Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/rIA4azEzcpcRHHRD3zykHvYi-2g.roa
File: rIA4azEzcpcRHHRD3zykHvYi-2g.roa (raw, json)
Hash identifier: tLgymAJRF/+ZVZDgNalnwOEDJzY58ehhHFpHIOwd4xU=
Subject key identifier: AC:80:38:6B:31:33:72:97:11:1C:74:43:DF:3C:A4:1E:F6:22:FB:68
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0195003FE7B4F96CDBCE1CBE7019AFB19B46
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/rIA4azEzcpcRHHRD3zykHvYi-2g.roa
Signing time: Thu 13 Feb 2025 16:59:02 +0000
ROA not before: Thu 13 Feb 2025 16:59:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210876
IP address blocks: 45.134.84.0/22 maxlen: 24
45.134.84.0/23 maxlen: 23
45.142.228.0/22 maxlen: 24
45.147.116.0/22 maxlen: 24
45.159.76.0/22 maxlen: 24
93.189.123.0/24 maxlen: 24
109.107.149.0/24 maxlen: 24
185.216.30.0/24 maxlen: 24
185.216.31.0/24 maxlen: 24
185.226.8.0/24 maxlen: 24
185.247.6.0/24 maxlen: 24
194.35.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:00:3f:e7:b4:f9:6c:db:ce:1c:be:70:19:af:b1:9b:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Feb 13 16:59:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac80386b31337297111c7443df3ca41ef622fb68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:4b:e1:87:e0:4e:33:34:03:65:27:4d:1c:ac:
ed:88:68:80:39:9d:93:38:08:7b:56:b9:dc:27:07:
0c:76:ef:c8:34:b0:26:86:fd:ea:a5:0b:7d:af:25:
7f:da:c8:b7:d2:90:fa:2f:7b:f9:a2:2f:f6:96:2d:
5f:c7:cf:15:ce:3a:d0:ec:a6:c9:f1:b3:1e:e6:15:
2f:01:d6:63:48:10:b9:14:8a:b1:d6:3b:eb:77:94:
bb:5b:d2:f8:85:25:00:8d:bb:d1:99:24:43:33:76:
9a:47:32:88:9d:c5:e7:2f:9e:f1:05:e7:a0:0c:8b:
ac:88:33:a9:e5:27:a9:f7:f8:99:8c:45:be:c4:cc:
72:d5:5f:4f:87:84:97:b3:6e:1b:31:f7:e7:55:41:
2b:9d:c6:e2:a7:9f:d2:a8:72:e7:d5:77:8c:74:d0:
5a:45:f8:7e:29:c6:4b:5e:48:bd:83:ee:c1:e5:4f:
46:97:3f:69:a8:5b:c2:e6:a5:23:e9:4c:a1:c3:60:
7f:37:f2:78:1b:64:27:3c:d9:96:99:6b:4e:6c:8d:
13:10:73:0f:88:8e:5b:af:bc:56:d4:c2:b3:d1:44:
56:ed:20:1f:d8:89:1b:1b:05:28:54:dc:d9:28:fa:
03:9a:e5:65:6e:f0:a9:c3:8d:4a:d1:c1:15:db:7c:
ce:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:80:38:6B:31:33:72:97:11:1C:74:43:DF:3C:A4:1E:F6:22:FB:68
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/rIA4azEzcpcRHHRD3zykHvYi-2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.84.0/22
45.142.228.0/22
45.147.116.0/22
45.159.76.0/22
93.189.123.0/24
109.107.149.0/24
185.216.30.0/23
185.226.8.0/24
185.247.6.0/24
194.35.40.0/24
Signature Algorithm: sha256WithRSAEncryption
93:01:ba:8f:7d:d7:07:82:de:69:ea:5f:e2:0c:6c:69:c0:0c:
43:0e:36:41:20:8f:ec:66:39:6a:19:fd:cd:3d:d1:b3:99:d5:
4a:2a:ba:18:2f:fd:5b:87:a0:6c:d8:b1:b3:97:ac:64:7a:ef:
35:0e:5b:fe:74:45:8d:6f:52:e7:19:40:f1:2e:a7:ec:ae:3b:
07:de:23:42:ad:c7:ce:c7:fe:04:9c:7c:9b:34:7e:a8:49:c3:
94:1d:ea:62:0b:a8:59:2a:2b:5a:2d:07:7b:98:79:49:20:87:
d5:2a:d9:d5:44:61:62:74:20:ad:65:65:74:3c:5a:da:d3:f6:
67:bf:bf:b4:00:6e:6b:67:6b:4b:c7:bb:54:5d:d6:6a:5f:60:
f6:0a:07:a5:de:65:6a:fb:71:20:33:4c:ce:e1:06:7e:bf:11:
d8:1e:8d:ea:65:10:ad:01:25:8c:63:20:19:18:5b:5f:7c:3f:
44:23:42:d4:d6:43:14:45:ca:c9:af:63:af:54:68:83:2b:9a:
ab:2a:de:f6:f2:e0:66:56:c5:c3:68:4d:9d:a3:fd:1c:38:3d:
2c:fa:5b:29:8d:98:f9:17:06:de:16:fc:88:1f:5e:9d:31:c6:
8b:5e:52:ca:73:ac:22:25:66:83:52:a5:8b:99:5b:8e:9b:a6:
e3:c2:c9:d2
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZUAP+e0+Wzbzhy+cBmvsZtGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMjEzMTY1OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzgwMzg2YjMxMzM3Mjk3MTExYzc0NDNkZjNjYTQxZWY2MjJmYjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4kvhh+BOMzQDZSdNHKztiGiAOZ2T
OAh7VrncJwcMdu/INLAmhv3qpQt9ryV/2si30pD6L3v5oi/2li1fx88VzjrQ7KbJ
8bMe5hUvAdZjSBC5FIqx1jvrd5S7W9L4hSUAjbvRmSRDM3aaRzKIncXnL57xBeeg
DIusiDOp5Sep9/iZjEW+xMxy1V9Ph4SXs24bMffnVUErncbip5/SqHLn1XeMdNBa
Rfh+KcZLXki9g+7B5U9Glz9pqFvC5qUj6Uyhw2B/N/J4G2QnPNmWmWtObI0TEHMP
iI5br7xW1MKz0URW7SAf2IkbGwUoVNzZKPoDmuVlbvCpw41K0cEV23zOIQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFKyAOGsxM3KXERx0Q988pB72IvtoMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvcklBNGF6RXpjcGNSSEhSRDN6eWtIdllpLTJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCLYZUAwQC
LY7kAwQCLZN0AwQCLZ9MAwQAXb17AwQAbWuVAwQBudgeAwQAueIIAwQAufcGAwQA
wiMoMA0GCSqGSIb3DQEBCwUAA4IBAQCTAbqPfdcHgt5p6l/iDGxpwAxDDjZBII/s
ZjlqGf3NPdGzmdVKKroYL/1bh6Bs2LGzl6xkeu81Dlv+dEWNb1LnGUDxLqfsrjsH
3iNCrcfOx/4EnHybNH6oScOUHepiC6hZKitaLQd7mHlJIIfVKtnVRGFidCCtZWV0
PFra0/Znv7+0AG5rZ2tLx7tUXdZqX2D2Cgel3mVq+3EgM0zO4QZ+vxHYHo3qZRCt
ASWMYyAZGFtffD9EI0LU1kMURcrJr2OvVGiDK5qrKt728uBmVsXDaE2do/0cOD0s
+lspjZj5FwbeFvyIH16dMcaLXlLKc6wiJWaDUqWLmVuOm6bjwsnS
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:08:08 2025 by rpki-client