Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/t8F3qMDlzhte4nB0i74HVtpG_5w.roa
File: t8F3qMDlzhte4nB0i74HVtpG_5w.roa (raw, json)
Hash identifier: HEhXEACz1k3+DxtxJZjD15sVNQfJYArlxY3uCzOLt5g=
Subject key identifier: B7:C1:77:A8:C0:E5:CE:1B:5E:E2:70:74:8B:BE:07:56:DA:46:FF:9C
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0194266C59BFDBF72BF33780C3694B80C29B
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/t8F3qMDlzhte4nB0i74HVtpG_5w.roa
Signing time: Thu 02 Jan 2025 09:50:22 +0000
ROA not before: Thu 02 Jan 2025 09:50:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12683
IP address blocks: 46.45.192.0/18 maxlen: 18
46.63.128.0/17 maxlen: 17
77.39.0.0/17 maxlen: 17
82.119.128.0/19 maxlen: 19
84.54.192.0/18 maxlen: 18
85.159.32.0/21 maxlen: 21
88.215.128.0/18 maxlen: 18
94.255.0.0/17 maxlen: 17
109.168.128.0/17 maxlen: 17
212.96.96.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:59:bf:db:f7:2b:f3:37:80:c3:69:4b:80:c2:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 09:50:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b7c177a8c0e5ce1b5ee270748bbe0756da46ff9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d4:9f:69:4c:b5:f2:aa:7f:d5:20:8f:f5:54:
a8:ed:7f:66:3d:a1:a6:a0:ca:03:7e:9c:b2:f8:ef:
3b:98:01:7e:22:cd:bc:00:37:97:1f:80:de:a7:f8:
7e:69:a3:ec:53:4a:34:09:7a:18:db:d9:c1:06:b6:
f2:73:6f:d2:d0:63:e9:64:5d:22:95:47:f6:d1:dc:
86:e8:e1:41:11:f5:85:b5:2b:ee:bc:a0:ad:06:89:
17:82:c2:3a:bb:92:2f:4c:66:59:d5:30:18:02:a4:
dc:f1:b1:f0:d2:6a:f7:63:0e:57:cc:88:af:50:f5:
68:f8:26:41:98:50:e4:c3:99:e0:fe:e7:b3:e6:a0:
b7:ca:0b:ff:c1:32:f5:22:3a:1e:04:78:87:93:6b:
1e:bf:62:95:13:28:e9:bd:1f:01:0c:15:29:8f:7d:
03:81:c6:78:45:47:dc:ec:6c:c3:7a:14:59:1a:30:
ce:6a:cc:b1:7d:9f:98:ab:f0:ef:a8:04:f4:76:5f:
d6:90:69:af:4e:78:8c:b2:e6:39:63:ed:22:84:bb:
e5:2e:d8:ac:e4:b5:4b:c2:64:3c:e9:b4:34:37:f9:
d2:c9:2a:f0:7b:ce:fa:07:a4:37:03:60:8e:d4:38:
2b:35:a7:8a:88:a1:0e:c1:12:e3:3a:da:dc:b6:74:
c1:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:C1:77:A8:C0:E5:CE:1B:5E:E2:70:74:8B:BE:07:56:DA:46:FF:9C
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/t8F3qMDlzhte4nB0i74HVtpG_5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.45.192.0/18
46.63.128.0/17
77.39.0.0/17
82.119.128.0/19
84.54.192.0/18
85.159.32.0/21
88.215.128.0/18
94.255.0.0/17
109.168.128.0/17
212.96.96.0/19
Signature Algorithm: sha256WithRSAEncryption
6a:e4:3f:a5:cf:57:84:1b:ef:be:81:a4:11:74:77:f4:ca:8e:
50:4d:f0:25:a5:98:77:57:4f:b6:a9:45:c3:d9:ba:2c:84:be:
0f:ba:e4:12:10:fb:3f:85:5e:e7:3b:c1:0a:9b:fa:c5:c4:2a:
98:91:0d:97:03:e8:33:43:49:01:9b:7f:b4:ca:4a:a9:63:cf:
55:5a:5d:be:6a:eb:8c:59:ec:65:d4:5f:26:f4:12:93:47:4b:
72:cb:63:ed:e8:d1:cc:8c:cd:76:c7:b2:ce:b3:48:37:d4:c3:
77:09:92:dd:27:4c:9a:23:91:6c:21:05:85:7b:3e:9c:85:db:
4e:65:06:d8:fd:1f:71:39:35:6b:31:24:4c:73:7f:ca:cd:2b:
2e:fd:4d:6f:73:e7:c3:53:6f:36:c1:4c:ac:fd:3f:8a:2c:b1:
0b:de:14:07:a9:a2:e2:e0:27:c1:bc:fc:c2:be:12:33:fa:db:
d6:78:1c:f5:06:a3:95:11:d4:33:99:44:70:51:1e:b8:c4:8c:
56:ec:09:dc:6e:4d:85:1e:07:56:18:6d:db:8e:d8:60:d2:07:
5a:c0:df:b0:e3:74:4a:7d:e8:20:40:f3:c4:10:d7:4a:1e:5c:
19:c2:c6:07:99:3f:05:b4:75:d8:13:70:29:22:80:ac:52:ce:
f2:23:2b:ad
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZQmbFm/2/cr8zeAw2lLgMKbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMTAyMDk1MDIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2MxNzdhOGMwZTVjZTFiNWVlMjcwNzQ4YmJlMDc1NmRhNDZmZjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttSfaUy18qp/1SCP9VSo7X9mPaGm
oMoDfpyy+O87mAF+Is28ADeXH4Dep/h+aaPsU0o0CXoY29nBBrbyc2/S0GPpZF0i
lUf20dyG6OFBEfWFtSvuvKCtBokXgsI6u5IvTGZZ1TAYAqTc8bHw0mr3Yw5XzIiv
UPVo+CZBmFDkw5ng/uez5qC3ygv/wTL1IjoeBHiHk2sev2KVEyjpvR8BDBUpj30D
gcZ4RUfc7GzDehRZGjDOasyxfZ+Yq/DvqAT0dl/WkGmvTniMsuY5Y+0ihLvlLtis
5LVLwmQ86bQ0N/nSySrwe876B6Q3A2CO1DgrNaeKiKEOwRLjOtrctnTBMQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFLfBd6jA5c4bXuJwdIu+B1baRv+cMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvdDhGM3FNRGx6aHRlNG5CMGk3NEhWdHBHXzV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQGLi3AAwQH
Lj+AAwQHTScAAwQFUneAAwQGVDbAAwQDVZ8gAwQGWNeAAwQHXv8AAwQHbaiAAwQF
1GBgMA0GCSqGSIb3DQEBCwUAA4IBAQBq5D+lz1eEG+++gaQRdHf0yo5QTfAlpZh3
V0+2qUXD2boshL4PuuQSEPs/hV7nO8EKm/rFxCqYkQ2XA+gzQ0kBm3+0ykqpY89V
Wl2+auuMWexl1F8m9BKTR0tyy2Pt6NHMjM12x7LOs0g31MN3CZLdJ0yaI5FsIQWF
ez6chdtOZQbY/R9xOTVrMSRMc3/KzSsu/U1vc+fDU282wUys/T+KLLEL3hQHqaLi
4CfBvPzCvhIz+tvWeBz1BqOVEdQzmURwUR64xIxW7Ancbk2FHgdWGG3bjthg0gda
wN+w43RKfeggQPPEENdKHlwZwsYHmT8FtHXYE3ApIoCsUs7yIyut
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:23 2025 by rpki-client