Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/8TOG1UvccYpEEK3VKXXA_XDLnnc.roa
File: 8TOG1UvccYpEEK3VKXXA_XDLnnc.roa (raw, json)
Hash identifier: JxuHMWXYEuQ/Rub1EGs9LFH/Yz0AEVY6/AitRuNx0cY=
Subject key identifier: F1:33:86:D5:4B:DC:71:8A:44:10:AD:D5:29:75:C0:FD:70:CB:9E:77
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019686561601E6AB27436CD91EF0F683C584
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/8TOG1UvccYpEEK3VKXXA_XDLnnc.roa
Signing time: Wed 30 Apr 2025 10:55:10 +0000
ROA not before: Wed 30 Apr 2025 10:55:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137409
IP address blocks: 45.91.22.0/24 maxlen: 24
45.128.198.0/24 maxlen: 24
45.130.141.0/24 maxlen: 24
2a07:e342::/32 maxlen: 48
2a0f:f44::/32 maxlen: 48
2a0f:f47::/32 maxlen: 48
2a0f:2740::/29 maxlen: 48
2a0f:e383::/32 maxlen: 48
2a0f:e384::/32 maxlen: 48
2a0f:e385::/32 maxlen: 48
2a0f:e387::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 16:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:86:56:16:01:e6:ab:27:43:6c:d9:1e:f0:f6:83:c5:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Apr 30 10:55:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f13386d54bdc718a4410add52975c0fd70cb9e77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:51:87:bb:d1:c7:61:4c:b6:db:0a:e5:f9:46:
33:47:e0:25:61:81:91:ea:ab:b6:96:14:fc:ab:11:
8b:ee:c3:89:44:79:59:57:6c:96:42:d6:6d:41:1e:
36:80:fd:f7:ae:f6:5d:56:8e:4a:5a:51:de:18:31:
80:9d:10:b6:e1:f4:7d:cd:17:58:00:dd:16:a2:21:
04:4f:c5:b1:ad:c1:85:60:ff:86:ba:22:40:15:11:
bb:40:e3:a4:28:cf:ed:30:61:43:f6:03:85:68:46:
9f:56:75:9d:5b:7b:b8:1c:77:c9:67:9d:03:b1:f8:
0f:40:80:38:92:ae:d3:0b:e9:47:3c:1a:14:89:78:
24:cb:9f:53:da:75:5e:34:f9:c5:b6:77:b9:42:6b:
1d:af:0d:65:f5:53:29:25:88:de:79:35:c9:4f:ad:
7b:3b:fe:87:3f:4b:3e:43:5b:f4:bc:b4:15:d6:03:
91:a1:07:53:be:29:6e:b0:19:f2:04:5e:a1:fe:e0:
fe:d7:f6:de:34:18:0b:ea:ae:56:4c:c4:da:3b:95:
0c:94:c3:6d:91:73:9f:1f:1c:ac:76:60:38:d2:3a:
a4:5d:57:b5:0d:f9:76:1a:d3:f4:11:43:3e:b7:c3:
27:5e:54:6a:8a:be:b1:27:71:3c:60:2e:4e:bf:da:
e0:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:33:86:D5:4B:DC:71:8A:44:10:AD:D5:29:75:C0:FD:70:CB:9E:77
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/8TOG1UvccYpEEK3VKXXA_XDLnnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.22.0/24
45.128.198.0/24
45.130.141.0/24
IPv6:
2a07:e342::/32
2a0f:f44::/32
2a0f:f47::/32
