Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Og1-YHiFRfq_lVJ2MkMQw6Jd4_I.roa
File: Og1-YHiFRfq_lVJ2MkMQw6Jd4_I.roa (raw, json)
Hash identifier: tQx/qr4n7CMTcpYLtboQg0iACDUI9lzdqOcXivfZjG0=
Subject key identifier: 3A:0D:7E:60:78:85:45:FA:BF:95:52:76:32:43:10:C3:A2:5D:E3:F2
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0196B2F348C381B7BC6158D595E79A0BCABE
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Og1-YHiFRfq_lVJ2MkMQw6Jd4_I.roa
Signing time: Fri 09 May 2025 02:50:10 +0000
ROA not before: Fri 09 May 2025 02:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 45.139.6.0/23 maxlen: 24
46.249.110.0/24 maxlen: 24
82.115.0.0/24 maxlen: 24
82.115.2.0/24 maxlen: 24
82.115.9.0/24 maxlen: 24
82.115.10.0/23 maxlen: 24
82.115.28.0/23 maxlen: 24
89.251.10.0/24 maxlen: 24
159.255.32.0/22 maxlen: 22
159.255.36.0/22 maxlen: 22
185.231.172.0/22 maxlen: 24
188.209.156.0/22 maxlen: 24
188.253.8.0/21 maxlen: 24
188.253.104.0/22 maxlen: 24
188.253.108.0/22 maxlen: 24
202.133.90.0/23 maxlen: 24
212.90.100.0/22 maxlen: 24
213.173.32.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 16 May 2025 02:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b2:f3:48:c3:81:b7:bc:61:58:d5:95:e7:9a:0b:ca:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: May 9 02:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a0d7e60788545fabf955276324310c3a25de3f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:89:00:e5:16:c6:43:4d:6d:10:19:e6:10:0c:
55:65:1e:59:31:00:5b:18:55:dd:39:01:31:5d:d9:
ea:2e:64:c6:52:f5:98:58:4a:6b:5d:49:da:74:a5:
db:c7:f2:72:c6:11:68:a5:7b:c8:aa:28:51:ef:a5:
c9:20:16:13:52:cc:1f:0f:3d:4b:aa:a7:71:d6:da:
d2:ae:2b:86:fa:39:4c:bc:be:f5:92:2e:1d:29:d1:
d8:73:2f:46:7b:1c:5b:78:3f:8f:c4:e8:21:1c:12:
81:bc:5f:08:f6:1d:86:9d:c0:0a:b5:ae:a7:8f:cc:
96:cb:9d:3b:84:c5:17:67:3e:e2:88:75:41:16:8a:
a5:37:0c:97:12:2a:4f:f0:15:21:24:f5:22:21:82:
24:19:49:6e:3e:e6:54:9d:48:19:02:b9:99:e0:ca:
6b:59:12:00:c4:50:7d:7c:31:55:13:d9:83:0b:c0:
83:2e:28:4f:8a:70:e7:bf:4b:f7:38:26:49:a9:78:
c7:44:bd:f2:5a:6f:0d:7f:e1:46:3f:c6:7e:ef:cf:
8c:3b:b6:7e:24:06:39:78:9f:c5:58:f8:95:2e:58:
7b:c0:13:a1:89:fb:6e:93:d7:a6:b8:6e:98:0f:6f:
8b:fd:e1:71:44:ae:ed:2b:10:0b:fe:b5:d7:be:13:
d8:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:0D:7E:60:78:85:45:FA:BF:95:52:76:32:43:10:C3:A2:5D:E3:F2
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Og1-YHiFRfq_lVJ2MkMQw6Jd4_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.6.0/23
46.249.110.0/24
82.115.0.0/24
