Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/E7RpdyIBOL8QfbpWAMDvfKmfGvE.roa
File: E7RpdyIBOL8QfbpWAMDvfKmfGvE.roa (raw, json)
Hash identifier: Jl5wvOsESTap4RI2Rb+pwF3WlOcK3fzc1tCnuSYRIgk=
Subject key identifier: 13:B4:69:77:22:01:38:BF:10:7D:BA:56:00:C0:EF:7C:A9:9F:1A:F1
Certificate issuer: /CN=5cfe8d72526e4e73a3b57d9360f3a51beb59a45f
Certificate serial: 019422FC47B2ECDC42AC29EB6B855BC9CD4D
Authority key identifier: 5C:FE:8D:72:52:6E:4E:73:A3:B5:7D:93:60:F3:A5:1B:EB:59:A4:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XP6NclJuTnOjtX2TYPOlG-tZpF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/E7RpdyIBOL8QfbpWAMDvfKmfGvE.roa
Signing time: Wed 01 Jan 2025 17:49:06 +0000
ROA not before: Wed 01 Jan 2025 17:49:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206894
IP address blocks: 45.89.132.0/22 maxlen: 22
45.89.132.0/24 maxlen: 24
185.38.88.0/22 maxlen: 22
185.192.104.0/22 maxlen: 22
185.215.96.0/22 maxlen: 22
185.219.192.0/22 maxlen: 22
193.142.154.0/23 maxlen: 23
2a0a:2bc0::/32 maxlen: 32
2a0b:a840::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/XP6NclJuTnOjtX2TYPOlG-tZpF8.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/XP6NclJuTnOjtX2TYPOlG-tZpF8.mft
rsync://rpki.ripe.net/repository/DEFAULT/XP6NclJuTnOjtX2TYPOlG-tZpF8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:47:b2:ec:dc:42:ac:29:eb:6b:85:5b:c9:cd:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cfe8d72526e4e73a3b57d9360f3a51beb59a45f
Validity
Not Before: Jan 1 17:49:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=13b46977220138bf107dba5600c0ef7ca99f1af1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:0f:18:68:9e:42:66:6b:8b:2d:74:7b:24:54:
f9:57:67:00:77:b5:47:15:32:40:3e:2c:98:d1:79:
4e:ed:39:50:e5:e0:43:47:14:c2:0d:48:02:d2:92:
29:f4:8c:2a:8d:39:ee:40:43:4f:e2:5d:6e:d8:8b:
b4:43:aa:5a:34:d2:4d:25:04:fc:a1:53:77:f0:72:
b2:37:07:02:88:3a:00:72:32:12:11:9d:32:66:27:
50:07:f7:e5:af:0c:f1:f4:62:e0:41:89:03:b4:6e:
f7:3b:18:44:62:03:b9:1c:75:f1:5e:87:c8:b8:5b:
50:91:ca:72:f1:d0:c2:b4:78:be:0f:5d:95:80:a0:
66:ae:b1:8e:cf:bf:0f:2f:c7:e6:ee:79:4e:26:6c:
8a:1b:f9:51:38:1d:fe:37:fe:a9:58:b6:87:cd:44:
ab:7f:14:18:fb:b1:df:cd:21:70:a8:c7:9a:1a:6a:
af:31:f0:48:a6:a2:a9:3b:00:c3:f6:97:3a:db:d2:
56:eb:49:6e:c8:7e:e4:f6:7e:e7:cb:e2:4c:cf:df:
5f:65:39:c4:d0:cf:26:e8:0a:c7:53:27:86:58:ff:
12:93:08:09:df:3c:64:f4:18:5a:78:6d:a6:b5:31:
03:b1:ca:01:0c:d9:fa:e6:a4:c7:3f:5d:53:aa:c3:
a8:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:B4:69:77:22:01:38:BF:10:7D:BA:56:00:C0:EF:7C:A9:9F:1A:F1
X509v3 Authority Key Identifier:
keyid:5C:FE:8D:72:52:6E:4E:73:A3:B5:7D:93:60:F3:A5:1B:EB:59:A4:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XP6NclJuTnOjtX2TYPOlG-tZpF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/E7RpdyIBOL8QfbpWAMDvfKmfGvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/XP6NclJuTnOjtX2TYPOlG-tZpF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.132.0/22
