Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/TfprpfwT9ItH286RL7PxOvTeI2U.roa
File: TfprpfwT9ItH286RL7PxOvTeI2U.roa (raw, json)
Hash identifier: eHndZCuna/WraPHPo9tLgtPCavzBD79NmvmOePfCToM=
Subject key identifier: 4D:FA:6B:A5:FC:13:F4:8B:47:DB:CE:91:2F:B3:F1:3A:F4:DE:23:65
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01968656164E1CC1CCDABE960CC674716157
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/TfprpfwT9ItH286RL7PxOvTeI2U.roa
Signing time: Wed 30 Apr 2025 10:55:10 +0000
ROA not before: Wed 30 Apr 2025 10:55:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 45.84.216.0/24 maxlen: 24
45.85.90.0/24 maxlen: 24
45.91.23.0/24 maxlen: 24
45.95.243.0/24 maxlen: 24
45.130.143.0/24 maxlen: 24
45.146.53.0/24 maxlen: 24
45.148.25.0/24 maxlen: 24
45.157.98.0/24 maxlen: 24
45.157.99.0/24 maxlen: 24
89.251.2.0/24 maxlen: 24
136.144.26.0/24 maxlen: 24
136.144.27.0/24 maxlen: 24
185.227.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 01:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:86:56:16:4e:1c:c1:cc:da:be:96:0c:c6:74:71:61:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Apr 30 10:55:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4dfa6ba5fc13f48b47dbce912fb3f13af4de2365
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:46:b9:05:1f:81:b6:10:4e:a9:17:1f:dc:65:
de:f5:2c:b1:fa:d1:59:54:ef:3b:40:b4:8b:e6:9e:
6c:2c:88:c7:4c:74:d1:43:41:9f:ba:6d:62:15:64:
c5:ad:9f:b1:72:8b:8b:45:e5:af:ed:2c:44:43:e4:
0b:64:3a:5d:98:c4:44:50:0c:53:08:7a:c6:bd:be:
df:b8:9f:15:dd:96:e3:4b:1b:d2:23:87:0f:60:f4:
5f:e8:fc:2c:18:5e:33:0e:00:2d:0e:42:f4:86:a2:
08:ff:21:2d:bf:0a:22:79:3b:70:0e:a4:c8:cb:7c:
d9:3f:b5:ed:8d:03:81:b0:83:6b:30:dd:b7:2d:2a:
d9:e9:a9:ca:90:cf:42:2d:47:e1:d9:84:25:15:d2:
d2:61:0b:7c:1a:29:80:5d:02:7b:cd:fc:cd:c8:85:
a5:77:4f:e6:e6:6b:8d:3d:bf:4a:17:b7:07:cc:fa:
a8:72:69:63:3d:93:47:b3:69:5e:1e:4c:58:76:a2:
c3:1a:0b:04:7b:ac:eb:8f:75:59:96:fa:40:21:b1:
02:64:0c:a5:f8:a7:67:4d:b3:eb:89:13:45:9a:bb:
7d:e7:88:d2:0b:89:53:54:08:56:34:28:6e:7a:32:
47:12:04:78:b1:5b:04:a0:2e:2f:f0:33:34:a7:5d:
f1:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:FA:6B:A5:FC:13:F4:8B:47:DB:CE:91:2F:B3:F1:3A:F4:DE:23:65
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/TfprpfwT9ItH286RL7PxOvTeI2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.216.0/24
45.85.90.0/24
45.91.23.0/24
