Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/6f46d9-3af0-42aa-b334-6eec77d9b985/1/i0G4rbaluY4hsTsMZnJk3iIOMWE.roa
File: i0G4rbaluY4hsTsMZnJk3iIOMWE.roa (raw, json)
Hash identifier: CiK52+AdXFUQok8ZcOo1/t7ZFlrVVCsMaQ9KmIRXLe8=
Subject key identifier: 8B:41:B8:AD:B6:A5:B9:8E:21:B1:3B:0C:66:72:64:DE:22:0E:31:61
Certificate issuer: /CN=143239651db6aab1bcb67325f785b5ee1f4025cb
Certificate serial: 01941F8C25A6A3478B0ED4F3E42757A772CC
Authority key identifier: 14:32:39:65:1D:B6:AA:B1:BC:B6:73:25:F7:85:B5:EE:1F:40:25:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FDI5ZR22qrG8tnMl94W17h9AJcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/6f46d9-3af0-42aa-b334-6eec77d9b985/1/i0G4rbaluY4hsTsMZnJk3iIOMWE.roa
Signing time: Wed 01 Jan 2025 01:47:45 +0000
ROA not before: Wed 01 Jan 2025 01:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42724
IP address blocks: 45.155.126.0/24 maxlen: 24
45.155.127.0/24 maxlen: 24
193.3.167.0/24 maxlen: 24
194.36.84.0/24 maxlen: 24
194.36.86.0/24 maxlen: 24
194.36.87.0/24 maxlen: 24
194.62.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/6f46d9-3af0-42aa-b334-6eec77d9b985/1/FDI5ZR22qrG8tnMl94W17h9AJcs.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/6f46d9-3af0-42aa-b334-6eec77d9b985/1/FDI5ZR22qrG8tnMl94W17h9AJcs.mft
rsync://rpki.ripe.net/repository/DEFAULT/FDI5ZR22qrG8tnMl94W17h9AJcs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 22:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:25:a6:a3:47:8b:0e:d4:f3:e4:27:57:a7:72:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=143239651db6aab1bcb67325f785b5ee1f4025cb
Validity
Not Before: Jan 1 01:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b41b8adb6a5b98e21b13b0c667264de220e3161
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:06:7d:1f:66:95:7f:4b:94:7b:68:0e:7d:5d:
35:e7:ee:0c:28:9f:b5:eb:03:a3:bb:08:25:44:c0:
ff:7b:d8:a9:de:fc:da:c4:17:92:78:3b:ae:a7:16:
3a:e9:3c:80:dc:16:63:c2:7b:65:e4:6b:18:cb:05:
88:fd:c2:6b:bb:76:12:c2:6e:3f:aa:0a:ad:e0:74:
9b:de:60:5f:00:44:7c:12:e0:06:f8:b1:7b:aa:fd:
17:dd:ed:ba:df:e9:3a:e0:74:02:62:18:0e:b3:d4:
2c:f9:b8:59:59:bc:5a:c3:f7:7b:28:01:26:f7:ff:
60:af:79:b7:61:0c:0c:2b:74:f2:37:fa:eb:3b:e3:
f9:30:68:71:e0:2d:17:fb:85:ea:d0:35:b1:64:05:
c0:4c:0a:f8:42:37:73:56:8d:ee:79:36:d7:49:79:
82:72:2f:4c:04:38:77:3a:48:46:32:88:42:0e:72:
9f:11:de:1d:e5:b1:de:bd:84:45:fd:ff:d6:eb:e0:
0f:ef:c8:56:80:59:c7:4b:1c:09:c9:a8:ff:fd:9a:
ac:bf:22:8e:c0:64:3c:76:f4:67:e7:69:dd:98:f4:
64:09:e0:79:0f:95:62:3c:0c:bd:85:ad:73:89:20:
68:68:f2:7e:4b:1b:53:2c:62:3d:e4:3e:0a:95:df:
38:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:41:B8:AD:B6:A5:B9:8E:21:B1:3B:0C:66:72:64:DE:22:0E:31:61
X509v3 Authority Key Identifier:
