Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/d3e682-3370-4271-9437-785475c22c9b/1/rDWkJyuDMvY3qk_P3bLz1VAfXBA.roa
File: rDWkJyuDMvY3qk_P3bLz1VAfXBA.roa (raw, json)
Hash identifier: T51bFQ1LTlcOohBY3SvkvA3KStpNAaU7OZJJkLrtQ5Q=
Subject key identifier: AC:35:A4:27:2B:83:32:F6:37:AA:4F:CF:DD:B2:F3:D5:50:1F:5C:10
Certificate issuer: /CN=69eb002f000bd426e4a640c71d6c0201b5050e34
Certificate serial: 019421444B7AE27F158C5EF355A2DAED8C0D
Authority key identifier: 69:EB:00:2F:00:0B:D4:26:E4:A6:40:C7:1D:6C:02:01:B5:05:0E:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aesALwAL1CbkpkDHHWwCAbUFDjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/d3e682-3370-4271-9437-785475c22c9b/1/rDWkJyuDMvY3qk_P3bLz1VAfXBA.roa
Signing time: Wed 01 Jan 2025 09:48:31 +0000
ROA not before: Wed 01 Jan 2025 09:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61967
IP address blocks: 45.137.92.0/22 maxlen: 22
91.220.244.0/24 maxlen: 24
185.20.232.0/22 maxlen: 22
2a04:1600::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/d3e682-3370-4271-9437-785475c22c9b/1/aesALwAL1CbkpkDHHWwCAbUFDjQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/d3e682-3370-4271-9437-785475c22c9b/1/aesALwAL1CbkpkDHHWwCAbUFDjQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/aesALwAL1CbkpkDHHWwCAbUFDjQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:4b:7a:e2:7f:15:8c:5e:f3:55:a2:da:ed:8c:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69eb002f000bd426e4a640c71d6c0201b5050e34
Validity
Not Before: Jan 1 09:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac35a4272b8332f637aa4fcfddb2f3d5501f5c10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b2:30:26:b8:07:cf:74:ab:af:0d:f8:a9:85:
22:cf:9b:69:ed:55:dd:c8:ff:32:e7:af:52:e0:f8:
50:7c:7e:f6:7b:87:64:ae:04:2b:62:b2:2e:9f:0e:
e3:17:67:11:a5:31:0f:21:fa:77:59:f0:8d:78:f3:
f9:06:8e:e8:26:36:a2:ee:88:1b:2b:eb:9e:dc:78:
fd:8c:97:25:90:df:28:d9:43:e2:64:a4:e7:50:34:
e9:e5:0e:f2:d3:ac:e9:54:8c:14:15:fa:d7:12:5e:
17:63:99:5c:02:93:6b:1e:1b:90:a3:40:12:62:93:
e1:81:a4:8f:8e:be:2b:dc:2a:66:d8:73:43:51:d8:
3e:5c:a3:42:64:71:0b:4e:f3:d5:2f:6d:d2:8c:ac:
e7:ee:6f:72:3f:2a:8a:9b:49:2f:91:cc:5a:94:f6:
1c:6e:9b:c1:c1:4d:f8:2c:34:95:3a:39:46:a9:d1:
36:08:9f:a5:e7:6a:83:d7:fb:2b:ba:bc:24:aa:eb:
61:1b:ad:02:ed:79:31:c1:6d:27:4b:04:7c:d3:24:
fc:d7:89:10:4e:29:33:e6:9b:99:39:5e:8d:47:0b:
d6:93:8a:e5:a3:d8:37:34:ce:13:d7:9e:2e:a9:05:
d6:e4:ca:e2:fe:05:49:e4:29:e0:f8:62:ff:e5:16:
8d:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:35:A4:27:2B:83:32:F6:37:AA:4F:CF:DD:B2:F3:D5:50:1F:5C:10
X509v3 Authority Key Identifier:
keyid:69:EB:00:2F:00:0B:D4:26:E4:A6:40:C7:1D:6C:02:01:B5:05:0E:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aesALwAL1CbkpkDHHWwCAbUFDjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d3e682-3370-4271-9437-785475c22c9b/1/rDWkJyuDMvY3qk_P3bLz1VAfXBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/d3e682-3370-4271-9437-785475c22c9b/1/aesALwAL1CbkpkDHHWwCAbUFDjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.92.0/22
