Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/759874-e7f2-45fd-819d-a5d1148f25bd/1/I2Yr1zW3N9WPKWaBf8XpZBa9KTQ.roa
File: I2Yr1zW3N9WPKWaBf8XpZBa9KTQ.roa (raw, json)
Hash identifier: FDkYKTEP0Um2LUoCF//rx7PCDLHD998Rc7mDWECM5U8=
Subject key identifier: 23:66:2B:D7:35:B7:37:D5:8F:29:66:81:7F:C5:E9:64:16:BD:29:34
Certificate issuer: /CN=caaee579e013218f571386413e2c5b2bc245a836
Certificate serial: 0194221FAA93D4CC02A15A8C3B56D5EDCE46
Authority key identifier: CA:AE:E5:79:E0:13:21:8F:57:13:86:41:3E:2C:5B:2B:C2:45:A8:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yq7leeATIY9XE4ZBPixbK8JFqDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/759874-e7f2-45fd-819d-a5d1148f25bd/1/I2Yr1zW3N9WPKWaBf8XpZBa9KTQ.roa
Signing time: Wed 01 Jan 2025 13:48:08 +0000
ROA not before: Wed 01 Jan 2025 13:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208349
IP address blocks: 31.10.6.0/24 maxlen: 24
31.10.7.0/24 maxlen: 24
45.134.124.0/22 maxlen: 22
45.134.124.0/24 maxlen: 24
45.134.125.0/24 maxlen: 24
45.134.126.0/24 maxlen: 24
45.134.127.0/24 maxlen: 24
77.105.156.0/24 maxlen: 24
77.105.157.0/24 maxlen: 24
77.105.158.0/24 maxlen: 24
77.105.159.0/24 maxlen: 24
185.31.133.0/24 maxlen: 24
2a0e:7e40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/759874-e7f2-45fd-819d-a5d1148f25bd/1/yq7leeATIY9XE4ZBPixbK8JFqDY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/759874-e7f2-45fd-819d-a5d1148f25bd/1/yq7leeATIY9XE4ZBPixbK8JFqDY.mft
rsync://rpki.ripe.net/repository/DEFAULT/yq7leeATIY9XE4ZBPixbK8JFqDY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:aa:93:d4:cc:02:a1:5a:8c:3b:56:d5:ed:ce:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caaee579e013218f571386413e2c5b2bc245a836
Validity
Not Before: Jan 1 13:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=23662bd735b737d58f2966817fc5e96416bd2934
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:2b:d4:a5:ab:66:40:0a:1b:10:7d:56:46:96:
53:8d:38:cd:69:8a:72:06:17:d2:2a:7c:5d:18:fa:
31:a1:0a:37:19:01:70:d0:66:1a:cd:ea:d4:b6:11:
57:ad:98:f2:02:e8:26:f8:07:37:84:c2:2d:cd:c3:
a3:63:62:33:07:f6:6b:db:1d:fc:0d:ff:8a:f8:4c:
6f:a5:3b:9a:57:81:38:ac:cf:c4:9e:ec:b3:f3:f3:
d6:ac:5e:2b:1c:83:87:30:fd:1e:53:83:94:5b:34:
b3:b5:29:70:25:fa:99:16:dd:34:ae:1c:94:d3:43:
7c:f8:61:5e:75:3b:24:cf:41:5f:17:6c:d6:26:15:
00:88:64:56:94:6c:35:fd:5d:af:91:3e:1b:ba:7b:
30:6f:61:dd:81:39:43:2f:a3:98:21:3a:5a:16:4e:
09:a8:6f:44:5f:a1:2f:00:b9:83:26:60:f8:b2:31:
30:a9:39:19:c1:4e:52:26:18:8a:ed:85:b1:7a:4b:
95:96:f8:ec:74:37:d1:55:d1:64:af:14:09:96:49:
13:38:9c:37:84:46:50:96:99:25:40:2d:84:31:a7:
60:59:89:6e:f5:e9:33:b0:be:68:6d:7b:25:a8:b7:
67:ea:86:4f:e2:fc:32:26:ff:10:e6:9f:02:69:6c:
d1:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:66:2B:D7:35:B7:37:D5:8F:29:66:81:7F:C5:E9:64:16:BD:29:34
X509v3 Authority Key Identifier:
