Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/RlGd8kazi77hT1ppdy-X-d7K0mw.roa
File: RlGd8kazi77hT1ppdy-X-d7K0mw.roa (raw, json)
Hash identifier: flhyhfWL6o/CvlE9W17nAu070Q7TGL0ECNaPpp/zGko=
Subject key identifier: 46:51:9D:F2:46:B3:8B:BE:E1:4F:5A:69:77:2F:97:F9:DE:CA:D2:6C
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 019425215032F5F38532A7DC6D120AE2EA31
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/RlGd8kazi77hT1ppdy-X-d7K0mw.roa
Signing time: Thu 02 Jan 2025 03:48:47 +0000
ROA not before: Thu 02 Jan 2025 03:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54339
IP address blocks: 45.147.156.0/24 maxlen: 24
45.147.157.0/24 maxlen: 24
45.147.158.0/24 maxlen: 24
77.111.116.0/24 maxlen: 24
77.111.121.0/24 maxlen: 24
91.190.185.0/24 maxlen: 24
92.61.102.0/24 maxlen: 24
194.152.137.0/24 maxlen: 24
194.152.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 00:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:50:32:f5:f3:85:32:a7:dc:6d:12:0a:e2:ea:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: Jan 2 03:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=46519df246b38bbee14f5a69772f97f9decad26c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:58:2a:6f:33:ba:d4:c7:e8:1f:8e:7c:50:0d:
c8:3c:3d:86:80:e9:14:64:98:dd:90:ae:a3:46:ae:
f1:49:f7:60:15:85:8e:00:ea:dc:51:da:f5:11:c8:
28:81:f1:6d:6b:f5:7d:84:5c:d8:0f:9f:0e:d1:eb:
de:03:0f:65:4e:14:48:64:b2:1d:65:1b:68:77:bf:
6c:24:cf:d8:57:76:60:23:8a:ce:8d:50:f3:82:f5:
78:c7:c2:be:3b:14:76:0e:73:d9:ce:2e:56:4c:02:
02:7f:33:f1:1b:39:38:3b:31:75:3b:74:0a:58:e4:
96:a5:80:d3:06:8f:3d:35:49:b5:ff:80:c6:4f:c6:
cf:ba:fe:e2:52:c0:d2:d3:d2:d3:26:1c:5f:cd:ea:
02:34:e2:95:8f:f3:00:d1:e2:44:f1:c5:83:e2:85:
e2:f5:34:15:85:e2:d1:ca:73:36:fa:74:6d:6e:cd:
da:6c:47:49:e0:bf:82:e0:14:a7:79:b6:6d:a9:b3:
c0:32:47:42:ed:a5:d1:e6:6a:6e:89:5b:2f:6e:3a:
53:40:f8:47:bc:ab:d7:74:af:ca:1e:fc:2b:10:89:
8e:6a:f5:25:d4:54:22:a0:2f:7e:62:37:f6:2f:f3:
6a:7d:a9:86:b1:1f:22:d7:48:86:b0:81:fe:52:31:
25:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:51:9D:F2:46:B3:8B:BE:E1:4F:5A:69:77:2F:97:F9:DE:CA:D2:6C
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/RlGd8kazi77hT1ppdy-X-d7K0mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.156.0-45.147.158.255
77.111.116.0/24
77.111.121.0/24
91.190.185.0/24
92.61.102.0/24
194.152.137.0/24
194.152.139.0/24
Signature Algorithm: sha256WithRSAEncryption
44:ec:c9:69:59:b5:7b:65:b5:ff:94:7a:d0:69:d0:6a:88:05:
c2:d6:9f:72:98:2a:e4:ad:11:84:84:15:cb:b9:e5:58:57:85:
6a:e2:cd:6f:44:45:8c:15:8f:d0:55:b4:10:78:0c:91:da:80:
32:10:0a:4a:64:3b:b7:56:54:5e:cb:d6:50:e4:94:0f:52:df:
d2:75:7b:73:35:19:5d:4f:87:71:ef:95:69:e8:37:c6:b1:13:
6c:06:03:91:79:86:42:d7:28:f8:1f:bf:bb:20:ec:9b:e5:c8:
7e:3b:1d:e3:dd:12:86:be:db:1c:91:fb:ad:99:09:3d:7b:08:
5d:33:7a:a5:d0:01:09:53:b7:43:86:70:46:99:54:5a:fb:c5:
ac:aa:00:4a:88:d4:36:0d:83:ae:ef:4f:a1:a6:fd:ac:c2:f7:
16:67:0b:09:65:ca:89:20:a1:6a:05:87:78:00:b0:d4:5d:17:
8c:ae:6c:f1:8f:6f:fb:7f:6e:97:e2:22:a0:e5:8e:12:d3:94:
62:1e:2e:32:a7:9d:2c:ee:79:bc:c5:81:f0:61:ef:7c:e5:c5:
1a:99:d9:88:e5:2d:82:11:8e:5d:f6:17:7b:a9:9c:0c:08:e6:
d3:18:06:ae:4c:8e:b7:bb:a4:02:58:4b:6a:8c:ec:14:3e:ee:
e1:76:c7:61
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZQlIVAy9fOFMqfcbRIK4uoxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjUwMTAyMDM0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjUxOWRmMjQ2YjM4YmJlZTE0ZjVhNjk3NzJmOTdmOWRlY2FkMjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVgqbzO61MfoH458UA3IPD2GgOkU
ZJjdkK6jRq7xSfdgFYWOAOrcUdr1EcgogfFta/V9hFzYD58O0eveAw9lThRIZLId
ZRtod79sJM/YV3ZgI4rOjVDzgvV4x8K+OxR2DnPZzi5WTAICfzPxGzk4OzF1O3QK
WOSWpYDTBo89NUm1/4DGT8bPuv7iUsDS09LTJhxfzeoCNOKVj/MA0eJE8cWD4oXi
9TQVheLRynM2+nRtbs3abEdJ4L+C4BSnebZtqbPAMkdC7aXR5mpuiVsvbjpTQPhH
vKvXdK/KHvwrEImOavUl1FQioC9+Yjf2L/NqfamGsR8i10iGsIH+UjElYwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFEZRnfJGs4u+4U9aaXcvl/neytJsMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvUmxHZDhrYXppNzdoVDFwcGR5LVgtZDdLMG13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBAItk5wD
BAAtk54DBABNb3QDBABNb3kDBABbvrkDBABcPWYDBADCmIkDBADCmIswDQYJKoZI
hvcNAQELBQADggEBAETsyWlZtXtltf+UetBp0GqIBcLWn3KYKuStEYSEFcu55VhX
hWrizW9ERYwVj9BVtBB4DJHagDIQCkpkO7dWVF7L1lDklA9S39J1e3M1GV1Ph3Hv
lWnoN8axE2wGA5F5hkLXKPgfv7sg7JvlyH47HePdEoa+2xyR+62ZCT17CF0zeqXQ
AQlTt0OGcEaZVFr7xayqAEqI1DYNg67vT6Gm/azC9xZnCwllyokgoWoFh3gAsNRd
F4yubPGPb/t/bpfiIqDljhLTlGIeLjKnnSzuebzFgfBh73zlxRqZ2YjlLYIRjl32
F3upnAwI5tMYBq5Mjre7pAJYS2qM7BQ+7uF2x2E=
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:47:15 2025 by rpki-client