82.115.2.0/24
82.115.9.0-82.115.11.255
82.115.28.0/23
89.251.10.0/24
159.255.32.0/21
185.231.172.0/22
188.209.156.0/22
188.253.8.0/21
188.253.104.0/21
202.133.90.0/23
212.90.100.0/22
213.173.32.0/22
Signature Algorithm: sha256WithRSAEncryption
c1:eb:46:e7:9e:5e:55:89:b3:4e:01:1f:0a:3c:78:86:63:e7:
15:8b:32:64:f3:8f:ce:fd:b5:c7:32:a6:04:1f:30:b1:bc:b9:
ff:73:33:e1:a2:3f:dd:5b:0f:58:ee:f0:2d:19:d4:c2:b5:d4:
24:35:2c:fb:ea:f1:db:b9:3a:ac:23:1f:f6:ba:ea:4a:16:bd:
dc:90:0b:5e:67:79:94:4e:cb:be:62:12:9a:aa:15:26:5a:6b:
58:46:05:96:bd:b1:60:d3:85:08:59:84:c5:bd:42:c2:69:f6:
2d:8f:be:6d:2f:1a:a7:27:97:51:a1:09:c0:b9:f2:6c:be:41:
3f:1d:17:30:c3:71:87:b7:88:25:0e:65:96:3c:1c:f8:d3:8e:
98:b3:62:23:b5:24:8c:71:39:b5:da:0e:c6:03:d0:d0:fe:3b:
d2:bb:45:be:bb:e8:a9:39:2e:90:ee:ca:e3:07:fb:b0:2d:cc:
27:7a:3f:7d:b4:a7:e0:6f:7c:24:fe:97:ea:0d:1c:3e:67:5c:
28:39:7c:76:43:da:52:a8:b1:c0:0b:a7:95:0d:a3:36:2a:8a:
e6:86:7c:30:67:82:3c:62:fb:1e:63:a4:41:ab:93:36:94:41:
47:e8:dd:2f:8d:8a:e5:0e:80:bb:6f:c7:73:46:75:19:ed:e3:
8f:88:53:cf
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZay80jDgbe8YVjVleeaC8q+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwNTA5MDI1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTBkN2U2MDc4ODU0NWZhYmY5NTUyNzYzMjQzMTBjM2EyNWRlM2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYkA5RbGQ01tEBnmEAxVZR5ZMQBb
GFXdOQExXdnqLmTGUvWYWEprXUnadKXbx/JyxhFopXvIqihR76XJIBYTUswfDz1L
qqdx1trSriuG+jlMvL71ki4dKdHYcy9GexxbeD+PxOghHBKBvF8I9h2GncAKta6n
j8yWy507hMUXZz7iiHVBFoqlNwyXEipP8BUhJPUiIYIkGUluPuZUnUgZArmZ4Mpr
WRIAxFB9fDFVE9mDC8CDLihPinDnv0v3OCZJqXjHRL3yWm8Nf+FGP8Z+78+MO7Z+
JAY5eJ/FWPiVLlh7wBOhiftuk9emuG6YD2+L/eFxRK7tKxAL/rXXvhPYBwIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFDoNfmB4hUX6v5VSdjJDEMOiXePyMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvT2cxLVlIaUZSZnFfbFZKMk1rTVF3NkpkNF9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQBLYsGAwQA
LvluAwQAUnMAAwQAUnMCMAwDBABScwkDBAJScwgDBAFScxwDBABZ+woDBAOf/yAD
BAK556wDBAK80ZwDBAO8/QgDBAO8/WgDBAHKhVoDBALUWmQDBALVrSAwDQYJKoZI
hvcNAQELBQADggEBAMHrRueeXlWJs04BHwo8eIZj5xWLMmTzj879tccypgQfMLG8
uf9zM+GiP91bD1ju8C0Z1MK11CQ1LPvq8du5OqwjH/a66koWvdyQC15neZROy75i
EpqqFSZaa1hGBZa9sWDThQhZhMW9QsJp9i2Pvm0vGqcnl1GhCcC58my+QT8dFzDD
cYe3iCUOZZY8HPjTjpizYiO1JIxxObXaDsYD0ND+O9K7Rb676Kk5LpDuyuMH+7At
zCd6P320p+BvfCT+l+oNHD5nXCg5fHZD2lKoscALp5UNozYqiuaGfDBngjxi+x5j
pEGrkzaUQUfo3S+NiuUOgLtvx3NGdRnt44+IU88=
-----END CERTIFICATE-----
Generated at Thu May 15 12:14:27 2025 by rpki-client