Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/taU9TJjVT1bBJe-vWZ2x7cMNlU4.roa
File: taU9TJjVT1bBJe-vWZ2x7cMNlU4.roa (raw, json)
Hash identifier: knkAZrjI/4bDSM14TYUSeabSKbYf5IXyvKCcdNOZZeQ=
Subject key identifier: B5:A5:3D:4C:98:D5:4F:56:C1:25:EF:AF:59:9D:B1:ED:C3:0D:95:4E
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 01969320EC4B1B6542B6B4069D73E34797E3
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/taU9TJjVT1bBJe-vWZ2x7cMNlU4.roa
Signing time: Fri 02 May 2025 22:32:10 +0000
ROA not before: Fri 02 May 2025 22:32:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26548
IP address blocks: 45.133.112.0/22 maxlen: 24
45.136.24.0/22 maxlen: 24
45.147.8.0/22 maxlen: 24
45.147.232.0/22 maxlen: 24
45.159.23.0/24 maxlen: 24
88.218.46.0/24 maxlen: 24
89.19.34.0/24 maxlen: 24
91.132.124.0/23 maxlen: 24
93.177.94.0/23 maxlen: 24
176.126.111.0/24 maxlen: 24
193.31.127.0/24 maxlen: 24
193.56.20.0/24 maxlen: 24
193.142.36.0/22 maxlen: 24
193.202.16.0/24 maxlen: 24
194.99.25.0/24 maxlen: 24
194.110.150.0/24 maxlen: 24
194.180.232.0/23 maxlen: 24
194.180.236.0/23 maxlen: 24
212.87.216.0/24 maxlen: 24
212.87.218.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.mft
rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:93:20:ec:4b:1b:65:42:b6:b4:06:9d:73:e3:47:97:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: May 2 22:32:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5a53d4c98d54f56c125efaf599db1edc30d954e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:47:1c:4b:bb:4f:5c:ae:41:18:44:a2:60:78:
29:6e:77:f3:17:6f:8d:10:37:2c:52:c8:73:14:47:
23:98:8d:32:64:6e:9d:9c:e4:d1:84:68:96:a8:4d:
36:08:a6:05:17:52:ee:2a:c1:b9:b2:e4:71:9f:7f:
ab:a4:2e:cc:c4:b1:23:05:58:e0:7a:93:f1:cd:3c:
62:a0:35:5b:d1:e7:11:a7:23:5a:e2:b8:da:1f:91:
c3:e5:62:90:ab:56:c9:34:b0:e6:43:b5:0c:26:ff:
c4:8e:f5:f9:cb:5b:c7:fa:3d:9a:52:a1:7a:c0:2c:
47:a7:1a:ba:e0:b6:b1:a2:77:e5:4c:91:2e:67:eb:
02:45:43:17:6e:91:94:a3:09:4e:a4:5b:0a:45:36:
8b:16:7c:b1:64:e5:8f:57:e4:eb:24:88:9e:5b:e3:
e7:f9:24:97:2d:57:03:c6:96:e3:21:46:b1:3b:8a:
37:95:3a:42:61:a5:4b:76:97:6b:3a:cc:9f:89:54:
7c:c8:89:0b:5e:26:5b:34:dd:70:ba:c4:87:45:c5:
9f:47:eb:76:4f:69:3c:e6:53:08:5e:d0:04:98:79:
80:15:2b:4b:ec:73:22:58:56:be:c4:2a:ec:a8:24:
cd:53:44:6f:09:89:c1:81:9f:94:05:55:83:28:f2:
6d:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:A5:3D:4C:98:D5:4F:56:C1:25:EF:AF:59:9D:B1:ED:C3:0D:95:4E
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/taU9TJjVT1bBJe-vWZ2x7cMNlU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.112.0/22
45.136.24.0/22
45.147.8.0/22
