Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/3c02f6-7c41-49bb-b9de-b69dce7547a1/1/9LYwP72SZhTP9lZsq-7j8HuZdgM.roa
File: 9LYwP72SZhTP9lZsq-7j8HuZdgM.roa (raw, json)
Hash identifier: G+yR0ErMQLPYRLmJwGI9EkRMjsbBolXBG62m79mi45g=
Subject key identifier: F4:B6:30:3F:BD:92:66:14:CF:F6:56:6C:AB:EE:E3:F0:7B:99:76:03
Certificate issuer: /CN=16cde139ae0573b0a4dda93e77b57ff27f9beba1
Certificate serial: 0194266A50DDC198990CFACEE82F67B5606B
Authority key identifier: 16:CD:E1:39:AE:05:73:B0:A4:DD:A9:3E:77:B5:7F:F2:7F:9B:EB:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fs3hOa4Fc7Ck3ak-d7V_8n-b66E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/3c02f6-7c41-49bb-b9de-b69dce7547a1/1/9LYwP72SZhTP9lZsq-7j8HuZdgM.roa
Signing time: Thu 02 Jan 2025 09:48:09 +0000
ROA not before: Thu 02 Jan 2025 09:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21150
IP address blocks: 155.45.160.0/20 maxlen: 20
155.45.176.0/20 maxlen: 20
155.45.208.0/21 maxlen: 21
155.45.240.0/21 maxlen: 21
155.45.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/3c02f6-7c41-49bb-b9de-b69dce7547a1/1/Fs3hOa4Fc7Ck3ak-d7V_8n-b66E.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/3c02f6-7c41-49bb-b9de-b69dce7547a1/1/Fs3hOa4Fc7Ck3ak-d7V_8n-b66E.mft
rsync://rpki.ripe.net/repository/DEFAULT/Fs3hOa4Fc7Ck3ak-d7V_8n-b66E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 22:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6a:50:dd:c1:98:99:0c:fa:ce:e8:2f:67:b5:60:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16cde139ae0573b0a4dda93e77b57ff27f9beba1
Validity
Not Before: Jan 2 09:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4b6303fbd926614cff6566cabeee3f07b997603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:21:86:66:8b:26:c6:37:82:37:16:e7:c1:5e:
db:1c:b5:3f:47:e7:a9:8a:71:b3:e3:18:49:f7:8b:
d2:ad:94:82:84:1c:6a:5d:d2:01:b1:05:cd:c7:d5:
1f:eb:8e:ed:36:6f:41:61:b9:a9:1a:f1:8b:f2:26:
a2:ef:57:51:b7:1a:c9:dc:32:c5:33:a1:f5:df:5d:
50:fe:8c:ef:e5:37:82:78:d0:15:8b:2b:0f:c7:af:
70:6f:0c:95:e5:37:c8:17:b7:07:43:0a:6b:44:cc:
f9:20:2e:26:93:d2:cd:b5:0a:e1:ae:33:56:dd:11:
84:47:32:b2:50:b0:69:7b:06:87:4b:fa:ed:f7:00:
25:f8:f2:f8:3c:42:d4:a7:66:be:7d:1b:cc:05:3e:
6d:59:16:c2:26:19:a1:99:67:7f:a7:d1:3d:c4:13:
cd:db:65:59:50:0b:dd:86:ab:49:18:f3:10:68:86:
7f:7b:5f:46:b0:14:97:c4:fc:84:fe:cd:f7:2b:86:
99:a7:52:ff:eb:32:e3:f7:28:f7:a5:86:b6:68:31:
d6:79:9b:6c:45:0c:32:7a:29:40:8d:c2:e6:25:30:
e2:5d:5c:5a:8a:c1:f2:15:5d:03:c0:c0:83:4b:25:
a2:5d:29:b6:01:c7:3f:45:0e:fb:7c:b9:14:15:a9:
c2:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:B6:30:3F:BD:92:66:14:CF:F6:56:6C:AB:EE:E3:F0:7B:99:76:03
X509v3 Authority Key Identifier:
