Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/wNJ0eSGK9CrxDXUJzqBGqZt1qoM.roa
File: wNJ0eSGK9CrxDXUJzqBGqZt1qoM.roa (raw, json)
Hash identifier: VARvN8MLdkZvFPQ8eRPdT6OVeyMm4bYhMp4omxBERho=
Subject key identifier: C0:D2:74:79:21:8A:F4:2A:F1:0D:75:09:CE:A0:46:A9:9B:75:AA:83
Certificate issuer: /CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Certificate serial: 0195EC319E988691FD3B17DC0D7F8FD02875
Authority key identifier: 42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/wNJ0eSGK9CrxDXUJzqBGqZt1qoM.roa
Signing time: Mon 31 Mar 2025 12:33:49 +0000
ROA not before: Mon 31 Mar 2025 12:33:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29119
IP address blocks: 45.13.171.0/24 maxlen: 24
93.88.20.0/24 maxlen: 24
93.88.21.0/24 maxlen: 24
185.152.60.0/23 maxlen: 23
185.152.61.0/24 maxlen: 24
185.189.224.0/24 maxlen: 24
185.198.51.0/24 maxlen: 24
195.245.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/QpNhzRgdhu9U6-L8kagOxTTOrHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/QpNhzRgdhu9U6-L8kagOxTTOrHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 21:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ec:31:9e:98:86:91:fd:3b:17:dc:0d:7f:8f:d0:28:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=429361cd181d86ef54ebe2fc91a80ec534ceac78
Validity
Not Before: Mar 31 12:33:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c0d27479218af42af10d7509cea046a99b75aa83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:33:42:7a:b9:ed:a1:41:f2:91:71:7b:0a:30:
7c:2d:2c:9d:f7:3e:86:cb:56:61:50:87:6b:df:68:
41:28:76:fc:f3:aa:f5:d9:ac:c6:63:9e:30:d4:ef:
07:45:b7:56:96:f1:c7:26:12:a0:83:b6:94:68:35:
86:32:2f:df:33:5f:53:18:58:46:54:a8:8f:da:ac:
2d:ad:32:e1:53:e2:1b:4b:42:34:2e:2e:53:84:b7:
b1:85:19:5b:ae:1e:60:ba:06:4c:d8:a2:ad:94:a4:
6a:8e:a5:12:4d:f8:22:97:f1:3f:91:79:d5:98:95:
f6:f6:15:6a:0e:cb:02:01:6d:9e:a6:59:b0:33:ba:
e3:56:e9:e0:8c:ac:41:57:c9:f1:d2:59:fa:3b:65:
45:ac:7d:ba:c4:f6:22:7a:cc:45:bc:bc:a7:64:2a:
d8:e7:e7:22:54:95:54:50:25:05:5a:68:ec:a7:18:
27:7c:bb:7b:de:ac:54:a6:6f:2a:9b:52:f2:c4:e3:
ee:77:4d:4c:b3:23:13:cf:69:09:7a:e2:ae:64:16:
6a:c3:de:fe:45:04:cb:ad:02:fc:e4:a0:69:cd:f4:
ab:d1:ae:43:8e:f2:c2:a2:9f:c3:10:a7:0a:e1:13:
bf:a6:82:fa:e1:f7:ed:70:62:49:92:fd:8e:eb:84:
fa:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:D2:74:79:21:8A:F4:2A:F1:0D:75:09:CE:A0:46:A9:9B:75:AA:83
X509v3 Authority Key Identifier:
keyid:42:93:61:CD:18:1D:86:EF:54:EB:E2:FC:91:A8:0E:C5:34:CE:AC:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpNhzRgdhu9U6-L8kagOxTTOrHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/wNJ0eSGK9CrxDXUJzqBGqZt1qoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7230bd-0c7c-4a02-adb9-9bbb42fa8ced/1/QpNhzRgdhu9U6-L8kagOxTTOrHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.171.0/24