185.38.88.0/22
185.192.104.0/22
185.215.96.0/22
185.219.192.0/22
193.142.154.0/23
IPv6:
2a0a:2bc0::/32
2a0b:a840::/32
Signature Algorithm: sha256WithRSAEncryption
76:09:14:17:51:1c:7b:25:91:67:6e:d4:8f:6c:d8:2b:3e:ce:
51:62:b3:61:fa:d1:63:2b:fd:03:be:21:bc:1c:db:63:67:38:
28:da:c6:ce:6b:d5:e8:0f:c5:ab:ff:ae:a1:85:57:b3:df:51:
8b:46:13:48:a6:51:7e:bb:43:a9:38:44:3d:f2:b1:ae:ba:6d:
2b:06:67:41:89:a2:de:9c:bb:62:8a:c4:61:1e:9f:e7:89:8e:
a2:ae:a4:1d:20:7f:22:ea:af:e9:78:7f:85:3c:89:1b:ab:e2:
5f:37:8a:06:49:bc:50:16:00:ac:5a:79:d4:a4:f4:62:9d:05:
07:6f:30:75:5f:48:9d:99:e5:6f:73:9c:67:b1:f2:91:72:f4:
70:c7:c6:d0:35:e5:69:4d:1c:8c:b7:82:2a:42:42:92:8e:64:
ac:c8:ca:7c:d8:23:77:dd:58:21:76:88:5a:7e:92:8d:a3:df:
db:f7:48:8b:8a:55:a2:f3:18:c1:b5:d9:90:52:e0:04:69:6a:
bb:c9:df:3c:5a:9a:63:1a:55:fd:1a:2c:72:b7:05:a9:33:2e:
61:89:8d:dd:2f:fa:b9:d0:28:4a:18:4e:ff:e2:6e:17:28:3f:
5b:8f:d7:69:e0:36:93:55:61:bf:cc:80:0f:9e:c4:72:30:fb:
b0:a7:ae:03
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZQi/Eey7NxCrCnra4Vbyc1NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZmU4ZDcyNTI2ZTRlNzNhM2I1N2Q5MzYwZjNhNTFiZWI1
OWE0NWYwHhcNMjUwMTAxMTc0OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2I0Njk3NzIyMDEzOGJmMTA3ZGJhNTYwMGMwZWY3Y2E5OWYxYWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyA8YaJ5CZmuLLXR7JFT5V2cAd7VH
FTJAPiyY0XlO7TlQ5eBDRxTCDUgC0pIp9IwqjTnuQENP4l1u2Iu0Q6paNNJNJQT8
oVN38HKyNwcCiDoAcjISEZ0yZidQB/flrwzx9GLgQYkDtG73OxhEYgO5HHXxXofI
uFtQkcpy8dDCtHi+D12VgKBmrrGOz78PL8fm7nlOJmyKG/lROB3+N/6pWLaHzUSr
fxQY+7HfzSFwqMeaGmqvMfBIpqKpOwDD9pc629JW60luyH7k9n7ny+JMz99fZTnE
0M8m6ArHUyeGWP8SkwgJ3zxk9BhaeG2mtTEDscoBDNn65qTHP11TqsOoGwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFBO0aXciATi/EH26VgDA73ypnxrxMB8GA1UdIwQY
MBaAFFz+jXJSbk5zo7V9k2DzpRvrWaRfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFA2TmNsSnVUbk9qdFgyVFlQT2xHLXRacEY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84NGJmNTQtMDljMy00MzI0LWExMWMt
ZTRkZGZhMzJlNTJlLzEvRTdScGR5SUJPTDhRZmJwV0FNRHZmS21mR3ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC84NGJmNTQtMDljMy00MzI0LWExMWMtZTRkZGZhMzJlNTJl
LzEvWFA2TmNsSnVUbk9qdFgyVFlQT2xHLXRacEY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCLVmEAwQC
uSZYAwQCucBoAwQCuddgAwQCudvAAwQBwY6aMBQEAgACMA4DBQAqCivAAwUAKguo
QDANBgkqhkiG9w0BAQsFAAOCAQEAdgkUF1EceyWRZ27Uj2zYKz7OUWKzYfrRYyv9
A74hvBzbY2c4KNrGzmvV6A/Fq/+uoYVXs99Ri0YTSKZRfrtDqThEPfKxrrptKwZn
QYmi3py7YorEYR6f54mOoq6kHSB/Iuqv6Xh/hTyJG6viXzeKBkm8UBYArFp51KT0
Yp0FB28wdV9InZnlb3OcZ7HykXL0cMfG0DXlaU0cjLeCKkJCko5krMjKfNgjd91Y
IXaIWn6SjaPf2/dIi4pVovMYwbXZkFLgBGlqu8nfPFqaYxpV/RoscrcFqTMuYYmN
3S/6udAoShhO/+JuFyg/W4/XaeA2k1Vhv8yAD57EcjD7sKeuAw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:32:49 2025 by rpki-client