Route Origin Authorization
$ rpki-client -vvf cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: 0IS1duOQLigiB1YIjYj1ncZuQAMPJU5ot6/BX/5ajLI=
Subject key identifier: 1C:46:41:C7:DB:0A:03:AF:06:A3:CE:B5:63:FF:3D:6B:BB:BD:32:9E
Certificate issuer: /CN=0E357DDA04B8107626124F52CFC2439B76D85AF9
Certificate serial: 58F984ABB704D505C949393BDA8FDA8E605145E0
Authority key identifier: 0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer
Subject info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS0.roa
Signing time: Wed 18 Dec 2024 10:51:48 +0000
ROA not before: Wed 18 Dec 2024 10:46:48 +0000
ROA not after: Wed 17 Dec 2025 10:51:48 +0000
asID: 0
IP address blocks: 2a05:dfc1:300::/40 maxlen: 40
2a05:dfc1:800::/40 maxlen: 48
2a05:dfc1:2500::/40 maxlen: 40
2a05:dfc1:2600::/40 maxlen: 40
2a05:dfc1:2800::/40 maxlen: 40
2a05:dfc1:2900::/40 maxlen: 40
2a05:dfc1:2a00::/40 maxlen: 40
2a05:dfc1:3000::/40 maxlen: 40
2a05:dfc1:3100::/40 maxlen: 40
2a05:dfc1:3900::/40 maxlen: 40
2a05:dfc1:3a00::/40 maxlen: 40
2a05:dfc1:3b00::/40 maxlen: 40
2a05:dfc1:5000::/40 maxlen: 48
2a05:dfc1:6700::/40 maxlen: 40
2a05:dfc1:6c00::/40 maxlen: 40
2a05:dfc1:6d00::/40 maxlen: 40
2a05:dfc1:8600::/40 maxlen: 40
2a05:dfc1:8d00::/40 maxlen: 48
2a0a:6040:8b00::/40 maxlen: 48
2a0a:6040:8c00::/40 maxlen: 40
2a0a:6040:9b00::/40 maxlen: 40
2a0a:6040:ef00::/40 maxlen: 48
Validation: OK
Signature path: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl
rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.mft
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 02:10:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:f9:84:ab:b7:04:d5:05:c9:49:39:3b:da:8f:da:8e:60:51:45:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0E357DDA04B8107626124F52CFC2439B76D85AF9
Validity
Not Before: Dec 18 10:46:48 2024 GMT
Not After : Dec 17 10:51:48 2025 GMT
Subject: CN=1C4641C7DB0A03AF06A3CEB563FF3D6BBBBD329E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:33:31:1c:49:d5:28:19:c2:ac:c2:2d:43:d0:
f0:a8:ff:1d:ce:37:89:67:f3:4e:98:39:02:14:66:
11:bf:d0:68:65:80:18:d4:60:29:2a:fe:ee:d5:5f:
84:57:a9:9c:64:f4:8b:09:a0:ec:db:79:2d:7e:c2:
d6:63:6e:17:df:03:39:84:6a:f0:52:db:4a:46:b6:
2c:fe:81:ae:f3:59:fc:c4:14:05:61:db:97:01:ec:
c5:9f:0e:96:50:5d:46:d8:f3:2d:9e:32:c5:de:3c:
30:f5:d2:7e:b8:e4:60:67:04:ab:24:f8:81:48:d1:
88:1c:ae:1c:41:54:53:61:1d:2a:8c:b5:b8:76:2e:
0e:ab:f3:d5:c5:8e:a5:b0:65:82:a9:ef:66:68:f6:
64:b4:ca:56:62:d6:4a:24:4c:4c:19:d4:ce:a0:7b:
cf:cc:f6:8f:11:50:16:7b:6e:70:45:e4:bb:db:6d:
72:66:54:b7:05:d4:50:a3:ec:7b:fb:67:5e:45:9e:
de:34:68:f1:76:4c:a4:7d:3d:78:6a:e0:22:08:c8:
49:cb:dd:8a:79:18:38:dd:ed:d6:d7:78:c1:e5:f5:
6d:6d:4b:13:92:39:56:a5:0c:a9:5d:1f:51:09:18:
9b:9f:7e:0b:f2:a9:f0:91:b6:19:6d:f2:f8:e6:77:
70:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:46:41:C7:DB:0A:03:AF:06:A3:CE:B5:63:FF:3D:6B:BB:BD:32:9E
X509v3 Authority Key Identifier:
keyid:0E:35:7D:DA:04:B8:10:76:26:12:4F:52:CF:C2:43:9B:76:D8:5A:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/0E357DDA04B8107626124F52CFC2439B76D85AF9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/0E357DDA04B8107626124F52CFC2439B76D85AF9.cer
Subject Information Access:
Signed Object - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:dfc1:300::/40
2a05:dfc1:800::/40
