Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/Bec3FuivOBDOqgjzPfv4d13m2lM.roa
File: Bec3FuivOBDOqgjzPfv4d13m2lM.roa (raw, json)
Hash identifier: owG94wKPWPllEhJt14j/A1tpXG3GUHNv4s01kzZtAnY=
Subject key identifier: 05:E7:37:16:E8:AF:38:10:CE:AA:08:F3:3D:FB:F8:77:5D:E6:DA:53
Certificate issuer: /CN=baaa7b4c01e929c38923981ab51c9727a1f9f07e
Certificate serial: 01942144713A1DFF2607F28FA9E8C368DC57
Authority key identifier: BA:AA:7B:4C:01:E9:29:C3:89:23:98:1A:B5:1C:97:27:A1:F9:F0:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqp7TAHpKcOJI5gatRyXJ6H58H4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/Bec3FuivOBDOqgjzPfv4d13m2lM.roa
Signing time: Wed 01 Jan 2025 09:48:40 +0000
ROA not before: Wed 01 Jan 2025 09:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 268624
IP address blocks: 45.141.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/uqp7TAHpKcOJI5gatRyXJ6H58H4.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/uqp7TAHpKcOJI5gatRyXJ6H58H4.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqp7TAHpKcOJI5gatRyXJ6H58H4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:71:3a:1d:ff:26:07:f2:8f:a9:e8:c3:68:dc:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baaa7b4c01e929c38923981ab51c9727a1f9f07e
Validity
Not Before: Jan 1 09:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=05e73716e8af3810ceaa08f33dfbf8775de6da53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:1a:13:62:57:23:c7:76:df:01:0a:44:f1:52:
c0:2a:4a:1c:8a:ec:52:c3:a5:2d:32:c3:57:39:90:
ae:31:29:e9:97:52:6d:38:f8:8d:05:ce:dc:77:a3:
07:40:9f:ce:98:c0:de:f6:7b:6d:58:f9:fe:b9:8f:
a0:7e:fa:49:74:31:ce:c2:a8:55:65:bf:74:bb:e1:
f7:9c:88:fc:49:8f:3c:e3:61:60:13:eb:1e:07:45:
e0:17:a4:2c:73:36:5e:d6:28:96:86:f1:83:ea:a9:
e4:a8:33:cd:ec:00:c3:54:72:80:8e:92:6f:7e:83:
1f:34:f9:84:a5:24:4e:4b:29:5c:23:88:86:04:28:
02:8e:e8:9f:5f:19:27:a8:53:9b:4a:e6:0c:75:77:
ec:24:ea:68:3c:fe:9d:40:e2:78:b6:dc:a4:81:5f:
f3:99:fd:20:d1:9a:8e:a7:cf:33:82:1d:3a:2f:f9:
dd:d1:4f:4b:d2:53:89:ff:7f:e9:f3:e6:df:79:3a:
0e:12:b2:a5:b4:26:80:c2:27:6b:74:c9:fd:b0:fd:
38:cf:59:15:64:e3:ce:23:bc:04:86:4a:6f:d5:c3:
8a:ca:0a:7a:63:d2:ab:e8:46:43:67:d0:cb:29:d7:
63:45:7a:61:9d:6c:e8:e5:e5:57:00:f2:9f:66:c1:
01:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:E7:37:16:E8:AF:38:10:CE:AA:08:F3:3D:FB:F8:77:5D:E6:DA:53
X509v3 Authority Key Identifier:
keyid:BA:AA:7B:4C:01:E9:29:C3:89:23:98:1A:B5:1C:97:27:A1:F9:F0:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqp7TAHpKcOJI5gatRyXJ6H58H4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/Bec3FuivOBDOqgjzPfv4d13m2lM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/uqp7TAHpKcOJI5gatRyXJ6H58H4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.214.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:51:10:41:88:6a:23:dc:bc:32:93:fa:34:b2:ae:53:67:0f:
