Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/9XV7PV-zT0NQ3uZmMVwK2FfVyc4.roa
File: 9XV7PV-zT0NQ3uZmMVwK2FfVyc4.roa (raw, json)
Hash identifier: u+icYkT6O1GXqZHgV8iFPlgLQe9AYTs46MWAhb+d+n8=
Subject key identifier: F5:75:7B:3D:5F:B3:4F:43:50:DE:E6:66:31:5C:0A:D8:57:D5:C9:CE
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 0194206810D6BC3A3894423B55AFECD6FC91
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/9XV7PV-zT0NQ3uZmMVwK2FfVyc4.roa
Signing time: Wed 01 Jan 2025 05:47:58 +0000
ROA not before: Wed 01 Jan 2025 05:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212826
IP address blocks: 45.130.52.0/24 maxlen: 24
45.152.11.0/24 maxlen: 24
45.157.32.0/23 maxlen: 24
46.161.208.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:10:d6:bc:3a:38:94:42:3b:55:af:ec:d6:fc:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jan 1 05:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f5757b3d5fb34f4350dee666315c0ad857d5c9ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:08:32:2f:72:f9:7a:cf:3c:4b:a8:7f:22:50:
ac:07:54:17:47:62:1d:c0:63:f2:b4:11:ba:f9:c9:
67:47:68:96:35:fb:ec:0b:16:6d:e8:6f:bc:82:e2:
c2:c4:f5:5d:85:e0:22:94:b8:03:07:80:fe:c1:a5:
18:6f:db:07:bb:f3:bc:47:c4:cb:a2:4b:0d:25:45:
2a:ec:e4:78:d8:57:d3:24:2a:9d:62:40:8b:7e:3a:
73:37:6e:a6:bd:c3:11:c0:57:2b:88:da:24:45:2e:
0b:05:a2:16:55:08:d4:bd:f5:e0:96:ec:68:c7:73:
da:98:ab:72:8e:93:4b:f2:5f:de:79:10:83:e2:f8:
5d:1c:45:e2:e4:f4:54:fd:f3:4d:c9:b2:81:6b:11:
cf:00:db:45:37:da:83:ee:f3:ce:08:69:e6:cc:91:
bb:16:d6:f3:fb:6e:3e:04:6f:66:59:dd:f7:06:be:
5a:77:16:31:26:da:81:41:c9:84:25:5e:89:71:64:
68:79:61:28:3a:1a:44:3a:2a:86:72:8b:4c:81:f2:
85:36:d8:bb:3e:5b:5b:a7:4c:52:13:83:2d:89:4f:
de:ed:bc:f4:24:39:9d:13:68:5c:47:4a:2a:0f:eb:
5a:27:e5:cc:ad:78:64:df:37:83:b3:79:0c:a7:d0:
6c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:75:7B:3D:5F:B3:4F:43:50:DE:E6:66:31:5C:0A:D8:57:D5:C9:CE
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/9XV7PV-zT0NQ3uZmMVwK2FfVyc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.52.0/24
45.152.11.0/24
45.157.32.0/23
46.161.208.0/23
Signature Algorithm: sha256WithRSAEncryption
ae:22:03:4b:db:f9:76:3d:67:b1:6d:61:0e:00:e7:28:1e:de:
4c:e4:d1:e7:54:56:12:e3:b8:58:5a:38:86:52:1f:ac:72:e9:
6e:97:01:46:2a:f8:23:e1:9b:5d:46:03:63:42:a0:df:7a:d8:
26:cd:c0:ad:44:8d:e0:d2:c9:b5:7d:7f:b4:53:65:3a:1b:d3:
18:f9:b7:11:a7:e8:24:d0:ca:d2:63:33:83:95:64:db:b0:1c:
3e:ad:16:3d:dd:84:95:fe:cf:2c:10:3b:11:f4:52:16:ab:bf:
59:02:62:f6:24:1f:39:39:fa:90:db:05:5a:04:35:1a:d4:fb:
2b:fa:ed:ed:7d:3a:75:bd:98:04:a4:15:22:17:14:ea:5c:50:
3b:70:7d:ab:02:e0:55:2c:05:51:d8:4b:fb:c2:f7:89:57:b6:
74:f7:e7:82:b4:df:64:af:e9:a1:1b:0e:1b:7d:65:f6:14:2b:
2e:20:82:78:d4:08:9d:b9:78:71:55:23:67:6d:4c:34:ec:a6:
0f:af:1c:59:85:97:3d:4f:9d:68:e9:d3:a4:32:ec:3e:ca:6b:
9b:8d:50:4b:c0:62:94:15:8f:d6:fa:c0:1f:42:57:6c:85:52:
e4:90:91:6d:c8:1f:23:49:2d:aa:cf:31:ac:da:7e:0a:b0:6e:
57:44:e5:e0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQgaBDWvDo4lEI7Va/s1vyRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjUwMTAxMDU0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTc1N2IzZDVmYjM0ZjQzNTBkZWU2NjYzMTVjMGFkODU3ZDVjOWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2QgyL3L5es88S6h/IlCsB1QXR2Id
wGPytBG6+clnR2iWNfvsCxZt6G+8guLCxPVdheAilLgDB4D+waUYb9sHu/O8R8TL
oksNJUUq7OR42FfTJCqdYkCLfjpzN26mvcMRwFcriNokRS4LBaIWVQjUvfXgluxo
x3PamKtyjpNL8l/eeRCD4vhdHEXi5PRU/fNNybKBaxHPANtFN9qD7vPOCGnmzJG7
Ftbz+24+BG9mWd33Br5adxYxJtqBQcmEJV6JcWRoeWEoOhpEOiqGcotMgfKFNti7
Pltbp0xSE4MtiU/e7bz0JDmdE2hcR0oqD+taJ+XMrXhk3zeDs3kMp9BszwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPV1ez1fs09DUN7mZjFcCthX1cnOMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvOVhWN1BWLXpUME5RM3VabU1Wd0syRmZWeWM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYI0AwQA
LZgLAwQBLZ0gAwQBLqHQMA0GCSqGSIb3DQEBCwUAA4IBAQCuIgNL2/l2PWexbWEO
AOcoHt5M5NHnVFYS47hYWjiGUh+scululwFGKvgj4ZtdRgNjQqDfetgmzcCtRI3g
0sm1fX+0U2U6G9MY+bcRp+gk0MrSYzODlWTbsBw+rRY93YSV/s8sEDsR9FIWq79Z
AmL2JB85OfqQ2wVaBDUa1Psr+u3tfTp1vZgEpBUiFxTqXFA7cH2rAuBVLAVR2Ev7
wveJV7Z09+eCtN9kr+mhGw4bfWX2FCsuIIJ41AiduXhxVSNnbUw07KYPrxxZhZc9
T51o6dOkMuw+ymubjVBLwGKUFY/W+sAfQldshVLkkJFtyB8jSS2qzzGs2n4KsG5X
ROXg
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:25:39 2025 by rpki-client