Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/45GSN-Jh-Vtp52gdPCE4rtN9vFM.roa
File: 45GSN-Jh-Vtp52gdPCE4rtN9vFM.roa (raw, json)
Hash identifier: yltrOoY4v1Lw4nx8dXtkiiNgXJvp2DgU/YOsAQAMi/0=
Subject key identifier: E3:91:92:37:E2:61:F9:5B:69:E7:68:1D:3C:21:38:AE:D3:7D:BC:53
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0194BC945B9E5C045265BA3A1EB69BC96371
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/45GSN-Jh-Vtp52gdPCE4rtN9vFM.roa
Signing time: Fri 31 Jan 2025 13:37:06 +0000
ROA not before: Fri 31 Jan 2025 13:37:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5411
IP address blocks: 192.36.44.0/23 maxlen: 24
192.71.132.0/23 maxlen: 24
192.71.134.0/23 maxlen: 24
192.71.178.0/23 maxlen: 24
192.121.79.0/24 maxlen: 24
192.165.101.0/24 maxlen: 24
192.165.117.0/24 maxlen: 24
192.165.118.0/24 maxlen: 24
192.176.2.0/24 maxlen: 24
192.176.131.0/24 maxlen: 24
192.176.132.0/23 maxlen: 24
192.176.148.0/23 maxlen: 24
192.176.162.0/23 maxlen: 24
194.14.63.0/24 maxlen: 24
194.14.66.0/23 maxlen: 24
194.14.70.0/23 maxlen: 24
194.68.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bc:94:5b:9e:5c:04:52:65:ba:3a:1e:b6:9b:c9:63:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 31 13:37:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3919237e261f95b69e7681d3c2138aed37dbc53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:5e:88:5b:a8:2b:e6:cf:fa:97:44:d9:6e:67:
ef:bd:c0:64:66:2c:33:07:8f:97:d7:ed:dd:4e:eb:
da:9c:69:55:f5:80:13:76:f0:a4:fb:ee:1f:37:2b:
38:6a:69:60:e9:31:6b:1b:33:99:ca:e9:5e:e7:e1:
f1:fb:b9:aa:b6:23:9a:2f:37:da:49:ca:52:47:f4:
78:66:0c:7d:f6:fa:d9:67:9b:38:ae:10:71:4a:a9:
b8:a6:d6:7f:2b:2e:bf:22:84:c0:7a:a7:a6:5d:d2:
bf:da:4a:52:62:82:9f:c2:af:0d:52:99:b9:95:22:
a9:f5:b2:9b:de:83:a5:ce:6a:24:aa:20:bd:ec:28:
0b:36:41:a5:d0:19:74:04:94:a0:49:72:a5:a6:ed:
57:44:2f:90:d7:ee:0a:12:b6:83:a4:53:89:8f:c3:
01:af:87:87:3e:8d:fc:8d:a6:c6:0d:06:d6:08:88:
d7:14:8a:06:ff:20:56:3a:fd:7e:67:53:37:b3:85:
51:12:c2:1e:51:03:de:3a:b8:d0:0a:c3:d2:b5:b2:
bd:52:d1:04:93:a9:bd:4b:66:75:5f:68:75:5f:77:
ca:8a:58:be:93:4b:8f:e0:64:14:f6:9f:2c:1c:9a:
90:fe:20:f7:b4:9a:a8:d9:94:bd:d1:62:36:4e:cc:
3e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:91:92:37:E2:61:F9:5B:69:E7:68:1D:3C:21:38:AE:D3:7D:BC:53
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/45GSN-Jh-Vtp52gdPCE4rtN9vFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.44.0/23
192.71.132.0/22
192.71.178.0/23
192.121.79.0/24
192.165.101.0/24