c7:b6:0a:21:0e:c1:5b:cd:78:f5:b6:ab:fd:6d:25:c6:4b:d5:
92:d9:ab:1a:23:13:b7:01:80:c0:68:56:cb:28:5b:f8:83:25:
24:6a:5e:c7:1e:af:68:12:eb:9c:b7:19:ec:57:83:41:cc:ad:
95:c2:25:5f:48:b6:3f:66:5e:61:98:30:0c:f6:d3:a5:60:6c:
1a:d4:f3:06:bf:a0:b3:8f:07:4c:db:96:c2:10:46:73:ef:36:
ea:12:82:3f:00:d6:2f:4b:33:34:39:22:31:31:2f:af:98:46:
62:14:de:0c:27:6b:0d:4a:71:a4:1e:18:ff:48:95:49:2e:ea:
43:11:a9:79:ad:98:1c:c7:53:0d:78:1c:09:23:3c:2e:f7:0b:
40:00:68:9f:aa:99:79:fe:8d:95:01:f7:be:76:80:50:63:e4:
e5:6b:54:77:f9:42:4c:b3:ce:7a:cd:80:2c:04:25:97:12:40:
49:24:f8:14:10:0b:56:79:08:e6:00:42:fd:5a:64:47:fd:fc:
27:0a:d3:57:34:eb:a9:1d:f3:81:d1:ea:93:d7:5f:48:e3:95:
08:19:7a:ed:cf:be:52:93:2d:7e:e0:64:25:10:ae:99:05:20:
44:6b:53:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRHE6Hf8mB/KPqejDaNxXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYWE3YjRjMDFlOTI5YzM4OTIzOTgxYWI1MWM5NzI3YTFm
OWYwN2UwHhcNMjUwMTAxMDk0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWU3MzcxNmU4YWYzODEwY2VhYTA4ZjMzZGZiZjg3NzVkZTZkYTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3xoTYlcjx3bfAQpE8VLAKkociuxS
w6UtMsNXOZCuMSnpl1JtOPiNBc7cd6MHQJ/OmMDe9nttWPn+uY+gfvpJdDHOwqhV
Zb90u+H3nIj8SY8842FgE+seB0XgF6QsczZe1iiWhvGD6qnkqDPN7ADDVHKAjpJv
foMfNPmEpSROSylcI4iGBCgCjuifXxknqFObSuYMdXfsJOpoPP6dQOJ4ttykgV/z
mf0g0ZqOp88zgh06L/nd0U9L0lOJ/3/p8+bfeToOErKltCaAwidrdMn9sP04z1kV
ZOPOI7wEhkpv1cOKygp6Y9Kr6EZDZ9DLKddjRXphnWzo5eVXAPKfZsEBWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAXnNxborzgQzqoI8z37+Hdd5tpTMB8GA1UdIwQY
MBaAFLqqe0wB6SnDiSOYGrUclyeh+fB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFwN1RBSHBLY09KSTVnYXRSeVhKNkg1OEg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYjllNzAtNDg5YS00MDg4LWIyOGUt
ZTY4ZjZjZjJjMGQyLzEvQmVjM0Z1aXZPQkRPcWdqelBmdjRkMTNtMmxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYjllNzAtNDg5YS00MDg4LWIyOGUtZTY4ZjZjZjJjMGQy
LzEvdXFwN1RBSHBLY09KSTVnYXRSeVhKNkg1OEg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY3WMA0G
CSqGSIb3DQEBCwUAA4IBAQArURBBiGoj3Lwyk/o0sq5TZw/HtgohDsFbzXj1tqv9
bSXGS9WS2asaIxO3AYDAaFbLKFv4gyUkal7HHq9oEuuctxnsV4NBzK2VwiVfSLY/
Zl5hmDAM9tOlYGwa1PMGv6CzjwdM25bCEEZz7zbqEoI/ANYvSzM0OSIxMS+vmEZi
FN4MJ2sNSnGkHhj/SJVJLupDEal5rZgcx1MNeBwJIzwu9wtAAGifqpl5/o2VAfe+
doBQY+Tla1R3+UJMs856zYAsBCWXEkBJJPgUEAtWeQjmAEL9WmRH/fwnCtNXNOup
HfOB0eqT119I45UIGXrtz75Sky1+4GQlEK6ZBSBEa1P1
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:04 2025 by rpki-client