXPrn+Jw80wOPw
I7b3w8TB6fr5fj2amx7/GIVr9B5HFFBRsvL2cQavNHAYYORVs0odSAzzkZJekDNF
johw0CuzbQhCpHq3yoshjH65dZvj6XM+zbt93PuuzzrE895fPa93x29b9aA9orAM
eT8OLKJFKJfabKCYxtGK5dJwg5Y7DkaviKINYttIiZ4+FZpYiZvj7SBsSQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPad0crDvgrTo5E5Kw6vtUEfIhLfMB8GA1UdIwQY
MBaAFPOCyxPd4SZYzawYysrpH7v1xYCQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODRMTEU5M2hKbGpOckJqS3l1a2Z1X1hGZ0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9lN2RhOWEtOTMyYS00NjdiLWIyZDIt
OTcwNDI4OTFlYjk5LzEvOXAzUnlzTy1DdE9qa1RrckRxLTFRUjhpRXQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9lN2RhOWEtOTMyYS00NjdiLWIyZDItOTcwNDI4OTFlYjk5
LzEvODRMTEU5M2hKbGpOckJqS3l1a2Z1X1hGZ0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLY1EAwQD
suwoAwQBwcvWAwQBwdomMA0GCSqGSIb3DQEBCwUAA4IBAQCoarUqcXr4qwNXj9O3
igFvDT1Etl48U9MKVppbsHEHYst4iPRPyQ58C7cZJmYTM8FubWWdhAn7cIsX4oll
uRrSf77ug0FS3cTfRxbHz3/0QLGEgetlFvyIXI1dUENltO8SP74NfnZccxENPOQ1
J315octjKgfb6TRSbsidrUXz70tyNiix/wO96owgszQUgjTXboXXJ4y09z65nTsL
ie/DdKCSh516EA8cjzpRukt0A/bh6BA66plU6KB5SRTJf54+oGpXr+QxIIlt+0Xv
iJP53b0QGCgliI2iWaWvlbhyBhWvMb/+j4RRTBkZf4ViiHEgwUofoykPOMuRJO1D
zr29
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:07 2025 by rpki-client