91.220.244.0/24
185.20.232.0/22
IPv6:
2a04:1600::/29
Signature Algorithm: sha256WithRSAEncryption
86:ea:80:49:e2:9a:b1:c6:03:e8:81:16:73:8b:49:0c:a5:ac:
46:67:2d:d1:44:a6:03:01:d9:cb:36:95:77:ce:7f:0f:97:ce:
e5:4a:04:67:8d:fb:69:91:37:35:7a:2d:b1:61:8e:8b:2a:8e:
9a:81:5f:0b:69:df:39:7f:62:4e:20:1c:8d:e7:c5:f9:1a:3e:
12:bd:9a:cf:66:c1:33:63:98:54:dc:28:91:c9:c5:64:f3:06:
1c:66:02:68:96:4d:4d:b5:d6:69:87:73:f4:df:b7:a6:b2:60:
f8:5f:cf:ae:a6:28:25:70:c0:75:1b:f7:c5:d6:ed:b8:22:42:
0a:5d:a2:1f:ec:52:69:89:b8:5c:db:43:7a:e9:c8:1f:55:94:
32:45:e6:d9:e6:84:9e:15:a0:5c:a1:c2:54:c7:83:b3:a6:b2:
22:5e:bd:14:75:76:c0:42:5b:f4:74:5f:01:a4:6c:21:99:bd:
d3:12:63:b2:6d:99:3f:e9:08:8a:ad:4d:ab:e4:30:11:e1:91:
9c:f8:e2:23:54:08:dc:67:ed:54:68:81:30:2c:4c:2c:6c:e6:
63:fe:37:58:d0:bf:d0:96:49:b1:0b:f8:34:b5:16:52:95:10:
aa:69:82:03:58:aa:b2:8f:c2:a5:5c:4f:12:09:5d:8e:e8:3d:
9a:97:7a:32
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQhREt64n8VjF7zVaLa7YwNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZWIwMDJmMDAwYmQ0MjZlNGE2NDBjNzFkNmMwMjAxYjUw
NTBlMzQwHhcNMjUwMTAxMDk0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzM1YTQyNzJiODMzMmY2MzdhYTRmY2ZkZGIyZjNkNTUwMWY1YzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLIwJrgHz3Srrw34qYUiz5tp7VXd
yP8y569S4PhQfH72e4dkrgQrYrIunw7jF2cRpTEPIfp3WfCNePP5Bo7oJjai7ogb
K+ue3Hj9jJclkN8o2UPiZKTnUDTp5Q7y06zpVIwUFfrXEl4XY5lcApNrHhuQo0AS
YpPhgaSPjr4r3Cpm2HNDUdg+XKNCZHELTvPVL23SjKzn7m9yPyqKm0kvkcxalPYc
bpvBwU34LDSVOjlGqdE2CJ+l52qD1/srurwkquthG60C7XkxwW0nSwR80yT814kQ
Tikz5puZOV6NRwvWk4rlo9g3NM4T154uqQXW5Mri/gVJ5Cng+GL/5RaNVwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKw1pCcrgzL2N6pPz92y89VQH1wQMB8GA1UdIwQY
MBaAFGnrAC8AC9Qm5KZAxx1sAgG1BQ40MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWVzQUx3QUwxQ2JrcGtESEhXd0NBYlVGRGpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9kM2U2ODItMzM3MC00MjcxLTk0Mzct
Nzg1NDc1YzIyYzliLzEvckRXa0p5dURNdlkzcWtfUDNiTHoxVkFmWEJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9kM2U2ODItMzM3MC00MjcxLTk0MzctNzg1NDc1YzIyYzli
LzEvYWVzQUx3QUwxQ2JrcGtESEhXd0NBYlVGRGpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLYlcAwQA
W9z0AwQCuRToMA0EAgACMAcDBQMqBBYAMA0GCSqGSIb3DQEBCwUAA4IBAQCG6oBJ
4pqxxgPogRZzi0kMpaxGZy3RRKYDAdnLNpV3zn8Pl87lSgRnjftpkTc1ei2xYY6L
Ko6agV8Lad85f2JOIByN58X5Gj4SvZrPZsEzY5hU3CiRycVk8wYcZgJolk1NtdZp
h3P037emsmD4X8+upiglcMB1G/fF1u24IkIKXaIf7FJpibhc20N66cgfVZQyRebZ
5oSeFaBcocJUx4OzprIiXr0UdXbAQlv0dF8BpGwhmb3TEmOybZk/6QiKrU2r5DAR
4ZGc+OIjVAjcZ+1UaIEwLEwsbOZj/jdY0L/QlkmxC/g0tRZSlRCqaYIDWKqyj8Kl
XE8SCV2O6D2al3oy
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:47:36 2025 by rpki-client