keyid:16:CD:E1:39:AE:05:73:B0:A4:DD:A9:3E:77:B5:7F:F2:7F:9B:EB:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fs3hOa4Fc7Ck3ak-d7V_8n-b66E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/3c02f6-7c41-49bb-b9de-b69dce7547a1/1/9LYwP72SZhTP9lZsq-7j8HuZdgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/3c02f6-7c41-49bb-b9de-b69dce7547a1/1/Fs3hOa4Fc7Ck3ak-d7V_8n-b66E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.45.160.0/19
155.45.208.0/21
155.45.240.0/21
155.45.255.0/24
Signature Algorithm: sha256WithRSAEncryption
20:39:c7:0e:33:c7:ab:14:d8:25:a6:05:01:cf:78:99:40:69:
16:22:23:1e:50:7a:c7:f3:12:f8:35:10:d6:4b:3c:2f:0a:6d:
a7:ea:2a:97:e1:b1:2f:ee:69:5a:bc:c6:33:78:fe:8f:06:b7:
7d:7e:9c:f6:fd:d3:46:77:d0:42:79:4d:ef:82:80:ad:c7:94:
8f:04:1d:f3:bb:8e:f7:02:77:1a:ee:17:01:63:f8:3a:01:7f:
b1:13:20:e0:8e:a6:c5:e5:11:92:52:8a:89:a8:04:20:1e:e5:
fa:2c:a8:c8:92:4b:cc:45:7b:48:b2:08:cd:c8:89:1d:08:60:
d8:08:94:03:b9:57:ff:24:84:f2:3b:73:0c:7e:5d:fe:4e:1b:
40:d7:42:94:33:ae:c5:ca:e2:c5:a3:95:1f:6a:f9:f7:2c:6a:
d5:b1:07:04:81:f8:f5:5b:6c:52:93:ad:17:06:84:95:f4:e6:
13:91:8f:01:dc:82:84:e6:2c:c8:3e:e8:eb:06:be:5a:32:1b:
51:a9:38:87:d2:7d:1b:f1:15:37:4e:d2:60:5a:af:08:a2:5d:
1a:00:6b:e9:05:b1:b6:90:3c:61:eb:e7:52:51:96:cb:86:73:
3a:bf:11:0d:0e:7f:be:67:a8:4b:57:9a:0c:20:c6:fa:37:55:
22:a2:2a:69
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQmalDdwZiZDPrO6C9ntWBrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2Y2RlMTM5YWUwNTczYjBhNGRkYTkzZTc3YjU3ZmYyN2Y5
YmViYTEwHhcNMjUwMTAyMDk0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGI2MzAzZmJkOTI2NjE0Y2ZmNjU2NmNhYmVlZTNmMDdiOTk3NjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyGGZosmxjeCNxbnwV7bHLU/R+ep
inGz4xhJ94vSrZSChBxqXdIBsQXNx9Uf647tNm9BYbmpGvGL8iai71dRtxrJ3DLF
M6H1311Q/ozv5TeCeNAViysPx69wbwyV5TfIF7cHQwprRMz5IC4mk9LNtQrhrjNW
3RGERzKyULBpewaHS/rt9wAl+PL4PELUp2a+fRvMBT5tWRbCJhmhmWd/p9E9xBPN
22VZUAvdhqtJGPMQaIZ/e19GsBSXxPyE/s33K4aZp1L/6zLj9yj3pYa2aDHWeZts
RQwyeilAjcLmJTDiXVxaisHyFV0DwMCDSyWiXSm2Acc/RQ77fLkUFanC4wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPS2MD+9kmYUz/ZWbKvu4/B7mXYDMB8GA1UdIwQY
MBaAFBbN4TmuBXOwpN2pPne1f/J/m+uhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnMzaE9hNEZjN0NrM2FrLWQ3Vl84bi1iNjZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8zYzAyZjYtN2M0MS00OWJiLWI5ZGUt
YjY5ZGNlNzU0N2ExLzEvOUxZd1A3MlNaaFRQOWxac3EtN2o4SHVaZGdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8zYzAyZjYtN2M0MS00OWJiLWI5ZGUtYjY5ZGNlNzU0N2Ex
LzEvRnMzaE9hNEZjN0NrM2FrLWQ3Vl84bi1iNjZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFmy2gAwQD
my3QAwQDmy3wAwQAmy3/MA0GCSqGSIb3DQEBCwUAA4IBAQAgOccOM8erFNglpgUB
z3iZQGkWIiMeUHrH8xL4NRDWSzwvCm2n6iqX4bEv7mlavMYzeP6PBrd9fpz2/dNG
d9BCeU3vgoCtx5SPBB3zu473Anca7hcBY/g6AX+xEyDgjqbF5RGSUoqJqAQgHuX6
LKjIkkvMRXtIsgjNyIkdCGDYCJQDuVf/JITyO3MMfl3+ThtA10KUM67FyuLFo5Uf
avn3LGrVsQcEgfj1W2xSk60XBoSV9OYTkY8B3IKE5izIPujrBr5aMhtRqTiH0n0b
8RU3TtJgWq8Iol0aAGvpBbG2kDxh6+dSUZbLhnM6vxENDn++Z6hLV5oMIMb6N1Ui
oipp
-----END CERTIFICATE-----
Generated at Wed Apr 9 07:12:11 2025 by rpki-client