Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/G7_kvB4HDCS_j7ViuU2aApjdEK0.roa
File: G7_kvB4HDCS_j7ViuU2aApjdEK0.roa (raw, json)
Hash identifier: 2TpDAAY4SwDZcr/tVFrj4MP9HiWhiCfOBB0thwKmi74=
Subject key identifier: 1B:BF:E4:BC:1E:07:0C:24:BF:8F:B5:62:B9:4D:9A:02:98:DD:10:AD
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01954D591B0EEF534F14772A9BDD448FC274
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/G7_kvB4HDCS_j7ViuU2aApjdEK0.roa
Signing time: Fri 28 Feb 2025 16:17:19 +0000
ROA not before: Fri 28 Feb 2025 16:17:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5511
IP address blocks: 45.136.0.0/24 maxlen: 32
45.136.1.0/24 maxlen: 32
45.136.2.0/24 maxlen: 32
45.136.3.0/24 maxlen: 32
128.0.119.0/24 maxlen: 32
185.117.20.0/22 maxlen: 32
185.117.20.0/24 maxlen: 32
185.117.22.0/24 maxlen: 32
185.117.23.0/24 maxlen: 32
185.120.13.0/24 maxlen: 32
185.144.100.0/24 maxlen: 32
185.144.102.0/24 maxlen: 32
185.211.48.0/24 maxlen: 32
185.211.49.0/24 maxlen: 32
185.211.50.0/24 maxlen: 32
185.227.240.0/24 maxlen: 32
185.227.241.0/24 maxlen: 32
185.227.242.0/24 maxlen: 32
185.227.243.0/24 maxlen: 32
193.201.208.0/24 maxlen: 32
193.201.209.0/24 maxlen: 32
193.201.210.0/24 maxlen: 32
193.201.211.0/24 maxlen: 32
194.36.100.0/24 maxlen: 32
194.36.101.0/24 maxlen: 32
194.36.102.0/24 maxlen: 32
194.36.103.0/24 maxlen: 32
194.124.64.0/24 maxlen: 32
194.124.66.0/24 maxlen: 32
194.124.67.0/24 maxlen: 32
195.85.68.0/24 maxlen: 32
195.85.69.0/24 maxlen: 32
195.85.70.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 21:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4d:59:1b:0e:ef:53:4f:14:77:2a:9b:dd:44:8f:c2:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Feb 28 16:17:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1bbfe4bc1e070c24bf8fb562b94d9a0298dd10ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:84:74:ac:87:d3:db:95:b9:9b:4c:cf:a6:79:
76:5a:c6:fd:b3:8d:b7:6c:f3:be:de:61:df:d7:64:
0d:8f:aa:2e:e9:ea:19:cf:0b:12:a9:7c:97:38:48:
64:e8:0e:34:58:3f:3b:61:46:b4:1a:f0:d7:3b:ee:
03:fb:cc:f8:ba:e8:5b:ed:f7:26:6b:ef:73:ec:d8:
9a:65:33:2d:b2:d2:7f:e6:c9:6d:76:bf:1c:90:3e:
2c:88:2d:58:30:2a:f7:c0:67:e7:ba:e4:c0:53:97:
88:fd:be:0d:7e:1d:16:14:bc:ea:bf:25:87:76:23:
49:56:bc:93:28:dd:9b:38:32:8a:d7:19:54:f1:93:
d3:ef:d1:85:b9:83:f7:8b:21:a3:f7:26:0c:98:74:
89:e8:3f:41:6b:98:d2:de:67:4f:e7:90:93:b3:f7:
de:f7:be:8b:d3:58:10:d6:b9:60:09:e7:dd:46:0c:
ad:65:18:01:a5:e8:2b:1b:8d:55:15:22:21:5d:b8:
ed:d0:a1:03:af:74:db:2b:23:a7:6e:0b:64:18:84:
81:08:05:3c:ac:f7:c2:68:2b:06:ee:1b:72:ed:02:
8e:1f:c0:f9:50:14:5c:2e:14:ce:d2:d0:af:de:7e:
5e:02:d1:52:e3:64:58:c4:fe:7f:2b:31:04:3b:5f:
