Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/wyMVR4dEtlYqNcQNudWP-vZ9cs4.roa
File: wyMVR4dEtlYqNcQNudWP-vZ9cs4.roa (raw, json)
Hash identifier: 9/Au8AXYJlANsGCX+KV4wLuBFADmhxnPsp4Mf5t4/BA=
Subject key identifier: C3:23:15:47:87:44:B6:56:2A:35:C4:0D:B9:D5:8F:FA:F6:7D:72:CE
Certificate issuer: /CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Certificate serial: 0194690E4950F58CD2E6D4B9AA4078F85698
Authority key identifier: 26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/wyMVR4dEtlYqNcQNudWP-vZ9cs4.roa
Signing time: Wed 15 Jan 2025 08:22:11 +0000
ROA not before: Wed 15 Jan 2025 08:22:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56971
IP address blocks: 45.156.22.0/24 maxlen: 32
45.156.23.0/24 maxlen: 32
45.156.24.0/24 maxlen: 32
45.156.25.0/24 maxlen: 32
45.156.27.0/24 maxlen: 32
178.255.222.0/24 maxlen: 32
185.92.180.0/24 maxlen: 32
185.92.181.0/24 maxlen: 32
185.92.182.0/24 maxlen: 32
185.92.183.0/24 maxlen: 32
185.159.128.0/24 maxlen: 32
185.159.131.0/24 maxlen: 32
185.228.235.0/24 maxlen: 32
193.176.153.0/24 maxlen: 32
193.176.158.0/24 maxlen: 32
193.176.179.0/24 maxlen: 32
193.176.190.0/24 maxlen: 32
194.36.170.0/24 maxlen: 32
194.36.171.0/24 maxlen: 32
194.36.209.0/24 maxlen: 32
194.113.245.0/24 maxlen: 32
194.116.214.0/24 maxlen: 32
194.116.215.0/24 maxlen: 32
194.116.216.0/23 maxlen: 23
194.116.216.0/24 maxlen: 32
194.116.217.0/24 maxlen: 32
194.120.24.0/24 maxlen: 32
194.120.116.0/24 maxlen: 32
213.232.204.0/24 maxlen: 32
2a13:7c00::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.mft
rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:69:0e:49:50:f5:8c:d2:e6:d4:b9:aa:40:78:f8:56:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Validity
Not Before: Jan 15 08:22:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c32315478744b6562a35c40db9d58ffaf67d72ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a2:19:14:c1:ca:0f:70:1d:a5:a9:1a:f0:19:
d2:ba:c9:a6:40:c4:e7:9c:90:43:41:b7:5d:d3:58:
c0:29:fc:e0:fd:7b:ae:f8:53:65:42:00:f0:92:a1:
c7:1c:1e:9d:f8:5f:86:27:25:2a:ea:78:c0:47:46:
72:23:cd:7f:df:ca:eb:88:1d:46:b7:64:fd:a2:8a:
1d:3f:30:82:3f:11:58:51:74:b8:d4:b2:8f:ca:9e:
0b:ee:fe:5c:2c:39:f3:29:3d:5a:94:b1:2f:a8:d2:
da:06:ce:26:a1:d6:c9:39:57:b5:57:f5:a2:da:12:
e6:fc:13:43:ff:b4:ff:8a:ef:16:07:60:0a:38:71:
30:74:69:2b:f7:c8:97:7d:4e:93:4f:b0:dc:31:99:
e9:05:bb:42:c5:17:59:92:de:3f:98:18:24:e8:94:
f2:5c:f5:61:40:d0:91:ac:21:02:e1:8a:3e:0e:b7:
34:06:e4:c0:a6:70:d2:3b:5a:d0:7a:95:25:59:2e:
85:81:1f:99:5a:c5:50:c5:69:c4:a9:c0:65:c1:78:
6e:74:0c:ca:7c:3a:47:fa:f8:a1:01:eb:c9:2d:bc:
d1:bf:d1:0e:5a:a5:96:ef:f3:fc:26:d4:af:0a:e5:
c3:0f:6b:11:c8:27:3d:a4:2b:63:31:60:41:82:2d:
47:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:23:15:47:87:44:B6:56:2A:35:C4:0D:B9:D5:8F:FA:F6:7D:72:CE
X509v3 Authority Key Identifier:
keyid:26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/wyMVR4dEtlYqNcQNudWP-vZ9cs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.22.0-45.156.25.255
