Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/M9VOPO1QfWRnU4hQ9QVXASg96jA.roa
File: M9VOPO1QfWRnU4hQ9QVXASg96jA.roa (raw, json)
Hash identifier: irJVQjaxHBdQQuBZR03utwnIZQAJVfzNYFhhJleKRbg=
Subject key identifier: 33:D5:4E:3C:ED:50:7D:64:67:53:88:50:F5:05:57:01:28:3D:EA:30
Certificate issuer: /CN=4acfac8645a3c6f10042dc4a74d700d9d06af17a
Certificate serial: 0194206878430F8785F9CD0B6353E8250AA0
Authority key identifier: 4A:CF:AC:86:45:A3:C6:F1:00:42:DC:4A:74:D7:00:D9:D0:6A:F1:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/M9VOPO1QfWRnU4hQ9QVXASg96jA.roa
Signing time: Wed 01 Jan 2025 05:48:24 +0000
ROA not before: Wed 01 Jan 2025 05:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 45.156.131.0/24 maxlen: 24
185.180.141.0/24 maxlen: 24
185.226.196.0/24 maxlen: 24
185.226.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:78:43:0f:87:85:f9:cd:0b:63:53:e8:25:0a:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4acfac8645a3c6f10042dc4a74d700d9d06af17a
Validity
Not Before: Jan 1 05:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=33d54e3ced507d6467538850f5055701283dea30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:7f:07:e8:dd:bf:0f:58:d9:c8:74:a8:9b:12:
0a:d3:9f:98:0a:7a:a9:42:24:0c:32:e4:66:f5:b6:
6b:b7:f3:33:37:d1:cb:be:99:3e:6d:70:91:c3:2f:
a1:8f:49:4e:b2:92:66:5c:0e:c3:71:d9:3b:18:43:
ca:7e:be:f5:7d:1e:f7:60:d4:e3:d1:aa:5f:19:f4:
cc:71:5a:43:c3:3d:ff:9a:dd:90:84:d0:3a:b4:4c:
bb:51:81:2c:8e:9d:32:10:db:bd:d6:60:34:c5:90:
a0:96:5e:e1:11:c2:a0:68:6f:c2:5f:a0:e6:11:c7:
b2:8f:79:21:da:b6:0e:47:bc:35:13:49:ec:16:4d:
97:9a:f3:d2:14:45:30:05:b4:da:f9:df:b0:d7:b4:
f8:5c:17:da:e3:f8:31:6c:a4:03:81:bb:ed:ee:c7:
ea:34:36:7f:88:1f:73:ea:c8:6e:90:4a:7e:21:59:
82:a2:96:70:e3:2f:0c:8f:05:06:91:b0:16:9f:f5:
ef:0f:69:70:57:00:f6:cd:43:b9:20:ce:90:af:71:
e9:17:4e:ea:fb:5d:53:ad:a7:c3:df:dd:9f:87:29:
38:fb:a6:b8:ff:c3:78:5e:36:52:7c:04:be:0f:66:
cb:03:e0:2d:55:08:c7:52:96:5b:57:c5:b8:fb:a5:
b7:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:D5:4E:3C:ED:50:7D:64:67:53:88:50:F5:05:57:01:28:3D:EA:30
X509v3 Authority Key Identifier:
keyid:4A:CF:AC:86:45:A3:C6:F1:00:42:DC:4A:74:D7:00:D9:D0:6A:F1:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/M9VOPO1QfWRnU4hQ9QVXASg96jA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.131.0/24
185.180.141.0/24
185.226.196.0/23
Signature Algorithm: sha256WithRSAEncryption
aa:d1:2d:41:0c:32:26:91:35:10:c1:fc:cd:1e:2e:7a:af:cf:
