Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/1wRScsP2dnDDvH6eQ20F-vnkwj8.roa
File: 1wRScsP2dnDDvH6eQ20F-vnkwj8.roa (raw, json)
Hash identifier: wW6ZkQ5R5gkgKxvF+DGj4aoWSdWMaJVXRvRCgild+zo=
Subject key identifier: D7:04:52:72:C3:F6:76:70:C3:BC:7E:9E:43:6D:05:FA:F9:E4:C2:3F
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 01969171B5A16BE6390F5AC498F0F90176C5
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/1wRScsP2dnDDvH6eQ20F-vnkwj8.roa
Signing time: Fri 02 May 2025 14:41:10 +0000
ROA not before: Fri 02 May 2025 14:41:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209290
IP address blocks: 31.40.202.0/24 maxlen: 24
45.81.138.0/24 maxlen: 24
45.91.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 13:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:91:71:b5:a1:6b:e6:39:0f:5a:c4:98:f0:f9:01:76:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: May 2 14:41:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d7045272c3f67670c3bc7e9e436d05faf9e4c23f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:48:08:3a:15:10:e1:0e:68:71:9c:64:07:22:
fa:22:4f:55:0f:f4:63:4a:79:a0:30:dd:24:80:98:
04:b0:d5:37:3e:7c:ba:38:f0:a0:d3:f5:e2:3c:04:
b1:99:60:a7:91:d3:7d:d6:79:d6:9e:14:5f:b3:58:
53:52:30:46:0f:9f:bb:36:b3:8a:8f:6f:c3:0a:51:
81:7e:9e:03:0d:a7:c3:4b:09:e9:d2:d1:a0:c9:c5:
bc:a9:7f:58:76:24:e3:13:47:ee:b7:4f:73:1e:ae:
be:d4:5f:22:6f:2d:c6:9a:27:e6:ef:a1:aa:15:51:
1e:fb:e6:2f:2b:2d:1c:42:0a:68:00:e1:75:b3:9b:
b2:e4:8d:a7:14:67:06:41:13:dd:f6:c6:a9:ec:06:
3f:a9:3c:08:4c:07:68:48:df:d4:70:47:64:a9:0b:
73:a9:03:74:6e:f2:ca:24:d1:75:c2:8f:40:7f:6e:
f7:d6:8e:18:1c:f2:0f:c6:77:b3:01:76:fc:06:09:
a9:66:c7:ae:40:6a:39:73:5c:28:75:79:8a:dc:ce:
9a:af:ce:83:3e:57:ac:73:93:4b:a9:0f:dd:93:b7:
5e:ca:3b:40:eb:00:00:5f:61:59:c2:a0:0e:ec:6b:
cf:9a:72:83:60:2f:86:f9:0a:63:84:9e:d3:94:1b:
ad:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:04:52:72:C3:F6:76:70:C3:BC:7E:9E:43:6D:05:FA:F9:E4:C2:3F
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/1wRScsP2dnDDvH6eQ20F-vnkwj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.202.0/24
45.81.138.0/24
45.91.239.0/24
Signature Algorithm: sha256WithRSAEncryption
07:17:e1:ef:9b:17:01:a7:59:6a:2a:83:66:ac:c1:9b:7f:67:
a0:64:78:62:73:8b:f6:a4:18:af:3d:c8:eb:e6:39:de:b0:af:
9a:19:c6:80:c6:96:f6:a3:be:74:9e:32:26:8f:d5:07:fd:04:
77:53:ad:3b:1d:59:64:63:ed:89:3d:a4:c0:ef:25:7c:84:ad:
50:aa:17:ad:cf:a2:b5:73:9a:2b:bb:ef:b2:e4:b7:38:59:15:
95:01:57:51:e7:81:91:90:c5:d4:1f:d0:56:81:05:44:60:2e:
bc:da:1a:43:f5:8e:9c:5c:ef:ef:8b:a2:5e:2a:8c:bc:c6:b8:
d0:88:6b:1d:38:19:82:4f:a4:be:bb:6d:4a:13:55:50:d6:cd:
a0:57:94:c6:96:8f:18:a8:40:15:58:00:44:bc:22:ae:82:ef:
70:83:c4:21:5e:44:aa:79:5b:4c:53:49:1f:b3:45:f9:7c:60:
d8:e0:9f:b7:a4:1c:17:f2:3b:9c:24:ab:d2:d8:48:7a:6a:9e:
79:6f:3a:39:64:fc:f2:93:82:6d:93:80:fb:54:97:53:1a:2e:
3a:dc:2d:5c:f9:62:6f:59:a2:45:9f:17:8b:24:e2:5d:2d:84:
cd:00:47:4e:50:61:9b:e7:4b:38:75:ad:22:6c:a4:14:25:a5:
7a:90:a8:f8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZaRcbWha+Y5D1rEmPD5AXbFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwNTAyMTQ0MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzA0NTI3MmMzZjY3NjcwYzNiYzdlOWU0MzZkMDVmYWY5ZTRjMjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukgIOhUQ4Q5ocZxkByL6Ik9VD/Rj
SnmgMN0kgJgEsNU3Pny6OPCg0/XiPASxmWCnkdN91nnWnhRfs1hTUjBGD5+7NrOK
j2/DClGBfp4DDafDSwnp0tGgycW8qX9YdiTjE0fut09zHq6+1F8iby3Gmifm76Gq
FVEe++YvKy0cQgpoAOF1s5uy5I2nFGcGQRPd9sap7AY/qTwITAdoSN/UcEdkqQtz
qQN0bvLKJNF1wo9Af2731o4YHPIPxnezAXb8BgmpZseuQGo5c1wodXmK3M6ar86D
Plesc5NLqQ/dk7deyjtA6wAAX2FZwqAO7GvPmnKDYC+G+QpjhJ7TlBut3QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNcEUnLD9nZww7x+nkNtBfr55MI/MB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvMXdSU2NzUDJkbkREdkg2ZVEyMEYtdm5rd2o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAHyjKAwQA
LVGKAwQALVvvMA0GCSqGSIb3DQEBCwUAA4IBAQAHF+HvmxcBp1lqKoNmrMGbf2eg
ZHhic4v2pBivPcjr5jnesK+aGcaAxpb2o750njImj9UH/QR3U607HVlkY+2JPaTA
7yV8hK1Qqhetz6K1c5oru++y5Lc4WRWVAVdR54GRkMXUH9BWgQVEYC682hpD9Y6c
XO/vi6JeKoy8xrjQiGsdOBmCT6S+u21KE1VQ1s2gV5TGlo8YqEAVWABEvCKugu9w
g8QhXkSqeVtMU0kfs0X5fGDY4J+3pBwX8jucJKvS2Eh6ap55bzo5ZPzyk4Jtk4D7
VJdTGi463C1c+WJvWaJFnxeLJOJdLYTNAEdOUGGb50s4da0ibKQUJaV6kKj4
-----END CERTIFICATE-----
Generated at Wed May 7 16:46:28 2025 by rpki-client