Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/puh8IGM8IUjLwg5PoSSG10Ew5g0.roa
File: puh8IGM8IUjLwg5PoSSG10Ew5g0.roa (raw, json)
Hash identifier: xSsbTJ9iWrTbQWMlIcYCoYR5V1XlxZUXtDU5eExJ+wo=
Subject key identifier: A6:E8:7C:20:63:3C:21:48:CB:C2:0E:4F:A1:24:86:D7:41:30:E6:0D
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 019685AAE15A677278513413566635142619
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/puh8IGM8IUjLwg5PoSSG10Ew5g0.roa
Signing time: Wed 30 Apr 2025 07:48:10 +0000
ROA not before: Wed 30 Apr 2025 07:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 45.92.218.0/23 maxlen: 23
45.134.36.0/24 maxlen: 24
45.134.38.0/24 maxlen: 24
45.142.105.0/24 maxlen: 24
45.151.56.0/24 maxlen: 24
45.152.162.0/23 maxlen: 23
92.118.204.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 13:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:85:aa:e1:5a:67:72:78:51:34:13:56:66:35:14:26:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Apr 30 07:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6e87c20633c2148cbc20e4fa12486d74130e60d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:60:dd:48:66:4f:43:6f:3f:19:2d:fa:92:ad:
bb:4c:c2:8e:09:15:d6:cc:3b:65:d0:bd:78:5c:6d:
c2:16:9c:8f:5d:9f:db:a1:c1:14:e9:37:49:78:ff:
51:b2:a7:37:d5:3a:45:92:c7:80:cf:4d:10:03:82:
d1:d3:95:81:65:0d:e2:2a:a6:39:d9:46:86:ff:71:
6e:9f:bd:b0:52:d1:05:c5:9f:0c:7e:fd:99:e2:88:
f8:2c:7f:38:90:c4:98:3c:b7:54:31:bc:f6:fb:34:
d7:fb:a4:d1:2d:4a:bc:5c:fa:5e:e5:e1:af:5d:e6:
28:31:84:68:f1:15:78:88:f9:7f:45:0a:f4:a5:57:
4e:e5:62:8a:20:3a:db:84:39:86:8c:42:d6:90:e5:
a0:37:8a:1a:ee:07:31:6b:d3:a7:c0:93:cf:a5:c9:
f6:e9:b2:dc:45:ac:a1:e8:9d:ee:0c:41:25:31:51:
31:cc:d6:5d:30:78:19:61:2e:25:66:02:f5:86:7c:
47:44:ae:94:fa:39:52:eb:4a:b1:6d:db:00:ff:e2:
15:b8:32:8c:af:c6:25:81:d4:b4:45:cb:96:cb:2e:
0d:4c:d7:a0:23:9a:57:64:e4:3c:26:c2:0a:93:ac:
e3:a1:72:4b:08:1f:48:72:e6:59:96:d8:d0:f2:9f:
18:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:E8:7C:20:63:3C:21:48:CB:C2:0E:4F:A1:24:86:D7:41:30:E6:0D
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/puh8IGM8IUjLwg5PoSSG10Ew5g0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.218.0/23
45.134.36.0/24
45.134.38.0/24
45.142.105.0/24
45.151.56.0/24
45.152.162.0/23
92.118.204.0/22
Signature Algorithm: sha256WithRSAEncryption
98:06:a8:ea:c8:1a:f2:d3:e3:52:13:f6:41:c6:69:be:1f:9f:
2d:db:83:e7:fa:aa:d9:c0:1a:52:10:1f:1c:bb:6e:cc:0a:5e:
10:ae:fa:f7:92:75:28:4d:ca:12:9d:69:4a:cc:b1:cf:26:d8:
b9:56:93:42:de:cd:a4:37:2a:38:7e:92:e1:66:44:24:f0:0a:
9f:ed:f4:7d:f9:74:68:11:56:1d:49:38:e4:e7:d9:06:85:1c:
25:29:8d:e7:90:95:14:ce:86:99:45:ca:5b:4e:6b:ee:2f:1b:
8c:a2:1c:9d:b6:46:8a:0f:4d:f2:bf:62:2b:fd:cb:4d:28:1a:
65:f5:68:6d:1c:aa:84:47:a1:b9:57:3c:07:fb:fc:f2:5d:4d:
d1:56:af:3d:3a:4f:d8:4c:a2:cc:d7:40:02:26:e4:4e:37:60:
38:d9:47:8c:47:2f:16:f1:da:8d:1a:a9:ec:4a:95:79:19:c0:
d5:15:d2:d0:5b:1c:46:2d:94:16:ee:20:8e:40:f3:9f:ca:ef:
14:5b:65:f5:d5:c2:af:3a:3c:e4:a2:7f:a6:39:d5:c6:6e:fc:
e8:3a:fb:30:0e:7c:a5:f5:ee:4b:8f:2d:6a:2c:90:46:42:ca:
dd:9e:30:55:9a:d9:5f:66:cd:62:d4:df:04:5b:7e:22:53:77:
94:cd:dd:07
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZaFquFaZ3J4UTQTVmY1FCYZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjUwNDMwMDc0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmU4N2MyMDYzM2MyMTQ4Y2JjMjBlNGZhMTI0ODZkNzQxMzBlNjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2DdSGZPQ28/GS36kq27TMKOCRXW
zDtl0L14XG3CFpyPXZ/bocEU6TdJeP9Rsqc31TpFkseAz00QA4LR05WBZQ3iKqY5
2UaG/3Fun72wUtEFxZ8Mfv2Z4oj4LH84kMSYPLdUMbz2+zTX+6TRLUq8XPpe5eGv
XeYoMYRo8RV4iPl/RQr0pVdO5WKKIDrbhDmGjELWkOWgN4oa7gcxa9OnwJPPpcn2
6bLcRayh6J3uDEElMVExzNZdMHgZYS4lZgL1hnxHRK6U+jlS60qxbdsA/+IVuDKM
r8YlgdS0RcuWyy4NTNegI5pXZOQ8JsIKk6zjoXJLCB9IcuZZltjQ8p8YgQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKbofCBjPCFIy8IOT6EkhtdBMOYNMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvcHVoOElHTThJVWpMd2c1UG9TU0cxMEV3NWcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBLVzaAwQA
LYYkAwQALYYmAwQALY5pAwQALZc4AwQBLZiiAwQCXHbMMA0GCSqGSIb3DQEBCwUA
A4IBAQCYBqjqyBry0+NSE/ZBxmm+H58t24Pn+qrZwBpSEB8cu27MCl4Qrvr3knUo
TcoSnWlKzLHPJti5VpNC3s2kNyo4fpLhZkQk8Aqf7fR9+XRoEVYdSTjk59kGhRwl
KY3nkJUUzoaZRcpbTmvuLxuMohydtkaKD03yv2Ir/ctNKBpl9WhtHKqER6G5VzwH
+/zyXU3RVq89Ok/YTKLM10ACJuRON2A42UeMRy8W8dqNGqnsSpV5GcDVFdLQWxxG
LZQW7iCOQPOfyu8UW2X11cKvOjzkon+mOdXGbvzoOvswDnyl9e5Ljy1qLJBGQsrd
njBVmtlfZs1i1N8EW34iU3eUzd0H
-----END CERTIFICATE-----
Generated at Sat May 10 23:25:51 2025 by rpki-client