Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/a40070-aa17-42fe-86dd-b9ae57394189/1/48IOS32yvZQcDKOVIMZ6daf-9KA.roa
File: 48IOS32yvZQcDKOVIMZ6daf-9KA.roa (raw, json)
Hash identifier: HmF8WESoe3mmtI22Berk7+aTu/j0V86FjOKvEurztNM=
Subject key identifier: E3:C2:0E:4B:7D:B2:BD:94:1C:0C:A3:95:20:C6:7A:75:A7:FE:F4:A0
Certificate issuer: /CN=6de2aab077c9eef103f97984f309d891e5a19983
Certificate serial: 0196672B42750989599B402FED8924B50556
Authority key identifier: 6D:E2:AA:B0:77:C9:EE:F1:03:F9:79:84:F3:09:D8:91:E5:A1:99:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/beKqsHfJ7vED-XmE8wnYkeWhmYM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/a40070-aa17-42fe-86dd-b9ae57394189/1/48IOS32yvZQcDKOVIMZ6daf-9KA.roa
Signing time: Thu 24 Apr 2025 09:40:10 +0000
ROA not before: Thu 24 Apr 2025 09:40:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205516
IP address blocks: 45.86.80.0/22 maxlen: 24
45.86.80.0/24 maxlen: 24
45.86.81.0/24 maxlen: 24
45.86.82.0/24 maxlen: 24
45.86.83.0/24 maxlen: 24
45.130.4.0/24 maxlen: 24
89.223.4.0/24 maxlen: 24
89.223.11.0/24 maxlen: 24
91.147.96.0/22 maxlen: 24
91.147.96.0/24 maxlen: 24
91.147.97.0/24 maxlen: 24
91.147.99.0/24 maxlen: 24
185.215.160.0/22 maxlen: 24
185.215.160.0/24 maxlen: 24
185.215.161.0/24 maxlen: 24
185.215.162.0/24 maxlen: 24
185.215.163.0/24 maxlen: 24
2a0b:abc0::/29 maxlen: 48
2a0e:db80::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/a40070-aa17-42fe-86dd-b9ae57394189/1/beKqsHfJ7vED-XmE8wnYkeWhmYM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/a40070-aa17-42fe-86dd-b9ae57394189/1/beKqsHfJ7vED-XmE8wnYkeWhmYM.mft
rsync://rpki.ripe.net/repository/DEFAULT/beKqsHfJ7vED-XmE8wnYkeWhmYM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 01 May 2025 09:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:67:2b:42:75:09:89:59:9b:40:2f:ed:89:24:b5:05:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6de2aab077c9eef103f97984f309d891e5a19983
Validity
Not Before: Apr 24 09:40:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3c20e4b7db2bd941c0ca39520c67a75a7fef4a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:16:7f:c5:c4:9b:1c:b2:db:40:c7:c7:d3:c3:
a1:20:c6:13:3a:a6:09:a9:61:cf:42:ed:7b:87:c6:
2e:f5:c2:7c:05:88:9b:c6:dc:c1:ef:78:d1:1b:b9:
5c:76:e7:bd:fb:ec:d2:ef:e9:f8:6f:20:b8:21:89:
3b:1a:3f:0d:a5:5f:fc:20:32:07:61:1e:f5:82:c7:
70:92:0b:82:1d:b1:14:51:07:76:d8:b0:c8:50:e1:
5c:da:bd:09:e6:0a:8a:f7:10:88:68:47:cc:bd:b2:
0a:36:8d:96:b9:d8:da:8d:b6:ce:e1:24:4d:3f:82:
52:4b:98:05:57:7d:b7:65:75:5b:2b:ab:92:d0:86:
1b:f5:6c:d0:0b:79:9c:5e:1d:44:2f:f0:4b:32:8d:
04:07:66:43:05:8b:d9:1f:74:92:d3:11:38:0e:c2:
11:24:58:49:e4:f5:16:5f:e4:5b:18:08:97:83:3c:
5c:f3:df:44:e1:5a:6b:d5:ac:8d:c5:e0:1f:73:89:
69:09:f0:b3:fd:c8:56:b8:f5:2a:f9:1c:ae:2d:8e:
5c:1d:76:6c:4f:cd:af:dd:f1:84:26:b1:30:13:86:
ff:0c:b2:38:4c:cc:78:d6:f7:26:ed:0d:0e:62:79:
55:67:a6:6f:f1:c9:4b:1f:99:46:12:18:fe:39:49:
97:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:C2:0E:4B:7D:B2:BD:94:1C:0C:A3:95:20:C6:7A:75:A7:FE:F4:A0
X509v3 Authority Key Identifier:
