Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/0wxplS04ynQiI1r3ArdsiKBCEOI.roa
File: 0wxplS04ynQiI1r3ArdsiKBCEOI.roa (raw, json)
Hash identifier: WDNF73KtUANe5OGg5Z8hCbK6QAlz8jWNq6iQlKA1l4A=
Subject key identifier: D3:0C:69:95:2D:38:CA:74:22:23:5A:F7:02:B7:6C:88:A0:42:10:E2
Certificate issuer: /CN=de456cdb4d140345c3dcaebfc7634d4e7cdcb913
Certificate serial: 01967BC77170AF1B5F874D81FCF29001BAB1
Authority key identifier: DE:45:6C:DB:4D:14:03:45:C3:DC:AE:BF:C7:63:4D:4E:7C:DC:B9:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3kVs200UA0XD3K6_x2NNTnzcuRM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/0wxplS04ynQiI1r3ArdsiKBCEOI.roa
Signing time: Mon 28 Apr 2025 09:43:10 +0000
ROA not before: Mon 28 Apr 2025 09:43:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204561
IP address blocks: 45.148.49.0/24 maxlen: 24
128.127.182.0/24 maxlen: 24
128.127.183.0/24 maxlen: 24
178.211.131.0/24 maxlen: 24
185.192.44.0/24 maxlen: 24
185.192.46.0/24 maxlen: 24
2a05:8a40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/3kVs200UA0XD3K6_x2NNTnzcuRM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/3kVs200UA0XD3K6_x2NNTnzcuRM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3kVs200UA0XD3K6_x2NNTnzcuRM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 01 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7b:c7:71:70:af:1b:5f:87:4d:81:fc:f2:90:01:ba:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de456cdb4d140345c3dcaebfc7634d4e7cdcb913
Validity
Not Before: Apr 28 09:43:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d30c69952d38ca7422235af702b76c88a04210e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:08:68:86:42:79:4f:99:77:32:35:dc:34:3e:
d0:35:49:b0:6f:b8:81:91:0c:3d:df:da:5a:26:5f:
ea:5d:7b:19:74:43:3c:fc:19:57:21:58:c2:ae:d0:
b7:5d:4e:3a:1b:d5:11:c1:1d:85:9c:d8:27:41:5b:
30:eb:a6:dd:94:03:67:b0:c8:4c:57:f1:01:be:59:
80:15:53:77:01:c3:28:57:b7:33:4c:1a:26:ce:df:
6e:d9:95:18:a7:8f:68:b3:f5:14:1e:29:6b:0d:ca:
05:ba:60:fd:fe:a4:61:da:f7:49:72:27:51:00:e3:
0c:f9:d9:ed:a8:37:51:c3:4f:cb:4a:13:e2:d1:6f:
7f:4d:12:15:b0:4d:d0:2e:e3:d4:29:f7:b3:d1:b1:
3f:46:c9:75:f7:8e:7d:27:95:13:77:ef:d7:cc:9c:
e3:ca:f4:4b:07:7d:ce:03:6d:5d:6c:76:fd:f4:cf:
c4:af:f7:fc:a6:f3:c7:8d:83:8b:b2:12:36:62:c2:
b3:c9:8b:75:ba:5b:57:3b:73:32:ae:4e:6c:8c:97:
5a:72:45:9a:77:a3:9b:b8:0a:9f:6a:9d:0c:12:d2:
70:6b:08:b5:a3:ac:6c:bf:c3:97:32:d1:0d:55:c1:
5c:49:2c:73:fc:cf:60:04:bb:c3:3e:49:b3:62:a1:
53:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:0C:69:95:2D:38:CA:74:22:23:5A:F7:02:B7:6C:88:A0:42:10:E2
X509v3 Authority Key Identifier:
keyid:DE:45:6C:DB:4D:14:03:45:C3:DC:AE:BF:C7:63:4D:4E:7C:DC:B9:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3kVs200UA0XD3K6_x2NNTnzcuRM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/0wxplS04ynQiI1r3ArdsiKBCEOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/3kVs200UA0XD3K6_x2NNTnzcuRM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.49.0/24