keyid:CA:AE:E5:79:E0:13:21:8F:57:13:86:41:3E:2C:5B:2B:C2:45:A8:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yq7leeATIY9XE4ZBPixbK8JFqDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/759874-e7f2-45fd-819d-a5d1148f25bd/1/I2Yr1zW3N9WPKWaBf8XpZBa9KTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/759874-e7f2-45fd-819d-a5d1148f25bd/1/yq7leeATIY9XE4ZBPixbK8JFqDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.10.6.0/23
45.134.124.0/22
77.105.156.0/22
185.31.133.0/24
IPv6:
2a0e:7e40::/29
Signature Algorithm: sha256WithRSAEncryption
70:19:a8:18:7e:a1:06:e8:38:50:d4:27:9f:6e:6c:10:5e:e9:
90:8f:74:29:b4:4d:89:e5:01:4d:b2:e7:b3:2c:a8:d0:d2:3f:
f6:3a:8b:0e:f9:9b:55:fb:85:3f:15:7a:43:22:35:e2:03:74:
b6:b2:a9:9c:27:5a:67:86:aa:be:30:31:35:c6:7c:29:d1:20:
3d:b6:7a:d0:9f:b2:40:12:44:ff:72:e7:a4:5d:fc:d8:8e:38:
d5:ae:5f:79:86:4b:92:db:64:53:1f:eb:b4:5c:8a:f9:da:2a:
32:cc:ea:f1:00:b0:44:f0:c6:5c:cb:6c:0a:3c:b0:1e:f3:f8:
75:97:39:97:c8:f2:b5:a0:77:52:3f:98:cf:9b:64:3d:e8:9a:
7c:a0:35:c0:e0:34:2f:c0:8a:44:b3:d1:8d:9e:ce:a2:ee:54:
fb:f6:c6:3f:6a:53:6d:6a:c9:28:27:5b:21:a8:cd:ae:5d:03:
08:85:5c:a5:ac:65:89:b1:81:b7:11:70:77:80:7d:6d:ef:ef:
8c:65:b8:69:9a:85:97:41:e7:b3:d1:05:b0:56:71:2e:05:d3:
35:02:33:01:72:cc:af:9b:53:9b:e8:35:07:24:99:07:c5:c6:
a4:46:38:b4:38:f4:3a:96:bf:08:57:f7:fa:f9:d6:e8:be:0d:
45:83:51:51
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQiH6qT1MwCoVqMO1bV7c5GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhYWVlNTc5ZTAxMzIxOGY1NzEzODY0MTNlMmM1YjJiYzI0
NWE4MzYwHhcNMjUwMTAxMTM0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzY2MmJkNzM1YjczN2Q1OGYyOTY2ODE3ZmM1ZTk2NDE2YmQyOTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSvUpatmQAobEH1WRpZTjTjNaYpy
BhfSKnxdGPoxoQo3GQFw0GYazerUthFXrZjyAugm+Ac3hMItzcOjY2IzB/Zr2x38
Df+K+ExvpTuaV4E4rM/Enuyz8/PWrF4rHIOHMP0eU4OUWzSztSlwJfqZFt00rhyU
00N8+GFedTskz0FfF2zWJhUAiGRWlGw1/V2vkT4bunswb2HdgTlDL6OYITpaFk4J
qG9EX6EvALmDJmD4sjEwqTkZwU5SJhiK7YWxekuVlvjsdDfRVdFkrxQJlkkTOJw3
hEZQlpklQC2EMadgWYlu9ekzsL5obXslqLdn6oZP4vwyJv8Q5p8CaWzRDwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCNmK9c1tzfVjylmgX/F6WQWvSk0MB8GA1UdIwQY
MBaAFMqu5XngEyGPVxOGQT4sWyvCRag2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXE3bGVlQVRJWTlYRTRaQlBpeGJLOEpGcURZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC83NTk4NzQtZTdmMi00NWZkLTgxOWQt
YTVkMTE0OGYyNWJkLzEvSTJZcjF6VzNOOVdQS1dhQmY4WHBaQmE5S1RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC83NTk4NzQtZTdmMi00NWZkLTgxOWQtYTVkMTE0OGYyNWJk
LzEveXE3bGVlQVRJWTlYRTRaQlBpeGJLOEpGcURZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBHwoGAwQC
LYZ8AwQCTWmcAwQAuR+FMA0EAgACMAcDBQMqDn5AMA0GCSqGSIb3DQEBCwUAA4IB
AQBwGagYfqEG6DhQ1CefbmwQXumQj3QptE2J5QFNsuezLKjQ0j/2OosO+ZtV+4U/
FXpDIjXiA3S2sqmcJ1pnhqq+MDE1xnwp0SA9tnrQn7JAEkT/cuekXfzYjjjVrl95
hkuS22RTH+u0XIr52ioyzOrxALBE8MZcy2wKPLAe8/h1lzmXyPK1oHdSP5jPm2Q9
6Jp8oDXA4DQvwIpEs9GNns6i7lT79sY/alNtaskoJ1shqM2uXQMIhVylrGWJsYG3
EXB3gH1t7++MZbhpmoWXQeez0QWwVnEuBdM1AjMBcsyvm1Ob6DUHJJkHxcakRji0
OPQ6lr8IV/f6+dbovg1Fg1FR
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:45:04 2025 by rpki-client