keyid:6D:E2:AA:B0:77:C9:EE:F1:03:F9:79:84:F3:09:D8:91:E5:A1:99:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/beKqsHfJ7vED-XmE8wnYkeWhmYM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/a40070-aa17-42fe-86dd-b9ae57394189/1/48IOS32yvZQcDKOVIMZ6daf-9KA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/a40070-aa17-42fe-86dd-b9ae57394189/1/beKqsHfJ7vED-XmE8wnYkeWhmYM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.80.0/22
45.130.4.0/24
89.223.4.0/24
89.223.11.0/24
91.147.96.0/22
185.215.160.0/22
IPv6:
2a0b:abc0::/29
2a0e:db80::/29
Signature Algorithm: sha256WithRSAEncryption
8f:58:9d:70:d9:1f:62:ec:22:8e:2c:39:6f:eb:a6:c5:0e:c6:
83:53:4a:52:8e:01:da:94:7d:35:01:f1:09:11:3f:37:7b:82:
74:86:a5:6d:17:52:d1:7f:b1:1f:bd:a6:b5:50:d0:70:1b:fa:
fa:52:e4:1c:9d:a5:cb:ff:99:7d:cd:30:e1:39:bb:5c:87:65:
f6:18:83:b7:b1:b4:18:84:1c:9d:5f:e8:36:43:de:2f:f3:b5:
e4:dc:ec:74:a6:ef:57:ca:2f:be:01:06:bf:48:6e:cf:2e:a1:
18:7b:56:f5:7c:13:ac:27:62:e0:55:ba:ef:ae:dd:82:83:54:
a7:43:9e:b7:4e:84:a8:2b:53:7b:69:9b:59:14:68:44:4b:95:
b5:94:6d:cb:5b:9b:bd:09:18:fe:10:4a:1b:55:3b:99:58:97:
91:d2:64:fa:1e:cd:cd:f3:da:d5:e7:dc:1c:ae:c1:df:f0:38:
d2:f5:1b:a0:2b:7b:13:fa:f7:99:fd:34:b2:b9:0c:3b:73:e6:
01:e2:e3:23:8b:59:87:8c:11:26:3f:5a:e8:af:7b:e7:31:e9:
35:a8:18:6e:6e:de:4d:ae:78:43:0b:9c:37:15:36:e0:76:66:
fc:51:eb:61:23:2a:8e:49:62:c0:e1:9a:0a:ca:b1:2b:7c:c4:
39:bd:ee:90
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZZnK0J1CYlZm0Av7YkktQVWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZTJhYWIwNzdjOWVlZjEwM2Y5Nzk4NGYzMDlkODkxZTVh
MTk5ODMwHhcNMjUwNDI0MDk0MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2MyMGU0YjdkYjJiZDk0MWMwY2EzOTUyMGM2N2E3NWE3ZmVmNGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1hZ/xcSbHLLbQMfH08OhIMYTOqYJ
qWHPQu17h8Yu9cJ8BYibxtzB73jRG7lcdue9++zS7+n4byC4IYk7Gj8NpV/8IDIH
YR71gsdwkguCHbEUUQd22LDIUOFc2r0J5gqK9xCIaEfMvbIKNo2WudjajbbO4SRN
P4JSS5gFV323ZXVbK6uS0IYb9WzQC3mcXh1EL/BLMo0EB2ZDBYvZH3SS0xE4DsIR
JFhJ5PUWX+RbGAiXgzxc899E4Vpr1ayNxeAfc4lpCfCz/chWuPUq+RyuLY5cHXZs
T82v3fGEJrEwE4b/DLI4TMx41vcm7Q0OYnlVZ6Zv8clLH5lGEhj+OUmXRQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFOPCDkt9sr2UHAyjlSDGenWn/vSgMB8GA1UdIwQY
MBaAFG3iqrB3ye7xA/l5hPMJ2JHloZmDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmVLcXNIZko3dkVELVhtRTh3bllrZVdobVlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9hNDAwNzAtYWExNy00MmZlLTg2ZGQt
YjlhZTU3Mzk0MTg5LzEvNDhJT1MzMnl2WlFjREtPVklNWjZkYWYtOUtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9hNDAwNzAtYWExNy00MmZlLTg2ZGQtYjlhZTU3Mzk0MTg5
LzEvYmVLcXNIZko3dkVELVhtRTh3bllrZVdobVlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCLVZQAwQA
LYIEAwQAWd8EAwQAWd8LAwQCW5NgAwQCudegMBQEAgACMA4DBQMqC6vAAwUDKg7b
gDANBgkqhkiG9w0BAQsFAAOCAQEAj1idcNkfYuwijiw5b+umxQ7Gg1NKUo4B2pR9
NQHxCRE/N3uCdIalbRdS0X+xH72mtVDQcBv6+lLkHJ2ly/+Zfc0w4Tm7XIdl9hiD
t7G0GIQcnV/oNkPeL/O15NzsdKbvV8ovvgEGv0huzy6hGHtW9XwTrCdi4FW6767d
goNUp0Oet06EqCtTe2mbWRRoREuVtZRty1ubvQkY/hBKG1U7mViXkdJk+h7NzfPa
1efcHK7B3/A40vUboCt7E/r3mf00srkMO3PmAeLjI4tZh4wRJj9a6K975zHpNagY
bm7eTa54QwucNxU24HZm/FHrYSMqjkliwOGaCsqxK3zEOb3ukA==
-----END CERTIFICATE-----
Generated at Wed Apr 30 16:11:51 2025 by rpki-client