Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/84g9kcbpLMOYWyAe0WNiCfk8rQ0.roa
File: 84g9kcbpLMOYWyAe0WNiCfk8rQ0.roa (raw, json)
Hash identifier: Op4AJknS0Y4sLCSDEIKA+ch9xkPiEHCr8XwgBypEB5o=
Subject key identifier: F3:88:3D:91:C6:E9:2C:C3:98:5B:20:1E:D1:63:62:09:F9:3C:AD:0D
Certificate issuer: /CN=45bbd2193642530a017f4f1cbe562e2170b3dfbd
Certificate serial: 0194266C24CF71376D6DB34BEC3843671271
Authority key identifier: 45:BB:D2:19:36:42:53:0A:01:7F:4F:1C:BE:56:2E:21:70:B3:DF:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RbvSGTZCUwoBf08cvlYuIXCz370.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/84g9kcbpLMOYWyAe0WNiCfk8rQ0.roa
Signing time: Thu 02 Jan 2025 09:50:08 +0000
ROA not before: Thu 02 Jan 2025 09:50:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60064
IP address blocks: 212.46.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/RbvSGTZCUwoBf08cvlYuIXCz370.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/RbvSGTZCUwoBf08cvlYuIXCz370.mft
rsync://rpki.ripe.net/repository/DEFAULT/RbvSGTZCUwoBf08cvlYuIXCz370.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 17:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:24:cf:71:37:6d:6d:b3:4b:ec:38:43:67:12:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45bbd2193642530a017f4f1cbe562e2170b3dfbd
Validity
Not Before: Jan 2 09:50:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3883d91c6e92cc3985b201ed1636209f93cad0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:73:b4:3d:a2:7c:49:e4:80:96:8d:5f:b4:75:
52:1f:58:dd:5e:e5:a4:50:a1:24:6e:e9:55:18:19:
7f:80:6f:d1:69:34:15:b3:76:e0:d5:98:0b:bb:c6:
61:bf:68:01:2d:08:4e:60:0f:94:46:41:d8:1d:2a:
f1:6a:fb:31:88:a2:18:d1:c6:3a:53:27:27:f5:10:
b9:ba:68:49:b8:1c:2b:42:ff:0f:0c:14:db:b4:b3:
cb:ce:38:7a:76:84:b2:4a:f3:cb:e2:6c:ba:61:17:
c0:e3:f7:76:19:86:80:bf:67:13:3c:5d:a1:db:df:
c9:c9:fe:e5:86:8b:21:79:a5:88:5b:a0:0a:a5:44:
d2:8d:b1:29:a5:8e:c1:88:0f:34:e5:1f:24:6b:09:
c1:24:cf:88:81:11:00:81:fb:1a:7b:ae:18:6e:7b:
40:c9:68:66:19:fc:f9:6c:11:fe:37:57:40:a4:73:
0a:60:4e:d8:ac:5a:e1:1d:10:8f:04:6a:24:9f:fe:
2a:70:86:73:9e:78:89:25:da:31:dd:58:c7:53:9f:
1f:5c:5c:bb:e7:9c:ea:2a:19:71:fd:8a:60:ff:c3:
b6:1c:b3:6d:35:97:53:fc:33:73:e4:67:f0:80:45:
23:bf:ae:da:5f:93:fb:08:7c:ec:12:f7:39:bf:86:
c0:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:88:3D:91:C6:E9:2C:C3:98:5B:20:1E:D1:63:62:09:F9:3C:AD:0D
X509v3 Authority Key Identifier:
keyid:45:BB:D2:19:36:42:53:0A:01:7F:4F:1C:BE:56:2E:21:70:B3:DF:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RbvSGTZCUwoBf08cvlYuIXCz370.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/84g9kcbpLMOYWyAe0WNiCfk8rQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/RbvSGTZCUwoBf08cvlYuIXCz370.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.46.43.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:b1:2d:e3:a3:7c:94:81:26:0b:0b:41:9f:48:39:93:e1:50:
d1:6e:aa:59:a8:8e:28:c2:fa:cb:65:93:5c:55:8b:24:67:88:
3a:50:cc:37:39:32:93:76:49:34:e0:75:d9:65:c8:d7:c0:0d:
77:01:77:03:5e:b4:38:61:ff:60:b6:bb:3b:d3:f5:26:ee:ac:
6e:8f:21:58:ec:a3:0a:57:59:90:d3:c8:7c:cb:db:32:5e:1d:
7e:5e:af:aa:cb:ac:fc:58:76:e5:47:83:ce:33:f0:cc:0a:dd:
b3:ee:b5:3d:f3:e3:f0:f7:b9:c0:bd:49:a9:05:be:c6:4b:70:
27:98:5e:ae:5f:a5:57:3b:fc:ea:91:9f:bb:2b:40:0f:6c:08:
16:b7:3d:08:9e:9e:12:cc:8e:ce:3d:cf:22:ee:11:6a:57:07:
24:52:6d:2e:79:8d:84:1b:40:c8:8b:38:6f:67:2a:e3:c1:1b:
01:6c:b4:9a:61:8e:6c:5e:05:3e:0d:18:90:ad:29:38:4a:01:
17:a8:b6:d4:92:8b:4c:3e:80:35:e2:dc:d9:4f:08:29:33:11:
da:cd:b3:2b:f7:2f:c7:ad:1e:8f:44:cb:03:79:bf:89:d0:3e:
08:08:f5:36:8f:81:39:38:b2:a5:41:f3:03:72:2a:95:b5:36:
f2:ef:a3:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbCTPcTdtbbNL7DhDZxJxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1YmJkMjE5MzY0MjUzMGEwMTdmNGYxY2JlNTYyZTIxNzBi
M2RmYmQwHhcNMjUwMTAyMDk1MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzg4M2Q5MWM2ZTkyY2MzOTg1YjIwMWVkMTYzNjIwOWY5M2NhZDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHO0PaJ8SeSAlo1ftHVSH1jdXuWk
UKEkbulVGBl/gG/RaTQVs3bg1ZgLu8Zhv2gBLQhOYA+URkHYHSrxavsxiKIY0cY6
Uycn9RC5umhJuBwrQv8PDBTbtLPLzjh6doSySvPL4my6YRfA4/d2GYaAv2cTPF2h
29/Jyf7lhosheaWIW6AKpUTSjbEppY7BiA805R8kawnBJM+IgREAgfsae64YbntA
yWhmGfz5bBH+N1dApHMKYE7YrFrhHRCPBGokn/4qcIZznniJJdox3VjHU58fXFy7
55zqKhlx/Ypg/8O2HLNtNZdT/DNz5GfwgEUjv67aX5P7CHzsEvc5v4bAPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPOIPZHG6SzDmFsgHtFjYgn5PK0NMB8GA1UdIwQY
MBaAFEW70hk2QlMKAX9PHL5WLiFws9+9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmJ2U0dUWkNVd29CZjA4Y3ZsWXVJWEN6MzcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jZmZmZjgtMzUzMC00ZTViLWE1ZTIt
Yzc3OTA1ZmJiYTdiLzEvODRnOWtjYnBMTU9ZV3lBZTBXTmlDZms4clEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jZmZmZjgtMzUzMC00ZTViLWE1ZTItYzc3OTA1ZmJiYTdi
LzEvUmJ2U0dUWkNVd29CZjA4Y3ZsWXVJWEN6MzcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1C4rMA0G
CSqGSIb3DQEBCwUAA4IBAQANsS3jo3yUgSYLC0GfSDmT4VDRbqpZqI4owvrLZZNc
VYskZ4g6UMw3OTKTdkk04HXZZcjXwA13AXcDXrQ4Yf9gtrs70/Um7qxujyFY7KMK
V1mQ08h8y9syXh1+Xq+qy6z8WHblR4POM/DMCt2z7rU98+Pw97nAvUmpBb7GS3An
mF6uX6VXO/zqkZ+7K0APbAgWtz0Inp4SzI7OPc8i7hFqVwckUm0ueY2EG0DIizhv
ZyrjwRsBbLSaYY5sXgU+DRiQrSk4SgEXqLbUkotMPoA14tzZTwgpMxHazbMr9y/H
rR6PRMsDeb+J0D4ICPU2j4E5OLKlQfMDciqVtTby76Ng
-----END CERTIFICATE-----
Generated at Fri Apr 11 02:56:22 2025 by rpki-client