Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/Ng244YNQbxE3TMeamv03jApwIcU.roa
File: Ng244YNQbxE3TMeamv03jApwIcU.roa (raw, json)
Hash identifier: JyhveyeGRjifQQUL2oBTXMpr9SaWtVHTXLlb3SDxmUY=
Subject key identifier: 36:0D:B8:E1:83:50:6F:11:37:4C:C7:9A:9A:FD:37:8C:0A:70:21:C5
Certificate issuer: /CN=0d72fe2c805ed63afc9c89e9324ac94d30939aab
Certificate serial: 0194228D4D190DFAD686B31BA3D96F0C5CC9
Authority key identifier: 0D:72:FE:2C:80:5E:D6:3A:FC:9C:89:E9:32:4A:C9:4D:30:93:9A:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXL-LIBe1jr8nInpMkrJTTCTmqs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/Ng244YNQbxE3TMeamv03jApwIcU.roa
Signing time: Wed 01 Jan 2025 15:47:53 +0000
ROA not before: Wed 01 Jan 2025 15:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 109.245.74.0/24 maxlen: 24
109.245.96.0/24 maxlen: 24
109.245.97.0/24 maxlen: 24
109.245.98.0/24 maxlen: 24
109.245.99.0/24 maxlen: 24
109.245.100.0/24 maxlen: 24
109.245.101.0/24 maxlen: 24
109.245.102.0/24 maxlen: 24
109.245.103.0/24 maxlen: 24
109.245.112.0/24 maxlen: 24
109.245.113.0/24 maxlen: 24
109.245.114.0/24 maxlen: 24
109.245.115.0/24 maxlen: 24
109.245.116.0/24 maxlen: 24
109.245.117.0/24 maxlen: 24
109.245.118.0/24 maxlen: 24
109.245.119.0/24 maxlen: 24
109.245.192.0/24 maxlen: 24
109.245.193.0/24 maxlen: 24
109.245.194.0/24 maxlen: 24
109.245.195.0/24 maxlen: 24
109.245.196.0/24 maxlen: 24
109.245.197.0/24 maxlen: 24
109.245.198.0/24 maxlen: 24
109.245.199.0/24 maxlen: 24
109.245.200.0/24 maxlen: 24
109.245.201.0/24 maxlen: 24
109.245.202.0/24 maxlen: 24
109.245.203.0/24 maxlen: 24
109.245.204.0/24 maxlen: 24
109.245.205.0/24 maxlen: 24
109.245.206.0/24 maxlen: 24
109.245.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/DXL-LIBe1jr8nInpMkrJTTCTmqs.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/DXL-LIBe1jr8nInpMkrJTTCTmqs.mft
rsync://rpki.ripe.net/repository/DEFAULT/DXL-LIBe1jr8nInpMkrJTTCTmqs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:4d:19:0d:fa:d6:86:b3:1b:a3:d9:6f:0c:5c:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d72fe2c805ed63afc9c89e9324ac94d30939aab
Validity
Not Before: Jan 1 15:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=360db8e183506f11374cc79a9afd378c0a7021c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:e4:f7:24:97:40:d3:6c:e8:e8:3a:64:96:90:
79:5a:af:eb:ae:03:1c:2e:0d:09:10:b7:68:10:d7:
a5:de:40:6d:f0:69:65:7e:ac:4a:73:88:7c:7e:4e:
cc:40:75:14:96:fb:2d:e9:e9:b4:a1:d4:90:63:a2:
9d:20:93:31:17:31:f7:84:0e:eb:02:f2:dc:e5:7b:
c4:45:69:c5:d5:cf:23:10:4a:7d:7d:cb:83:0c:95:
38:5f:6b:d1:94:30:40:5a:51:8d:e7:86:0e:85:89:
8e:d7:c0:4d:24:57:11:70:ac:b4:31:a7:51:61:b1:
8a:47:aa:47:0e:6a:4a:0a:6f:ba:75:78:12:ab:ce:
15:f8:1c:9d:1a:9f:3f:49:d0:77:c9:08:98:d3:24:
bf:b8:5c:42:6e:42:d7:47:b4:a6:71:cc:e5:23:68:
86:62:33:4b:be:7b:14:0e:f4:b2:ea:6f:c2:ad:19:
92:87:b1:3b:e8:24:b1:18:2f:35:e7:70:88:c2:bc:
ac:4b:73:b6:52:43:2a:74:51:ae:f4:e4:a9:02:b8:
a4:b5:75:fb:55:f3:fb:8b:e1:a2:ad:f0:a3:f6:ec:
f4:e1:de:54:d5:48:76:7a:96:6b:c5:53:d6:d4:b3:
9a:68:79:d0:45:8d:21:e9:98:7f:37:17:2b:ae:92:
