Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/S17iBhkERDhZ8BQHX4CBUU31c6Y.roa
File: S17iBhkERDhZ8BQHX4CBUU31c6Y.roa (raw, json)
Hash identifier: KN0zRr09424pw0sdcVfcRSqozH46+PiFTvb656E5OJY=
Subject key identifier: 4B:5E:E2:06:19:04:44:38:59:F0:14:07:5F:80:81:51:4D:F5:73:A6
Certificate issuer: /CN=b2c0bdafadea78dce312f862ddf42b1bd4c4f645
Certificate serial: 019427B5818A0ABA96D9871D8821C6ABED4B
Authority key identifier: B2:C0:BD:AF:AD:EA:78:DC:E3:12:F8:62:DD:F4:2B:1B:D4:C4:F6:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ssC9r63qeNzjEvhi3fQrG9TE9kU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/S17iBhkERDhZ8BQHX4CBUU31c6Y.roa
Signing time: Thu 02 Jan 2025 15:49:54 +0000
ROA not before: Thu 02 Jan 2025 15:49:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204457
IP address blocks: 45.94.5.0/24 maxlen: 24
45.94.7.0/24 maxlen: 24
45.156.29.0/24 maxlen: 24
45.156.30.0/24 maxlen: 24
45.156.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/ssC9r63qeNzjEvhi3fQrG9TE9kU.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/ssC9r63qeNzjEvhi3fQrG9TE9kU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ssC9r63qeNzjEvhi3fQrG9TE9kU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:81:8a:0a:ba:96:d9:87:1d:88:21:c6:ab:ed:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2c0bdafadea78dce312f862ddf42b1bd4c4f645
Validity
Not Before: Jan 2 15:49:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b5ee2061904443859f014075f8081514df573a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b3:64:75:9c:f9:1d:88:4d:b1:e3:ef:68:b9:
8b:ea:16:b0:63:71:a8:22:1c:d4:0e:ae:a1:8c:ae:
cf:fd:cc:af:e2:8a:3a:ec:28:70:52:50:e5:c6:58:
eb:29:5b:ef:bd:d7:d7:1c:43:29:5e:26:62:40:52:
b4:1b:c5:bc:bc:24:63:c5:1f:2a:b7:1e:87:ef:1c:
65:93:65:e5:59:2a:14:78:37:c7:27:26:0e:ca:0d:
a6:b0:50:fa:f3:79:b0:fd:50:a9:e0:4e:f7:ec:79:
f1:a1:8c:2f:07:ce:d6:59:58:c0:ef:bf:53:d5:5d:
ce:6a:c7:78:17:41:86:44:a8:da:6b:16:27:cf:05:
95:0c:20:a8:7b:2b:07:f8:39:da:5e:d5:6c:e0:6f:
5b:8e:96:0f:ec:fc:0c:29:6c:d9:20:cf:c3:05:10:
90:ed:11:8b:d8:c5:07:3f:06:82:8b:d2:44:ae:50:
02:de:7a:3b:23:01:a1:ff:da:1a:c7:d2:f6:98:fc:
e5:03:7e:86:eb:cb:2b:5e:b6:ad:a0:23:84:93:53:
17:14:b2:ab:90:6f:4a:ae:88:7e:0b:4b:b4:f2:f6:
3e:5e:87:82:95:23:1a:a2:6f:44:c7:88:ed:0a:89:
47:92:29:73:85:92:03:72:08:bf:a5:a1:42:a8:26:
d6:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:5E:E2:06:19:04:44:38:59:F0:14:07:5F:80:81:51:4D:F5:73:A6
X509v3 Authority Key Identifier:
keyid:B2:C0:BD:AF:AD:EA:78:DC:E3:12:F8:62:DD:F4:2B:1B:D4:C4:F6:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ssC9r63qeNzjEvhi3fQrG9TE9kU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/S17iBhkERDhZ8BQHX4CBUU31c6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/ssC9r63qeNzjEvhi3fQrG9TE9kU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.5.0/24