128.127.182.0/23
178.211.131.0/24
185.192.44.0/24
185.192.46.0/24
IPv6:
2a05:8a40::/29
Signature Algorithm: sha256WithRSAEncryption
3d:8e:92:6c:95:ef:23:3a:d3:fd:58:75:f9:f3:26:d6:be:37:
6e:5c:27:50:9d:23:d7:88:66:10:59:fd:3b:88:6d:00:10:ad:
cf:57:9d:9b:77:0b:07:b0:fb:ab:ad:f9:ff:e6:c4:a1:89:c2:
e9:08:a9:a4:dd:0e:ba:a0:36:94:dd:5f:b4:e0:70:18:c5:02:
8e:d4:c1:d0:e3:0d:c1:66:fe:73:04:65:49:80:e0:da:90:95:
bd:0b:55:11:7a:f6:fe:aa:ff:4a:ef:5d:61:34:9b:0b:08:57:
23:5b:d8:e5:96:4c:b7:6d:ee:50:2b:45:26:81:f7:da:8b:40:
41:f1:8f:d0:95:5b:ef:dd:9f:ae:1e:9a:11:92:7c:62:4c:75:
64:a1:e7:70:61:6b:20:79:90:ec:c2:19:cb:b0:0d:f7:13:bf:
7f:97:42:a1:b0:e9:6a:d2:ef:30:42:e2:c5:a7:ff:37:1c:41:
3e:b0:1c:d4:47:c0:5f:e4:f2:0a:64:04:94:dc:b0:77:96:be:
21:fd:06:87:56:bd:11:d6:be:c8:a5:57:5d:f0:4c:4c:ac:b5:
30:0f:b5:ac:1a:07:cc:e1:65:f4:1a:66:36:6a:76:d5:7c:68:
d6:67:00:08:3e:ae:d2:bf:81:0a:4b:77:0b:a1:c8:1f:8b:4e:
aa:5d:ff:11
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZZ7x3Fwrxtfh02B/PKQAbqxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDU2Y2RiNGQxNDAzNDVjM2RjYWViZmM3NjM0ZDRlN2Nk
Y2I5MTMwHhcNMjUwNDI4MDk0MzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzBjNjk5NTJkMzhjYTc0MjIyMzVhZjcwMmI3NmM4OGEwNDIxMGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ghohkJ5T5l3MjXcND7QNUmwb7iB
kQw939paJl/qXXsZdEM8/BlXIVjCrtC3XU46G9URwR2FnNgnQVsw66bdlANnsMhM
V/EBvlmAFVN3AcMoV7czTBomzt9u2ZUYp49os/UUHilrDcoFumD9/qRh2vdJcidR
AOMM+dntqDdRw0/LShPi0W9/TRIVsE3QLuPUKfez0bE/Rsl19459J5UTd+/XzJzj
yvRLB33OA21dbHb99M/Er/f8pvPHjYOLshI2YsKzyYt1ultXO3Myrk5sjJdackWa
d6ObuAqfap0MEtJwawi1o6xsv8OXMtENVcFcSSxz/M9gBLvDPkmzYqFTbQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNMMaZUtOMp0IiNa9wK3bIigQhDiMB8GA1UdIwQY
MBaAFN5FbNtNFANFw9yuv8djTU583LkTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tWczIwMFVBMFhEM0s2X3gyTk5UbnpjdVJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8yMGNiMzMtZTJiZi00NmFhLWFiZmEt
OTI4ZTdiYzY5NTcwLzEvMHd4cGxTMDR5blFpSTFyM0FyZHNpS0JDRU9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8yMGNiMzMtZTJiZi00NmFhLWFiZmEtOTI4ZTdiYzY5NTcw
LzEvM2tWczIwMFVBMFhEM0s2X3gyTk5UbnpjdVJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQALZQxAwQB
gH+2AwQAstODAwQAucAsAwQAucAuMA0EAgACMAcDBQMqBYpAMA0GCSqGSIb3DQEB
CwUAA4IBAQA9jpJsle8jOtP9WHX58ybWvjduXCdQnSPXiGYQWf07iG0AEK3PV52b
dwsHsPurrfn/5sShicLpCKmk3Q66oDaU3V+04HAYxQKO1MHQ4w3BZv5zBGVJgODa
kJW9C1URevb+qv9K711hNJsLCFcjW9jllky3be5QK0Umgffai0BB8Y/QlVvv3Z+u
HpoRknxiTHVkoedwYWsgeZDswhnLsA33E79/l0KhsOlq0u8wQuLFp/83HEE+sBzU
R8Bf5PIKZASU3LB3lr4h/QaHVr0R1r7IpVdd8ExMrLUwD7WsGgfM4WX0GmY2anbV
fGjWZwAIPq7Sv4EKS3cLocgfi06qXf8R
-----END CERTIFICATE-----
Generated at Thu May 1 08:05:35 2025 by rpki-client