Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/a3b355-9afa-434e-8098-50d709bffeb5/1/tx8PeD2NpfiRfHK9lGj-BUDFkyM.roa
File: tx8PeD2NpfiRfHK9lGj-BUDFkyM.roa (raw, json)
Hash identifier: d3qvWfloftoYFMAYjWvL1QMprH3WKAy7gGfoEkSLBEo=
Subject key identifier: B7:1F:0F:78:3D:8D:A5:F8:91:7C:72:BD:94:68:FE:05:40:C5:93:23
Certificate issuer: /CN=47ddbcce2628bf09fae6bf044218c657e8bd3c6e
Certificate serial: 01942144083BBED05EA5A0AF959D3AC9F8A6
Authority key identifier: 47:DD:BC:CE:26:28:BF:09:FA:E6:BF:04:42:18:C6:57:E8:BD:3C:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R928ziYovwn65r8EQhjGV-i9PG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/a3b355-9afa-434e-8098-50d709bffeb5/1/tx8PeD2NpfiRfHK9lGj-BUDFkyM.roa
Signing time: Wed 01 Jan 2025 09:48:14 +0000
ROA not before: Wed 01 Jan 2025 09:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 45681
IP address blocks: 45.143.0.0/22 maxlen: 24
2a14:2d40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/a3b355-9afa-434e-8098-50d709bffeb5/1/R928ziYovwn65r8EQhjGV-i9PG4.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/a3b355-9afa-434e-8098-50d709bffeb5/1/R928ziYovwn65r8EQhjGV-i9PG4.mft
rsync://rpki.ripe.net/repository/DEFAULT/R928ziYovwn65r8EQhjGV-i9PG4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 00:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:08:3b:be:d0:5e:a5:a0:af:95:9d:3a:c9:f8:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47ddbcce2628bf09fae6bf044218c657e8bd3c6e
Validity
Not Before: Jan 1 09:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b71f0f783d8da5f8917c72bd9468fe0540c59323
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:04:24:a1:69:c6:ea:a7:4a:e1:3a:9c:82:72:
f5:69:c3:46:54:f0:48:3c:1e:fd:b7:33:8b:bf:50:
08:ec:a7:db:4a:cf:24:27:71:34:3b:35:08:d2:e8:
e7:a8:7a:2f:eb:6d:4e:d6:e0:3d:58:09:85:c3:21:
3b:65:fb:1e:d2:ef:5d:6d:96:cd:b1:79:79:a7:d7:
36:86:d9:65:53:a2:2e:16:4b:98:3f:7e:5c:27:9e:
01:47:24:cc:a1:47:40:47:f9:30:dc:36:5a:04:f3:
1e:cc:89:f2:78:6b:ad:8e:ed:aa:af:d2:10:5e:68:
b7:98:70:7d:18:52:04:2f:99:4a:bc:9c:70:1a:20:
30:c8:cb:a2:fd:ac:47:ee:7c:5e:9c:26:f7:f4:2f:
83:3d:77:04:2f:cc:90:df:e0:36:c1:e7:a3:1b:08:
8c:c1:a8:5b:cc:4e:50:49:25:0a:a0:20:5e:0a:a9:
7f:c9:e3:48:7e:e4:71:73:e2:ea:20:80:3c:71:ee:
c3:bd:76:f7:57:62:52:96:11:10:88:9c:98:4e:0d:
e0:a9:5c:53:1b:ab:69:3e:46:04:14:35:a5:2e:c7:
9d:ea:44:a8:1a:93:2e:6e:2a:77:58:63:d3:fb:95:
4d:b9:d6:00:5d:a7:68:cc:99:bd:9e:f7:87:23:fe:
22:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:1F:0F:78:3D:8D:A5:F8:91:7C:72:BD:94:68:FE:05:40:C5:93:23
X509v3 Authority Key Identifier:
