Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/Rb4b2fJCublE-IL8HhGXicF9sEM.roa
File: Rb4b2fJCublE-IL8HhGXicF9sEM.roa (raw, json)
Hash identifier: PyYAOqircy60MPWz4V06L7QvOxOEimKDajTYlawGVcc=
Subject key identifier: 45:BE:1B:D9:F2:42:B9:B9:44:F8:82:FC:1E:11:97:89:C1:7D:B0:43
Certificate issuer: /CN=4ea65c7edba469d099d76aacd7dc263f4dfec5eb
Certificate serial: 019634BC5491A470B6C400DA041934001D78
Authority key identifier: 4E:A6:5C:7E:DB:A4:69:D0:99:D7:6A:AC:D7:DC:26:3F:4D:FE:C5:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TqZcftukadCZ12qs19wmP03-xes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/Rb4b2fJCublE-IL8HhGXicF9sEM.roa
Signing time: Mon 14 Apr 2025 14:37:59 +0000
ROA not before: Mon 14 Apr 2025 14:37:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12946
IP address blocks: 83.97.128.0/17 maxlen: 17
85.152.0.0/16 maxlen: 19
93.156.0.0/16 maxlen: 19
185.54.192.0/22 maxlen: 22
188.171.0.0/16 maxlen: 21
212.89.0.0/19 maxlen: 19
212.89.1.0/24 maxlen: 24
212.89.16.0/20 maxlen: 20
213.141.32.0/19 maxlen: 19
213.141.32.0/20 maxlen: 20
2a00:bec7::/40 maxlen: 48
2a00:bec7:f800::/40 maxlen: 40
2a00:bec7:ff00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/TqZcftukadCZ12qs19wmP03-xes.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/TqZcftukadCZ12qs19wmP03-xes.mft
rsync://rpki.ripe.net/repository/DEFAULT/TqZcftukadCZ12qs19wmP03-xes.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:34:bc:54:91:a4:70:b6:c4:00:da:04:19:34:00:1d:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ea65c7edba469d099d76aacd7dc263f4dfec5eb
Validity
Not Before: Apr 14 14:37:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=45be1bd9f242b9b944f882fc1e119789c17db043
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:94:e1:e2:21:08:ea:66:b9:d7:26:5d:69:b7:
3e:a6:39:d2:e9:52:7c:13:57:d0:97:65:f5:ba:ca:
12:47:d2:89:8f:0f:a1:33:43:a6:82:da:4f:14:7a:
36:8e:f5:fa:23:aa:7f:77:26:93:7c:b1:06:af:16:
f8:a4:15:97:db:73:b8:1b:1a:b2:ab:1d:7c:25:3d:
8b:0a:b8:68:6f:65:b2:5b:9a:dd:ed:d0:8b:bc:7c:
db:a7:90:49:9c:ca:9d:7c:06:3f:29:2d:eb:2f:30:
fd:de:e5:22:0b:e2:87:e1:12:c2:6e:4f:75:19:e7:
cf:90:cd:c1:9d:2d:43:df:77:84:0c:ae:56:fe:09:
4c:b5:de:c2:48:c8:5e:cd:80:bf:a8:5d:c0:58:b6:
1f:8c:f6:fa:7a:b6:61:7d:a5:74:cd:c9:ca:46:46:
f8:d3:17:6b:ff:aa:eb:34:f0:5f:1e:51:93:a0:fb:
bb:fd:de:18:4b:93:c1:5f:91:eb:c9:84:fe:31:28:
d6:46:06:cc:98:bf:ab:f4:7c:59:df:9b:83:e4:ac:
a9:4b:64:e6:b6:e1:1a:e7:49:23:30:cc:fb:6e:43:
f1:4c:e3:e5:0f:51:ef:48:cb:28:1a:a2:ca:9e:01:
09:b0:dd:df:93:35:7d:16:16:9a:a4:77:df:15:75:
67:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:BE:1B:D9:F2:42:B9:B9:44:F8:82:FC:1E:11:97:89:C1:7D:B0:43
X509v3 Authority Key Identifier:
keyid:4E:A6:5C:7E:DB:A4:69:D0:99:D7:6A:AC:D7:DC:26:3F:4D:FE:C5:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TqZcftukadCZ12qs19wmP03-xes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/Rb4b2fJCublE-IL8HhGXicF9sEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/TqZcftukadCZ12qs19wmP03-xes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.97.128.0/17