8b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:BF:E4:BC:1E:07:0C:24:BF:8F:B5:62:B9:4D:9A:02:98:DD:10:AD
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/G7_kvB4HDCS_j7ViuU2aApjdEK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.0.0/22
128.0.119.0/24
185.117.20.0/22
185.120.13.0/24
185.144.100.0/24
185.144.102.0/24
185.211.48.0-185.211.50.255
185.227.240.0/22
193.201.208.0/22
194.36.100.0/22
194.124.64.0/24
194.124.66.0/23
195.85.68.0-195.85.70.255
Signature Algorithm: sha256WithRSAEncryption
37:26:3b:14:2e:e5:b6:25:da:73:71:4d:66:67:06:77:c8:7d:
6b:78:cf:6f:b4:c8:8a:c0:94:1f:0b:10:82:84:86:0a:e9:36:
a8:a4:39:1a:4c:d0:7e:44:b7:64:7e:c3:da:39:00:b6:95:a5:
01:74:75:d3:75:22:45:22:e0:9c:d0:14:5e:0d:8e:69:67:4c:
f9:2a:f1:5f:3a:d5:57:a8:87:36:32:d1:b4:db:6b:d7:9e:7c:
48:d5:50:26:2a:d4:4f:81:3c:c7:a5:4c:f7:22:3d:60:de:d2:
e1:7f:c2:2b:46:5b:fb:87:70:ca:16:b2:47:38:1f:39:3c:7b:
e3:d5:b9:3a:fe:97:84:f6:19:20:70:0c:74:79:f0:15:0c:3f:
d0:44:ed:15:1b:a8:41:85:fa:4c:96:d8:7f:3c:e8:cd:bc:6e:
ee:f9:71:fe:87:30:35:81:bc:32:00:7a:2f:9f:82:84:2b:16:
71:f8:e0:a8:17:5e:f3:f2:54:97:56:8e:9a:21:08:a9:88:a5:
af:3e:9e:81:c5:6f:48:a8:95:b5:67:87:fe:74:d9:43:a1:4e:
2f:53:8b:3b:95:e6:b8:72:56:43:43:48:42:9e:1c:ab:f0:ba:
9f:fd:93:12:55:89:0b:67:1f:ce:6a:42:a7:ec:c5:bd:5c:aa:
aa:c8:c4:70
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZVNWRsO71NPFHcqm91Ej8J0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMjI4MTYxNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmJmZTRiYzFlMDcwYzI0YmY4ZmI1NjJiOTRkOWEwMjk4ZGQxMGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYR0rIfT25W5m0zPpnl2Wsb9s423
bPO+3mHf12QNj6ou6eoZzwsSqXyXOEhk6A40WD87YUa0GvDXO+4D+8z4uuhb7fcm
a+9z7NiaZTMtstJ/5sltdr8ckD4siC1YMCr3wGfnuuTAU5eI/b4Nfh0WFLzqvyWH
diNJVryTKN2bODKK1xlU8ZPT79GFuYP3iyGj9yYMmHSJ6D9Ba5jS3mdP55CTs/fe
976L01gQ1rlgCefdRgytZRgBpegrG41VFSIhXbjt0KEDr3TbKyOnbgtkGISBCAU8
rPfCaCsG7hty7QKOH8D5UBRcLhTO0tCv3n5eAtFS42RYxP5/KzEEO1+LTQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFBu/5LweBwwkv4+1YrlNmgKY3RCtMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvRzdfa3ZCNEhEQ1NfajdWaXVVMmFBcGpkRUswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQCLYgAAwQA
gAB3AwQCuXUUAwQAuXgNAwQAuZBkAwQAuZBmMAwDBAS50zADBAC50zIDBAK54/AD
BALBydADBALCJGQDBADCfEADBAHCfEIwDAMEAsNVRAMEAMNVRjANBgkqhkiG9w0B
AQsFAAOCAQEANyY7FC7ltiXac3FNZmcGd8h9a3jPb7TIisCUHwsQgoSGCuk2qKQ5
GkzQfkS3ZH7D2jkAtpWlAXR103UiRSLgnNAUXg2OaWdM+SrxXzrVV6iHNjLRtNtr
1558SNVQJirUT4E8x6VM9yI9YN7S4X/CK0Zb+4dwyhayRzgfOTx749W5Ov6XhPYZ
IHAMdHnwFQw/0ETtFRuoQYX6TJbYfzzozbxu7vlx/ocwNYG8MgB6L5+ChCsWcfjg
qBde8/JUl1aOmiEIqYilrz6egcVvSKiVtWeH/nTZQ6FOL1OLO5XmuHJWQ0NIQp4c
q/C6n/2TElWJC2cfzmpCp+zFvVyqqsjEcA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:33:07 2025 by rpki-client