keyid:14:32:39:65:1D:B6:AA:B1:BC:B6:73:25:F7:85:B5:EE:1F:40:25:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FDI5ZR22qrG8tnMl94W17h9AJcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/6f46d9-3af0-42aa-b334-6eec77d9b985/1/i0G4rbaluY4hsTsMZnJk3iIOMWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/6f46d9-3af0-42aa-b334-6eec77d9b985/1/FDI5ZR22qrG8tnMl94W17h9AJcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.126.0/23
193.3.167.0/24
194.36.84.0/24
194.36.86.0/23
194.62.40.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:dd:1f:b9:fe:d7:af:19:1f:07:af:74:5b:23:2b:ca:3c:63:
07:2e:1e:e7:cb:e1:d2:2d:df:87:05:a1:de:54:31:8f:b4:b5:
06:d3:fe:37:43:ef:75:fe:8f:a5:b1:35:d8:4c:a0:d5:a6:2b:
75:44:84:c1:26:1d:13:0e:51:30:b4:f8:ce:57:83:76:8b:bc:
fd:74:ec:50:8a:4f:35:cd:a8:4c:12:47:e7:fd:89:d1:7b:c9:
62:01:da:36:55:d8:87:70:c9:76:5a:ab:0f:ce:a5:34:81:98:
e1:be:b8:88:61:50:f3:4c:76:28:81:90:fc:65:33:0d:84:e1:
36:cd:22:af:73:03:2b:a8:c3:63:fc:07:1b:83:aa:dc:d1:b0:
69:6d:61:56:ad:aa:31:8d:87:49:d6:3d:03:c4:b2:73:3c:4b:
d0:c3:b6:6a:0e:5e:bc:dc:e8:3d:4c:e0:ee:15:20:8c:7c:2d:
27:ac:82:6e:7b:94:60:d4:2f:7c:79:fd:58:94:07:39:9c:4c:
d5:9a:63:f6:37:cd:64:83:cb:89:8a:99:9a:c6:7b:d8:bb:19:
e1:bc:be:e0:b3:9f:bf:de:00:55:b1:ae:7c:e2:9b:05:90:4f:
17:6b:6d:61:02:2c:86:5c:cf:95:58:2e:88:44:c6:49:9d:a3:
5f:24:bd:43
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQfjCWmo0eLDtTz5CdXp3LMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0MzIzOTY1MWRiNmFhYjFiY2I2NzMyNWY3ODViNWVlMWY0
MDI1Y2IwHhcNMjUwMTAxMDE0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjQxYjhhZGI2YTViOThlMjFiMTNiMGM2NjcyNjRkZTIyMGUzMTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgZ9H2aVf0uUe2gOfV015+4MKJ+1
6wOjuwglRMD/e9ip3vzaxBeSeDuupxY66TyA3BZjwntl5GsYywWI/cJru3YSwm4/
qgqt4HSb3mBfAER8EuAG+LF7qv0X3e263+k64HQCYhgOs9Qs+bhZWbxaw/d7KAEm
9/9gr3m3YQwMK3TyN/rrO+P5MGhx4C0X+4Xq0DWxZAXATAr4QjdzVo3ueTbXSXmC
ci9MBDh3OkhGMohCDnKfEd4d5bHevYRF/f/W6+AP78hWgFnHSxwJyaj//ZqsvyKO
wGQ8dvRn52ndmPRkCeB5D5ViPAy9ha1ziSBoaPJ+SxtTLGI95D4Kld84hQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFItBuK22pbmOIbE7DGZyZN4iDjFhMB8GA1UdIwQY
MBaAFBQyOWUdtqqxvLZzJfeFte4fQCXLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkRJNVpSMjJxckc4dG5NbDk0VzE3aDlBSmNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC82ZjQ2ZDktM2FmMC00MmFhLWIzMzQt
NmVlYzc3ZDliOTg1LzEvaTBHNHJiYWx1WTRoc1RzTVpuSmszaUlPTVdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC82ZjQ2ZDktM2FmMC00MmFhLWIzMzQtNmVlYzc3ZDliOTg1
LzEvRkRJNVpSMjJxckc4dG5NbDk0VzE3aDlBSmNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBLZt+AwQA
wQOnAwQAwiRUAwQBwiRWAwQAwj4oMA0GCSqGSIb3DQEBCwUAA4IBAQAv3R+5/tev
GR8Hr3RbIyvKPGMHLh7ny+HSLd+HBaHeVDGPtLUG0/43Q+91/o+lsTXYTKDVpit1
RITBJh0TDlEwtPjOV4N2i7z9dOxQik81zahMEkfn/YnRe8liAdo2VdiHcMl2WqsP
zqU0gZjhvriIYVDzTHYogZD8ZTMNhOE2zSKvcwMrqMNj/Acbg6rc0bBpbWFWraox
jYdJ1j0DxLJzPEvQw7ZqDl683Og9TODuFSCMfC0nrIJue5Rg1C98ef1YlAc5nEzV
mmP2N81kg8uJipmaxnvYuxnhvL7gs5+/3gBVsa584psFkE8Xa21hAiyGXM+VWC6I
RMZJnaNfJL1D
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:00:24 2025 by rpki-client