Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/v3Y2kQBxLTzeaG8d43skpwQULcs.roa
File: v3Y2kQBxLTzeaG8d43skpwQULcs.roa (raw, json)
Hash identifier: B7Egk3MrSfO4fxdlQbPhy1Krh5zi1OM2O8JrAFo0eOM=
Subject key identifier: BF:76:36:91:00:71:2D:3C:DE:68:6F:1D:E3:7B:24:A7:04:14:2D:CB
Certificate issuer: /CN=ed30a131718560a34ab3493884e858ec431f6ad1
Certificate serial: 01944521EE16D6B8DC927E9BCE69A954FD1A
Authority key identifier: ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/v3Y2kQBxLTzeaG8d43skpwQULcs.roa
Signing time: Wed 08 Jan 2025 08:57:19 +0000
ROA not before: Wed 08 Jan 2025 08:57:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47430
IP address blocks: 45.139.9.0/24 maxlen: 24
185.105.236.0/24 maxlen: 24
185.105.238.0/24 maxlen: 24
2a10:ab00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.mft
rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 01:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:45:21:ee:16:d6:b8:dc:92:7e:9b:ce:69:a9:54:fd:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed30a131718560a34ab3493884e858ec431f6ad1
Validity
Not Before: Jan 8 08:57:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf76369100712d3cde686f1de37b24a704142dcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c2:5d:76:83:ec:d7:a8:91:53:d3:60:1d:c3:
9a:7b:4b:f2:fa:79:31:65:e5:32:ca:bb:12:eb:88:
e5:a1:62:00:a3:e1:f0:b7:56:07:ca:86:07:e7:3f:
14:81:b0:bd:f8:68:02:3c:53:de:27:26:5f:37:9a:
04:47:90:ca:5a:1b:83:91:92:bc:57:11:97:e7:17:
20:61:4e:ac:59:43:30:02:bc:1c:c5:17:95:7f:d2:
cd:a1:b7:0a:3a:d6:f7:ee:e6:a2:8a:20:e6:ba:2e:
85:ec:d3:6c:bb:b6:d6:26:df:c8:93:3e:7c:54:82:
a1:cc:94:3a:5b:94:bb:2a:7d:17:00:eb:20:35:f2:
70:79:b1:3e:a0:f9:3f:eb:77:67:a5:f4:38:9f:64:
0c:9a:00:63:db:fc:43:e2:7c:2d:89:c0:b6:ec:0d:
f9:5b:27:8c:c3:4c:9a:be:30:b9:09:06:a8:f1:28:
21:fd:58:b8:af:08:48:95:bd:25:95:c3:c1:db:93:
2f:a8:d6:f0:ad:3e:d0:b3:a9:96:43:42:b4:31:2b:
71:ad:a4:b5:c9:cc:ad:da:1f:b4:7e:82:b4:67:09:
05:62:4f:23:d5:2d:96:ba:cb:86:93:cc:2a:89:ec:
5b:4b:01:a9:75:4a:29:31:5a:ec:bb:30:8c:6c:11:
52:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:76:36:91:00:71:2D:3C:DE:68:6F:1D:E3:7B:24:A7:04:14:2D:CB
X509v3 Authority Key Identifier:
keyid:ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/v3Y2kQBxLTzeaG8d43skpwQULcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.9.0/24
185.105.236.0/24
185.105.238.0/24
IPv6:
2a10:ab00::/29