45.95.243.0/24
45.130.143.0/24
45.146.53.0/24
45.148.25.0/24
45.157.98.0/23
89.251.2.0/24
136.144.26.0/23
185.227.33.0/24
Signature Algorithm: sha256WithRSAEncryption
66:67:5f:37:ec:ea:28:37:d1:4c:1d:49:92:b5:85:af:be:44:
e7:8b:51:3d:0a:13:d4:ef:e5:f7:66:d2:dd:7e:b9:b4:6a:05:
23:34:20:bc:ab:dd:10:6c:b5:c8:4c:b1:9d:24:cc:6a:31:92:
5a:a4:fb:67:de:6f:10:63:56:e3:bd:31:6d:e7:3d:0a:07:21:
e8:87:d4:19:23:6d:72:85:e7:6b:45:ca:d5:0a:eb:00:b1:0a:
e2:5b:a8:9d:ec:e4:3c:06:24:4b:b8:ab:a4:01:1e:76:6c:e3:
65:35:9b:7d:39:da:61:80:19:2d:20:67:88:e6:24:9b:a4:c7:
92:ce:c3:dc:0c:d2:65:3e:58:27:f3:48:3e:25:c1:c2:2b:6e:
a4:a4:2f:e7:94:d2:53:44:84:df:83:03:47:db:4c:14:07:c3:
97:2b:7d:96:26:b6:e2:8a:0b:bf:93:01:b0:2e:34:56:4b:0e:
3e:96:d0:c2:49:dc:b6:e7:29:6d:29:7a:76:e5:10:44:f6:95:
4f:74:bf:d2:bc:c7:c7:e7:21:19:f4:5a:bc:1b:17:c4:20:57:
0b:46:c4:2a:e5:af:1b:3e:f4:d4:9f:09:9f:08:b9:70:1b:26:
d9:93:28:b4:5c:a7:9a:51:02:ad:3f:c0:9c:2a:c8:56:ea:2d:
fb:70:e8:58
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZaGVhZOHMHM2r6WDMZ0cWFXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwNDMwMTA1NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGZhNmJhNWZjMTNmNDhiNDdkYmNlOTEyZmIzZjEzYWY0ZGUyMzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUa5BR+BthBOqRcf3GXe9Syx+tFZ
VO87QLSL5p5sLIjHTHTRQ0Gfum1iFWTFrZ+xcouLReWv7SxEQ+QLZDpdmMREUAxT
CHrGvb7fuJ8V3ZbjSxvSI4cPYPRf6PwsGF4zDgAtDkL0hqII/yEtvwoieTtwDqTI
y3zZP7XtjQOBsINrMN23LSrZ6anKkM9CLUfh2YQlFdLSYQt8GimAXQJ7zfzNyIWl
d0/m5muNPb9KF7cHzPqocmljPZNHs2leHkxYdqLDGgsEe6zrj3VZlvpAIbECZAyl
+KdnTbPriRNFmrt954jSC4lTVAhWNChuejJHEgR4sVsEoC4v8DM0p13x+wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFE36a6X8E/SLR9vOkS+z8Tr03iNlMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvVGZwcnBmd1Q5SXRIMjg2Ukw3UHhPdlRlSTJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQALVTYAwQA
LVVaAwQALVsXAwQALV/zAwQALYKPAwQALZI1AwQALZQZAwQBLZ1iAwQAWfsCAwQB
iJAaAwQAueMhMA0GCSqGSIb3DQEBCwUAA4IBAQBmZ1837OooN9FMHUmStYWvvkTn
i1E9ChPU7+X3ZtLdfrm0agUjNCC8q90QbLXITLGdJMxqMZJapPtn3m8QY1bjvTFt
5z0KByHoh9QZI21yhedrRcrVCusAsQriW6id7OQ8BiRLuKukAR52bONlNZt9Odph
gBktIGeI5iSbpMeSzsPcDNJlPlgn80g+JcHCK26kpC/nlNJTRITfgwNH20wUB8OX
K32WJrbiigu/kwGwLjRWSw4+ltDCSdy25yltKXp25RBE9pVPdL/SvMfH5yEZ9Fq8
GxfEIFcLRsQq5a8bPvTUnwmfCLlwGybZkyi0XKeaUQKtP8CcKshW6i37cOhY
-----END CERTIFICATE-----
Generated at Tue May 6 11:32:42 2025 by rpki-client