Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/oUKk1uu7ErKDBDfczx8Lgvbp7JI.roa
File: oUKk1uu7ErKDBDfczx8Lgvbp7JI.roa (raw, json)
Hash identifier: t2ZvndGBIUmYOKdZ5J5PYO1QlJw9JZWhDYTd72oUg3c=
Subject key identifier: A1:42:A4:D6:EB:BB:12:B2:83:04:37:DC:CF:1F:0B:82:F6:E9:EC:92
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 0195A99A80CB8DC1796B660410DF4FB15095
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/oUKk1uu7ErKDBDfczx8Lgvbp7JI.roa
Signing time: Tue 18 Mar 2025 14:13:49 +0000
ROA not before: Tue 18 Mar 2025 14:13:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 45.138.12.0/22 maxlen: 22
91.132.160.0/22 maxlen: 22
152.89.28.0/22 maxlen: 22
193.135.151.0/24 maxlen: 24
193.135.157.0/24 maxlen: 24
193.135.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.mft
rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a9:9a:80:cb:8d:c1:79:6b:66:04:10:df:4f:b1:50:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Mar 18 14:13:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a142a4d6ebbb12b2830437dccf1f0b82f6e9ec92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ac:93:ea:a0:ab:cd:a3:0b:e2:71:74:fa:7d:
52:14:9d:ff:31:e8:8f:34:e5:f7:ac:96:07:57:e5:
ad:cc:4f:30:8b:b0:25:9f:d2:1b:79:24:97:72:61:
e1:2c:92:75:d2:bb:73:74:3b:d2:f5:28:a8:44:60:
7b:78:71:3e:2d:65:9e:ec:1b:10:08:d5:d8:94:02:
ec:c5:fc:af:66:19:f4:0d:2c:91:c1:3d:7a:ef:da:
c9:ca:70:94:cf:26:7a:73:06:59:91:3a:c7:a0:9d:
2f:10:6c:e6:e9:a5:14:18:97:7b:86:4f:f3:a8:ce:
b2:62:f4:27:e2:fb:df:16:f9:64:15:bc:be:67:ab:
4b:66:bc:c1:b7:0c:88:40:ad:34:e3:d5:f3:d9:28:
ff:28:5e:dc:c0:85:47:4a:25:10:b4:81:d1:9f:f0:
9a:73:9b:17:3f:0e:a0:c4:f2:57:a6:21:4b:df:d8:
e5:96:2c:9f:4b:98:f9:72:7f:c0:b9:f0:d3:e9:ed:
e1:ab:0b:b0:5f:90:88:52:90:8e:03:14:a0:42:ac:
a5:58:6c:0c:4b:4f:dd:01:7c:6d:45:7f:dd:53:05:
4d:a4:c5:44:f9:70:77:86:1f:88:8f:2b:41:00:5a:
4f:20:c9:a2:c2:aa:8d:93:b0:0f:67:b0:64:eb:fe:
25:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:42:A4:D6:EB:BB:12:B2:83:04:37:DC:CF:1F:0B:82:F6:E9:EC:92
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/oUKk1uu7ErKDBDfczx8Lgvbp7JI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.12.0/22
91.132.160.0/22
152.89.28.0/22
193.135.151.0/24
193.135.157.0/24
193.135.174.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:71:ca:74:74:33:4c:fb:26:83:3a:52:46:ca:66:12:f3:e4:
33:4e:6e:9f:95:9d:ba:c1:e9:aa:0d:39:49:93:b2:b8:23:b7:
ee:b7:47:86:8a:c5:2f:d6:c8:2e:c3:42:68:4d:1b:f2:b9:b7:
4a:e3:91:5b:8a:6d:19:f1:bc:c9:2a:35:59:26:74:15:bd:8a:
1b:42:af:d3:6e:c9:87:c5:ec:33:b8:f4:65:bf:e1:b5:d2:2e:
39:bd:f1:71:50:4f:0f:1e:03:ab:01:a2:91:61:73:d6:d2:5a:
10:50:d8:43:0d:ec:8b:d1:f4:2c:df:bc:37:0f:de:67:ba:76:
7b:30:97:29:18:e3:90:59:6a:93:bd:cd:76:bd:31:f9:c4:ad:
2f:63:d1:d4:cd:ac:7a:b6:04:40:85:bf:20:c8:35:c8:5d:1e:
2d:a3:67:3b:5c:30:d5:b4:00:05:50:bb:16:63:0a:8e:ba:8b:
d6:c5:b0:3f:1a:53:cf:23:5f:5c:07:33:11:4b:1c:31:f3:3a:
26:e1:9e:e3:cf:3f:9f:b4:d3:93:a6:30:2d:30:ff:a4:c4:e9:
a5:24:ed:8e:12:fc:ef:ee:19:f4:b6:40:be:1a:da:a3:fe:4b:
eb:38:4b:3f:c9:66:b5:19:9d:ff:8d:93:7b:99:5d:98:b4:d1:
dd:ed:e7:88
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZWpmoDLjcF5a2YEEN9PsVCVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjUwMzE4MTQxMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTQyYTRkNmViYmIxMmIyODMwNDM3ZGNjZjFmMGI4MmY2ZTllYzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqyT6qCrzaML4nF0+n1SFJ3/MeiP
NOX3rJYHV+WtzE8wi7Aln9IbeSSXcmHhLJJ10rtzdDvS9SioRGB7eHE+LWWe7BsQ
CNXYlALsxfyvZhn0DSyRwT1679rJynCUzyZ6cwZZkTrHoJ0vEGzm6aUUGJd7hk/z
qM6yYvQn4vvfFvlkFby+Z6tLZrzBtwyIQK0049Xz2Sj/KF7cwIVHSiUQtIHRn/Ca
c5sXPw6gxPJXpiFL39jlliyfS5j5cn/AufDT6e3hqwuwX5CIUpCOAxSgQqylWGwM
S0/dAXxtRX/dUwVNpMVE+XB3hh+IjytBAFpPIMmiwqqNk7APZ7Bk6/4lxwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKFCpNbruxKygwQ33M8fC4L26eySMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvb1VLazF1dTdFcktEQkRmY3p4OExndmJwN0pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLYoMAwQC
W4SgAwQCmFkcAwQAwYeXAwQAwYedAwQAwYeuMA0GCSqGSIb3DQEBCwUAA4IBAQCP
ccp0dDNM+yaDOlJGymYS8+QzTm6flZ26wemqDTlJk7K4I7fut0eGisUv1sguw0Jo
TRvyubdK45Fbim0Z8bzJKjVZJnQVvYobQq/TbsmHxewzuPRlv+G10i45vfFxUE8P
HgOrAaKRYXPW0loQUNhDDeyL0fQs37w3D95nunZ7MJcpGOOQWWqTvc12vTH5xK0v
Y9HUzax6tgRAhb8gyDXIXR4to2c7XDDVtAAFULsWYwqOuovWxbA/GlPPI19cBzMR
Sxwx8zom4Z7jzz+ftNOTpjAtMP+kxOmlJO2OEvzv7hn0tkC+Gtqj/kvrOEs/yWa1
GZ3/jZN7mV2YtNHd7eeI
-----END CERTIFICATE-----
Generated at Sat Apr 12 13:22:24 2025 by rpki-client