Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/aaadac-4809-4955-ac62-8f9ca0ebccab/1/obm9FeEGtL9WBvwQOJ_EPBQy1Sw.roa
File: obm9FeEGtL9WBvwQOJ_EPBQy1Sw.roa (raw, json)
Hash identifier: DIxEIASe/fpNf2y+lackh7oQZ1Go69j0HnvSMs0Rszo=
Subject key identifier: A1:B9:BD:15:E1:06:B4:BF:56:06:FC:10:38:9F:C4:3C:14:32:D5:2C
Certificate issuer: /CN=b1cdc26d44eaf85654481e9581043e14887765b4
Certificate serial: 019423D7F501F13D81C913300CA5EEB051EA
Authority key identifier: B1:CD:C2:6D:44:EA:F8:56:54:48:1E:95:81:04:3E:14:88:77:65:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sc3CbUTq-FZUSB6VgQQ-FIh3ZbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/aaadac-4809-4955-ac62-8f9ca0ebccab/1/obm9FeEGtL9WBvwQOJ_EPBQy1Sw.roa
Signing time: Wed 01 Jan 2025 21:49:03 +0000
ROA not before: Wed 01 Jan 2025 21:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208854
IP address blocks: 45.140.180.0/22 maxlen: 22
45.140.180.0/24 maxlen: 24
2a0e:c5c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/aaadac-4809-4955-ac62-8f9ca0ebccab/1/sc3CbUTq-FZUSB6VgQQ-FIh3ZbQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/aaadac-4809-4955-ac62-8f9ca0ebccab/1/sc3CbUTq-FZUSB6VgQQ-FIh3ZbQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/sc3CbUTq-FZUSB6VgQQ-FIh3ZbQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 03:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:f5:01:f1:3d:81:c9:13:30:0c:a5:ee:b0:51:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1cdc26d44eaf85654481e9581043e14887765b4
Validity
Not Before: Jan 1 21:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a1b9bd15e106b4bf5606fc10389fc43c1432d52c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:13:85:ef:dd:80:6b:e4:35:6b:fc:e7:07:36:
4e:4a:17:8c:01:fa:2b:bf:d9:85:00:ac:ad:88:d9:
db:67:33:92:ff:b9:9c:87:9b:8c:57:b9:07:24:25:
0c:c3:42:c6:ce:17:1d:1b:eb:f3:42:11:53:85:29:
2c:64:a3:18:0c:d8:94:dd:f4:62:3f:ae:5b:04:e0:
8c:4e:16:44:5f:13:15:3b:76:7e:1a:67:b7:18:9c:
36:72:df:62:34:01:a2:1b:ae:11:3e:15:5b:21:ee:
7d:2d:05:a1:cf:04:54:a5:ec:16:1a:ad:e4:bf:2e:
37:27:56:25:98:b7:90:97:6d:f3:7d:0d:b6:23:a9:
d1:f5:31:aa:00:dc:96:5f:77:39:f2:a7:50:ae:5a:
f7:3e:c3:de:e1:a9:41:b8:28:81:c9:71:ab:08:ad:
8a:6b:7e:4e:d1:eb:3d:d3:33:c9:5c:42:9c:2a:e6:
d0:7b:c9:af:33:37:4b:24:b7:a9:08:8a:70:76:19:
9e:10:04:51:90:79:79:c4:7b:7a:f4:cd:ff:97:b8:
d6:75:eb:2d:9f:ee:50:71:1e:c4:73:f9:ab:12:8c:
ec:19:3d:97:36:68:6e:1b:42:59:89:40:c9:18:4d:
d1:cb:df:e7:97:18:11:13:44:7a:28:5d:43:4e:36:
5c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:B9:BD:15:E1:06:B4:BF:56:06:FC:10:38:9F:C4:3C:14:32:D5:2C
X509v3 Authority Key Identifier:
keyid:B1:CD:C2:6D:44:EA:F8:56:54:48:1E:95:81:04:3E:14:88:77:65:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sc3CbUTq-FZUSB6VgQQ-FIh3ZbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/aaadac-4809-4955-ac62-8f9ca0ebccab/1/obm9FeEGtL9WBvwQOJ_EPBQy1Sw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/aaadac-4809-4955-ac62-8f9ca0ebccab/1/sc3CbUTq-FZUSB6VgQQ-FIh3ZbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.180.0/22
IPv6:
2a0e:c5c0::/32
Signature Algorithm: sha256WithRSAEncryption
45:69:22:7d:2c:a3:28:53:36:d4:94:c8:47:d6:33:6c:19:48:
2b:46:08:aa:67:2b:78:54:e1:84:cd:f0:46:69:d3:0e:32:c0:
17:89:5e:bb:7d:d6:4e:ba:1b:6d:43:68:8d:95:76:4f:4e:f2:
8a:3d:ab:54:ec:d6:68:1a:ca:6a:92:6b:cb:df:b4:a0:16:73:
fb:7d:e4:65:e0:d9:93:a7:33:a9:65:27:b2:da:d5:e1:d5:4f:
35:60:57:57:47:86:64:f7:f3:9c:5b:b1:83:9e:af:c9:37:d9:
c6:32:34:6d:03:db:a0:5c:b9:57:c6:6b:14:b2:3d:fd:89:05:
ac:e0:8a:99:00:cd:06:f8:e7:7a:b5:33:00:8f:4b:da:b2:21:
37:c7:70:42:20:27:ce:08:be:e8:34:da:8c:15:74:80:16:a2:
34:5d:01:3a:67:90:18:a9:0a:9c:4e:f3:bf:e1:50:41:cc:bb:
96:46:18:dd:dd:59:7a:ef:d8:f0:6c:15:26:ee:7d:14:76:5e:
73:25:93:32:5f:52:6d:27:6a:17:41:59:bb:12:dd:6b:14:e3:
61:2c:4a:76:b3:f8:7e:31:62:ed:e1:26:f8:ea:b9:47:8b:b8:
d8:13:cd:7a:59:2a:c6:e0:52:85:08:ab:5f:97:cc:ea:1b:c6:
e2:da:95:61
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQj1/UB8T2ByRMwDKXusFHqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxY2RjMjZkNDRlYWY4NTY1NDQ4MWU5NTgxMDQzZTE0ODg3
NzY1YjQwHhcNMjUwMTAxMjE0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWI5YmQxNWUxMDZiNGJmNTYwNmZjMTAzODlmYzQzYzE0MzJkNTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4BOF792Aa+Q1a/znBzZOSheMAfor
v9mFAKytiNnbZzOS/7mch5uMV7kHJCUMw0LGzhcdG+vzQhFThSksZKMYDNiU3fRi
P65bBOCMThZEXxMVO3Z+Gme3GJw2ct9iNAGiG64RPhVbIe59LQWhzwRUpewWGq3k
vy43J1YlmLeQl23zfQ22I6nR9TGqANyWX3c58qdQrlr3PsPe4alBuCiByXGrCK2K
a35O0es90zPJXEKcKubQe8mvMzdLJLepCIpwdhmeEARRkHl5xHt69M3/l7jWdest
n+5QcR7Ec/mrEozsGT2XNmhuG0JZiUDJGE3Ry9/nlxgRE0R6KF1DTjZcNwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKG5vRXhBrS/Vgb8EDifxDwUMtUsMB8GA1UdIwQY
MBaAFLHNwm1E6vhWVEgelYEEPhSId2W0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2MzQ2JVVHEtRlpVU0I2VmdRUS1GSWgzWmJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9hYWFkYWMtNDgwOS00OTU1LWFjNjIt
OGY5Y2EwZWJjY2FiLzEvb2JtOUZlRUd0TDlXQnZ3UU9KX0VQQlF5MVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9hYWFkYWMtNDgwOS00OTU1LWFjNjItOGY5Y2EwZWJjY2Fi
LzEvc2MzQ2JVVHEtRlpVU0I2VmdRUS1GSWgzWmJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLYy0MA0E
AgACMAcDBQAqDsXAMA0GCSqGSIb3DQEBCwUAA4IBAQBFaSJ9LKMoUzbUlMhH1jNs
GUgrRgiqZyt4VOGEzfBGadMOMsAXiV67fdZOuhttQ2iNlXZPTvKKPatU7NZoGspq
kmvL37SgFnP7feRl4NmTpzOpZSey2tXh1U81YFdXR4Zk9/OcW7GDnq/JN9nGMjRt
A9ugXLlXxmsUsj39iQWs4IqZAM0G+Od6tTMAj0vasiE3x3BCICfOCL7oNNqMFXSA
FqI0XQE6Z5AYqQqcTvO/4VBBzLuWRhjd3Vl679jwbBUm7n0Udl5zJZMyX1JtJ2oX
QVm7Et1rFONhLEp2s/h+MWLt4Sb46rlHi7jYE816WSrG4FKFCKtfl8zqG8bi2pVh
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:53:02 2025 by rpki-client