45.156.27.0/24
178.255.222.0/24
185.92.180.0/22
185.159.128.0/24
185.159.131.0/24
185.228.235.0/24
193.176.153.0/24
193.176.158.0/24
193.176.179.0/24
193.176.190.0/24
194.36.170.0/23
194.36.209.0/24
194.113.245.0/24
194.116.214.0-194.116.217.255
194.120.24.0/24
194.120.116.0/24
213.232.204.0/24
IPv6:
2a13:7c00::/32
Signature Algorithm: sha256WithRSAEncryption
57:62:6a:0b:48:e6:c1:48:74:4c:1b:db:71:2b:e2:53:a9:29:
63:bd:81:90:f4:70:b4:1f:76:d1:36:4a:e5:a0:a1:ec:a2:05:
3b:5f:6b:4a:67:56:79:ab:3b:96:b7:a2:0c:42:87:fc:30:c1:
7e:47:0a:91:3c:9d:72:75:4f:1d:2b:c6:6b:16:d1:2a:54:67:
5d:70:f7:15:78:0f:c7:4d:4d:56:ee:bf:a5:2e:79:dd:95:5b:
bc:46:1d:35:32:18:f4:09:26:9e:d7:ea:5f:98:20:95:d4:7b:
94:f6:0f:71:b6:d0:2f:01:a9:6b:7e:8f:60:98:a2:63:cd:b8:
f7:6e:b5:12:13:6f:ae:52:ef:72:35:71:08:58:09:52:e4:dd:
f2:8d:54:de:80:95:5e:31:18:8c:6d:03:7d:ed:de:f2:d5:39:
a7:f5:6f:4d:df:f2:3e:ab:c8:b1:52:97:2c:40:84:d0:59:57:
07:e5:c5:21:28:09:58:ae:92:11:c7:d2:92:5b:7d:72:64:96:
b5:d9:f8:e4:91:af:60:e3:96:6b:6b:3f:71:8f:42:da:01:2f:
68:82:6c:44:4c:ab:00:50:d1:fa:6a:72:6a:7f:d2:d6:91:9a:
48:da:7b:b4:3d:49:78:f9:10:eb:c6:64:3d:03:b5:ec:56:db:
cd:cf:3d:15
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZRpDklQ9YzS5tS5qkB4+FaYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NzJiOWZiNTQ2YjM2NWUzMjMyMzBkY2VhOWJhOGM5ZmJl
ZGZlYjgwHhcNMjUwMTE1MDgyMjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzIzMTU0Nzg3NDRiNjU2MmEzNWM0MGRiOWQ1OGZmYWY2N2Q3MmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKIZFMHKD3Adpaka8BnSusmmQMTn
nJBDQbdd01jAKfzg/Xuu+FNlQgDwkqHHHB6d+F+GJyUq6njAR0ZyI81/38rriB1G
t2T9ooodPzCCPxFYUXS41LKPyp4L7v5cLDnzKT1alLEvqNLaBs4modbJOVe1V/Wi
2hLm/BND/7T/iu8WB2AKOHEwdGkr98iXfU6TT7DcMZnpBbtCxRdZkt4/mBgk6JTy
XPVhQNCRrCEC4Yo+Drc0BuTApnDSO1rQepUlWS6FgR+ZWsVQxWnEqcBlwXhudAzK
fDpH+vihAevJLbzRv9EOWqWW7/P8JtSvCuXDD2sRyCc9pCtjMWBBgi1HewIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFMMjFUeHRLZWKjXEDbnVj/r2fXLOMB8GA1UdIwQY
MBaAFCZyuftUazZeMjIw3OqbqMn77f64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYt
YTcwZGI1ODI4MGZjLzEvd3lNVlI0ZEV0bFlxTmNRTnVkV1Atdlo5Y3M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYtYTcwZGI1ODI4MGZj
LzEvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBggQCAAEwfDAMAwQB
LZwWAwQBLZwYAwQALZwbAwQAsv/eAwQCuVy0AwQAuZ+AAwQAuZ+DAwQAueTrAwQA
wbCZAwQAwbCeAwQAwbCzAwQAwbC+AwQBwiSqAwQAwiTRAwQAwnH1MAwDBAHCdNYD
BAHCdNgDBADCeBgDBADCeHQDBADV6MwwDQQCAAIwBwMFACoTfAAwDQYJKoZIhvcN
AQELBQADggEBAFdiagtI5sFIdEwb23Er4lOpKWO9gZD0cLQfdtE2SuWgoeyiBTtf
a0pnVnmrO5a3ogxCh/wwwX5HCpE8nXJ1Tx0rxmsW0SpUZ11w9xV4D8dNTVbuv6Uu
ed2VW7xGHTUyGPQJJp7X6l+YIJXUe5T2D3G20C8BqWt+j2CYomPNuPdutRITb65S
73I1cQhYCVLk3fKNVN6AlV4xGIxtA33t3vLVOaf1b03f8j6ryLFSlyxAhNBZVwfl
xSEoCViukhHH0pJbfXJklrXZ+OSRr2DjlmtrP3GPQtoBL2iCbERMqwBQ0fpqcmp/
0taRmkjae7Q9SXj5EOvGZD0DtexW283PPRU=
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:26:30 2025 by rpki-client