Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/G4MwgB7fiTeMftg3TQdlNGxOcwY.roa
File: G4MwgB7fiTeMftg3TQdlNGxOcwY.roa (raw, json)
Hash identifier: qd+85WI9s6tSLPCE1o9frX3qQdDI81kFC906WtAFRAM=
Subject key identifier: 1B:83:30:80:1E:DF:89:37:8C:7E:D8:37:4D:07:65:34:6C:4E:73:06
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01966D702DD41B9068855DCD70CB11A3E307
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/G4MwgB7fiTeMftg3TQdlNGxOcwY.roa
Signing time: Fri 25 Apr 2025 14:53:10 +0000
ROA not before: Fri 25 Apr 2025 14:53:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5511
IP address blocks: 45.136.0.0/24 maxlen: 32
45.136.1.0/24 maxlen: 32
45.136.2.0/24 maxlen: 32
45.136.3.0/24 maxlen: 32
128.0.119.0/24 maxlen: 32
185.117.20.0/22 maxlen: 32
185.117.20.0/24 maxlen: 32
185.117.22.0/24 maxlen: 32
185.117.23.0/24 maxlen: 32
185.120.13.0/24 maxlen: 32
185.144.100.0/24 maxlen: 32
185.144.102.0/24 maxlen: 32
185.211.48.0/24 maxlen: 32
185.211.49.0/24 maxlen: 32
185.211.50.0/24 maxlen: 32
185.227.240.0/24 maxlen: 32
185.227.241.0/24 maxlen: 32
185.227.242.0/24 maxlen: 32
185.227.243.0/24 maxlen: 32
193.201.208.0/24 maxlen: 32
193.201.209.0/24 maxlen: 32
193.201.210.0/24 maxlen: 32
193.201.211.0/24 maxlen: 32
194.36.100.0/24 maxlen: 32
194.36.101.0/24 maxlen: 32
194.36.102.0/24 maxlen: 32
194.36.103.0/24 maxlen: 32
194.124.64.0/24 maxlen: 32
194.124.65.0/24 maxlen: 32
194.124.66.0/24 maxlen: 32
194.124.67.0/24 maxlen: 32
195.85.68.0/24 maxlen: 32
195.85.69.0/24 maxlen: 32
195.85.70.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 02:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6d:70:2d:d4:1b:90:68:85:5d:cd:70:cb:11:a3:e3:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Apr 25 14:53:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b8330801edf89378c7ed8374d0765346c4e7306
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:1f:57:80:eb:7e:17:8b:d0:a6:c7:88:e1:cc:
0c:15:33:95:82:bf:60:f3:14:4c:6c:7b:b6:55:16:
35:d5:8f:e8:b1:7f:14:de:1c:bd:b9:7d:33:36:e3:
b4:4b:42:f7:c7:a4:a7:33:ad:82:a5:b2:36:01:a7:
6d:ab:b5:1c:56:e1:16:bf:8c:20:08:d3:ee:01:40:
8f:43:4d:6b:72:0d:dc:ce:01:54:82:7d:35:64:4e:
1a:f1:db:80:e3:b1:c9:11:8e:98:a6:3c:ba:94:df:
b5:9c:04:e5:03:2f:37:1b:45:f0:90:65:75:d2:d7:
c4:55:8c:9d:5c:b7:8e:46:52:11:94:9e:a9:0d:7e:
42:1d:7c:94:83:34:15:a7:e1:2b:da:f0:75:58:4b:
b6:4d:d3:f5:c4:e3:77:9f:ae:e3:df:55:fd:81:76:
91:06:e7:5f:ec:33:79:20:64:35:91:61:80:d3:9a:
89:c3:50:37:f1:66:cf:89:c8:c7:6e:ae:2f:59:50:
c4:a0:c3:28:61:f3:2f:ff:89:42:90:e8:d2:33:db:
f6:3b:5c:21:71:61:c6:77:a9:94:ae:84:eb:07:96:
35:9c:2b:bf:9a:9c:be:90:27:72:85:3a:b3:ee:71:
67:14:50:e5:2f:0f:c9:ec:7e:0b:cd:18:47:ef:2a:
98:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:83:30:80:1E:DF:89:37:8C:7E:D8:37:4D:07:65:34:6C:4E:73:06
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/G4MwgB7fiTeMftg3TQdlNGxOcwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.0.0/22
128.0.119.0/24
185.117.20.0/22
185.120.13.0/24
185.144.100.0/24
185.144.102.0/24
185.211.48.0-185.211.50.255
185.227.240.0/22
193.201.208.0/22
194.36.100.0/22
194.124.64.0/22
195.85.68.0-195.85.70.255
Signature Algorithm: sha256WithRSAEncryption
aa:fb:79:e6:97:d9:9a:6b:fa:a5:2a:1d:1c:7e:72:70:81:e8:
be:23:f8:99:1c:1a:fc:ba:bd:08:61:2e:2d:68:0b:09:23:6a:
06:73:01:fa:98:4d:b7:0a:c3:ab:7d:3f:13:f2:b1:4a:21:ff:
bb:1a:99:01:47:9c:36:26:b9:7e:7f:65:76:45:84:09:0d:ce:
5a:dd:fc:6d:23:28:e4:d9:86:e6:14:b8:0f:ff:0f:e3:c2:df:
1b:88:5e:da:70:c1:7c:8a:76:ec:f7:39:c0:87:8c:0b:b8:94:
6d:9e:b0:30:59:82:d2:8b:14:47:94:26:a3:41:9b:13:c6:9d:
06:f7:15:4f:99:3d:ea:83:f4:65:51:eb:9c:b9:5b:37:ed:c0:
d1:57:0d:dc:7f:0d:8a:a4:43:75:b6:5c:89:90:62:9b:bc:76:
fc:c4:bd:eb:3e:20:d2:46:f2:69:37:fb:37:b7:2b:d4:e1:59:
ec:7d:12:ac:2f:f4:5d:4f:fc:57:b9:3d:72:a0:71:fe:35:8c:
35:1c:49:0b:66:e6:fc:23:51:3a:da:aa:8a:47:2d:cc:1a:a6:
d0:56:36:3b:5e:b7:a3:cf:08:84:40:0a:0c:9d:4f:d1:62:e2:
6d:9d:1f:66:a0:f6:0c:6d:db:29:f6:8b:bb:d4:a5:4e:47:31:
98:02:fa:7d
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZZtcC3UG5BohV3NcMsRo+MHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwNDI1MTQ1MzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjgzMzA4MDFlZGY4OTM3OGM3ZWQ4Mzc0ZDA3NjUzNDZjNGU3MzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoR9XgOt+F4vQpseI4cwMFTOVgr9g
8xRMbHu2VRY11Y/osX8U3hy9uX0zNuO0S0L3x6SnM62CpbI2Aadtq7UcVuEWv4wg
CNPuAUCPQ01rcg3czgFUgn01ZE4a8duA47HJEY6Ypjy6lN+1nATlAy83G0XwkGV1
0tfEVYydXLeORlIRlJ6pDX5CHXyUgzQVp+Er2vB1WEu2TdP1xON3n67j31X9gXaR
Budf7DN5IGQ1kWGA05qJw1A38WbPicjHbq4vWVDEoMMoYfMv/4lCkOjSM9v2O1wh
cWHGd6mUroTrB5Y1nCu/mpy+kCdyhTqz7nFnFFDlLw/J7H4LzRhH7yqY7QIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFBuDMIAe34k3jH7YN00HZTRsTnMGMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvRzRNd2dCN2ZpVGVNZnRnM1RRZGxOR3hPY3dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQCLYgAAwQA
gAB3AwQCuXUUAwQAuXgNAwQAuZBkAwQAuZBmMAwDBAS50zADBAC50zIDBAK54/AD
BALBydADBALCJGQDBALCfEAwDAMEAsNVRAMEAMNVRjANBgkqhkiG9w0BAQsFAAOC
AQEAqvt55pfZmmv6pSodHH5ycIHoviP4mRwa/Lq9CGEuLWgLCSNqBnMB+phNtwrD
q30/E/KxSiH/uxqZAUecNia5fn9ldkWECQ3OWt38bSMo5NmG5hS4D/8P48LfG4he
2nDBfIp27Pc5wIeMC7iUbZ6wMFmC0osUR5Qmo0GbE8adBvcVT5k96oP0ZVHrnLlb
N+3A0VcN3H8NiqRDdbZciZBim7x2/MS96z4g0kbyaTf7N7cr1OFZ7H0SrC/0XU/8
V7k9cqBx/jWMNRxJC2bm/CNROtqqikctzBqm0FY2O163o88IhEAKDJ1P0WLibZ0f
ZqD2DG3bKfaLu9SlTkcxmAL6fQ==
-----END CERTIFICATE-----
Generated at Sun Apr 27 10:26:40 2025 by rpki-client