2a0f:2740::/29
2a0f:e383::-2a0f:e385:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:e387::/32
Signature Algorithm: sha256WithRSAEncryption
87:6f:c1:2b:d7:af:d9:07:0b:44:db:53:69:b6:74:2c:0d:70:
69:4b:28:97:e0:18:15:dc:9c:f0:90:90:30:c6:13:62:c3:a1:
bb:31:11:ea:15:a8:0c:3b:ce:ca:ad:44:b8:a8:63:3d:89:75:
a7:64:21:71:f9:a9:93:6d:94:1c:2f:9f:74:1c:22:17:54:10:
98:95:5e:ac:0f:9a:99:71:16:e9:48:4e:13:19:50:f9:10:52:
d3:77:bf:50:ce:4a:e7:2b:60:1f:73:57:82:2e:dd:d9:2a:57:
dd:0b:3f:0a:63:2e:33:f5:8a:18:5d:4c:3c:76:32:2c:24:5d:
d3:84:c8:78:73:59:21:71:a4:94:13:31:36:e8:60:cb:bd:8f:
91:e4:9d:a7:59:49:27:fc:4a:8b:cd:a1:af:13:24:37:fe:72:
84:05:14:ff:58:2c:10:04:57:9e:f2:13:74:95:aa:53:e7:aa:
2e:94:4a:01:d7:d7:81:fa:0a:14:fe:bb:76:1d:af:be:47:8e:
e3:d9:87:7b:32:c4:43:58:66:e2:4d:23:8d:2d:f5:92:08:e3:
11:9b:fa:9a:42:77:de:5a:6c:3c:30:35:de:56:09:10:e1:6d:
08:a9:a6:6c:e4:43:8a:f1:01:5f:e7:8d:1b:69:69:74:4a:8c:
17:5b:2e:61
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZaGVhYB5qsnQ2zZHvD2g8WEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwNDMwMTA1NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTMzODZkNTRiZGM3MThhNDQxMGFkZDUyOTc1YzBmZDcwY2I5ZTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlGHu9HHYUy22wrl+UYzR+AlYYGR
6qu2lhT8qxGL7sOJRHlZV2yWQtZtQR42gP33rvZdVo5KWlHeGDGAnRC24fR9zRdY
AN0WoiEET8WxrcGFYP+GuiJAFRG7QOOkKM/tMGFD9gOFaEafVnWdW3u4HHfJZ50D
sfgPQIA4kq7TC+lHPBoUiXgky59T2nVeNPnFtne5Qmsdrw1l9VMpJYjeeTXJT617
O/6HP0s+Q1v0vLQV1gORoQdTvilusBnyBF6h/uD+1/beNBgL6q5WTMTaO5UMlMNt
kXOfHxysdmA40jqkXVe1Dfl2GtP0EUM+t8MnXlRqir6xJ3E8YC5Ov9rgpQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFPEzhtVL3HGKRBCt1Sl1wP1wy553MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvOFRPRzFVdmNjWXBFRUszVktYWEFfWERMbm5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTAYBAIAATASAwQALVsWAwQA
LYDGAwQALYKNMDkEAgACMDMDBQAqB+NCAwUAKg8PRAMFACoPD0cDBQMqDydAMA4D
BQAqD+ODAwUBKg/jhAMFACoP44cwDQYJKoZIhvcNAQELBQADggEBAIdvwSvXr9kH
C0TbU2m2dCwNcGlLKJfgGBXcnPCQkDDGE2LDobsxEeoVqAw7zsqtRLioYz2Jdadk
IXH5qZNtlBwvn3QcIhdUEJiVXqwPmplxFulIThMZUPkQUtN3v1DOSucrYB9zV4Iu
3dkqV90LPwpjLjP1ihhdTDx2MiwkXdOEyHhzWSFxpJQTMTboYMu9j5HknadZSSf8
SovNoa8TJDf+coQFFP9YLBAEV57yE3SVqlPnqi6USgHX14H6ChT+u3Ydr75HjuPZ
h3syxENYZuJNI40t9ZII4xGb+ppCd95abDwwNd5WCRDhbQippmzkQ4rxAV/njRtp
aXRKjBdbLmE=
-----END CERTIFICATE-----
Generated at Mon May 5 23:59:11 2025 by rpki-client