Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/bZniM2QlgkpTXR-OwANLXtwZtPE.roa
File: bZniM2QlgkpTXR-OwANLXtwZtPE.roa (raw, json)
Hash identifier: 1uGphNb2cimTL54FLmsjWSi2OJxcMRM81uY8UPnrcpo=
Subject key identifier: 6D:99:E2:33:64:25:82:4A:53:5D:1F:8E:C0:03:4B:5E:DC:19:B4:F1
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 0194258F2860ADD294A0FA4415C38952BD3A
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/bZniM2QlgkpTXR-OwANLXtwZtPE.roa
Signing time: Thu 02 Jan 2025 05:48:46 +0000
ROA not before: Thu 02 Jan 2025 05:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213257
IP address blocks: 5.180.107.0/24 maxlen: 24
45.131.1.0/24 maxlen: 24
45.147.44.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
194.116.228.0/24 maxlen: 24
194.146.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.mft
rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 13:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:28:60:ad:d2:94:a0:fa:44:15:c3:89:52:bd:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Jan 2 05:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d99e2336425824a535d1f8ec0034b5edc19b4f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:6d:2c:7a:7a:17:8a:71:c7:8e:0c:39:7b:68:
9c:46:27:fc:19:d4:e0:36:ae:34:21:a9:90:e3:7d:
d5:dd:fc:5b:3c:c0:78:12:e9:70:f7:3e:30:f7:a0:
eb:1f:8f:00:a7:8e:0c:40:dc:71:74:7a:e0:b0:91:
6d:64:e0:af:a6:14:cf:06:77:98:76:28:68:d6:4a:
6d:8c:72:46:fd:4b:cd:0a:d8:5f:10:6d:e2:b3:ea:
91:6e:70:80:24:5b:d1:6c:c4:7b:23:c5:1f:39:54:
7f:41:93:52:b0:77:11:6e:1e:67:03:16:be:d5:ec:
80:fc:d9:f4:c9:2c:31:2b:d3:1b:a6:05:95:9c:c3:
3b:b1:88:da:60:f3:29:2a:06:c9:cf:d6:94:b1:77:
f2:cb:e6:c9:0a:42:6f:21:2a:04:d9:68:cb:d6:0e:
44:63:47:5a:b9:8b:82:34:b1:6a:bf:b0:f3:9b:91:
df:ea:8a:34:42:04:c2:eb:48:b8:1c:ee:4d:df:dc:
2c:73:b1:ba:d7:53:1d:c8:e0:5e:8e:93:e3:ef:09:
da:5a:4e:d6:f3:0e:24:9a:e3:0e:07:7d:81:04:60:
01:ad:4d:0a:2a:05:70:1d:87:e0:84:c4:97:cd:26:
fc:28:c8:83:fd:19:aa:d6:cf:b6:f5:71:ab:ad:fe:
97:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:99:E2:33:64:25:82:4A:53:5D:1F:8E:C0:03:4B:5E:DC:19:B4:F1
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/bZniM2QlgkpTXR-OwANLXtwZtPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.107.0/24
45.131.1.0/24
45.147.44.0/24
77.83.202.0/24
194.116.228.0/24
194.146.26.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:e1:bf:85:3d:15:2a:cd:a5:61:fc:9a:25:9f:22:b7:c3:a0:
9e:b9:c7:31:67:8b:97:7f:9b:0b:7a:fe:2a:70:ef:3f:78:7b:
7b:f8:fd:90:64:9c:8f:33:58:b0:1c:20:82:d1:b0:07:b7:67:
9f:30:c2:ab:70:33:bb:4a:39:42:3e:8f:ab:7c:d2:61:bc:97:
2a:35:e6:e9:f0:4c:c0:71:c5:52:24:ec:85:69:67:b3:ec:cf:
e3:9d:6f:cc:10:fe:25:82:16:f2:ec:19:1f:4c:69:66:3c:ff:
b9:e1:35:72:1b:d8:15:43:b9:c1:2e:6e:7c:eb:cd:48:ff:5d:
10:69:78:bc:05:aa:8e:e4:4e:f9:aa:9b:e8:d7:31:4a:44:d1:
28:ee:13:aa:7b:ed:9f:41:d3:a8:33:cc:98:58:19:88:cc:08:
c1:28:40:18:0f:72:8a:b1:c3:47:1d:f7:c7:29:eb:25:61:ca:
9c:37:0d:c0:86:bc:d2:3b:2d:8c:91:8f:ae:fc:a2:9e:11:89:
80:a4:09:d8:2a:ff:e0:e3:9b:0e:cd:69:bc:1a:2a:ba:94:73:
af:91:19:68:0e:5b:3c:39:d6:2b:78:e6:4d:87:b4:8b:53:0b:
b8:8f:00:86:f2:fb:bf:78:af:4d:03:41:d9:57:e7:e8:c8:39:
96:ed:2f:8d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQljyhgrdKUoPpEFcOJUr06MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjUwMTAyMDU0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDk5ZTIzMzY0MjU4MjRhNTM1ZDFmOGVjMDAzNGI1ZWRjMTliNGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuW0senoXinHHjgw5e2icRif8GdTg
Nq40IamQ433V3fxbPMB4Eulw9z4w96DrH48Ap44MQNxxdHrgsJFtZOCvphTPBneY
diho1kptjHJG/UvNCthfEG3is+qRbnCAJFvRbMR7I8UfOVR/QZNSsHcRbh5nAxa+
1eyA/Nn0ySwxK9MbpgWVnMM7sYjaYPMpKgbJz9aUsXfyy+bJCkJvISoE2WjL1g5E
Y0dauYuCNLFqv7Dzm5Hf6oo0QgTC60i4HO5N39wsc7G611MdyOBejpPj7wnaWk7W
8w4kmuMOB32BBGABrU0KKgVwHYfghMSXzSb8KMiD/Rmq1s+29XGrrf6X2wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFG2Z4jNkJYJKU10fjsADS17cGbTxMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvYlpuaU0yUWxna3BUWFItT3dBTkxYdHdadFBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABbRrAwQA
LYMBAwQALZMsAwQATVPKAwQAwnTkAwQAwpIaMA0GCSqGSIb3DQEBCwUAA4IBAQAt
4b+FPRUqzaVh/JolnyK3w6CeuccxZ4uXf5sLev4qcO8/eHt7+P2QZJyPM1iwHCCC
0bAHt2efMMKrcDO7SjlCPo+rfNJhvJcqNebp8EzAccVSJOyFaWez7M/jnW/MEP4l
ghby7BkfTGlmPP+54TVyG9gVQ7nBLm58681I/10QaXi8BaqO5E75qpvo1zFKRNEo
7hOqe+2fQdOoM8yYWBmIzAjBKEAYD3KKscNHHffHKeslYcqcNw3AhrzSOy2MkY+u
/KKeEYmApAnYKv/g45sOzWm8Giq6lHOvkRloDls8OdYreOZNh7SLUwu4jwCG8vu/
eK9NA0HZV+foyDmW7S+N
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:39:58 2025 by rpki-client