Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/gHTyawtpT39i2RyLxg8mniu5Bns.roa
File: gHTyawtpT39i2RyLxg8mniu5Bns.roa (raw, json)
Hash identifier: 4qm9kDL+EFC1VH/GvtFoXF65z8GqlJJu6JVccmWAUSg=
Subject key identifier: 80:74:F2:6B:0B:69:4F:7F:62:D9:1C:8B:C6:0F:26:9E:2B:B9:06:7B
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 019685A9F60FC849F1324585577146106A45
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/gHTyawtpT39i2RyLxg8mniu5Bns.roa
Signing time: Wed 30 Apr 2025 07:47:10 +0000
ROA not before: Wed 30 Apr 2025 07:47:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40676
IP address blocks: 45.10.20.0/24 maxlen: 24
45.80.192.0/24 maxlen: 24
45.91.249.0/24 maxlen: 24
45.134.37.0/24 maxlen: 24
45.135.150.0/24 maxlen: 24
45.147.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 00:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:85:a9:f6:0f:c8:49:f1:32:45:85:57:71:46:10:6a:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Apr 30 07:47:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8074f26b0b694f7f62d91c8bc60f269e2bb9067b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:3c:3e:1e:95:6a:10:47:08:9c:ef:d5:18:db:
f7:8a:88:38:4a:88:9b:8d:9d:08:9a:75:4f:31:79:
e9:24:28:ce:65:b1:9a:f5:31:ed:73:25:90:5f:00:
6e:29:6a:9e:4a:b6:ac:33:62:12:ef:ac:f7:d1:a6:
21:49:40:cc:63:01:a7:28:2a:55:81:32:55:7a:e6:
2a:c9:b5:33:05:ab:15:31:65:21:00:4d:2a:0b:f8:
31:03:16:7e:8a:25:a3:ed:b7:40:e3:ab:0d:71:d9:
29:21:7f:b7:83:a3:bd:4f:2c:ba:ac:06:db:5b:44:
d7:9c:85:8f:c9:8c:4a:e7:14:43:db:b8:51:d4:39:
cb:5d:2b:b4:2f:f1:6b:f0:41:dc:d9:8d:a3:49:a9:
9d:5b:2d:a3:68:51:98:03:69:99:05:97:81:1b:0d:
36:fe:4d:d1:20:6e:91:61:cf:02:74:4e:20:f7:15:
92:64:83:52:21:9f:7a:50:35:35:8c:3b:bf:64:45:
d3:ff:b9:47:9d:23:59:97:9f:09:2a:b8:3e:a3:66:
0c:00:be:97:0d:f1:95:11:57:55:e6:c2:06:eb:d5:
1d:2f:64:65:27:2b:96:a0:f3:42:91:dc:20:9c:e6:
47:13:76:8d:1b:3c:3d:ac:2b:ae:b9:e8:4b:09:18:
b2:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:74:F2:6B:0B:69:4F:7F:62:D9:1C:8B:C6:0F:26:9E:2B:B9:06:7B
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/gHTyawtpT39i2RyLxg8mniu5Bns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.20.0/24
45.80.192.0/24
45.91.249.0/24
45.134.37.0/24
45.135.150.0/24
45.147.4.0/24
Signature Algorithm: sha256WithRSAEncryption
56:33:80:07:28:8c:ad:43:5a:71:99:b1:3b:74:be:da:52:00:
d6:ad:8e:a2:e0:5b:fa:2e:39:a2:ed:42:e8:ac:00:a7:25:d4:
7c:a1:4f:20:a4:c8:ab:ee:f0:91:8c:06:0b:24:ee:0f:eb:6a:
34:ef:4f:1e:a4:3d:85:a1:bc:0f:44:66:50:96:c6:40:d5:c5:
12:0d:37:fe:e3:bb:ef:3c:c9:42:91:69:cd:55:5f:1a:de:48:
41:b3:79:07:c3:85:f6:55:df:90:13:dd:ab:e0:1e:10:9d:27:
a6:1d:cc:88:ac:bf:b9:bc:22:88:c1:b7:f2:b4:57:ce:5e:2a:
3b:31:a0:d3:eb:a6:2a:8a:db:50:49:30:50:1f:32:ec:91:81:
92:36:3a:10:6d:78:3f:1a:0d:24:27:14:96:1c:84:0e:4a:a9:
fd:5c:c7:65:f6:94:42:f3:04:d8:00:28:a4:b4:bb:ab:42:ae:
d7:15:2d:19:43:2f:68:61:17:f9:c3:86:95:7f:36:4f:db:fe:
63:b6:20:7d:46:fe:15:37:4f:8c:b0:6c:86:a6:75:e0:e7:bc:
26:1a:41:05:83:0c:db:6b:65:05:80:70:3d:ad:e7:14:9e:c1:
d6:48:97:6c:97:91:76:42:16:84:04:5e:bb:0d:54:87:d5:d1:
74:e1:06:5f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZaFqfYPyEnxMkWFV3FGEGpFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjUwNDMwMDc0NzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDc0ZjI2YjBiNjk0ZjdmNjJkOTFjOGJjNjBmMjY5ZTJiYjkwNjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTw+HpVqEEcInO/VGNv3iog4Soib
jZ0ImnVPMXnpJCjOZbGa9THtcyWQXwBuKWqeSrasM2IS76z30aYhSUDMYwGnKCpV
gTJVeuYqybUzBasVMWUhAE0qC/gxAxZ+iiWj7bdA46sNcdkpIX+3g6O9Tyy6rAbb
W0TXnIWPyYxK5xRD27hR1DnLXSu0L/Fr8EHc2Y2jSamdWy2jaFGYA2mZBZeBGw02
/k3RIG6RYc8CdE4g9xWSZINSIZ96UDU1jDu/ZEXT/7lHnSNZl58JKrg+o2YMAL6X
DfGVEVdV5sIG69UdL2RlJyuWoPNCkdwgnOZHE3aNGzw9rCuuuehLCRiySwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIB08msLaU9/Ytkci8YPJp4ruQZ7MB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvZ0hUeWF3dHBUMzlpMlJ5THhnOG1uaXU1Qm5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALQoUAwQA
LVDAAwQALVv5AwQALYYlAwQALYeWAwQALZMEMA0GCSqGSIb3DQEBCwUAA4IBAQBW
M4AHKIytQ1pxmbE7dL7aUgDWrY6i4Fv6Ljmi7ULorACnJdR8oU8gpMir7vCRjAYL
JO4P62o0708epD2FobwPRGZQlsZA1cUSDTf+47vvPMlCkWnNVV8a3khBs3kHw4X2
Vd+QE92r4B4QnSemHcyIrL+5vCKIwbfytFfOXio7MaDT66YqittQSTBQHzLskYGS
NjoQbXg/Gg0kJxSWHIQOSqn9XMdl9pRC8wTYACiktLurQq7XFS0ZQy9oYRf5w4aV
fzZP2/5jtiB9Rv4VN0+MsGyGpnXg57wmGkEFgwzba2UFgHA9recUnsHWSJdsl5F2
QhaEBF67DVSH1dF04QZf
-----END CERTIFICATE-----
Generated at Sat May 10 10:42:24 2025 by rpki-client