Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/8af8e6-19c1-4be1-af23-19916a4aeeb3/1/xb2NvHdajED54_SL3MKVNIAlUGs.roa
File: xb2NvHdajED54_SL3MKVNIAlUGs.roa (raw, json)
Hash identifier: Grou1zplFJxqish9A4XkxSqO0Yr0gOy017NWwV2yOds=
Subject key identifier: C5:BD:8D:BC:77:5A:8C:40:F9:E3:F4:8B:DC:C2:95:34:80:25:50:6B
Certificate issuer: /CN=7a7cf1a2aa83b126ff4ceef473a47397abf8ff0d
Certificate serial: 01953C653DBD77CBF691EA9D8760F7FE8665
Authority key identifier: 7A:7C:F1:A2:AA:83:B1:26:FF:4C:EE:F4:73:A4:73:97:AB:F8:FF:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/enzxoqqDsSb_TO70c6Rzl6v4_w0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/8af8e6-19c1-4be1-af23-19916a4aeeb3/1/xb2NvHdajED54_SL3MKVNIAlUGs.roa
Signing time: Tue 25 Feb 2025 09:17:02 +0000
ROA not before: Tue 25 Feb 2025 09:17:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201150
IP address blocks: 45.84.156.0/22 maxlen: 24
46.249.120.0/21 maxlen: 24
2a00:4c60::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/8af8e6-19c1-4be1-af23-19916a4aeeb3/1/enzxoqqDsSb_TO70c6Rzl6v4_w0.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/8af8e6-19c1-4be1-af23-19916a4aeeb3/1/enzxoqqDsSb_TO70c6Rzl6v4_w0.mft
rsync://rpki.ripe.net/repository/DEFAULT/enzxoqqDsSb_TO70c6Rzl6v4_w0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3c:65:3d:bd:77:cb:f6:91:ea:9d:87:60:f7:fe:86:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a7cf1a2aa83b126ff4ceef473a47397abf8ff0d
Validity
Not Before: Feb 25 09:17:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5bd8dbc775a8c40f9e3f48bdcc295348025506b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:be:2c:ce:c3:4d:ee:a4:25:8c:78:2d:2e:8e:
fa:41:25:b1:36:b1:f8:6f:8a:e8:86:c4:b7:36:0e:
44:89:77:5f:ae:ff:38:24:c9:77:da:16:3b:5f:73:
ee:07:ac:b8:89:e6:54:99:fc:99:8d:95:43:fb:c5:
ee:1a:3b:ed:21:e0:71:da:6a:9b:31:07:32:c2:d7:
16:40:85:68:dd:b2:4a:09:2d:74:4d:e6:68:3b:bc:
22:03:30:e2:f8:57:99:82:44:a3:2f:1e:cc:a2:39:
dd:f2:64:e0:4c:11:ba:5f:33:22:b3:1c:6d:4b:6b:
26:fb:9a:fa:80:bb:8f:20:13:b9:77:18:20:83:14:
2c:06:c7:9f:67:56:e4:58:1a:ee:73:1a:a7:0c:ce:
9c:6e:26:b4:bb:c3:19:9b:7b:64:e7:f5:aa:84:47:
41:1c:1e:e6:a1:67:93:42:86:40:22:3d:8e:cf:41:
08:60:01:84:5c:b9:fa:ce:a1:92:0e:4a:37:1f:ec:
8e:8b:73:49:d1:c3:49:11:b4:96:4e:6e:de:64:d2:
10:08:6a:e0:d4:63:07:a3:37:51:59:e0:8a:0c:0d:
8f:f0:b7:10:cf:74:e5:09:53:35:39:70:5f:14:98:
b3:98:c3:e4:71:5d:31:27:33:f0:b0:db:35:da:72:
a9:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:BD:8D:BC:77:5A:8C:40:F9:E3:F4:8B:DC:C2:95:34:80:25:50:6B
X509v3 Authority Key Identifier:
keyid:7A:7C:F1:A2:AA:83:B1:26:FF:4C:EE:F4:73:A4:73:97:AB:F8:FF:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/enzxoqqDsSb_TO70c6Rzl6v4_w0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8af8e6-19c1-4be1-af23-19916a4aeeb3/1/xb2NvHdajED54_SL3MKVNIAlUGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8af8e6-19c1-4be1-af23-19916a4aeeb3/1/enzxoqqDsSb_TO70c6Rzl6v4_w0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.156.0/22