45.94.7.0/24
45.156.29.0-45.156.31.255
Signature Algorithm: sha256WithRSAEncryption
cc:79:d9:12:40:4e:2c:c0:f7:17:fd:ad:b0:3d:c1:00:14:c6:
da:25:b0:84:ca:10:39:d0:ef:09:28:a2:ae:29:e5:fa:10:0b:
60:c9:27:62:30:33:28:be:2a:ca:3c:c6:93:57:d3:93:39:8f:
a1:8f:41:45:5b:05:d7:83:a1:46:7b:cf:fc:90:e9:0f:11:d0:
c9:14:50:81:75:d7:b3:b6:9e:b8:eb:e9:51:32:d1:d1:96:c5:
da:b2:13:63:30:a1:3c:03:e3:93:77:e0:9d:24:ad:da:bb:2c:
a6:a1:fe:61:75:3c:d3:0b:46:df:99:7e:a9:1a:4b:d7:10:4e:
f0:29:76:e4:25:ec:7a:ae:74:0a:9e:b4:0f:19:25:f1:86:6e:
a0:67:8f:6b:8d:f7:a1:1d:70:21:87:56:00:e1:09:52:11:30:
6d:6b:e1:dd:89:4c:05:b5:2a:9e:d0:83:17:43:e9:3e:4c:b7:
86:af:f0:ab:91:b5:cd:38:8c:ff:4b:97:20:b3:83:4a:19:ba:
3f:5b:08:d8:87:71:ea:ba:f8:f9:b2:10:b6:64:66:c3:8f:80:
ef:3d:26:dc:6f:89:fa:d0:6c:7a:10:48:4c:ea:54:1d:62:72:
0b:bd:3e:ff:02:b3:86:03:4d:a6:cf:63:87:67:db:1e:22:a4:
71:7e:e9:ce
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQntYGKCrqW2YcdiCHGq+1LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYzBiZGFmYWRlYTc4ZGNlMzEyZjg2MmRkZjQyYjFiZDRj
NGY2NDUwHhcNMjUwMTAyMTU0OTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjVlZTIwNjE5MDQ0NDM4NTlmMDE0MDc1ZjgwODE1MTRkZjU3M2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbNkdZz5HYhNsePvaLmL6hawY3Go
IhzUDq6hjK7P/cyv4oo67ChwUlDlxljrKVvvvdfXHEMpXiZiQFK0G8W8vCRjxR8q
tx6H7xxlk2XlWSoUeDfHJyYOyg2msFD683mw/VCp4E737HnxoYwvB87WWVjA779T
1V3Oasd4F0GGRKjaaxYnzwWVDCCoeysH+DnaXtVs4G9bjpYP7PwMKWzZIM/DBRCQ
7RGL2MUHPwaCi9JErlAC3no7IwGh/9oax9L2mPzlA36G68srXratoCOEk1MXFLKr
kG9Kroh+C0u08vY+XoeClSMaom9Ex4jtColHkilzhZIDcgi/paFCqCbW5wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEte4gYZBEQ4WfAUB1+AgVFN9XOmMB8GA1UdIwQY
MBaAFLLAva+t6njc4xL4Yt30KxvUxPZFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3NDOXI2M3FlTnpqRXZoaTNmUXJHOVRFOWtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8xZjM3MTItY2YyYy00ODZlLTk1YjMt
ZmNjMzM2ZWVkOGQ3LzEvUzE3aUJoa0VSRGhaOEJRSFg0Q0JVVTMxYzZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8xZjM3MTItY2YyYy00ODZlLTk1YjMtZmNjMzM2ZWVkOGQ3
LzEvc3NDOXI2M3FlTnpqRXZoaTNmUXJHOVRFOWtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALV4FAwQA
LV4HMAwDBAAtnB0DBAUtnAAwDQYJKoZIhvcNAQELBQADggEBAMx52RJATizA9xf9
rbA9wQAUxtolsITKEDnQ7wkooq4p5foQC2DJJ2IwMyi+Kso8xpNX05M5j6GPQUVb
BdeDoUZ7z/yQ6Q8R0MkUUIF117O2nrjr6VEy0dGWxdqyE2MwoTwD45N34J0krdq7
LKah/mF1PNMLRt+ZfqkaS9cQTvApduQl7HqudAqetA8ZJfGGbqBnj2uN96EdcCGH
VgDhCVIRMG1r4d2JTAW1Kp7QgxdD6T5Mt4av8KuRtc04jP9LlyCzg0oZuj9bCNiH
ceq6+PmyELZkZsOPgO89JtxvifrQbHoQSEzqVB1icgu9Pv8Cs4YDTabPY4dn2x4i
pHF+6c4=
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:34:19 2025 by rpki-client