45.147.232.0/22
45.159.23.0/24
88.218.46.0/24
89.19.34.0/24
91.132.124.0/23
93.177.94.0/23
176.126.111.0/24
193.31.127.0/24
193.56.20.0/24
193.142.36.0/22
193.202.16.0/24
194.99.25.0/24
194.110.150.0/24
194.180.232.0/23
194.180.236.0/23
212.87.216.0/24
212.87.218.0/23
Signature Algorithm: sha256WithRSAEncryption
16:35:3e:be:6b:ae:9f:83:71:8c:8d:58:4b:d8:b4:d7:a7:9e:
47:f8:87:0d:ff:19:f7:03:e8:cc:f0:b6:fb:47:14:68:ab:2c:
39:16:f5:90:56:fb:b3:e8:4e:4d:63:63:d3:7a:d6:b4:c8:c5:
a9:e1:f2:4c:82:ea:9f:2a:4a:98:af:50:19:7e:66:ca:44:f3:
93:c2:e7:37:d9:91:a9:0b:35:88:54:a1:71:1b:5b:01:6c:66:
e3:67:af:15:26:45:cf:29:45:f0:18:5c:9b:04:5b:4c:53:90:
59:d6:03:0c:73:5e:ae:22:c7:ad:0b:84:48:79:41:f4:07:64:
0f:98:cf:9f:f4:18:96:0c:87:57:2f:99:c5:20:92:6c:42:7a:
44:81:02:bb:2c:f3:8d:5f:7a:41:4e:cc:64:92:74:13:aa:a9:
2f:2e:9d:d0:6d:f5:e8:58:a4:e2:83:d3:8a:d9:8d:a1:bb:01:
ff:1f:ef:b2:d0:9d:12:19:42:73:e3:8a:82:1b:75:73:20:33:
d1:ed:ac:2d:ea:de:4b:46:c8:8d:f5:9a:bd:8c:16:25:fd:35:
ea:e6:93:61:b9:b1:b9:e7:25:cf:5b:03:cc:83:ba:ee:22:96:
55:6d:d7:55:02:95:5b:be:af:e0:09:47:e0:c0:3f:e4:0d:02:
00:fd:dd:80
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAZaTIOxLG2VCtrQGnXPjR5fjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjUwNTAyMjIzMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWE1M2Q0Yzk4ZDU0ZjU2YzEyNWVmYWY1OTlkYjFlZGMzMGQ5NTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kccS7tPXK5BGESiYHgpbnfzF2+N
EDcsUshzFEcjmI0yZG6dnOTRhGiWqE02CKYFF1LuKsG5suRxn3+rpC7MxLEjBVjg
epPxzTxioDVb0ecRpyNa4rjaH5HD5WKQq1bJNLDmQ7UMJv/EjvX5y1vH+j2aUqF6
wCxHpxq64LaxonflTJEuZ+sCRUMXbpGUowlOpFsKRTaLFnyxZOWPV+TrJIieW+Pn
+SSXLVcDxpbjIUaxO4o3lTpCYaVLdpdrOsyfiVR8yIkLXiZbNN1wusSHRcWfR+t2
T2k85lMIXtAEmHmAFStL7HMiWFa+xCrsqCTNU0RvCYnBgZ+UBVWDKPJtrQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFLWlPUyY1U9WwSXvr1mdse3DDZVOMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvdGFVOVRKalZUMWJCSmUtdldaMng3Y01ObFU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQCLYVw
AwQCLYgYAwQCLZMIAwQCLZPoAwQALZ8XAwQAWNouAwQAWRMiAwQBW4R8AwQBXbFe
AwQAsH5vAwQAwR9/AwQAwTgUAwQCwY4kAwQAwcoQAwQAwmMZAwQAwm6WAwQBwrTo
AwQBwrTsAwQA1FfYAwQB1FfaMA0GCSqGSIb3DQEBCwUAA4IBAQAWNT6+a66fg3GM
jVhL2LTXp55H+IcN/xn3A+jM8Lb7RxRoqyw5FvWQVvuz6E5NY2PTeta0yMWp4fJM
guqfKkqYr1AZfmbKRPOTwuc32ZGpCzWIVKFxG1sBbGbjZ68VJkXPKUXwGFybBFtM
U5BZ1gMMc16uIsetC4RIeUH0B2QPmM+f9BiWDIdXL5nFIJJsQnpEgQK7LPONX3pB
TsxkknQTqqkvLp3QbfXoWKTig9OK2Y2huwH/H++y0J0SGUJz44qCG3VzIDPR7awt
6t5LRsiN9Zq9jBYl/TXq5pNhubG55yXPWwPMg7ruIpZVbddVApVbvq/gCUfgwD/k
DQIA/d2A
-----END CERTIFICATE-----
Generated at Thu May 8 04:11:36 2025 by rpki-client