Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/ae18aa-7c15-4775-8fc5-772dcd3af5f6/1/SFyTfsWyq2coBx8ydbZroSS50xQ.roa
File: SFyTfsWyq2coBx8ydbZroSS50xQ.roa (raw, json)
Hash identifier: ZZpymtBw1D9nPwu2cf1P4YkyaGccufHXZlJkybCGFMw=
Subject key identifier: 48:5C:93:7E:C5:B2:AB:67:28:07:1F:32:75:B6:6B:A1:24:B9:D3:14
Certificate issuer: /CN=19610d638e2a2f95a3d90e4cff9959a859fac4f0
Certificate serial: 019427A9112B8A3934363FBCFD14CCAFA11B
Authority key identifier: 19:61:0D:63:8E:2A:2F:95:A3:D9:0E:4C:FF:99:59:A8:59:FA:C4:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GWENY44qL5Wj2Q5M_5lZqFn6xPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/ae18aa-7c15-4775-8fc5-772dcd3af5f6/1/SFyTfsWyq2coBx8ydbZroSS50xQ.roa
Signing time: Thu 02 Jan 2025 15:36:18 +0000
ROA not before: Thu 02 Jan 2025 15:36:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 45.144.204.0/24 maxlen: 24
45.144.205.0/24 maxlen: 24
45.144.206.0/24 maxlen: 24
45.144.207.0/24 maxlen: 24
45.152.156.0/24 maxlen: 24
45.152.157.0/24 maxlen: 24
45.152.158.0/24 maxlen: 24
45.152.159.0/24 maxlen: 24
185.158.252.0/24 maxlen: 24
185.158.253.0/24 maxlen: 24
185.158.254.0/24 maxlen: 24
185.158.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/ae18aa-7c15-4775-8fc5-772dcd3af5f6/1/GWENY44qL5Wj2Q5M_5lZqFn6xPA.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/ae18aa-7c15-4775-8fc5-772dcd3af5f6/1/GWENY44qL5Wj2Q5M_5lZqFn6xPA.mft
rsync://rpki.ripe.net/repository/DEFAULT/GWENY44qL5Wj2Q5M_5lZqFn6xPA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:a9:11:2b:8a:39:34:36:3f:bc:fd:14:cc:af:a1:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19610d638e2a2f95a3d90e4cff9959a859fac4f0
Validity
Not Before: Jan 2 15:36:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=485c937ec5b2ab6728071f3275b66ba124b9d314
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:e8:6d:5a:72:90:37:7f:7e:d4:4a:ae:a4:7e:
ff:a2:f9:7e:26:77:d0:76:e9:a6:bd:60:4c:c0:90:
81:b8:f4:4d:e7:37:31:b2:1d:24:7f:ee:b1:c1:82:
8b:a0:96:a9:96:4d:b9:06:ab:d2:48:99:6a:aa:35:
43:cd:c4:79:ab:3f:59:1a:46:20:1c:3f:ac:37:1a:
e7:ce:ae:0c:db:28:17:1c:7d:74:34:02:0f:1a:e1:
14:f3:7a:56:49:6d:bf:e3:c1:c1:0e:94:32:fd:11:
2f:1c:18:1d:cc:48:ba:99:33:2c:ab:db:6a:20:32:
47:71:eb:0f:cb:12:26:ef:af:f2:e1:7c:c2:6e:ab:
d1:55:4e:6d:ba:68:19:8e:fb:1b:3e:26:92:f4:e2:
1a:69:1f:45:3a:91:f2:21:63:92:ea:e4:15:cd:6f:
a8:f6:e7:96:d4:86:59:62:6c:c1:6f:95:73:33:f0:
f1:15:2e:fe:a3:89:c4:db:51:61:e1:7e:9f:97:10:
6e:e1:30:3e:24:9a:89:06:6a:1c:4a:11:a6:45:08:
72:de:c3:ff:89:61:15:f9:75:cd:fb:95:8a:2d:3a:
df:e0:46:1c:d3:dc:88:ac:2d:5c:2f:b7:83:7c:65:
e3:61:7c:3a:bf:70:15:f2:80:45:02:cf:cc:a4:68:
d1:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:5C:93:7E:C5:B2:AB:67:28:07:1F:32:75:B6:6B:A1:24:B9:D3:14
X509v3 Authority Key Identifier:
