Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/CR8YJspwxomYpmDyzYM2dLoc98I.roa
File: CR8YJspwxomYpmDyzYM2dLoc98I.roa (raw, json)
Hash identifier: iJ3gsU4zydGrCTb03TaGmqam+0fxWdzK3zynKtfQSFo=
Subject key identifier: 09:1F:18:26:CA:70:C6:89:98:A6:60:F2:CD:83:36:74:BA:1C:F7:C2
Certificate issuer: /CN=878abb29977a65b140cacb6e72ab24ceddd4e8c5
Certificate serial: 01964183AB82B6DD25377A5F64C9AAC2C3E6
Authority key identifier: 87:8A:BB:29:97:7A:65:B1:40:CA:CB:6E:72:AB:24:CE:DD:D4:E8:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h4q7KZd6ZbFAystucqskzt3U6MU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/CR8YJspwxomYpmDyzYM2dLoc98I.roa
Signing time: Thu 17 Apr 2025 02:11:10 +0000
ROA not before: Thu 17 Apr 2025 02:11:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 984
IP address blocks: 45.8.28.0/24 maxlen: 24
45.8.31.0/24 maxlen: 24
45.9.109.0/24 maxlen: 24
45.10.211.0/24 maxlen: 24
45.80.112.0/24 maxlen: 24
193.108.47.0/24 maxlen: 24
193.164.222.0/24 maxlen: 24
193.164.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/h4q7KZd6ZbFAystucqskzt3U6MU.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/h4q7KZd6ZbFAystucqskzt3U6MU.mft
rsync://rpki.ripe.net/repository/DEFAULT/h4q7KZd6ZbFAystucqskzt3U6MU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 05:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:41:83:ab:82:b6:dd:25:37:7a:5f:64:c9:aa:c2:c3:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=878abb29977a65b140cacb6e72ab24ceddd4e8c5
Validity
Not Before: Apr 17 02:11:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=091f1826ca70c68998a660f2cd833674ba1cf7c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:83:91:6d:d4:d7:89:3e:f7:78:d6:76:0e:a4:
0f:9d:0e:04:9d:08:9a:7b:68:bc:c5:ed:a4:9b:1c:
28:78:32:93:e9:c1:08:d0:1c:a0:08:35:87:16:c1:
c6:60:4a:21:56:48:dd:00:57:0a:4d:ea:42:9d:e2:
96:84:ca:fb:c5:be:5f:56:e4:46:21:ee:ee:f0:69:
d0:61:7f:05:47:a5:1d:09:4c:7c:33:45:c4:0f:be:
f6:4b:b4:0e:6e:d9:8b:aa:f1:22:c7:50:b1:a5:8c:
0b:30:c0:c9:fa:60:f6:cb:62:51:82:fc:24:13:3c:
09:ac:89:72:32:51:74:51:8a:68:13:22:6a:c3:7e:
52:bc:9f:a8:d5:56:cd:c1:b5:87:65:8e:b4:39:39:
60:8f:b3:3e:eb:da:d7:7a:d4:5d:f9:f8:b6:5d:cd:
cd:54:59:84:33:50:ea:93:18:33:c2:d7:ab:3b:bc:
49:43:e3:7d:ac:6c:e5:d9:0b:6e:b8:59:43:67:39:
82:73:38:ff:1e:44:47:34:75:30:9e:08:39:ba:a3:
90:f9:d6:17:05:71:af:06:4f:b4:28:ea:11:51:77:
3c:0d:12:03:04:e6:fd:85:77:07:74:aa:ff:8d:ec:
36:f0:4e:03:ca:52:0c:e0:68:33:d8:51:ef:7f:e5:
47:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:1F:18:26:CA:70:C6:89:98:A6:60:F2:CD:83:36:74:BA:1C:F7:C2
X509v3 Authority Key Identifier:
keyid:87:8A:BB:29:97:7A:65:B1:40:CA:CB:6E:72:AB:24:CE:DD:D4:E8:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h4q7KZd6ZbFAystucqskzt3U6MU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/CR8YJspwxomYpmDyzYM2dLoc98I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/06b8f5-1a76-45f8-b97a-ac8647d0558a/1/h4q7KZd6ZbFAystucqskzt3U6MU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.28.0/24
