Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/CGtvlVAjeOKgmOegCwgkAU5viUg.roa
File: CGtvlVAjeOKgmOegCwgkAU5viUg.roa (raw, json)
Hash identifier: tYOH0itDmxfLkiehctgBZN5JIUldgyHwoFbKsMtsM8Q=
Subject key identifier: 08:6B:6F:95:50:23:78:E2:A0:98:E7:A0:0B:08:24:01:4E:6F:89:48
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 0196A83420086EB680598497DD59BC37665C
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/CGtvlVAjeOKgmOegCwgkAU5viUg.roa
Signing time: Wed 07 May 2025 00:45:10 +0000
ROA not before: Wed 07 May 2025 00:45:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6134
IP address blocks: 45.10.68.0/24 maxlen: 24
45.83.236.0/24 maxlen: 24
45.150.198.0/23 maxlen: 24
91.208.104.0/24 maxlen: 24
91.213.200.0/24 maxlen: 24
91.216.169.0/24 maxlen: 24
91.216.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.mft
rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 20:47:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a8:34:20:08:6e:b6:80:59:84:97:dd:59:bc:37:66:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: May 7 00:45:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=086b6f95502378e2a098e7a00b0824014e6f8948
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f1:59:11:b0:cb:98:fe:48:bb:f2:c6:be:bd:
fd:cc:0e:a3:5a:cf:d6:68:9c:d4:cb:73:3c:d0:49:
8f:c9:48:cd:ad:cb:4e:77:8d:e4:85:f0:c8:d3:81:
7c:e9:25:a7:f9:0f:33:7c:0f:35:d7:4d:7b:43:95:
b6:c5:7a:a7:d3:8a:74:3e:62:68:fa:f1:c1:56:41:
08:a5:c3:d7:20:23:a3:98:da:30:b6:15:b2:cb:a2:
d0:59:d5:26:05:45:c3:9c:ea:58:e3:e7:d7:65:fa:
25:14:41:a4:b2:e1:fc:7f:e2:f9:87:2a:b4:1a:94:
bc:d3:e0:c7:5a:8b:c9:bc:b0:ba:0e:12:d0:cd:3e:
8c:0b:44:ac:49:79:24:14:40:a9:13:19:e7:8b:d1:
08:60:73:18:e0:bb:0a:3f:a6:04:a6:a0:a6:03:24:
e6:c1:7b:4f:06:b3:37:5d:73:da:13:b2:0c:95:76:
42:65:50:18:50:b9:42:a5:e0:aa:89:67:c7:97:17:
55:44:d1:b5:ee:02:6c:92:90:f1:35:58:d3:8a:d6:
fc:03:5e:73:67:7b:ee:6d:65:60:54:e5:8f:a9:3f:
b2:ed:ce:fc:98:d8:51:67:a0:68:41:9f:67:16:4b:
07:5e:1c:6b:ee:25:1a:7c:5d:b3:b6:02:f5:a3:e2:
a1:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:6B:6F:95:50:23:78:E2:A0:98:E7:A0:0B:08:24:01:4E:6F:89:48
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/CGtvlVAjeOKgmOegCwgkAU5viUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.68.0/24
45.83.236.0/24
45.150.198.0/23
91.208.104.0/24
91.213.200.0/24
91.216.169.0/24
91.216.190.0/24
Signature Algorithm: sha256WithRSAEncryption
46:3e:d7:9e:34:d0:35:64:6a:dd:46:1e:7e:b4:12:32:fb:4c:
8a:fb:54:75:6a:71:fa:d1:ef:9f:9f:7b:f5:13:17:3f:cd:56:
a5:4b:bf:30:e4:a9:25:e5:9e:21:2f:50:27:bc:68:ec:ff:1b:
8b:45:90:a4:01:86:37:b9:d6:21:f1:25:e9:2a:3c:a7:ef:0b:
0a:21:9f:8e:b2:4c:50:4d:24:cd:65:a4:31:24:a5:20:0a:ad:
a0:19:95:96:f1:21:37:75:b3:cb:61:ca:dc:80:7b:90:98:c4:
19:ea:ea:e4:3d:82:b0:6e:d5:1d:49:50:90:3a:a6:9f:c5:c1:
da:10:5c:3b:e1:28:06:66:e2:ee:e2:9b:f4:c2:4a:1c:c3:2d:
e3:27:04:5a:ef:71:16:20:af:c0:8f:ed:31:bf:32:91:77:29:
38:b9:e2:38:ee:4b:c4:2b:89:ed:b9:77:72:da:25:b8:79:ed:
3c:08:39:a4:c2:68:c6:71:1b:9d:d9:16:2c:16:6a:15:2d:2e:
fd:da:5b:2b:f1:39:60:3e:56:ca:fb:4f:fc:c9:53:03:15:06:
8c:0d:63:7d:8e:72:e8:dc:e6:97:7e:1b:ed:8f:77:ae:cb:99:
cb:99:fb:8e:65:08:7b:38:59:67:ff:34:61:c8:5c:c1:3a:a5:
02:f3:bb:95
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZaoNCAIbraAWYSX3Vm8N2ZcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjUwNTA3MDA0NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODZiNmY5NTUwMjM3OGUyYTA5OGU3YTAwYjA4MjQwMTRlNmY4OTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufFZEbDLmP5Iu/LGvr39zA6jWs/W
aJzUy3M80EmPyUjNrctOd43khfDI04F86SWn+Q8zfA811017Q5W2xXqn04p0PmJo
+vHBVkEIpcPXICOjmNowthWyy6LQWdUmBUXDnOpY4+fXZfolFEGksuH8f+L5hyq0
GpS80+DHWovJvLC6DhLQzT6MC0SsSXkkFECpExnni9EIYHMY4LsKP6YEpqCmAyTm
wXtPBrM3XXPaE7IMlXZCZVAYULlCpeCqiWfHlxdVRNG17gJskpDxNVjTitb8A15z
Z3vubWVgVOWPqT+y7c78mNhRZ6BoQZ9nFksHXhxr7iUafF2ztgL1o+KhWwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAhrb5VQI3jioJjnoAsIJAFOb4lIMB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvQ0d0dmxWQWplT0tnbU9lZ0N3Z2tBVTV2aVVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALQpEAwQA
LVPsAwQBLZbGAwQAW9BoAwQAW9XIAwQAW9ipAwQAW9i+MA0GCSqGSIb3DQEBCwUA
A4IBAQBGPteeNNA1ZGrdRh5+tBIy+0yK+1R1anH60e+fn3v1Exc/zValS78w5Kkl
5Z4hL1AnvGjs/xuLRZCkAYY3udYh8SXpKjyn7wsKIZ+OskxQTSTNZaQxJKUgCq2g
GZWW8SE3dbPLYcrcgHuQmMQZ6urkPYKwbtUdSVCQOqafxcHaEFw74SgGZuLu4pv0
wkocwy3jJwRa73EWIK/Aj+0xvzKRdyk4ueI47kvEK4ntuXdy2iW4ee08CDmkwmjG
cRud2RYsFmoVLS792lsr8TlgPlbK+0/8yVMDFQaMDWN9jnLo3OaXfhvtj3euy5nL
mfuOZQh7OFln/zRhyFzBOqUC87uV
-----END CERTIFICATE-----
Generated at Tue May 13 02:23:39 2025 by rpki-client