Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/178b02-948c-4624-97b8-e4e17e4b5180/1/CNanKGITt6BZ7mvdQ6Xv0MVd_cg.roa
File: CNanKGITt6BZ7mvdQ6Xv0MVd_cg.roa (raw, json)
Hash identifier: qTzgtOOAjYnbYX/V8tOmm+S0TaEKxSqcRfCFeliNRNI=
Subject key identifier: 08:D6:A7:28:62:13:B7:A0:59:EE:6B:DD:43:A5:EF:D0:C5:5D:FD:C8
Certificate issuer: /CN=66759f7a8f90672ea8353af4d11d6ac5e9fd8206
Certificate serial: 0194258E2D058B6CD455EED1CD27CEBE85EB
Authority key identifier: 66:75:9F:7A:8F:90:67:2E:A8:35:3A:F4:D1:1D:6A:C5:E9:FD:82:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZnWfeo-QZy6oNTr00R1qxen9ggY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/178b02-948c-4624-97b8-e4e17e4b5180/1/CNanKGITt6BZ7mvdQ6Xv0MVd_cg.roa
Signing time: Thu 02 Jan 2025 05:47:41 +0000
ROA not before: Thu 02 Jan 2025 05:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 151630
IP address blocks: 45.149.16.0/24 maxlen: 24
45.149.17.0/24 maxlen: 24
45.149.18.0/24 maxlen: 24
45.149.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/178b02-948c-4624-97b8-e4e17e4b5180/1/ZnWfeo-QZy6oNTr00R1qxen9ggY.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/178b02-948c-4624-97b8-e4e17e4b5180/1/ZnWfeo-QZy6oNTr00R1qxen9ggY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZnWfeo-QZy6oNTr00R1qxen9ggY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 22:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:2d:05:8b:6c:d4:55:ee:d1:cd:27:ce:be:85:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66759f7a8f90672ea8353af4d11d6ac5e9fd8206
Validity
Not Before: Jan 2 05:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=08d6a7286213b7a059ee6bdd43a5efd0c55dfdc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:57:20:4f:c2:a2:58:92:1a:77:00:05:4e:c0:
fb:c2:44:34:ed:eb:b3:ef:49:05:eb:b3:40:ff:07:
cc:d6:76:0a:5e:7f:e4:b5:82:34:e9:48:3b:59:ee:
55:58:0e:36:6d:4d:78:aa:0e:35:36:4e:4f:18:f0:
77:85:ae:de:45:26:bd:98:78:65:98:3b:05:4c:35:
e5:ca:a3:fa:a0:21:f2:07:f8:a0:7c:39:67:bd:47:
ba:6a:de:30:1b:55:6d:b9:36:ca:d2:69:01:cd:b5:
25:cd:3f:8e:cd:48:04:e8:5d:90:70:15:ca:9a:82:
e4:47:23:65:d9:fa:33:ee:e0:75:cc:cc:41:23:67:
a0:eb:59:73:0d:9b:58:5b:35:cb:87:4c:4d:52:d8:
62:d8:96:e3:0f:e9:fd:e3:4b:55:10:09:f8:2c:4b:
d0:dd:a2:78:bc:be:11:fb:c0:be:a3:98:b2:09:be:
9e:28:84:78:2d:df:c7:fa:0d:ed:6a:1e:05:71:18:
d7:b4:d2:d7:67:66:cb:9b:9f:bf:03:16:c8:23:63:
fe:b4:5e:40:2d:61:62:19:4d:b5:21:ad:82:b2:21:
26:e1:95:51:a8:2a:38:0e:24:11:98:1c:e0:25:be:
d3:35:94:6b:c2:b9:fa:8d:42:35:93:8c:d6:aa:2e:
49:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:D6:A7:28:62:13:B7:A0:59:EE:6B:DD:43:A5:EF:D0:C5:5D:FD:C8
X509v3 Authority Key Identifier:
keyid:66:75:9F:7A:8F:90:67:2E:A8:35:3A:F4:D1:1D:6A:C5:E9:FD:82:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZnWfeo-QZy6oNTr00R1qxen9ggY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/178b02-948c-4624-97b8-e4e17e4b5180/1/CNanKGITt6BZ7mvdQ6Xv0MVd_cg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/178b02-948c-4624-97b8-e4e17e4b5180/1/ZnWfeo-QZy6oNTr00R1qxen9ggY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.16.0/22
Signature Algorithm: sha256WithRSAEncryption
80:e9:0a:a1:4b:20:6e:ad:da:a6:5c:fe:00:50:d4:be:d9:6b:
ac:e9:ad:ec:ec:a8:65:b3:79:09:53:67:2c:d7:84:ed:01:94:
41:99:71:91:6a:7c:63:bf:a0:c3:66:a9:57:fb:83:0f:df:12:
93:d7:3a:3d:e3:9a:d5:db:44:de:cb:27:04:39:d3:40:fa:6e:
6a:1b:8e:4b:d1:a5:aa:c6:ab:85:e0:9d:c6:00:ce:e9:b0:df:
01:2e:f6:c5:04:95:56:5b:ae:64:37:51:67:1b:09:4e:b3:c1:
b2:a6:16:c1:e8:b3:b6:f3:6a:d0:89:b1:eb:9f:55:14:7d:52:
b1:f8:fb:b2:e7:af:a7:c8:32:ff:c8:73:a7:f9:42:d1:6e:35:
9c:83:e0:f5:44:e0:1b:1b:0e:ef:4d:97:c6:c4:b4:69:86:7e:
bd:a9:74:e6:71:31:75:eb:2a:d1:be:f6:3d:a5:86:3c:33:84:
7b:ed:08:81:4c:f7:00:21:ac:33:63:23:06:85:71:e8:e4:28:
35:3b:57:ae:03:46:c1:42:26:a0:6e:4f:6b:2b:b7:44:12:62:
75:c4:d2:82:b5:21:c9:43:17:9e:83:2b:a3:67:92:1b:86:7a:
3b:96:8d:52:6a:d4:3c:22:4a:b7:55:6c:97:aa:06:e7:1c:1d:
b8:17:12:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlji0Fi2zUVe7RzSfOvoXrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NzU5ZjdhOGY5MDY3MmVhODM1M2FmNGQxMWQ2YWM1ZTlm
ZDgyMDYwHhcNMjUwMTAyMDU0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGQ2YTcyODYyMTNiN2EwNTllZTZiZGQ0M2E1ZWZkMGM1NWRmZGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylcgT8KiWJIadwAFTsD7wkQ07euz
70kF67NA/wfM1nYKXn/ktYI06Ug7We5VWA42bU14qg41Nk5PGPB3ha7eRSa9mHhl
mDsFTDXlyqP6oCHyB/igfDlnvUe6at4wG1VtuTbK0mkBzbUlzT+OzUgE6F2QcBXK
moLkRyNl2foz7uB1zMxBI2eg61lzDZtYWzXLh0xNUthi2JbjD+n940tVEAn4LEvQ
3aJ4vL4R+8C+o5iyCb6eKIR4Ld/H+g3tah4FcRjXtNLXZ2bLm5+/AxbII2P+tF5A
LWFiGU21Ia2CsiEm4ZVRqCo4DiQRmBzgJb7TNZRrwrn6jUI1k4zWqi5JeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAjWpyhiE7egWe5r3UOl79DFXf3IMB8GA1UdIwQY
MBaAFGZ1n3qPkGcuqDU69NEdasXp/YIGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm5XZmVvLVFaeTZvTlRyMDBSMXF4ZW45Z2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8xNzhiMDItOTQ4Yy00NjI0LTk3Yjgt
ZTRlMTdlNGI1MTgwLzEvQ05hbktHSVR0NkJaN212ZFE2WHYwTVZkX2NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8xNzhiMDItOTQ4Yy00NjI0LTk3YjgtZTRlMTdlNGI1MTgw
LzEvWm5XZmVvLVFaeTZvTlRyMDBSMXF4ZW45Z2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZUQMA0G
CSqGSIb3DQEBCwUAA4IBAQCA6QqhSyBurdqmXP4AUNS+2Wus6a3s7Khls3kJU2cs
14TtAZRBmXGRanxjv6DDZqlX+4MP3xKT1zo945rV20TeyycEOdNA+m5qG45L0aWq
xquF4J3GAM7psN8BLvbFBJVWW65kN1FnGwlOs8GyphbB6LO282rQibHrn1UUfVKx
+Puy56+nyDL/yHOn+ULRbjWcg+D1ROAbGw7vTZfGxLRphn69qXTmcTF16yrRvvY9
pYY8M4R77QiBTPcAIawzYyMGhXHo5Cg1O1euA0bBQiagbk9rK7dEEmJ1xNKCtSHJ
QxeegyujZ5Ibhno7lo1SatQ8Ikq3VWyXqgbnHB24FxIM
-----END CERTIFICATE-----
Generated at Wed Apr 9 07:50:22 2025 by rpki-client