Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/00c03c-d207-4ec1-9dd9-32449ce6cf89/1/4jpGoGfytvkcBWF1AUAJF0-qdUc.roa
File: 4jpGoGfytvkcBWF1AUAJF0-qdUc.roa (raw, json)
Hash identifier: RRVQEgJXSCFRfqwvduB081T3vxLgFXzLMjRYLNyG6B8=
Subject key identifier: E2:3A:46:A0:67:F2:B6:F9:1C:05:61:75:01:40:09:17:4F:AA:75:47
Certificate issuer: /CN=45ad6f1f1b730c7a016b562c12b31becc4b3e1fa
Certificate serial: 01942444E5B5010FB83E7144755F1D8A4E37
Authority key identifier: 45:AD:6F:1F:1B:73:0C:7A:01:6B:56:2C:12:B3:1B:EC:C4:B3:E1:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ra1vHxtzDHoBa1YsErMb7MSz4fo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/00c03c-d207-4ec1-9dd9-32449ce6cf89/1/4jpGoGfytvkcBWF1AUAJF0-qdUc.roa
Signing time: Wed 01 Jan 2025 23:48:02 +0000
ROA not before: Wed 01 Jan 2025 23:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198218
IP address blocks: 82.205.128.0/22 maxlen: 24
82.205.202.0/23 maxlen: 24
82.205.204.0/22 maxlen: 24
82.205.208.0/20 maxlen: 24
82.205.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/00c03c-d207-4ec1-9dd9-32449ce6cf89/1/Ra1vHxtzDHoBa1YsErMb7MSz4fo.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/00c03c-d207-4ec1-9dd9-32449ce6cf89/1/Ra1vHxtzDHoBa1YsErMb7MSz4fo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ra1vHxtzDHoBa1YsErMb7MSz4fo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:e5:b5:01:0f:b8:3e:71:44:75:5f:1d:8a:4e:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45ad6f1f1b730c7a016b562c12b31becc4b3e1fa
Validity
Not Before: Jan 1 23:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e23a46a067f2b6f91c056175014009174faa7547
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:bd:ad:9f:50:45:65:ce:ec:8e:a4:cf:89:71:
e9:ca:be:13:6f:1d:bc:0f:95:c2:e6:64:d7:cf:ef:
74:b6:c7:1c:aa:40:55:e6:c1:bc:f1:28:a1:bd:9a:
0f:19:8b:e7:26:27:3f:1a:56:ba:13:8f:35:e1:a3:
c7:01:75:8b:3c:28:36:d6:8a:0f:d2:76:1a:11:99:
79:fa:c7:36:dd:d0:f1:7e:23:b8:08:aa:a7:18:96:
e0:33:ed:58:75:19:ef:f8:4c:33:91:da:82:d8:94:
1c:8a:65:df:e5:35:13:67:0f:bc:37:a5:d1:ab:4d:
99:66:c9:d6:bb:ee:f1:11:d5:2e:50:59:fc:a4:bd:
ff:3e:8b:76:46:21:cc:6b:26:dd:20:81:80:af:f7:
3f:7d:05:97:5a:36:11:70:a1:8d:b0:30:70:e9:5d:
5f:e7:e0:a5:67:40:e5:bd:f6:52:07:89:81:8a:98:
19:11:9b:4f:6f:64:c9:50:63:0b:f5:ad:5d:75:e1:
7b:6c:3b:19:23:8c:67:f0:c1:d1:c3:89:4b:2f:34:
9f:d7:6c:39:f0:48:09:da:70:d1:8e:23:17:3d:73:
4a:07:da:f6:24:9a:00:34:5b:1f:47:fd:21:3c:f6:
98:79:df:23:36:70:be:78:88:ef:cc:a4:b5:04:11:
6e:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:3A:46:A0:67:F2:B6:F9:1C:05:61:75:01:40:09:17:4F:AA:75:47
X509v3 Authority Key Identifier:
keyid:45:AD:6F:1F:1B:73:0C:7A:01:6B:56:2C:12:B3:1B:EC:C4:B3:E1:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ra1vHxtzDHoBa1YsErMb7MSz4fo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/00c03c-d207-4ec1-9dd9-32449ce6cf89/1/4jpGoGfytvkcBWF1AUAJF0-qdUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/00c03c-d207-4ec1-9dd9-32449ce6cf89/1/Ra1vHxtzDHoBa1YsErMb7MSz4fo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.205.128.0/22
82.205.202.0-82.205.255.255
Signature Algorithm: sha256WithRSAEncryption
a3:2b:64:ad:7b:24:df:7e:13:21:62:e4:3d:b4:c0:ff:a8:4a:
e3:fd:74:b9:d9:25:f3:ee:87:23:ca:3e:74:a9:89:9e:57:fc:
bc:c5:4a:9e:c0:b3:33:14:68:9c:9c:d7:c1:90:d9:ba:fc:39:
5d:12:1e:cc:c2:00:5c:ff:34:c9:fc:38:2d:28:36:32:71:8a:
7e:35:45:95:a5:0d:4f:63:55:70:8d:70:e0:93:0e:37:35:8f:
ff:50:6f:2d:98:dc:16:b8:53:83:18:33:ce:2f:9d:55:b2:65:
91:7d:97:78:cb:80:4c:e2:9b:9b:fd:dd:6f:14:45:f4:a8:80:
5e:03:78:e4:e7:f2:ae:07:c6:03:9d:80:d1:0a:a0:31:16:5f:
d8:81:18:06:7e:2f:44:3f:ab:5c:30:9d:22:a9:3d:ae:f3:0a:
64:bf:c7:9b:19:c3:aa:1a:15:27:26:bb:0a:cb:a1:ec:e2:f8:
97:d9:66:70:bb:bc:92:e1:a9:df:36:8e:31:3b:18:6f:a6:b2:
94:7e:01:26:47:3c:7c:a5:d0:32:ea:91:c7:40:3b:d3:d9:32:
b4:b0:f1:fb:93:22:f8:0f:21:2f:08:94:e3:2c:53:a6:2a:3b:
f3:15:c5:ee:5b:79:c6:4c:ca:56:c7:a2:18:d2:e7:24:4f:ea:
f2:63:0d:0d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQkROW1AQ+4PnFEdV8dik43MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1YWQ2ZjFmMWI3MzBjN2EwMTZiNTYyYzEyYjMxYmVjYzRi
M2UxZmEwHhcNMjUwMTAxMjM0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjNhNDZhMDY3ZjJiNmY5MWMwNTYxNzUwMTQwMDkxNzRmYWE3NTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA372tn1BFZc7sjqTPiXHpyr4Tbx28
D5XC5mTXz+90tsccqkBV5sG88SihvZoPGYvnJic/Gla6E4814aPHAXWLPCg21ooP
0nYaEZl5+sc23dDxfiO4CKqnGJbgM+1YdRnv+EwzkdqC2JQcimXf5TUTZw+8N6XR
q02ZZsnWu+7xEdUuUFn8pL3/Pot2RiHMaybdIIGAr/c/fQWXWjYRcKGNsDBw6V1f
5+ClZ0DlvfZSB4mBipgZEZtPb2TJUGML9a1ddeF7bDsZI4xn8MHRw4lLLzSf12w5
8EgJ2nDRjiMXPXNKB9r2JJoANFsfR/0hPPaYed8jNnC+eIjvzKS1BBFuPwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFOI6RqBn8rb5HAVhdQFACRdPqnVHMB8GA1UdIwQY
MBaAFEWtbx8bcwx6AWtWLBKzG+zEs+H6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmExdkh4dHpESG9CYTFZc0VyTWI3TVN6NGZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8wMGMwM2MtZDIwNy00ZWMxLTlkZDkt
MzI0NDljZTZjZjg5LzEvNGpwR29HZnl0dmtjQldGMUFVQUpGMC1xZFVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8wMGMwM2MtZDIwNy00ZWMxLTlkZDktMzI0NDljZTZjZjg5
LzEvUmExdkh4dHpESG9CYTFZc0VyTWI3TVN6NGZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATAwQCUs2AMAsD
BAFSzcoDAwFSzDANBgkqhkiG9w0BAQsFAAOCAQEAoytkrXsk334TIWLkPbTA/6hK
4/10udkl8+6HI8o+dKmJnlf8vMVKnsCzMxRonJzXwZDZuvw5XRIezMIAXP80yfw4
LSg2MnGKfjVFlaUNT2NVcI1w4JMONzWP/1BvLZjcFrhTgxgzzi+dVbJlkX2XeMuA
TOKbm/3dbxRF9KiAXgN45OfyrgfGA52A0QqgMRZf2IEYBn4vRD+rXDCdIqk9rvMK
ZL/HmxnDqhoVJya7Csuh7OL4l9lmcLu8kuGp3zaOMTsYb6aylH4BJkc8fKXQMuqR
x0A709kytLDx+5Mi+A8hLwiU4yxTpio78xXF7lt5xkzKVseiGNLnJE/q8mMNDQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 04:34:37 2025 by rpki-client