46.249.120.0/21
IPv6:
2a00:4c60::/32
Signature Algorithm: sha256WithRSAEncryption
21:af:ad:9c:f5:b3:9b:7b:48:3a:fa:5b:00:1e:dd:8b:c1:99:
52:76:48:e6:8a:01:1c:9b:b1:f3:fe:9f:b6:6a:dd:3d:d3:d2:
a7:7f:a5:c6:be:6a:b3:98:9c:ee:68:a9:11:25:0a:a8:10:f4:
e4:ba:ef:ad:63:ca:ae:50:fb:59:d3:71:ad:11:8b:d5:f2:ed:
2b:85:19:75:e8:62:5e:85:2c:3c:58:a1:2f:0c:98:0f:d9:bc:
69:ee:36:06:11:ef:72:a4:26:69:4f:17:0d:c1:c3:a3:cd:86:
e0:91:8a:12:dd:b1:58:b0:12:c8:56:49:19:a3:f8:3f:51:de:
7d:d8:70:a1:e5:3f:6f:73:50:f8:4b:ec:d3:fb:b2:a9:f7:3c:
19:7b:7b:05:bb:1e:a5:24:09:78:e7:56:18:b1:15:35:5e:e4:
06:39:10:f3:9f:37:ab:80:91:d6:5e:1c:54:e9:4b:85:03:d4:
91:a0:cd:8c:35:13:4e:20:c7:d4:66:9c:17:f7:c7:d0:8b:e5:
f6:39:06:87:aa:c0:cc:7b:22:73:2f:f1:66:94:29:ad:96:2f:
90:b2:82:d0:00:ba:94:c4:a1:e4:b4:d0:14:a8:73:5d:5f:c5:
6b:4f:64:81:cc:51:5f:8d:35:9d:1f:f7:af:7a:20:a7:87:a0:
c5:b4:5f:45
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZU8ZT29d8v2keqdh2D3/oZlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhN2NmMWEyYWE4M2IxMjZmZjRjZWVmNDczYTQ3Mzk3YWJm
OGZmMGQwHhcNMjUwMjI1MDkxNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWJkOGRiYzc3NWE4YzQwZjllM2Y0OGJkY2MyOTUzNDgwMjU1MDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxr4szsNN7qQljHgtLo76QSWxNrH4
b4rohsS3Ng5EiXdfrv84JMl32hY7X3PuB6y4ieZUmfyZjZVD+8XuGjvtIeBx2mqb
MQcywtcWQIVo3bJKCS10TeZoO7wiAzDi+FeZgkSjLx7Mojnd8mTgTBG6XzMisxxt
S2sm+5r6gLuPIBO5dxgggxQsBsefZ1bkWBrucxqnDM6cbia0u8MZm3tk5/WqhEdB
HB7moWeTQoZAIj2Oz0EIYAGEXLn6zqGSDko3H+yOi3NJ0cNJEbSWTm7eZNIQCGrg
1GMHozdRWeCKDA2P8LcQz3TlCVM1OXBfFJizmMPkcV0xJzPwsNs12nKpEwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMW9jbx3WoxA+eP0i9zClTSAJVBrMB8GA1UdIwQY
MBaAFHp88aKqg7Em/0zu9HOkc5er+P8NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZW56eG9xcURzU2JfVE83MGM2UnpsNnY0X3cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84YWY4ZTYtMTljMS00YmUxLWFmMjMt
MTk5MTZhNGFlZWIzLzEveGIyTnZIZGFqRUQ1NF9TTDNNS1ZOSUFsVUdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84YWY4ZTYtMTljMS00YmUxLWFmMjMtMTk5MTZhNGFlZWIz
LzEvZW56eG9xcURzU2JfVE83MGM2UnpsNnY0X3cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLVScAwQD
Lvl4MA0EAgACMAcDBQAqAExgMA0GCSqGSIb3DQEBCwUAA4IBAQAhr62c9bObe0g6
+lsAHt2LwZlSdkjmigEcm7Hz/p+2at0909Knf6XGvmqzmJzuaKkRJQqoEPTkuu+t
Y8quUPtZ03GtEYvV8u0rhRl16GJehSw8WKEvDJgP2bxp7jYGEe9ypCZpTxcNwcOj
zYbgkYoS3bFYsBLIVkkZo/g/Ud592HCh5T9vc1D4S+zT+7Kp9zwZe3sFux6lJAl4
51YYsRU1XuQGORDznzergJHWXhxU6UuFA9SRoM2MNRNOIMfUZpwX98fQi+X2OQaH
qsDMeyJzL/FmlCmtli+QsoLQALqUxKHktNAUqHNdX8VrT2SBzFFfjTWdH/eveiCn
h6DFtF9F
-----END CERTIFICATE-----
Generated at Sat Apr 19 11:14:52 2025 by rpki-client