93.88.20.0/23
185.152.60.0/23
185.189.224.0/24
185.198.51.0/24
195.245.89.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:b6:df:2c:3f:b8:80:dd:1a:3e:1e:e7:d6:70:cf:53:c6:b8:
03:16:f0:9e:4d:2c:ea:bd:5d:2b:6d:53:12:2b:7d:26:f6:8c:
9b:3e:3b:d5:4b:3b:63:f8:dc:db:ff:2a:7f:c0:04:1b:66:21:
81:9c:c4:35:17:11:41:74:48:ed:a7:09:f8:c6:44:03:cc:ac:
e8:c3:d3:4e:9d:c1:da:5e:c0:8c:08:a6:57:04:4b:55:ef:a6:
50:3f:2a:a9:98:a7:f1:fb:2e:b5:9e:4c:b9:3f:f0:43:55:84:
e1:45:be:d1:60:06:65:9b:d5:1a:70:53:43:e9:b1:c4:5d:af:
98:af:46:f6:8f:82:7e:b4:30:9f:6d:ef:07:74:f7:a0:fd:6a:
9a:14:fb:7d:e0:f4:08:68:a9:50:77:5f:2c:2a:9e:f8:ee:a4:
f5:12:f8:83:d8:87:8f:46:08:4f:bb:bf:dc:e1:e3:87:8d:ff:
be:2e:5a:43:1a:dd:3b:bc:c3:9d:a5:60:46:9f:6c:97:c7:fa:
38:52:88:a1:97:05:7d:2d:81:9e:0c:9c:76:22:53:23:e8:56:
a7:81:55:80:e0:ef:f3:5b:76:3e:8f:22:4d:12:c2:96:3e:bc:
ac:7f:4b:f6:1e:8b:c3:d9:c0:0a:03:89:04:fd:0d:b7:a9:42:
f8:f8:75:56
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZXsMZ6YhpH9OxfcDX+P0Ch1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTM2MWNkMTgxZDg2ZWY1NGViZTJmYzkxYTgwZWM1MzRj
ZWFjNzgwHhcNMjUwMzMxMTIzMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGQyNzQ3OTIxOGFmNDJhZjEwZDc1MDljZWEwNDZhOTliNzVhYTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4DNCerntoUHykXF7CjB8LSyd9z6G
y1ZhUIdr32hBKHb886r12azGY54w1O8HRbdWlvHHJhKgg7aUaDWGMi/fM19TGFhG
VKiP2qwtrTLhU+IbS0I0Li5ThLexhRlbrh5gugZM2KKtlKRqjqUSTfgil/E/kXnV
mJX29hVqDssCAW2eplmwM7rjVungjKxBV8nx0ln6O2VFrH26xPYiesxFvLynZCrY
5+ciVJVUUCUFWmjspxgnfLt73qxUpm8qm1LyxOPud01MsyMTz2kJeuKuZBZqw97+
RQTLrQL85KBpzfSr0a5DjvLCop/DEKcK4RO/poL64fftcGJJkv2O64T6mQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMDSdHkhivQq8Q11Cc6gRqmbdaqDMB8GA1UdIwQY
MBaAFEKTYc0YHYbvVOvi/JGoDsU0zqx4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjkt
OWJiYjQyZmE4Y2VkLzEvd05KMGVTR0s5Q3J4RFhVSnpxQkdxWnQxcW9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83MjMwYmQtMGM3Yy00YTAyLWFkYjktOWJiYjQyZmE4Y2Vk
LzEvUXBOaHpSZ2RodTlVNi1MOGthZ094VFRPckhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALQ2rAwQB
XVgUAwQBuZg8AwQAub3gAwQAucYzAwQAw/VZMA0GCSqGSIb3DQEBCwUAA4IBAQBr
tt8sP7iA3Ro+HufWcM9TxrgDFvCeTSzqvV0rbVMSK30m9oybPjvVSztj+Nzb/yp/
wAQbZiGBnMQ1FxFBdEjtpwn4xkQDzKzow9NOncHaXsCMCKZXBEtV76ZQPyqpmKfx
+y61nky5P/BDVYThRb7RYAZlm9UacFND6bHEXa+Yr0b2j4J+tDCfbe8HdPeg/Wqa
FPt94PQIaKlQd18sKp747qT1EviD2IePRghPu7/c4eOHjf++LlpDGt07vMOdpWBG
n2yXx/o4UoihlwV9LYGeDJx2IlMj6FangVWA4O/zW3Y+jyJNEsKWPrysf0v2HovD
2cAKA4kE/Q23qUL4+HVW
-----END CERTIFICATE-----
Generated at Thu Apr 10 06:18:34 2025 by rpki-client