Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/d3b263-b0f1-4a6b-912e-373dda43f792/1/puw08h74TtFA6oc3LqSJELivWac.roa
File: puw08h74TtFA6oc3LqSJELivWac.roa (raw, json)
Hash identifier: 6izoAc/QEsoM8sPaZbI92YMt+TMYy+EV7r4bwPmo4dA=
Subject key identifier: A6:EC:34:F2:1E:F8:4E:D1:40:EA:87:37:2E:A4:89:10:B8:AF:59:A7
Certificate issuer: /CN=ce2b10d89b5537913503127eb87226afb89d1b2d
Certificate serial: 0194221FA47C1C9B5F5031FE66857C582039
Authority key identifier: CE:2B:10:D8:9B:55:37:91:35:03:12:7E:B8:72:26:AF:B8:9D:1B:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zisQ2JtVN5E1AxJ-uHImr7idGy0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/d3b263-b0f1-4a6b-912e-373dda43f792/1/puw08h74TtFA6oc3LqSJELivWac.roa
Signing time: Wed 01 Jan 2025 13:48:06 +0000
ROA not before: Wed 01 Jan 2025 13:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20978
IP address blocks: 5.44.80.0/20 maxlen: 24
5.46.0.0/15 maxlen: 24
5.176.0.0/15 maxlen: 24
37.154.0.0/15 maxlen: 24
46.104.0.0/16 maxlen: 24
94.235.0.0/16 maxlen: 24
95.173.0.0/19 maxlen: 24
151.135.0.0/16 maxlen: 24
176.30.0.0/16 maxlen: 24
176.220.0.0/16 maxlen: 24
185.4.68.0/22 maxlen: 24
188.41.0.0/16 maxlen: 24
213.211.0.0/19 maxlen: 24
217.174.32.0/20 maxlen: 24
2a02:2010::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/d3b263-b0f1-4a6b-912e-373dda43f792/1/zisQ2JtVN5E1AxJ-uHImr7idGy0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/d3b263-b0f1-4a6b-912e-373dda43f792/1/zisQ2JtVN5E1AxJ-uHImr7idGy0.mft
rsync://rpki.ripe.net/repository/DEFAULT/zisQ2JtVN5E1AxJ-uHImr7idGy0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:a4:7c:1c:9b:5f:50:31:fe:66:85:7c:58:20:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce2b10d89b5537913503127eb87226afb89d1b2d
Validity
Not Before: Jan 1 13:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6ec34f21ef84ed140ea87372ea48910b8af59a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c2:d0:bb:5d:1b:c0:f5:c2:15:7b:e8:8a:62:
df:cb:33:c8:26:4a:6f:19:22:47:31:d3:bc:01:2c:
0b:6b:6a:67:c6:6f:5a:15:d2:2a:d7:b5:f6:37:c7:
af:da:5d:45:c3:a6:b6:b4:ac:0c:d3:a8:c4:4d:1b:
53:af:b7:d8:8d:09:19:79:6d:2d:4e:37:6c:06:94:
cd:f5:0b:35:3a:50:79:59:d2:7d:48:4c:f6:bf:a9:
1e:f8:b2:5c:93:1b:fc:f7:d6:6e:c3:7b:fe:3e:ec:
96:27:1c:f7:9b:ef:53:85:40:54:df:3e:c5:8a:19:
9c:85:41:16:ea:00:83:81:61:ff:fa:c7:9e:03:07:
ff:14:a5:d2:25:fc:b2:b5:33:04:f5:d5:ba:88:5d:
97:92:34:d5:af:c2:7b:4c:e0:62:2d:bd:07:18:c7:
96:8e:3f:02:a3:12:f8:a9:26:d1:9c:7f:79:4b:c0:
5b:67:5c:b7:49:1d:b7:bd:38:d5:66:5d:8c:22:a4:
54:e4:87:39:a6:99:d6:40:b3:03:51:6a:cf:ca:13:
9a:3f:fc:4a:8a:b6:a2:3d:b1:45:10:05:f3:b5:52:
f3:4b:15:9c:b0:47:89:71:15:4d:52:59:0a:c5:23:
53:b4:c3:cf:03:f2:bf:a8:2a:68:32:60:38:d1:b2:
1d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:EC:34:F2:1E:F8:4E:D1:40:EA:87:37:2E:A4:89:10:B8:AF:59:A7
X509v3 Authority Key Identifier:
keyid:CE:2B:10:D8:9B:55:37:91:35:03:12:7E:B8:72:26:AF:B8:9D:1B:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zisQ2JtVN5E1AxJ-uHImr7idGy0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/d3b263-b0f1-4a6b-912e-373dda43f792/1/puw08h74TtFA6oc3LqSJELivWac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/d3b263-b0f1-4a6b-912e-373dda43f792/1/zisQ2JtVN5E1AxJ-uHImr7idGy0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.80.0/20
