Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/9CiGQ1DKqVBSURzGpIM4EZzLPIo.roa
File: 9CiGQ1DKqVBSURzGpIM4EZzLPIo.roa (raw, json)
Hash identifier: RYizM8JYSKOw2I31e1INHRnUrL0/zIJIFNS8N96TT/Q=
Subject key identifier: F4:28:86:43:50:CA:A9:50:52:51:1C:C6:A4:83:38:11:9C:CB:3C:8A
Certificate issuer: /CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Certificate serial: 0195FAE64548517D46B8F77AE4A8B2DE03A1
Authority key identifier: 3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/9CiGQ1DKqVBSURzGpIM4EZzLPIo.roa
Signing time: Thu 03 Apr 2025 09:05:49 +0000
ROA not before: Thu 03 Apr 2025 09:05:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.136.37.0/24 maxlen: 24
45.136.39.0/24 maxlen: 24
185.38.26.0/24 maxlen: 24
185.38.27.0/24 maxlen: 24
194.31.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 12:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fa:e6:45:48:51:7d:46:b8:f7:7a:e4:a8:b2:de:03:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Validity
Not Before: Apr 3 09:05:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f428864350caa95052511cc6a48338119ccb3c8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:30:43:aa:ec:5c:e7:1b:17:ca:cd:24:d1:ed:
be:6b:32:a6:2e:27:e0:a5:b9:2a:8b:49:6e:82:f3:
e4:65:26:39:50:54:2e:60:e8:d3:ea:67:d2:41:2a:
51:62:0d:14:2a:fb:ef:62:e0:fe:40:a2:e7:24:d4:
7f:c5:ae:d8:5e:29:bb:f6:4b:e5:c1:ce:7c:c0:c9:
a3:31:97:f7:5f:d2:3f:88:6e:7a:47:c5:3a:fa:37:
63:a4:10:73:c5:97:ec:a8:8d:7f:08:f3:47:7f:5e:
6b:5d:be:e8:a5:c1:7e:bc:07:5e:d2:d5:7f:af:b5:
75:7e:6c:72:d3:ca:32:b9:99:23:4d:77:38:26:c4:
21:10:2b:4e:8c:3c:2b:93:e7:1a:42:34:60:24:1a:
e2:df:46:5c:7c:92:7e:c3:52:8f:4b:b0:eb:84:c9:
78:58:cc:ce:d4:80:9e:8e:8e:21:e5:f3:29:e7:1d:
72:37:c7:8f:c2:2a:9b:35:ba:18:8d:4c:d8:58:57:
11:7c:df:99:f7:42:da:a5:ac:b2:4e:c7:33:7c:1c:
94:3d:4e:f7:dc:72:2d:72:67:6d:54:35:10:46:b3:
d7:1f:0c:74:ea:54:30:f8:51:46:b6:3a:ed:bc:a4:
76:ba:c7:5d:af:70:4f:59:f7:19:f8:a4:2b:58:f0:
34:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:28:86:43:50:CA:A9:50:52:51:1C:C6:A4:83:38:11:9C:CB:3C:8A
X509v3 Authority Key Identifier:
keyid:3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/9CiGQ1DKqVBSURzGpIM4EZzLPIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.37.0/24
45.136.39.0/24
185.38.26.0/23
194.31.167.0/24
Signature Algorithm: sha256WithRSAEncryption
55:be:12:47:12:93:30:1b:34:2e:d6:3d:86:c5:bc:74:f8:87:
99:c3:c0:81:4f:d6:aa:5e:e4:75:72:87:52:6d:75:10:62:0f:
2c:61:d4:e2:cb:71:5f:b5:8b:07:8e:71:1a:f4:97:01:09:02:
3a:4f:bb:ca:ae:ab:15:ce:80:c0:0b:28:10:f5:aa:49:5f:db:
7c:b3:10:1d:8e:b8:a4:d2:60:0d:3b:15:db:e6:3c:e0:5d:3f:
2d:a7:87:7e:ad:e6:1c:de:f3:9a:4d:db:ba:3b:96:5d:54:6f:
95:c1:1a:1d:c0:bc:ba:0d:57:21:c7:a9:fb:b4:ad:f9:96:63:
a7:49:ec:39:6d:ce:d4:61:35:fe:4a:0d:13:5a:2d:fe:8a:b1:
bb:14:1d:6c:17:d2:69:fb:7c:72:a4:d5:21:96:a8:0d:97:93:
9a:c4:fe:8b:0f:8f:ec:0a:79:7d:4d:30:85:aa:05:6d:76:ed:
3a:a2:56:4e:d8:55:32:d2:e8:fd:03:a9:ea:36:09:a2:77:ff:
f0:a6:da:28:f9:7a:b9:99:d6:e2:35:26:75:d2:5c:87:53:4f:
58:ce:42:d1:2b:54:81:96:72:08:55:8a:10:de:03:75:30:8b:
8a:a1:9b:d5:8f:3b:6a:53:33:04:09:3d:e7:e4:a6:ad:8b:02:
3a:cd:b6:59
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZX65kVIUX1GuPd65Kiy3gOhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZTc3MGY0N2ZkOTAzOTI1ZDgwYWM1OGUwNWUwNzZmM2Jh
YTExMGIwHhcNMjUwNDAzMDkwNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDI4ODY0MzUwY2FhOTUwNTI1MTFjYzZhNDgzMzgxMTljY2IzYzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDBDquxc5xsXys0k0e2+azKmLifg
pbkqi0lugvPkZSY5UFQuYOjT6mfSQSpRYg0UKvvvYuD+QKLnJNR/xa7YXim79kvl
wc58wMmjMZf3X9I/iG56R8U6+jdjpBBzxZfsqI1/CPNHf15rXb7opcF+vAde0tV/
r7V1fmxy08oyuZkjTXc4JsQhECtOjDwrk+caQjRgJBri30ZcfJJ+w1KPS7DrhMl4
WMzO1ICejo4h5fMp5x1yN8ePwiqbNboYjUzYWFcRfN+Z90LapayyTsczfByUPU73
3HItcmdtVDUQRrPXHwx06lQw+FFGtjrtvKR2usddr3BPWfcZ+KQrWPA0bwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPQohkNQyqlQUlEcxqSDOBGcyzyKMB8GA1UdIwQY
MBaAFD7ncPR/2QOSXYCsWOBeB287qhELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTIt
NjI0ZjgzNjgyMTY5LzEvOUNpR1ExREtxVkJTVVJ6R3BJTTRFWnpMUElvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTItNjI0ZjgzNjgyMTY5
LzEvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYglAwQA
LYgnAwQBuSYaAwQAwh+nMA0GCSqGSIb3DQEBCwUAA4IBAQBVvhJHEpMwGzQu1j2G
xbx0+IeZw8CBT9aqXuR1codSbXUQYg8sYdTiy3FftYsHjnEa9JcBCQI6T7vKrqsV
zoDACygQ9apJX9t8sxAdjrik0mANOxXb5jzgXT8tp4d+reYc3vOaTdu6O5ZdVG+V
wRodwLy6DVchx6n7tK35lmOnSew5bc7UYTX+Sg0TWi3+irG7FB1sF9Jp+3xypNUh
lqgNl5OaxP6LD4/sCnl9TTCFqgVtdu06olZO2FUy0uj9A6nqNgmid//wptoo+Xq5
mdbiNSZ10lyHU09YzkLRK1SBlnIIVYoQ3gN1MIuKoZvVjztqUzMECT3n5KatiwI6
zbZZ
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:53:30 2025 by rpki-client