Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/b81Y2U7ou3gE7qnhOIrH6wzIwHE.roa
File: b81Y2U7ou3gE7qnhOIrH6wzIwHE.roa (raw, json)
Hash identifier: evIbesfBnQDx6fK9X24u14Wb1m4RUjoEvZ0+mfP0N8E=
Subject key identifier: 6F:CD:58:D9:4E:E8:BB:78:04:EE:A9:E1:38:8A:C7:EB:0C:C8:C0:71
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 0194258F2353123ADD0C6691BCCB7F1B35B4
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/b81Y2U7ou3gE7qnhOIrH6wzIwHE.roa
Signing time: Thu 02 Jan 2025 05:48:45 +0000
ROA not before: Thu 02 Jan 2025 05:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60446
IP address blocks: 45.136.6.0/24 maxlen: 24
45.141.151.0/24 maxlen: 24
45.147.46.0/24 maxlen: 24
45.147.47.0/24 maxlen: 24
194.146.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.mft
rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 13:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:23:53:12:3a:dd:0c:66:91:bc:cb:7f:1b:35:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Jan 2 05:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6fcd58d94ee8bb7804eea9e1388ac7eb0cc8c071
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:f3:9e:96:bf:a1:6b:e9:61:8d:4c:4a:e8:53:
f5:51:df:ab:b9:91:c1:ec:6b:12:56:33:dd:8d:64:
f1:87:55:98:18:2a:fc:11:ff:9a:19:a7:fd:7e:84:
91:cf:8f:b2:f5:d3:cf:b5:04:b2:18:44:aa:0f:4d:
f5:43:63:11:c2:4c:ea:c1:f7:6c:9c:c4:f6:91:17:
b8:cd:33:83:69:1e:cf:ec:b6:c5:32:80:f7:b8:0e:
b0:63:dc:02:f6:1c:98:bc:de:99:04:35:ed:db:17:
ff:ce:9b:ad:e3:0b:98:e2:a6:5c:bc:95:c4:5e:9b:
ba:ee:67:af:6e:4c:6d:18:96:f9:eb:cc:28:2d:fb:
42:d6:57:5e:4b:3d:e6:e0:84:1d:56:31:f9:3d:fe:
03:84:c8:5d:f3:23:20:08:9c:3b:84:d5:b9:a9:3c:
45:a4:02:5c:4b:42:51:4d:10:e7:3d:54:75:5c:e7:
39:bf:fd:3d:da:11:f6:00:c2:8c:38:fd:eb:54:7e:
df:32:0e:54:24:e1:49:64:44:bf:67:12:1c:ce:b3:
e0:3b:89:a6:60:35:3b:13:47:41:be:c3:e6:0a:cc:
cd:bd:22:a4:c4:cf:e8:0e:34:7d:37:a7:69:79:32:
50:37:06:b9:9a:e2:36:59:ec:a6:89:c9:05:ad:c8:
fa:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:CD:58:D9:4E:E8:BB:78:04:EE:A9:E1:38:8A:C7:EB:0C:C8:C0:71
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/b81Y2U7ou3gE7qnhOIrH6wzIwHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.6.0/24
45.141.151.0/24
45.147.46.0/23
194.146.50.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:a4:4e:f2:b3:5f:46:fe:0a:13:f8:65:3a:25:ce:06:c0:37:
e2:70:13:61:f5:25:b5:ec:bb:96:26:6a:13:c7:c0:bc:9a:73:
da:c8:53:23:0c:04:5c:b1:86:48:e5:42:60:ec:75:75:63:8f:
0a:0c:87:32:a7:c3:67:ba:44:b3:c9:da:be:f8:c4:9b:de:ea:
9a:cf:52:ad:9e:cf:3b:e5:30:b6:b4:e6:a3:b8:7c:da:a2:51:
b8:c7:c3:01:72:d9:dd:ad:f1:1a:26:74:1d:d9:11:60:91:df:
85:69:3d:f3:c5:82:6f:0f:ce:82:6d:95:07:3e:a6:f7:d6:14:
73:66:17:b9:21:51:0f:2d:71:99:62:86:2d:f5:10:4e:af:75:
4f:83:5d:f6:71:58:44:87:88:f5:fd:13:b0:7b:d2:ab:74:07:
7c:d4:f6:7a:42:9c:af:d3:30:3f:91:7f:cd:7a:01:e2:af:85:
99:a8:2d:27:4c:97:dc:f0:95:a0:33:07:1f:a0:26:02:55:a2:
80:0f:b0:79:5e:46:4a:77:0b:80:0f:8b:bc:06:48:e1:e1:b8:
86:e7:83:bd:dd:95:f8:f2:84:17:c0:5c:03:d2:95:ad:95:38:
e3:02:31:8a:4d:38:50:ca:ce:5c:12:65:2c:6c:70:88:ff:58:
b2:76:12:3a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQljyNTEjrdDGaRvMt/GzW0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjUwMTAyMDU0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmNkNThkOTRlZThiYjc4MDRlZWE5ZTEzODhhYzdlYjBjYzhjMDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fOelr+ha+lhjUxK6FP1Ud+ruZHB
7GsSVjPdjWTxh1WYGCr8Ef+aGaf9foSRz4+y9dPPtQSyGESqD031Q2MRwkzqwfds
nMT2kRe4zTODaR7P7LbFMoD3uA6wY9wC9hyYvN6ZBDXt2xf/zput4wuY4qZcvJXE
Xpu67mevbkxtGJb568woLftC1ldeSz3m4IQdVjH5Pf4DhMhd8yMgCJw7hNW5qTxF
pAJcS0JRTRDnPVR1XOc5v/092hH2AMKMOP3rVH7fMg5UJOFJZES/ZxIczrPgO4mm
YDU7E0dBvsPmCszNvSKkxM/oDjR9N6dpeTJQNwa5muI2WeymickFrcj6GQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFG/NWNlO6Lt4BO6p4TiKx+sMyMBxMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvYjgxWTJVN291M2dFN3FuaE9Jckg2d3pJd0hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYgGAwQA
LY2XAwQBLZMuAwQAwpIyMA0GCSqGSIb3DQEBCwUAA4IBAQA8pE7ys19G/goT+GU6
Jc4GwDficBNh9SW17LuWJmoTx8C8mnPayFMjDARcsYZI5UJg7HV1Y48KDIcyp8Nn
ukSzydq++MSb3uqaz1Ktns875TC2tOajuHzaolG4x8MBctndrfEaJnQd2RFgkd+F
aT3zxYJvD86CbZUHPqb31hRzZhe5IVEPLXGZYoYt9RBOr3VPg132cVhEh4j1/ROw
e9KrdAd81PZ6Qpyv0zA/kX/NegHir4WZqC0nTJfc8JWgMwcfoCYCVaKAD7B5XkZK
dwuAD4u8Bkjh4biG54O93ZX48oQXwFwD0pWtlTjjAjGKTThQys5cEmUsbHCI/1iy
dhI6
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:44:39 2025 by rpki-client