45.8.31.0/24
45.9.109.0/24
45.10.211.0/24
45.80.112.0/24
193.108.47.0/24
193.164.222.0/23
Signature Algorithm: sha256WithRSAEncryption
16:4a:bf:30:bb:1e:d6:89:10:2d:20:1d:23:d3:1a:dc:f4:4b:
66:12:01:b8:b5:e7:9e:a4:57:27:cb:d3:7c:43:2b:4e:1f:d6:
f8:b4:12:eb:68:4d:d4:d3:19:14:b2:7d:76:17:7b:68:2e:bb:
9c:08:d4:c0:8e:30:eb:ca:b7:e1:05:2f:f7:ea:07:31:0e:91:
7d:7e:9b:7b:d5:05:0f:c8:23:6b:49:9d:6f:28:b0:2b:08:dc:
ad:b5:8d:28:61:8f:45:88:4d:33:88:4b:a9:f0:e3:5f:09:1e:
0a:09:db:22:ea:90:ec:ef:06:0a:68:f2:85:c7:e8:e6:8d:9e:
a4:ca:b5:13:01:81:27:02:2a:3e:0b:5b:25:f6:b9:98:ae:5e:
da:24:4e:c5:95:20:71:f1:3b:20:ba:51:f3:40:5c:37:03:7e:
25:d2:9e:df:6c:0d:0e:38:de:14:08:b5:3a:df:1f:fc:e4:16:
f5:eb:e8:3d:43:24:31:73:b5:74:92:d0:c1:05:24:89:b7:bd:
e8:92:21:52:13:42:aa:51:f6:6e:1e:ee:07:c9:05:f5:f9:bd:
ac:4e:85:2c:8f:40:b1:80:e1:71:5c:a4:09:b7:db:40:60:3e:
65:7d:e3:9f:94:3a:84:5b:07:a1:04:96:fc:6e:ac:a9:d2:85:
ef:91:c1:b3
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZZBg6uCtt0lN3pfZMmqwsPmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3OGFiYjI5OTc3YTY1YjE0MGNhY2I2ZTcyYWIyNGNlZGRk
NGU4YzUwHhcNMjUwNDE3MDIxMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTFmMTgyNmNhNzBjNjg5OThhNjYwZjJjZDgzMzY3NGJhMWNmN2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4ORbdTXiT73eNZ2DqQPnQ4EnQia
e2i8xe2kmxwoeDKT6cEI0BygCDWHFsHGYEohVkjdAFcKTepCneKWhMr7xb5fVuRG
Ie7u8GnQYX8FR6UdCUx8M0XED772S7QObtmLqvEix1CxpYwLMMDJ+mD2y2JRgvwk
EzwJrIlyMlF0UYpoEyJqw35SvJ+o1VbNwbWHZY60OTlgj7M+69rXetRd+fi2Xc3N
VFmEM1DqkxgzwterO7xJQ+N9rGzl2QtuuFlDZzmCczj/HkRHNHUwngg5uqOQ+dYX
BXGvBk+0KOoRUXc8DRIDBOb9hXcHdKr/jew28E4DylIM4Ggz2FHvf+VHnwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAkfGCbKcMaJmKZg8s2DNnS6HPfCMB8GA1UdIwQY
MBaAFIeKuymXemWxQMrLbnKrJM7d1OjFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDRxN0taZDZaYkZBeXN0dWNxc2t6dDNVNk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8wNmI4ZjUtMWE3Ni00NWY4LWI5N2Et
YWM4NjQ3ZDA1NThhLzEvQ1I4WUpzcHd4b21ZcG1EeXpZTTJkTG9jOThJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8wNmI4ZjUtMWE3Ni00NWY4LWI5N2EtYWM4NjQ3ZDA1NThh
LzEvaDRxN0taZDZaYkZBeXN0dWNxc2t6dDNVNk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALQgcAwQA
LQgfAwQALQltAwQALQrTAwQALVBwAwQAwWwvAwQBwaTeMA0GCSqGSIb3DQEBCwUA
A4IBAQAWSr8wux7WiRAtIB0j0xrc9EtmEgG4teeepFcny9N8QytOH9b4tBLraE3U
0xkUsn12F3toLrucCNTAjjDryrfhBS/36gcxDpF9fpt71QUPyCNrSZ1vKLArCNyt
tY0oYY9FiE0ziEup8ONfCR4KCdsi6pDs7wYKaPKFx+jmjZ6kyrUTAYEnAio+C1sl
9rmYrl7aJE7FlSBx8TsgulHzQFw3A34l0p7fbA0OON4UCLU63x/85Bb16+g9QyQx
c7V0ktDBBSSJt73okiFSE0KqUfZuHu4HyQX1+b2sToUsj0CxgOFxXKQJt9tAYD5l
feOflDqEWwehBJb8bqyp0oXvkcGz
-----END CERTIFICATE-----
Generated at Sun Apr 27 12:09:04 2025 by rpki-client