keyid:47:DD:BC:CE:26:28:BF:09:FA:E6:BF:04:42:18:C6:57:E8:BD:3C:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R928ziYovwn65r8EQhjGV-i9PG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/a3b355-9afa-434e-8098-50d709bffeb5/1/tx8PeD2NpfiRfHK9lGj-BUDFkyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/a3b355-9afa-434e-8098-50d709bffeb5/1/R928ziYovwn65r8EQhjGV-i9PG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.0.0/22
IPv6:
2a14:2d40::/29
Signature Algorithm: sha256WithRSAEncryption
c5:44:01:84:8b:3b:04:77:8b:6b:d8:c8:17:9e:c6:3b:d1:15:
1d:47:6f:e7:85:38:4a:77:42:c1:0d:e4:37:34:bf:85:6b:b4:
8c:f2:7e:21:c7:3c:c2:dd:84:56:f5:b5:2d:d2:5b:31:a9:ae:
78:5f:77:6a:ca:87:dc:02:2f:21:d2:08:7c:d2:f7:e9:96:19:
27:cc:a9:d3:8b:8c:c5:97:0a:10:00:37:ca:e6:43:f8:3c:2a:
e6:3c:42:de:aa:89:36:a8:07:57:82:b5:68:ac:1d:40:3a:c8:
62:31:72:98:4c:02:f2:7d:8b:99:ba:6f:b8:0e:f5:8a:6c:18:
d1:ce:b1:a2:b3:da:8f:50:ce:7a:80:4b:ee:d8:ea:52:fb:bf:
cf:01:a3:64:75:1f:28:9d:e5:39:6b:cc:15:88:2e:c2:13:5c:
4f:1c:0c:63:12:20:19:3f:80:b8:e0:d1:ba:bc:86:03:cd:c2:
fc:73:22:17:e8:a9:21:e4:a1:45:92:9d:3e:cf:3b:a8:b4:c6:
90:b7:7f:b8:e4:08:3d:23:62:ab:97:c2:76:53:d6:de:a2:18:
45:12:ff:89:1c:38:ff:0b:5d:ae:e7:86:cf:b7:90:3d:5b:c3:
b2:c2:1e:af:d2:7b:00:38:69:78:cd:cd:68:1d:91:64:c3:0e:
f6:5e:99:c1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhRAg7vtBepaCvlZ06yfimMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3ZGRiY2NlMjYyOGJmMDlmYWU2YmYwNDQyMThjNjU3ZThi
ZDNjNmUwHhcNMjUwMTAxMDk0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzFmMGY3ODNkOGRhNWY4OTE3YzcyYmQ5NDY4ZmUwNTQwYzU5MzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4gQkoWnG6qdK4TqcgnL1acNGVPBI
PB79tzOLv1AI7KfbSs8kJ3E0OzUI0ujnqHov621O1uA9WAmFwyE7Zfse0u9dbZbN
sXl5p9c2htllU6IuFkuYP35cJ54BRyTMoUdAR/kw3DZaBPMezInyeGutju2qr9IQ
Xmi3mHB9GFIEL5lKvJxwGiAwyMui/axH7nxenCb39C+DPXcEL8yQ3+A2weejGwiM
wahbzE5QSSUKoCBeCql/yeNIfuRxc+LqIIA8ce7DvXb3V2JSlhEQiJyYTg3gqVxT
G6tpPkYEFDWlLsed6kSoGpMubip3WGPT+5VNudYAXadozJm9nveHI/4iKQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLcfD3g9jaX4kXxyvZRo/gVAxZMjMB8GA1UdIwQY
MBaAFEfdvM4mKL8J+ua/BEIYxlfovTxuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjkyOHppWW92d242NXI4RVFoakdWLWk5UEc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9hM2IzNTUtOWFmYS00MzRlLTgwOTgt
NTBkNzA5YmZmZWI1LzEvdHg4UGVEMk5wZmlSZkhLOWxHai1CVURGa3lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9hM2IzNTUtOWFmYS00MzRlLTgwOTgtNTBkNzA5YmZmZWI1
LzEvUjkyOHppWW92d242NXI4RVFoakdWLWk5UEc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLY8AMA0E
AgACMAcDBQMqFC1AMA0GCSqGSIb3DQEBCwUAA4IBAQDFRAGEizsEd4tr2MgXnsY7
0RUdR2/nhThKd0LBDeQ3NL+Fa7SM8n4hxzzC3YRW9bUt0lsxqa54X3dqyofcAi8h
0gh80vfplhknzKnTi4zFlwoQADfK5kP4PCrmPELeqok2qAdXgrVorB1AOshiMXKY
TALyfYuZum+4DvWKbBjRzrGis9qPUM56gEvu2OpS+7/PAaNkdR8oneU5a8wViC7C
E1xPHAxjEiAZP4C44NG6vIYDzcL8cyIX6Kkh5KFFkp0+zzuotMaQt3+45Ag9I2Kr
l8J2U9beohhFEv+JHDj/C12u54bPt5A9W8Oywh6v0nsAOGl4zc1oHZFkww72XpnB
-----END CERTIFICATE-----
Generated at Mon Apr 7 08:01:41 2025 by rpki-client