85.152.0.0/16
93.156.0.0/16
185.54.192.0/22
188.171.0.0/16
212.89.0.0/19
213.141.32.0/19
IPv6:
2a00:bec7::/40
2a00:bec7:f800::/40
2a00:bec7:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
bb:06:15:31:ed:ac:ae:35:8e:4b:4a:d3:13:50:f4:86:6f:3b:
e7:17:a3:9d:b9:78:ea:9a:1b:f1:75:97:2e:bb:1d:7c:a0:6b:
b1:5d:2b:0f:53:65:41:0a:04:c5:2f:4f:8b:9f:d3:24:5c:7b:
ff:55:53:5b:f9:7e:d5:bb:9c:3c:58:ca:ec:5a:4d:c4:09:fe:
d9:e2:e4:4c:6c:96:fb:47:3a:d4:3f:18:ae:f5:5d:f9:b8:0a:
7a:d4:fe:cd:51:d5:c3:17:0f:de:cb:c0:0e:00:56:37:17:a6:
6e:b2:e6:22:4c:2b:c4:99:0b:ed:58:35:b0:9a:49:50:0b:da:
96:35:81:64:18:a6:69:5d:da:53:f5:34:19:f7:2f:07:b2:dd:
e9:05:7f:50:0c:60:00:ab:b5:40:16:6a:41:07:4b:71:85:9a:
49:c4:50:d2:45:d9:19:ee:ac:8e:d8:8c:51:9a:9d:86:55:ae:
da:a2:a5:40:61:a4:58:d1:fd:95:c9:58:4d:c0:f2:2d:0a:4f:
1f:bb:c2:97:88:49:e5:d0:5c:8e:f6:72:65:75:bd:82:53:c3:
88:0c:07:99:18:f9:1e:5a:0e:98:70:1e:90:d0:82:20:f9:b4:
92:73:3e:04:af:64:b2:9c:78:4b:9c:63:f4:15:fe:8a:33:ed:
95:fb:59:00
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZY0vFSRpHC2xADaBBk0AB14MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlYTY1YzdlZGJhNDY5ZDA5OWQ3NmFhY2Q3ZGMyNjNmNGRm
ZWM1ZWIwHhcNMjUwNDE0MTQzNzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWJlMWJkOWYyNDJiOWI5NDRmODgyZmMxZTExOTc4OWMxN2RiMDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZTh4iEI6ma51yZdabc+pjnS6VJ8
E1fQl2X1usoSR9KJjw+hM0OmgtpPFHo2jvX6I6p/dyaTfLEGrxb4pBWX23O4Gxqy
qx18JT2LCrhob2WyW5rd7dCLvHzbp5BJnMqdfAY/KS3rLzD93uUiC+KH4RLCbk91
GefPkM3BnS1D33eEDK5W/glMtd7CSMhezYC/qF3AWLYfjPb6erZhfaV0zcnKRkb4
0xdr/6rrNPBfHlGToPu7/d4YS5PBX5HryYT+MSjWRgbMmL+r9HxZ35uD5KypS2Tm
tuEa50kjMMz7bkPxTOPlD1HvSMsoGqLKngEJsN3fkzV9FhaapHffFXVnwwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFEW+G9nyQrm5RPiC/B4Rl4nBfbBDMB8GA1UdIwQY
MBaAFE6mXH7bpGnQmddqrNfcJj9N/sXrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHFaY2Z0dWthZENaMTJxczE5d21QMDMteGVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8wN2YyNzAtYzZjYy00OWNkLWFlNDYt
NTEwMGEyNmQyNzRiLzEvUmI0YjJmSkN1YmxFLUlMOEhoR1hpY0Y5c0VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8wN2YyNzAtYzZjYy00OWNkLWFlNDYtNTEwMGEyNmQyNzRi
LzEvVHFaY2Z0dWthZENaMTJxczE5d21QMDMteGVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAtBAIAATAnAwQHU2GAAwMA
VZgDAwBdnAMEArk2wAMDALyrAwQF1FkAAwQF1Y0gMB4EAgACMBgDBgAqAL7HAAMG
ACoAvsf4AwYAKgC+x/8wDQYJKoZIhvcNAQELBQADggEBALsGFTHtrK41jktK0xNQ
9IZvO+cXo525eOqaG/F1ly67HXyga7FdKw9TZUEKBMUvT4uf0yRce/9VU1v5ftW7
nDxYyuxaTcQJ/tni5ExslvtHOtQ/GK71Xfm4CnrU/s1R1cMXD97LwA4AVjcXpm6y
5iJMK8SZC+1YNbCaSVAL2pY1gWQYpmld2lP1NBn3Lwey3ekFf1AMYACrtUAWakEH
S3GFmknEUNJF2RnurI7YjFGanYZVrtqipUBhpFjR/ZXJWE3A8i0KTx+7wpeISeXQ
XI72cmV1vYJTw4gMB5kY+R5aDphwHpDQgiD5tJJzPgSvZLKceEucY/QV/ooz7ZX7
WQA=
-----END CERTIFICATE-----
Generated at Tue Apr 29 08:33:10 2025 by rpki-client