5.46.0.0/15
5.176.0.0/15
37.154.0.0/15
46.104.0.0/16
94.235.0.0/16
95.173.0.0/19
151.135.0.0/16
176.30.0.0/16
176.220.0.0/16
185.4.68.0/22
188.41.0.0/16
213.211.0.0/19
217.174.32.0/20
IPv6:
2a02:2010::/29
Signature Algorithm: sha256WithRSAEncryption
5b:00:c4:36:76:c3:b0:43:ac:15:9b:5d:47:a1:88:64:26:31:
e6:4f:e6:20:b6:7e:eb:e7:cc:fb:50:64:cf:9d:fb:0f:db:5f:
a2:f1:77:ef:df:71:90:e2:02:9b:32:f7:9a:5d:dc:b8:d8:6a:
9d:f5:f5:c7:32:54:6e:b7:9e:c8:f0:1a:83:5b:72:15:e4:22:
a7:db:b1:cc:d1:2b:48:8b:db:34:d6:44:eb:57:dc:a8:5b:12:
6e:1e:43:52:13:17:6c:7d:ca:ad:84:7e:6e:c6:dd:c9:8f:2f:
39:7a:f1:cf:76:67:42:f5:29:a3:6b:de:a2:fd:69:7c:2b:45:
86:e6:e4:c5:45:6d:e3:6d:5d:df:80:ca:27:07:97:d8:aa:c9:
a1:c9:dc:ef:7c:66:2e:d0:ef:99:1e:55:8d:95:17:20:9c:fb:
dd:d2:ca:a6:a4:97:8a:b5:d0:21:1e:57:53:04:08:52:ec:d0:
ee:cf:93:64:68:69:a8:e6:e5:31:ac:97:0f:19:32:e5:a3:1e:
d5:14:78:50:16:47:ed:8c:13:9b:a8:dd:6c:c8:3b:c1:70:fe:
a6:6b:d4:12:36:d2:fc:b4:4a:6a:97:3f:31:95:1b:aa:e4:f1:
3c:d9:dd:36:6d:cb:9b:8f:35:c4:e4:af:8b:03:5b:18:c5:b3:
22:e9:8c:7e
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZQiH6R8HJtfUDH+ZoV8WCA5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMmIxMGQ4OWI1NTM3OTEzNTAzMTI3ZWI4NzIyNmFmYjg5
ZDFiMmQwHhcNMjUwMTAxMTM0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmVjMzRmMjFlZjg0ZWQxNDBlYTg3MzcyZWE0ODkxMGI4YWY1OWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsLQu10bwPXCFXvoimLfyzPIJkpv
GSJHMdO8ASwLa2pnxm9aFdIq17X2N8ev2l1Fw6a2tKwM06jETRtTr7fYjQkZeW0t
TjdsBpTN9Qs1OlB5WdJ9SEz2v6ke+LJckxv899Zuw3v+PuyWJxz3m+9ThUBU3z7F
ihmchUEW6gCDgWH/+seeAwf/FKXSJfyytTME9dW6iF2XkjTVr8J7TOBiLb0HGMeW
jj8CoxL4qSbRnH95S8BbZ1y3SR23vTjVZl2MIqRU5Ic5ppnWQLMDUWrPyhOaP/xK
iraiPbFFEAXztVLzSxWcsEeJcRVNUlkKxSNTtMPPA/K/qCpoMmA40bIdgQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFKbsNPIe+E7RQOqHNy6kiRC4r1mnMB8GA1UdIwQY
MBaAFM4rENibVTeRNQMSfrhyJq+4nRstMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemlzUTJKdFZONUUxQXhKLXVISW1yN2lkR3kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9kM2IyNjMtYjBmMS00YTZiLTkxMmUt
MzczZGRhNDNmNzkyLzEvcHV3MDhoNzRUdEZBNm9jM0xxU0pFTGl2V2FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9kM2IyNjMtYjBmMS00YTZiLTkxMmUtMzczZGRhNDNmNzky
LzEvemlzUTJKdFZONUUxQXhKLXVISW1yN2lkR3kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBRBAIAATBLAwQEBSxQAwMB
BS4DAwEFsAMDASWaAwMALmgDAwBe6wMEBV+tAAMDAJeHAwMAsB4DAwCw3AMEArkE
RAMDALwpAwQF1dMAAwQE2a4gMA0EAgACMAcDBQMqAiAQMA0GCSqGSIb3DQEBCwUA
A4IBAQBbAMQ2dsOwQ6wVm11HoYhkJjHmT+Ygtn7r58z7UGTPnfsP21+i8Xfv33GQ
4gKbMveaXdy42Gqd9fXHMlRut57I8BqDW3IV5CKn27HM0StIi9s01kTrV9yoWxJu
HkNSExdsfcqthH5uxt3Jjy85evHPdmdC9Smja96i/Wl8K0WG5uTFRW3jbV3fgMon
B5fYqsmhydzvfGYu0O+ZHlWNlRcgnPvd0sqmpJeKtdAhHldTBAhS7NDuz5NkaGmo
5uUxrJcPGTLlox7VFHhQFkftjBObqN1syDvBcP6ma9QSNtL8tEpqlz8xlRuq5PE8
2d02bcubjzXE5K+LA1sYxbMi6Yx+
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:48:42 2025 by rpki-client