Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/b182bc-bc32-4e2f-bad7-ca51fb408901/1/Tj1VT7s8ilnWaRH5FDEx4ErgOfw.roa
File: Tj1VT7s8ilnWaRH5FDEx4ErgOfw.roa (raw, json)
Hash identifier: EAnVAxYXeZnLn3O7V7JRGZpaiw9YJLofd+adf3s7hWw=
Subject key identifier: 4E:3D:55:4F:BB:3C:8A:59:D6:69:11:F9:14:31:31:E0:4A:E0:39:FC
Certificate issuer: /CN=2078baee6b6ec5425a16b1fc00c52c30ed95a3f0
Certificate serial: 019426D939E43A28928A446F8783EF041DA3
Authority key identifier: 20:78:BA:EE:6B:6E:C5:42:5A:16:B1:FC:00:C5:2C:30:ED:95:A3:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IHi67mtuxUJaFrH8AMUsMO2Vo_A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/b182bc-bc32-4e2f-bad7-ca51fb408901/1/Tj1VT7s8ilnWaRH5FDEx4ErgOfw.roa
Signing time: Thu 02 Jan 2025 11:49:17 +0000
ROA not before: Thu 02 Jan 2025 11:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208290
IP address blocks: 45.148.208.0/24 maxlen: 24
45.148.209.0/24 maxlen: 24
45.148.210.0/24 maxlen: 24
45.148.211.0/24 maxlen: 24
2a10:9f00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/b182bc-bc32-4e2f-bad7-ca51fb408901/1/IHi67mtuxUJaFrH8AMUsMO2Vo_A.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/b182bc-bc32-4e2f-bad7-ca51fb408901/1/IHi67mtuxUJaFrH8AMUsMO2Vo_A.mft
rsync://rpki.ripe.net/repository/DEFAULT/IHi67mtuxUJaFrH8AMUsMO2Vo_A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 14:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:39:e4:3a:28:92:8a:44:6f:87:83:ef:04:1d:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2078baee6b6ec5425a16b1fc00c52c30ed95a3f0
Validity
Not Before: Jan 2 11:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e3d554fbb3c8a59d66911f9143131e04ae039fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e7:6c:68:b0:01:a5:17:4f:bc:b0:59:1d:09:
12:b1:f9:44:46:78:55:20:b6:bb:33:a6:56:42:6d:
3a:63:33:bf:12:ac:80:ca:44:ad:bb:23:ed:1b:24:
7e:64:83:5f:0c:94:33:6f:24:f0:26:1c:2f:83:5c:
b5:a4:32:3c:c1:bb:72:5c:27:28:c9:f2:f7:c1:75:
3c:04:5f:50:d3:6e:f6:83:c6:cf:17:41:55:88:b7:
bd:59:85:88:d0:2b:bf:04:a9:56:d6:26:f1:ee:99:
98:e2:07:7d:4d:85:8d:1b:bd:32:97:7b:bc:98:69:
88:e9:cb:75:5f:7f:31:5d:69:72:75:05:8c:ae:c3:
c4:35:63:1a:30:82:07:f7:04:69:0f:3d:cc:10:23:
63:59:37:3e:95:28:70:3e:7f:c1:89:f3:ed:57:62:
db:3f:67:10:58:32:cd:5f:c2:b9:0b:f2:62:de:ca:
ad:18:00:44:96:c3:b2:b3:6d:64:ee:51:4e:b9:38:
a2:8b:c8:c2:5b:77:bb:b7:95:5f:78:72:80:c9:c6:
e8:75:a5:17:8c:ce:7f:64:0d:20:21:3b:2d:3d:6d:
57:6e:65:cc:9d:9a:55:5e:09:c6:ad:0e:75:23:3e:
66:be:f5:76:ae:b9:13:f9:d4:b4:7c:21:df:12:27:
30:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:3D:55:4F:BB:3C:8A:59:D6:69:11:F9:14:31:31:E0:4A:E0:39:FC
X509v3 Authority Key Identifier:
keyid:20:78:BA:EE:6B:6E:C5:42:5A:16:B1:FC:00:C5:2C:30:ED:95:A3:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IHi67mtuxUJaFrH8AMUsMO2Vo_A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b182bc-bc32-4e2f-bad7-ca51fb408901/1/Tj1VT7s8ilnWaRH5FDEx4ErgOfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b182bc-bc32-4e2f-bad7-ca51fb408901/1/IHi67mtuxUJaFrH8AMUsMO2Vo_A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.208.0/22
IPv6:
2a10:9f00::/29
Signature Algorithm: sha256WithRSAEncryption
08:3c:3f:04:1e:83:88:d0:e6:22:4a:17:45:57:2b:c5:3a:e9:
e7:a5:5d:03:33:bd:57:18:31:8d:c2:2a:16:a1:f3:b8:b0:91:
9f:ac:c5:65:6e:6a:3c:e3:f9:0d:fe:1a:8a:6b:19:f5:66:84:
c5:51:4e:5c:69:79:0b:43:15:00:ce:0e:1d:17:de:b8:c9:b9:
51:eb:16:ad:60:d6:01:9c:83:e2:4d:cf:b3:40:46:0b:8f:8a:
a6:4e:e6:c4:e7:2b:c9:a7:31:49:b1:a3:4a:76:63:ad:1e:ba:
ff:a4:d2:3d:54:c7:26:14:5a:b8:15:4a:f1:e1:9e:91:e3:4b:
51:3b:5f:28:49:4e:53:a0:2d:4b:9a:1a:c6:ed:4c:f3:32:8e:
02:ca:53:2c:e0:ff:85:d9:4a:09:72:0c:1e:b0:fe:60:c2:d6:
44:7f:c0:45:8e:3b:b0:b3:f3:48:0c:a9:4c:65:80:5b:24:82:
c8:1c:a0:87:e5:21:1a:76:15:88:48:ee:18:31:6f:fd:a2:90:
0c:64:68:02:8a:43:7d:63:3c:b7:bf:f6:3e:44:d8:9e:89:22:
b5:75:3c:94:cc:61:c9:21:ab:da:ce:6f:e6:ff:da:bc:21:8c:
21:dd:00:de:a0:aa:b3:1c:23:53:aa:80:64:96:ff:c9:e5:33:
e6:57:a1:db
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQm2TnkOiiSikRvh4PvBB2jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNzhiYWVlNmI2ZWM1NDI1YTE2YjFmYzAwYzUyYzMwZWQ5
NWEzZjAwHhcNMjUwMTAyMTE0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTNkNTU0ZmJiM2M4YTU5ZDY2OTExZjkxNDMxMzFlMDRhZTAzOWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+dsaLABpRdPvLBZHQkSsflERnhV
ILa7M6ZWQm06YzO/EqyAykStuyPtGyR+ZINfDJQzbyTwJhwvg1y1pDI8wbtyXCco
yfL3wXU8BF9Q0272g8bPF0FViLe9WYWI0Cu/BKlW1ibx7pmY4gd9TYWNG70yl3u8
mGmI6ct1X38xXWlydQWMrsPENWMaMIIH9wRpDz3MECNjWTc+lShwPn/BifPtV2Lb
P2cQWDLNX8K5C/Ji3sqtGABElsOys21k7lFOuTiii8jCW3e7t5VfeHKAycbodaUX
jM5/ZA0gITstPW1XbmXMnZpVXgnGrQ51Iz5mvvV2rrkT+dS0fCHfEicwbwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE49VU+7PIpZ1mkR+RQxMeBK4Dn8MB8GA1UdIwQY
MBaAFCB4uu5rbsVCWhax/ADFLDDtlaPwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUhpNjdtdHV4VUphRnJIOEFNVXNNTzJWb19BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9iMTgyYmMtYmMzMi00ZTJmLWJhZDct
Y2E1MWZiNDA4OTAxLzEvVGoxVlQ3czhpbG5XYVJINUZERXg0RXJnT2Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9iMTgyYmMtYmMzMi00ZTJmLWJhZDctY2E1MWZiNDA4OTAx
LzEvSUhpNjdtdHV4VUphRnJIOEFNVXNNTzJWb19BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZTQMA0E
AgACMAcDBQMqEJ8AMA0GCSqGSIb3DQEBCwUAA4IBAQAIPD8EHoOI0OYiShdFVyvF
OunnpV0DM71XGDGNwioWofO4sJGfrMVlbmo84/kN/hqKaxn1ZoTFUU5caXkLQxUA
zg4dF964yblR6xatYNYBnIPiTc+zQEYLj4qmTubE5yvJpzFJsaNKdmOtHrr/pNI9
VMcmFFq4FUrx4Z6R40tRO18oSU5ToC1LmhrG7UzzMo4CylMs4P+F2UoJcgwesP5g
wtZEf8BFjjuws/NIDKlMZYBbJILIHKCH5SEadhWISO4YMW/9opAMZGgCikN9Yzy3
v/Y+RNieiSK1dTyUzGHJIavazm/m/9q8IYwh3QDeoKqzHCNTqoBklv/J5TPmV6Hb
-----END CERTIFICATE-----
Generated at Sun Apr 27 21:18:06 2025 by rpki-client