Signature Algorithm: sha256WithRSAEncryption
3b:31:88:9b:9e:4a:1a:58:13:e7:28:17:15:04:23:e4:58:dd:
ca:76:55:1c:24:93:55:3d:ce:65:7f:a2:f6:12:6a:1f:65:1d:
c3:56:23:90:02:d5:eb:6c:f2:19:3e:2b:41:d5:4f:39:b4:9a:
21:a4:dd:e0:6f:d2:2d:b0:0c:1e:e3:c1:42:9f:e9:26:da:1f:
d1:27:56:51:17:4d:89:78:cf:fa:db:d6:ec:ae:ab:e4:ae:2e:
5f:10:ef:a0:08:02:af:42:eb:d3:0c:37:a2:c5:07:23:1d:9c:
eb:78:54:f9:c3:ac:26:7f:85:dd:f4:4c:5c:a2:28:be:98:37:
b2:e7:fc:b7:5b:0c:45:e0:22:c4:17:ca:58:fd:2d:de:5e:4c:
be:0f:cb:26:0e:3a:bd:4b:54:d5:9c:b9:1b:ea:0a:7b:ac:24:
f8:2e:9f:bf:6c:64:e0:ab:5f:38:dd:d6:b3:71:bc:ca:f5:3f:
ef:7e:d5:69:16:6e:63:d9:b8:1c:34:58:b6:f3:03:51:e5:60:
6d:52:7a:2c:14:97:44:7a:0f:fb:f6:ca:6d:46:3a:54:56:d5:
1b:83:e2:00:a9:35:6c:0f:8b:9c:99:dc:61:28:46:97:37:c5:
82:72:bb:ce:94:82:92:b4:37:42:ef:0b:80:3d:90:ed:3c:56:
f2:8b:2e:12
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZRFIe4W1rjckn6bzmmpVP0aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkMzBhMTMxNzE4NTYwYTM0YWIzNDkzODg0ZTg1OGVjNDMx
ZjZhZDEwHhcNMjUwMTA4MDg1NzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjc2MzY5MTAwNzEyZDNjZGU2ODZmMWRlMzdiMjRhNzA0MTQyZGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1cJddoPs16iRU9NgHcOae0vy+nkx
ZeUyyrsS64jloWIAo+Hwt1YHyoYH5z8UgbC9+GgCPFPeJyZfN5oER5DKWhuDkZK8
VxGX5xcgYU6sWUMwArwcxReVf9LNobcKOtb37uaiiiDmui6F7NNsu7bWJt/Ikz58
VIKhzJQ6W5S7Kn0XAOsgNfJwebE+oPk/63dnpfQ4n2QMmgBj2/xD4nwticC27A35
WyeMw0yavjC5CQao8Sgh/Vi4rwhIlb0llcPB25MvqNbwrT7Qs6mWQ0K0MStxraS1
ycyt2h+0foK0ZwkFYk8j1S2WusuGk8wqiexbSwGpdUopMVrsuzCMbBFSvQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFL92NpEAcS083mhvHeN7JKcEFC3LMB8GA1UdIwQY
MBaAFO0woTFxhWCjSrNJOIToWOxDH2rRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTkt
NGIzYjFiNjNiNmFiLzEvdjNZMmtRQnhMVHplYUc4ZDQzc2twd1FVTGNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTktNGIzYjFiNjNiNmFi
LzEvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQALYsJAwQA
uWnsAwQAuWnuMA0EAgACMAcDBQMqEKsAMA0GCSqGSIb3DQEBCwUAA4IBAQA7MYib
nkoaWBPnKBcVBCPkWN3KdlUcJJNVPc5lf6L2EmofZR3DViOQAtXrbPIZPitB1U85
tJohpN3gb9ItsAwe48FCn+km2h/RJ1ZRF02JeM/629bsrqvkri5fEO+gCAKvQuvT
DDeixQcjHZzreFT5w6wmf4Xd9Excoii+mDey5/y3WwxF4CLEF8pY/S3eXky+D8sm
Djq9S1TVnLkb6gp7rCT4Lp+/bGTgq1843dazcbzK9T/vftVpFm5j2bgcNFi28wNR
5WBtUnosFJdEeg/79sptRjpUVtUbg+IAqTVsD4ucmdxhKEaXN8WCcrvOlIKStDdC
7wuAPZDtPFbyiy4S
-----END CERTIFICATE-----
Generated at Thu Apr 10 11:04:06 2025 by rpki-client