16:6c:98:d2:0a:07:e8:f8:cc:8c:f7:62:a4:de:b5:25:9a:87:
cf:a3:0c:f6:d1:9d:fb:ff:09:3b:eb:9e:a4:98:c0:e5:04:17:
2d:6e:63:b6:e4:1c:45:d0:67:c1:28:70:0b:a6:e9:1e:de:44:
bf:5d:b5:54:c0:bc:3c:d7:d2:7c:d2:41:6e:48:fa:f3:05:8f:
73:8b:a3:b8:2e:65:80:f1:93:26:9a:25:d3:ad:f8:a1:e3:0f:
c4:b1:e6:f7:e1:b5:47:b4:ae:68:c2:1b:46:e8:42:a6:65:0d:
de:0c:c8:e5:18:c3:12:16:03:f7:a2:00:bb:e0:a7:ee:00:8f:
07:83:a0:61:fa:66:31:e9:d8:09:fb:0e:49:b7:e5:43:23:e9:
91:b0:7d:e6:3b:2e:30:68:f5:11:8e:45:80:2f:17:5c:98:f2:
82:66:72:79:7c:84:d3:8b:a3:7d:40:c1:d7:33:c1:f3:08:e8:
9e:d4:8d:f7:5c:ce:0d:62:c7:15:41:0a:5b:a7:7c:e2:ef:62:
f9:78:2f:74:ad:6b:c8:f6:88:26:6e:c4:38:69:c5:b8:6b:92:
45:ee:ac:62:ff:e9:af:ab:e6:91:2a:1e:af:82:98:aa:9b:df:
cd:bf:3a:e0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQgaHhDD4eF+c0LY1PoJQqgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhY2ZhYzg2NDVhM2M2ZjEwMDQyZGM0YTc0ZDcwMGQ5ZDA2
YWYxN2EwHhcNMjUwMTAxMDU0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2Q1NGUzY2VkNTA3ZDY0Njc1Mzg4NTBmNTA1NTcwMTI4M2RlYTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyH8H6N2/D1jZyHSomxIK05+YCnqp
QiQMMuRm9bZrt/MzN9HLvpk+bXCRwy+hj0lOspJmXA7Dcdk7GEPKfr71fR73YNTj
0apfGfTMcVpDwz3/mt2QhNA6tEy7UYEsjp0yENu91mA0xZCgll7hEcKgaG/CX6Dm
Eceyj3kh2rYOR7w1E0nsFk2XmvPSFEUwBbTa+d+w17T4XBfa4/gxbKQDgbvt7sfq
NDZ/iB9z6shukEp+IVmCopZw4y8MjwUGkbAWn/XvD2lwVwD2zUO5IM6Qr3HpF07q
+11TrafD392fhyk4+6a4/8N4XjZSfAS+D2bLA+AtVQjHUpZbV8W4+6W3oQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDPVTjztUH1kZ1OIUPUFVwEoPeowMB8GA1UdIwQY
MBaAFErPrIZFo8bxAELcSnTXANnQavF6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3Mtc2hrV2p4dkVBUXR4S2ROY0EyZEJxOFhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8yYzE3Y2ItNDc0Mi00NGNmLTg5MWYt
N2JmODI3N2Q4YTJmLzEvTTlWT1BPMVFmV1JuVTRoUTlRVlhBU2c5NmpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8yYzE3Y2ItNDc0Mi00NGNmLTg5MWYtN2JmODI3N2Q4YTJm
LzEvU3Mtc2hrV2p4dkVBUXR4S2ROY0EyZEJxOFhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZyDAwQA
ubSNAwQBueLEMA0GCSqGSIb3DQEBCwUAA4IBAQCq0S1BDDImkTUQwfzNHi56r88W
bJjSCgfo+MyM92Kk3rUlmofPowz20Z37/wk7656kmMDlBBctbmO25BxF0GfBKHAL
puke3kS/XbVUwLw819J80kFuSPrzBY9zi6O4LmWA8ZMmmiXTrfih4w/Eseb34bVH
tK5owhtG6EKmZQ3eDMjlGMMSFgP3ogC74KfuAI8Hg6Bh+mYx6dgJ+w5Jt+VDI+mR
sH3mOy4waPURjkWALxdcmPKCZnJ5fITTi6N9QMHXM8HzCOie1I33XM4NYscVQQpb
p3zi72L5eC90rWvI9ogmbsQ4acW4a5JF7qxi/+mvq+aRKh6vgpiqm9/Nvzrg
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:23:44 2025 by rpki-client