b9:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:0D:B8:E1:83:50:6F:11:37:4C:C7:9A:9A:FD:37:8C:0A:70:21:C5
X509v3 Authority Key Identifier:
keyid:0D:72:FE:2C:80:5E:D6:3A:FC:9C:89:E9:32:4A:C9:4D:30:93:9A:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXL-LIBe1jr8nInpMkrJTTCTmqs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/Ng244YNQbxE3TMeamv03jApwIcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/DXL-LIBe1jr8nInpMkrJTTCTmqs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.245.74.0/24
109.245.96.0/21
109.245.112.0/21
109.245.192.0/20
Signature Algorithm: sha256WithRSAEncryption
8e:0a:f2:45:ed:74:7c:a2:ed:30:a7:33:ba:e1:b1:5b:e1:51:
ce:13:2e:3b:ee:d2:96:4c:b4:59:28:b6:44:a6:05:e6:9f:cc:
bd:f7:e9:0a:fa:31:b0:3e:61:49:d8:59:cd:8a:41:32:1c:ad:
40:a7:09:0f:fa:00:20:de:2a:e8:82:46:5c:e9:7b:8c:68:c9:
3d:34:ba:a1:c2:a7:1c:71:e7:93:e6:78:57:cb:89:39:ab:2f:
a7:3c:8c:67:fc:ca:9e:71:f9:a1:23:f4:1a:02:b3:28:73:45:
31:e4:bd:13:c9:5e:6a:73:f5:66:8a:55:52:cc:9b:46:4a:e5:
f2:30:34:82:30:3f:ca:33:13:59:d1:a8:6e:1d:73:74:8d:e2:
f0:fb:49:bf:ab:fe:b4:7f:44:e1:d3:cb:f3:5f:e6:eb:38:34:
6f:01:e2:d2:ba:ca:39:76:fc:de:7c:27:f2:24:44:da:8b:f6:
3f:f8:bf:7a:6e:0a:d4:eb:ed:40:55:63:c7:26:c3:7e:92:a4:
cd:fb:7e:b8:57:a8:c9:c4:89:a8:f9:68:f7:a4:64:fb:43:1f:
81:5e:89:c5:f9:b8:60:ec:c0:d2:eb:3a:80:ae:17:c6:73:62:
7b:1a:64:15:8c:27:d9:d1:2d:16:00:9e:f0:33:0a:c3:9f:62:
ba:67:67:80
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQijU0ZDfrWhrMbo9lvDFzJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzJmZTJjODA1ZWQ2M2FmYzljODllOTMyNGFjOTRkMzA5
MzlhYWIwHhcNMjUwMTAxMTU0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjBkYjhlMTgzNTA2ZjExMzc0Y2M3OWE5YWZkMzc4YzBhNzAyMWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6+T3JJdA02zo6DpklpB5Wq/rrgMc
Lg0JELdoENel3kBt8GllfqxKc4h8fk7MQHUUlvst6em0odSQY6KdIJMxFzH3hA7r
AvLc5XvERWnF1c8jEEp9fcuDDJU4X2vRlDBAWlGN54YOhYmO18BNJFcRcKy0MadR
YbGKR6pHDmpKCm+6dXgSq84V+BydGp8/SdB3yQiY0yS/uFxCbkLXR7SmcczlI2iG
YjNLvnsUDvSy6m/CrRmSh7E76CSxGC8153CIwrysS3O2UkMqdFGu9OSpAriktXX7
VfP7i+GirfCj9uz04d5U1Uh2epZrxVPW1LOaaHnQRY0h6Zh/NxcrrpK5+QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDYNuOGDUG8RN0zHmpr9N4wKcCHFMB8GA1UdIwQY
MBaAFA1y/iyAXtY6/JyJ6TJKyU0wk5qrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhMLUxJQmUxanI4bklucE1rckpUVENUbXFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yMmUxZDEtOTk4NC00MTU4LThkMTgt
Y2Y4MThjN2M0NTFhLzEvTmcyNDRZTlFieEUzVE1lYW12MDNqQXB3SWNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yMmUxZDEtOTk4NC00MTU4LThkMTgtY2Y4MThjN2M0NTFh
LzEvRFhMLUxJQmUxanI4bklucE1rckpUVENUbXFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAbfVKAwQD
bfVgAwQDbfVwAwQEbfXAMA0GCSqGSIb3DQEBCwUAA4IBAQCOCvJF7XR8ou0wpzO6
4bFb4VHOEy477tKWTLRZKLZEpgXmn8y99+kK+jGwPmFJ2FnNikEyHK1ApwkP+gAg
3irogkZc6XuMaMk9NLqhwqccceeT5nhXy4k5qy+nPIxn/MqecfmhI/QaArMoc0Ux
5L0TyV5qc/VmilVSzJtGSuXyMDSCMD/KMxNZ0ahuHXN0jeLw+0m/q/60f0Th08vz
X+brODRvAeLSuso5dvzefCfyJETai/Y/+L96bgrU6+1AVWPHJsN+kqTN+364V6jJ
xImo+Wj3pGT7Qx+BXonF+bhg7MDS6zqArhfGc2J7GmQVjCfZ0S0WAJ7wMwrDn2K6
Z2eA
-----END CERTIFICATE-----
Generated at Sat Apr 12 16:46:54 2025 by rpki-client