Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/a4c6f1-7c93-45ee-8eaf-4394052cd65e/1/9Z5tAyPoNAUrhK3XQbPirY-i870.roa
File: 9Z5tAyPoNAUrhK3XQbPirY-i870.roa (raw, json)
Hash identifier: JYdT76bIYS9WiRnbn5ANGOhlwfQ42Z47wnU1M4quBe4=
Subject key identifier: F5:9E:6D:03:23:E8:34:05:2B:84:AD:D7:41:B3:E2:AD:8F:A2:F3:BD
Certificate issuer: /CN=c1adbdfe01e9a3f96d50022c3cdafdc3e1a8d988
Certificate serial: 019426D9FCABBA7E7FE6484B8256662289AF
Authority key identifier: C1:AD:BD:FE:01:E9:A3:F9:6D:50:02:2C:3C:DA:FD:C3:E1:A8:D9:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wa29_gHpo_ltUAIsPNr9w-Go2Yg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/a4c6f1-7c93-45ee-8eaf-4394052cd65e/1/9Z5tAyPoNAUrhK3XQbPirY-i870.roa
Signing time: Thu 02 Jan 2025 11:50:07 +0000
ROA not before: Thu 02 Jan 2025 11:50:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35328
IP address blocks: 46.18.144.0/21 maxlen: 21
46.18.144.0/22 maxlen: 22
46.18.148.0/22 maxlen: 22
77.234.224.0/19 maxlen: 19
77.234.224.0/20 maxlen: 20
77.234.240.0/20 maxlen: 20
80.87.208.0/20 maxlen: 20
80.87.208.0/21 maxlen: 21
80.87.216.0/21 maxlen: 21
145.255.144.0/20 maxlen: 20
145.255.144.0/21 maxlen: 21
145.255.152.0/21 maxlen: 21
185.42.4.0/22 maxlen: 22
185.42.4.0/23 maxlen: 23
185.42.6.0/23 maxlen: 23
217.31.32.0/20 maxlen: 20
217.31.32.0/21 maxlen: 21
217.31.40.0/21 maxlen: 21
2a00:e380::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/a4c6f1-7c93-45ee-8eaf-4394052cd65e/1/wa29_gHpo_ltUAIsPNr9w-Go2Yg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/a4c6f1-7c93-45ee-8eaf-4394052cd65e/1/wa29_gHpo_ltUAIsPNr9w-Go2Yg.mft
rsync://rpki.ripe.net/repository/DEFAULT/wa29_gHpo_ltUAIsPNr9w-Go2Yg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 11:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:fc:ab:ba:7e:7f:e6:48:4b:82:56:66:22:89:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1adbdfe01e9a3f96d50022c3cdafdc3e1a8d988
Validity
Not Before: Jan 2 11:50:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f59e6d0323e834052b84add741b3e2ad8fa2f3bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:14:40:f5:1c:71:c3:be:42:68:35:a5:f5:7c:
1b:4c:c0:ef:5d:af:60:93:ed:cd:da:eb:dc:14:e4:
08:da:87:cb:05:2f:17:5a:81:ec:a6:4e:72:86:01:
c4:ba:c0:61:bd:57:e8:80:4c:e6:80:79:ce:d1:2e:
67:0a:49:89:1c:8d:55:41:bb:d0:89:f8:3f:bf:8e:
d3:1f:33:d0:a0:b9:7f:1c:c9:14:15:94:e1:26:e7:
76:4d:ce:56:27:14:88:1c:25:19:e6:5d:d1:47:06:
05:1d:44:3d:2b:43:60:ba:14:a1:e5:75:6c:9b:8b:
0c:4a:89:bf:3e:32:3d:35:08:ef:06:b6:ac:59:33:
f0:b1:6c:ac:86:f3:9b:7b:89:9b:22:4b:7f:f8:37:
32:b8:7d:45:69:aa:41:45:0d:d1:86:c6:d8:e0:fd:
bf:75:5f:e1:22:ba:cf:a8:5e:ba:73:10:aa:fe:c9:
cf:7c:c4:d0:f5:f3:0a:9d:a8:c2:61:5d:74:6d:11:
79:13:e9:a2:3e:ea:ec:1a:b9:9a:ec:e4:ed:b5:85:
e0:9d:7c:86:5d:b5:91:98:d8:69:f6:26:ca:eb:c1:
9d:e9:16:67:b4:d8:98:dc:30:41:b5:1a:6e:54:92:
1f:46:6f:a3:54:9e:d6:26:51:11:5b:e9:06:de:c5:
25:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:9E:6D:03:23:E8:34:05:2B:84:AD:D7:41:B3:E2:AD:8F:A2:F3:BD
X509v3 Authority Key Identifier:
keyid:C1:AD:BD:FE:01:E9:A3:F9:6D:50:02:2C:3C:DA:FD:C3:E1:A8:D9:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wa29_gHpo_ltUAIsPNr9w-Go2Yg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/a4c6f1-7c93-45ee-8eaf-4394052cd65e/1/9Z5tAyPoNAUrhK3XQbPirY-i870.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/a4c6f1-7c93-45ee-8eaf-4394052cd65e/1/wa29_gHpo_ltUAIsPNr9w-Go2Yg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.18.144.0/21
77.234.224.0/19
80.87.208.0/20
145.255.144.0/20
185.42.4.0/22
217.31.32.0/20
IPv6:
2a00:e380::/29
Signature Algorithm: sha256WithRSAEncryption
89:13:59:91:fe:d6:68:51:80:8f:36:05:8b:0f:7b:3f:55:8e:
7e:93:22:1c:7a:73:98:49:8a:29:8e:e7:fb:1a:3d:c3:be:0f:
71:4a:c4:91:63:04:2c:c6:b0:eb:c0:91:23:90:58:b8:a4:7f:
1c:63:bd:28:f1:ca:5a:ea:bb:7f:d7:c3:c1:22:3e:61:de:5f:
51:b2:82:a9:3f:40:3c:80:15:5d:f6:ad:44:3c:64:f7:2e:14:
b9:fc:95:da:b2:7d:1a:52:7c:dc:60:2a:6a:36:7f:3e:6c:3d:
91:65:07:77:67:9b:4e:ee:9a:68:54:57:2a:83:b9:b4:1e:84:
47:91:f1:ee:e5:71:22:2a:4b:ed:b6:31:51:e6:69:c2:6b:5c:
fb:7c:98:ef:ac:98:25:0f:47:84:af:3c:6a:68:27:02:82:21:
44:9c:48:9e:d4:29:5a:50:75:42:ae:86:77:52:27:06:05:4b:
c6:b4:1e:19:9d:39:2b:8a:00:5d:ca:c0:de:c9:a8:c9:1a:34:
84:83:77:36:71:4e:28:6e:80:71:99:36:49:27:3c:4e:77:b8:
cc:82:c6:b2:be:77:50:6c:c2:f7:35:eb:98:5a:f5:d0:00:d7:
e0:55:58:20:b5:dc:23:18:bd:41:b0:ab:95:23:48:02:93:6f:
3d:c4:48:af
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQm2fyrun5/5khLglZmIomvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYWRiZGZlMDFlOWEzZjk2ZDUwMDIyYzNjZGFmZGMzZTFh
OGQ5ODgwHhcNMjUwMTAyMTE1MDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTllNmQwMzIzZTgzNDA1MmI4NGFkZDc0MWIzZTJhZDhmYTJmM2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhRA9Rxxw75CaDWl9XwbTMDvXa9g
k+3N2uvcFOQI2ofLBS8XWoHspk5yhgHEusBhvVfogEzmgHnO0S5nCkmJHI1VQbvQ
ifg/v47THzPQoLl/HMkUFZThJud2Tc5WJxSIHCUZ5l3RRwYFHUQ9K0NguhSh5XVs
m4sMSom/PjI9NQjvBrasWTPwsWyshvObe4mbIkt/+DcyuH1FaapBRQ3RhsbY4P2/
dV/hIrrPqF66cxCq/snPfMTQ9fMKnajCYV10bRF5E+miPursGrma7OTttYXgnXyG
XbWRmNhp9ibK68Gd6RZntNiY3DBBtRpuVJIfRm+jVJ7WJlERW+kG3sUlyQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFPWebQMj6DQFK4St10Gz4q2PovO9MB8GA1UdIwQY
MBaAFMGtvf4B6aP5bVACLDza/cPhqNmIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2EyOV9nSHBvX2x0VUFJc1BOcjl3LUdvMllnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9hNGM2ZjEtN2M5My00NWVlLThlYWYt
NDM5NDA1MmNkNjVlLzEvOVo1dEF5UG9OQVVyaEszWFFiUGlyWS1pODcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9hNGM2ZjEtN2M5My00NWVlLThlYWYtNDM5NDA1MmNkNjVl
LzEvd2EyOV9nSHBvX2x0VUFJc1BOcjl3LUdvMllnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDLhKQAwQF
TergAwQEUFfQAwQEkf+QAwQCuSoEAwQE2R8gMA0EAgACMAcDBQMqAOOAMA0GCSqG
SIb3DQEBCwUAA4IBAQCJE1mR/tZoUYCPNgWLD3s/VY5+kyIcenOYSYopjuf7Gj3D
vg9xSsSRYwQsxrDrwJEjkFi4pH8cY70o8cpa6rt/18PBIj5h3l9RsoKpP0A8gBVd
9q1EPGT3LhS5/JXasn0aUnzcYCpqNn8+bD2RZQd3Z5tO7ppoVFcqg7m0HoRHkfHu
5XEiKkvttjFR5mnCa1z7fJjvrJglD0eErzxqaCcCgiFEnEie1ClaUHVCroZ3UicG
BUvGtB4ZnTkrigBdysDeyajJGjSEg3c2cU4oboBxmTZJJzxOd7jMgsayvndQbML3
NeuYWvXQANfgVVggtdwjGL1BsKuVI0gCk289xEiv
-----END CERTIFICATE-----
Generated at Sun May 11 19:06:36 2025 by rpki-client