192.165.117.0-192.165.118.255
192.176.2.0/24
192.176.131.0-192.176.133.255
192.176.148.0/23
192.176.162.0/23
194.14.63.0/24
194.14.66.0/23
194.14.70.0/23
194.68.50.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:64:02:65:49:98:9c:5f:01:24:91:b6:4b:24:ed:e1:59:b6:
f0:ba:bf:c3:19:5e:5a:85:c2:4d:0c:42:4e:f7:35:60:d0:b7:
e0:e4:d4:ae:3b:23:df:ef:d9:1d:64:7f:7a:13:fa:dc:fe:40:
a0:37:9d:50:44:b8:30:9a:21:3f:4d:3b:c8:23:63:f6:eb:16:
c9:d2:72:6d:fe:42:29:b0:e3:fa:56:a5:65:0d:20:ed:7a:d3:
bb:a3:51:64:15:d4:91:05:72:ba:84:bb:ee:a2:30:4a:87:3a:
3b:a8:1c:c5:0e:74:23:35:2a:2e:a6:57:80:cd:f4:53:03:d3:
e7:c3:ec:57:91:63:18:a7:8e:0c:e2:78:37:ce:f3:9d:ac:4a:
15:88:33:8a:fc:09:d2:5a:72:c9:b5:c9:1c:6b:6d:7f:67:df:
c2:96:d7:8e:c2:3e:4e:68:20:1d:f8:35:c0:be:6a:c2:52:cc:
79:1c:d7:a6:0a:fd:42:3c:c5:2c:89:57:a3:58:26:36:77:d7:
14:4c:61:a0:58:9c:32:4d:c6:89:cf:52:cf:1e:ba:31:1f:b4:
8b:9e:88:f7:cb:04:83:cf:a0:2a:6f:91:3e:81:75:fb:31:6c:
c8:ae:c1:91:04:5c:c4:7d:12:79:eb:ad:4d:36:df:a8:59:33:
71:b9:34:9e
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZS8lFueXARSZbo6HrabyWNxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTMxMTMzNzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzkxOTIzN2UyNjFmOTViNjllNzY4MWQzYzIxMzhhZWQzN2RiYzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkF6IW6gr5s/6l0TZbmfvvcBkZiwz
B4+X1+3dTuvanGlV9YATdvCk++4fNys4amlg6TFrGzOZyule5+Hx+7mqtiOaLzfa
ScpSR/R4Zgx99vrZZ5s4rhBxSqm4ptZ/Ky6/IoTAeqemXdK/2kpSYoKfwq8NUpm5
lSKp9bKb3oOlzmokqiC97CgLNkGl0Bl0BJSgSXKlpu1XRC+Q1+4KEraDpFOJj8MB
r4eHPo38jabGDQbWCIjXFIoG/yBWOv1+Z1M3s4VREsIeUQPeOrjQCsPStbK9UtEE
k6m9S2Z1X2h1X3fKili+k0uP4GQU9p8sHJqQ/iD3tJqo2ZS90WI2Tsw+uwIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFOORkjfiYflbaedoHTwhOK7TfbxTMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvNDVHU04tSmgtVnRwNTJnZFBDRTRydE45dkZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQBwCQsAwQC
wEeEAwQBwEeyAwQAwHlPAwQAwKVlMAwDBADApXUDBADApXYDBADAsAIwDAMEAMCw
gwMEAcCwhAMEAcCwlAMEAcCwogMEAMIOPwMEAcIOQgMEAcIORgMEAMJEMjANBgkq
hkiG9w0BAQsFAAOCAQEAj2QCZUmYnF8BJJG2SyTt4Vm28Lq/wxleWoXCTQxCTvc1
YNC34OTUrjsj3+/ZHWR/ehP63P5AoDedUES4MJohP007yCNj9usWydJybf5CKbDj
+lalZQ0g7XrTu6NRZBXUkQVyuoS77qIwSoc6O6gcxQ50IzUqLqZXgM30UwPT58Ps
V5FjGKeODOJ4N87znaxKFYgzivwJ0lpyybXJHGttf2ffwpbXjsI+TmggHfg1wL5q
wlLMeRzXpgr9QjzFLIlXo1gmNnfXFExhoFicMk3Gic9Szx66MR+0i56I98sEg8+g
Km+RPoF1+zFsyK7BkQRcxH0SeeutTTbfqFkzcbk0ng==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:32 2025 by rpki-client