keyid:19:61:0D:63:8E:2A:2F:95:A3:D9:0E:4C:FF:99:59:A8:59:FA:C4:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GWENY44qL5Wj2Q5M_5lZqFn6xPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/ae18aa-7c15-4775-8fc5-772dcd3af5f6/1/SFyTfsWyq2coBx8ydbZroSS50xQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/ae18aa-7c15-4775-8fc5-772dcd3af5f6/1/GWENY44qL5Wj2Q5M_5lZqFn6xPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.204.0/22
45.152.156.0/22
185.158.252.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:3c:2e:be:76:ef:d2:24:46:68:2e:87:1f:60:7c:a1:21:1c:
7c:43:a3:5d:6b:3f:07:db:c3:fc:38:a2:26:e3:2b:8b:86:d2:
24:3f:20:c8:75:16:b6:69:a4:a4:77:57:90:70:57:b1:6a:13:
76:36:d6:be:74:13:d9:a3:d6:b0:f5:7c:dc:d5:18:5d:05:43:
f6:63:96:43:85:40:3a:dc:c0:9d:3f:d9:49:70:4c:2d:1e:8c:
85:d7:52:3e:e8:1a:c9:48:9f:e9:64:34:42:38:65:b8:24:58:
d9:7e:74:f8:7a:67:b4:23:03:a1:9a:fb:30:6f:83:7d:5c:92:
32:fa:c3:49:9c:d2:c2:df:ce:44:13:d9:05:19:35:4a:b7:65:
6e:08:f9:43:8f:05:18:19:e2:a4:f2:bb:88:45:c1:c2:1b:62:
df:88:e0:5a:c2:aa:c8:3a:f5:f2:75:3e:d8:a4:45:ce:8c:04:
ce:8e:b1:c6:e0:98:1c:0c:12:6d:1c:38:fc:ca:d2:bd:8d:8f:
6e:ed:2a:96:7b:04:15:32:22:ba:be:2c:27:af:97:c4:55:3d:
87:e0:ac:6f:0f:7d:95:e2:73:cd:47:e3:38:74:a5:c7:1e:a2:
fc:0f:13:28:ab:f3:99:e1:43:73:42:0d:70:66:ad:93:da:79:
c7:60:b4:71
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQnqRErijk0Nj+8/RTMr6EbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NjEwZDYzOGUyYTJmOTVhM2Q5MGU0Y2ZmOTk1OWE4NTlm
YWM0ZjAwHhcNMjUwMTAyMTUzNjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODVjOTM3ZWM1YjJhYjY3MjgwNzFmMzI3NWI2NmJhMTI0YjlkMzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+htWnKQN39+1EqupH7/ovl+JnfQ
dummvWBMwJCBuPRN5zcxsh0kf+6xwYKLoJaplk25BqvSSJlqqjVDzcR5qz9ZGkYg
HD+sNxrnzq4M2ygXHH10NAIPGuEU83pWSW2/48HBDpQy/REvHBgdzEi6mTMsq9tq
IDJHcesPyxIm76/y4XzCbqvRVU5tumgZjvsbPiaS9OIaaR9FOpHyIWOS6uQVzW+o
9ueW1IZZYmzBb5VzM/DxFS7+o4nE21Fh4X6flxBu4TA+JJqJBmocShGmRQhy3sP/
iWEV+XXN+5WKLTrf4EYc09yIrC1cL7eDfGXjYXw6v3AV8oBFAs/MpGjRGQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEhck37FsqtnKAcfMnW2a6EkudMUMB8GA1UdIwQY
MBaAFBlhDWOOKi+Vo9kOTP+ZWahZ+sTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1dFTlk0NHFMNVdqMlE1TV81bFpxRm42eFBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9hZTE4YWEtN2MxNS00Nzc1LThmYzUt
NzcyZGNkM2FmNWY2LzEvU0Z5VGZzV3lxMmNvQng4eWRiWnJvU1M1MHhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9hZTE4YWEtN2MxNS00Nzc1LThmYzUtNzcyZGNkM2FmNWY2
LzEvR1dFTlk0NHFMNVdqMlE1TV81bFpxRm42eFBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZDMAwQC
LZicAwQCuZ78MA0GCSqGSIb3DQEBCwUAA4IBAQA7PC6+du/SJEZoLocfYHyhIRx8
Q6Ndaz8H28P8OKIm4yuLhtIkPyDIdRa2aaSkd1eQcFexahN2Nta+dBPZo9aw9Xzc
1RhdBUP2Y5ZDhUA63MCdP9lJcEwtHoyF11I+6BrJSJ/pZDRCOGW4JFjZfnT4eme0
IwOhmvswb4N9XJIy+sNJnNLC385EE9kFGTVKt2VuCPlDjwUYGeKk8ruIRcHCG2Lf
iOBawqrIOvXydT7YpEXOjATOjrHG4JgcDBJtHDj8ytK9jY9u7SqWewQVMiK6viwn
r5fEVT2H4KxvD32V4nPNR+M4dKXHHqL8DxMoq/OZ4UNzQg1wZq2T2nnHYLRx
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:09:34 2025 by rpki-client