Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/5db0a8-b8e7-4f44-b03a-ea5731684917/1/tNV0WLevvOhvE4Dz0Ty7ZfGL67s.roa
File: tNV0WLevvOhvE4Dz0Ty7ZfGL67s.roa (raw, json)
Hash identifier: gW+2wImKwe5IWbdJKawQnrwYg8cWQ3fvjIqklFDzDgU=
Subject key identifier: B4:D5:74:58:B7:AF:BC:E8:6F:13:80:F3:D1:3C:BB:65:F1:8B:EB:BB
Certificate issuer: /CN=1f3e3bf560da0b12618b027aaca61fac78d5ff5c
Certificate serial: 0194258F52CFE5986AEC54A8BBA5C42E678A
Authority key identifier: 1F:3E:3B:F5:60:DA:0B:12:61:8B:02:7A:AC:A6:1F:AC:78:D5:FF:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hz479WDaCxJhiwJ6rKYfrHjV_1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/5db0a8-b8e7-4f44-b03a-ea5731684917/1/tNV0WLevvOhvE4Dz0Ty7ZfGL67s.roa
Signing time: Thu 02 Jan 2025 05:48:57 +0000
ROA not before: Thu 02 Jan 2025 05:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51685
IP address blocks: 45.86.38.0/24 maxlen: 32
91.219.164.0/22 maxlen: 32
91.237.179.0/24 maxlen: 32
2a07:6940::/29 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/5db0a8-b8e7-4f44-b03a-ea5731684917/1/Hz479WDaCxJhiwJ6rKYfrHjV_1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/5db0a8-b8e7-4f44-b03a-ea5731684917/1/Hz479WDaCxJhiwJ6rKYfrHjV_1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/Hz479WDaCxJhiwJ6rKYfrHjV_1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 20:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:52:cf:e5:98:6a:ec:54:a8:bb:a5:c4:2e:67:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f3e3bf560da0b12618b027aaca61fac78d5ff5c
Validity
Not Before: Jan 2 05:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4d57458b7afbce86f1380f3d13cbb65f18bebbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8d:f0:01:ad:50:86:4d:ba:b6:79:56:d7:69:
ec:7c:22:49:20:c3:d3:51:a6:b5:0a:60:e2:59:83:
5b:cb:14:e3:20:3f:a2:01:e0:43:7e:4a:56:f6:b5:
fe:46:ce:d1:de:4d:6d:ac:a2:f6:e9:f4:d9:da:9d:
e0:52:7e:2b:4c:53:c9:d5:c0:87:88:8e:e2:a4:d2:
b9:2f:72:17:08:c7:b2:b8:68:8d:18:7f:53:c9:b7:
46:30:59:ac:8a:1f:7c:6e:c9:1d:9f:36:83:a4:cc:
c9:b5:69:26:54:67:1a:99:90:f5:f0:9e:8d:3f:2b:
7d:c5:bf:c4:f0:d5:ce:d4:47:19:a1:d5:4e:94:78:
59:f9:97:b6:ec:c4:de:b9:04:f8:27:da:ee:23:f1:
b3:25:c9:10:ec:79:dd:be:00:0c:fb:30:6c:08:eb:
ad:18:6e:88:e0:18:74:fa:78:b3:6b:e6:9b:c8:9d:
c1:d2:9b:16:17:93:f4:f4:eb:30:1d:47:aa:63:54:
d9:70:6b:e8:9e:37:b2:00:59:03:7f:de:8b:41:ac:
e1:4c:ef:1e:e1:3f:6d:15:f0:b9:1f:4f:7f:6b:2e:
ab:c7:57:2d:83:d5:98:08:1e:fc:3b:a0:61:be:6e:
d2:31:de:6a:4d:4c:35:90:b8:40:52:c3:13:3b:1f:
cd:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:D5:74:58:B7:AF:BC:E8:6F:13:80:F3:D1:3C:BB:65:F1:8B:EB:BB
X509v3 Authority Key Identifier:
keyid:1F:3E:3B:F5:60:DA:0B:12:61:8B:02:7A:AC:A6:1F:AC:78:D5:FF:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hz479WDaCxJhiwJ6rKYfrHjV_1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/5db0a8-b8e7-4f44-b03a-ea5731684917/1/tNV0WLevvOhvE4Dz0Ty7ZfGL67s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/5db0a8-b8e7-4f44-b03a-ea5731684917/1/Hz479WDaCxJhiwJ6rKYfrHjV_1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.38.0/24
91.219.164.0/22
91.237.179.0/24
IPv6:
2a07:6940::/29
Signature Algorithm: sha256WithRSAEncryption
60:b6:89:ad:86:97:20:b8:8b:e5:12:b8:da:5a:97:ec:08:84:
04:55:88:2e:36:59:27:a0:c0:12:f9:7d:d0:e1:e0:40:6c:c2:
cb:78:84:d2:0b:33:0a:e2:ce:98:27:f7:94:14:6a:80:ba:d7:
ef:37:ec:ae:cc:7b:14:40:13:28:0f:e3:d8:a9:5a:40:68:5c:
65:50:22:a9:0a:19:7d:8d:8d:35:92:5f:60:4d:96:98:66:dd:
8f:1a:e5:60:6a:4f:1b:1c:87:4a:62:ff:64:47:38:99:cd:3b:
b6:0b:e4:e3:bd:1f:77:66:1a:42:20:2d:30:68:b3:d5:f9:25:
f2:fc:06:9e:54:38:3a:d2:f4:20:2b:d4:ee:63:2f:db:e6:1b:
b0:14:2b:ab:32:de:be:91:22:2b:e0:3a:bf:d3:9e:36:be:40:
f1:43:c1:71:d0:d4:b9:16:be:99:f1:1d:50:79:fa:29:7f:19:
72:6b:c3:82:46:de:9f:be:d7:ba:45:59:b4:83:2c:4c:37:0e:
53:2d:27:26:4d:cf:5b:43:41:e5:93:0f:4c:09:1e:9f:25:c7:
b0:bc:a0:ed:dd:60:e8:9b:a3:22:22:fa:71:8a:66:f1:59:86:
14:72:18:39:81:86:d6:dc:ca:28:42:a1:31:f9:29:a6:d9:e5:
52:c3:2d:e4
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQlj1LP5Zhq7FSou6XELmeKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmM2UzYmY1NjBkYTBiMTI2MThiMDI3YWFjYTYxZmFjNzhk
NWZmNWMwHhcNMjUwMTAyMDU0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGQ1NzQ1OGI3YWZiY2U4NmYxMzgwZjNkMTNjYmI2NWYxOGJlYmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvI3wAa1Qhk26tnlW12nsfCJJIMPT
Uaa1CmDiWYNbyxTjID+iAeBDfkpW9rX+Rs7R3k1trKL26fTZ2p3gUn4rTFPJ1cCH
iI7ipNK5L3IXCMeyuGiNGH9TybdGMFmsih98bskdnzaDpMzJtWkmVGcamZD18J6N
Pyt9xb/E8NXO1EcZodVOlHhZ+Ze27MTeuQT4J9ruI/GzJckQ7HndvgAM+zBsCOut
GG6I4Bh0+niza+abyJ3B0psWF5P09OswHUeqY1TZcGvonjeyAFkDf96LQazhTO8e
4T9tFfC5H09/ay6rx1ctg9WYCB78O6Bhvm7SMd5qTUw1kLhAUsMTOx/NNQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLTVdFi3r7zobxOA89E8u2Xxi+u7MB8GA1UdIwQY
MBaAFB8+O/Vg2gsSYYsCeqymH6x41f9cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHo0NzlXRGFDeEpoaXdKNnJLWWZySGpWXzF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy81ZGIwYTgtYjhlNy00ZjQ0LWIwM2Et
ZWE1NzMxNjg0OTE3LzEvdE5WMFdMZXZ2T2h2RTREejBUeTdaZkdMNjdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy81ZGIwYTgtYjhlNy00ZjQ0LWIwM2EtZWE1NzMxNjg0OTE3
LzEvSHo0NzlXRGFDeEpoaXdKNnJLWWZySGpWXzF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQALVYmAwQC
W9ukAwQAW+2zMA0EAgACMAcDBQMqB2lAMA0GCSqGSIb3DQEBCwUAA4IBAQBgtomt
hpcguIvlErjaWpfsCIQEVYguNlknoMAS+X3Q4eBAbMLLeITSCzMK4s6YJ/eUFGqA
utfvN+yuzHsUQBMoD+PYqVpAaFxlUCKpChl9jY01kl9gTZaYZt2PGuVgak8bHIdK
Yv9kRziZzTu2C+TjvR93ZhpCIC0waLPV+SXy/AaeVDg60vQgK9TuYy/b5huwFCur
Mt6+kSIr4Dq/0542vkDxQ8Fx0NS5Fr6Z8R1Qefopfxlya8OCRt6fvte6RVm0gyxM
Nw5TLScmTc9bQ0Hlkw9MCR6fJcewvKDt3WDom6MiIvpximbxWYYUchg5gYbW3Moo
QqEx+Smm2eVSwy3k
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:40:32 2025 by rpki-client