2a05:dfc1:2500::-2a05:dfc1:26ff:ffff:ffff:ffff:ffff:ffff
2a05:dfc1:2800::-2a05:dfc1:2aff:ffff:ffff:ffff:ffff:ffff
2a05:dfc1:3000::/39
2a05:dfc1:3900::-2a05:dfc1:3bff:ffff:ffff:ffff:ffff:ffff
2a05:dfc1:5000::/40
2a05:dfc1:6700::/40
2a05:dfc1:6c00::/39
2a05:dfc1:8600::/40
2a05:dfc1:8d00::/40
2a0a:6040:8b00::-2a0a:6040:8cff:ffff:ffff:ffff:ffff:ffff
2a0a:6040:9b00::/40
2a0a:6040:ef00::/40
Signature Algorithm: sha256WithRSAEncryption
49:bf:98:0b:02:8b:37:ce:78:a9:c2:d0:47:da:ba:67:1a:75:
6f:ca:e6:78:12:bc:70:45:c0:78:75:e0:4f:2a:ac:ee:cd:ec:
8b:82:07:6c:11:10:25:58:4f:21:83:ba:d6:6e:d2:aa:c1:55:
88:08:8c:7e:f0:fd:ab:09:5a:4a:68:08:fb:b7:6b:42:64:d0:
de:3a:b0:11:ab:d6:ae:30:26:66:56:25:9f:8e:fd:2e:68:8f:
21:10:e0:40:a3:34:33:b8:4e:58:92:ca:ef:d3:ba:83:49:e0:
ea:55:ac:0e:69:9a:48:fe:0b:3a:4f:5a:0e:7a:92:a1:43:9c:
d9:c7:c9:27:74:2c:79:ac:bb:32:91:9a:58:29:eb:76:fd:6e:
d7:b8:e9:70:c6:c3:09:db:59:33:28:4d:47:fa:25:ef:2c:b2:
3e:1d:90:78:6c:86:09:55:27:bb:f0:21:f7:2f:1c:72:12:9a:
9f:bc:65:94:c3:f1:0b:71:42:d5:04:7f:75:4e:c4:52:4e:5f:
18:0b:98:1a:c9:53:fd:d6:20:6f:54:d2:a2:79:3c:6b:61:0d:
c4:bd:71:e8:63:ae:b6:cc:7c:1e:36:7f:8e:1b:96:4f:87:89:
2a:6b:9f:d7:34:a7:bf:54:4c:51:71:59:f6:af:5c:ef:9e:91:
f0:4d:da:34
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIUWPmEq7cE1QXJSTk72o/ajmBRReAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3
NkQ4NUFGOTAeFw0yNDEyMTgxMDQ2NDhaFw0yNTEyMTcxMDUxNDhaMDMxMTAvBgNV
BAMTKDFDNDY0MUM3REIwQTAzQUYwNkEzQ0VCNTYzRkYzRDZCQkJCRDMyOUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFMzEcSdUoGcKswi1D0PCo/x3O
N4ln806YOQIUZhG/0GhlgBjUYCkq/u7VX4RXqZxk9IsJoOzbeS1+wtZjbhffAzmE
avBS20pGtiz+ga7zWfzEFAVh25cB7MWfDpZQXUbY8y2eMsXePDD10n645GBnBKsk
+IFI0YgcrhxBVFNhHSqMtbh2Lg6r89XFjqWwZYKp72Zo9mS0ylZi1kokTEwZ1M6g
e8/M9o8RUBZ7bnBF5LvbbXJmVLcF1FCj7Hv7Z15Fnt40aPF2TKR9PXhq4CIIyEnL
3Yp5GDjd7dbXeMHl9W1tSxOSOValDKldH1EJGJuffgvyqfCRthlt8vjmd3BjAgMB
AAGjggKEMIICgDAdBgNVHQ4EFgQUHEZBx9sKA68Go861Y/89a7u9Mp4wHwYDVR0j
BBgwFoAUDjV92gS4EHYmEk9Sz8JDm3bYWvkwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud
HwRoMGYwZKBioGCGXnJzeW5jOi8vY2xvdWRpZS1yZXBvLnJwa2kuYXBwL3JlcG8v
Q0xPVURJRS1SUEtJLzAvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZDMjQzOUI3
NkQ4NUFGOS5jcmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5
bmM6Ly9ycGtpLXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2
M2UwMTg1NzU1YzkxYmUzZjlkLzIvMEUzNTdEREEwNEI4MTA3NjI2MTI0RjUyQ0ZD
MjQzOUI3NkQ4NUFGOS5jZXIwVQYIKwYBBQUHAQsESTBHMEUGCCsGAQUFBzALhjly
c3luYzovL2Nsb3VkaWUtcmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8w
L0FTMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBtQYIKwYBBQUHAQcB
Af8EgaUwgaIwgZ8EAgACMIGYAwYAKgXfwQMDBgAqBd/BCDAQAwYAKgXfwSUDBgAq
Bd/BJjAQAwYDKgXfwSgDBgAqBd/BKgMGASoF38EwMBADBgAqBd/BOQMGAioF38E4
AwYAKgXfwVADBgAqBd/BZwMGASoF38FsAwYAKgXfwYYDBgAqBd/BjTAQAwYAKgpg
QIsDBgAqCmBAjAMGACoKYECbAwYAKgpgQO8wDQYJKoZIhvcNAQELBQADggEBAEm/
mAsCizfOeKnC0EfaumcadW/K5ngSvHBFwHh14E8qrO7N7IuCB2wRECVYTyGDutZu
0qrBVYgIjH7w/asJWkpoCPu3a0Jk0N46sBGr1q4wJmZWJZ+O/S5ojyEQ4ECjNDO4
TliSyu/TuoNJ4OpVrA5pmkj+CzpPWg56kqFDnNnHySd0LHmsuzKRmlgp63b9bte4
6XDGwwnbWTMoTUf6Je8ssj4dkHhshglVJ7vwIfcvHHISmp+8ZZTD8QtxQtUEf3VO
xFJOXxgLmBrJU/3WIG9U0qJ5PGthDcS9cehjrrbMfB42f44blk+HiSprn9c0p79U
TFFxWfavXO+ekfBN2jQ=
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:59:11 2025 by rpki-client