Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/768f14-a721-46f0-9199-4f4b994e0eb2/1/7fSgZ-LQDYvguJzdZ14V0z0FUCE.roa
File: 7fSgZ-LQDYvguJzdZ14V0z0FUCE.roa (raw, json)
Hash identifier: bUjKLDflZP/Ln3EKUyE+zKMongCT5xOF2uDWHet5S9I=
Subject key identifier: ED:F4:A0:67:E2:D0:0D:8B:E0:B8:9C:DD:67:5E:15:D3:3D:05:50:21
Certificate issuer: /CN=4beccc9d1a76e91469cb63b12bf725d7debafb1b
Certificate serial: 019424B3B5958417DBAE5CD6C55DE324C363
Authority key identifier: 4B:EC:CC:9D:1A:76:E9:14:69:CB:63:B1:2B:F7:25:D7:DE:BA:FB:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S-zMnRp26RRpy2OxK_cl1966-xs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/768f14-a721-46f0-9199-4f4b994e0eb2/1/7fSgZ-LQDYvguJzdZ14V0z0FUCE.roa
Signing time: Thu 02 Jan 2025 01:49:04 +0000
ROA not before: Thu 02 Jan 2025 01:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3269
IP address blocks: 45.82.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/768f14-a721-46f0-9199-4f4b994e0eb2/1/S-zMnRp26RRpy2OxK_cl1966-xs.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/768f14-a721-46f0-9199-4f4b994e0eb2/1/S-zMnRp26RRpy2OxK_cl1966-xs.mft
rsync://rpki.ripe.net/repository/DEFAULT/S-zMnRp26RRpy2OxK_cl1966-xs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 13:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:b5:95:84:17:db:ae:5c:d6:c5:5d:e3:24:c3:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4beccc9d1a76e91469cb63b12bf725d7debafb1b
Validity
Not Before: Jan 2 01:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=edf4a067e2d00d8be0b89cdd675e15d33d055021
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:7d:27:ff:e5:7f:10:5d:6f:6c:ad:71:b6:6c:
8d:d4:f4:b1:aa:09:aa:d0:08:24:0a:74:15:e0:8e:
fb:b0:cd:86:37:4a:b6:6d:66:fb:b9:84:f1:41:ff:
09:da:3e:8a:be:d1:4e:c7:35:fd:84:2c:ef:86:80:
03:19:e2:87:6e:2f:b8:73:c2:db:c9:b1:f4:30:9d:
b5:e3:46:a3:10:2e:19:2c:7a:4c:fe:51:1f:52:ff:
3f:ac:86:ae:c3:75:a3:b6:e7:87:cf:2d:87:f9:33:
08:4a:68:f1:05:45:52:eb:90:83:7c:0b:79:ff:62:
6f:a3:2a:e2:f8:73:bd:d5:d7:36:45:1a:bd:10:14:
e8:61:de:6c:f4:22:ee:74:95:63:04:36:34:3d:0a:
97:1c:52:d9:a9:12:bb:12:75:b7:29:65:5f:d7:6a:
d6:85:f3:5e:27:18:57:ee:04:d1:c4:ad:0e:c1:39:
a4:b1:e4:85:31:77:01:6d:94:9a:2e:7a:89:5f:e8:
40:92:31:70:11:51:11:c3:dd:ca:9a:27:f9:2a:9b:
a7:c8:02:e5:73:b4:dc:f2:e0:92:ee:21:e1:9c:f2:
ba:a5:56:6d:c5:20:95:b7:90:46:a5:6b:8c:4a:bf:
2e:28:65:3a:55:be:51:1a:8f:11:20:01:77:9a:1d:
bc:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:F4:A0:67:E2:D0:0D:8B:E0:B8:9C:DD:67:5E:15:D3:3D:05:50:21
X509v3 Authority Key Identifier:
keyid:4B:EC:CC:9D:1A:76:E9:14:69:CB:63:B1:2B:F7:25:D7:DE:BA:FB:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S-zMnRp26RRpy2OxK_cl1966-xs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/768f14-a721-46f0-9199-4f4b994e0eb2/1/7fSgZ-LQDYvguJzdZ14V0z0FUCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/768f14-a721-46f0-9199-4f4b994e0eb2/1/S-zMnRp26RRpy2OxK_cl1966-xs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.203.0/24
Signature Algorithm: sha256WithRSAEncryption
52:0b:c5:15:e7:6c:f8:d9:f0:73:c2:ec:2c:00:9e:d7:ef:d4:
d6:ab:87:20:8b:5e:f0:66:e5:c1:ff:b4:0d:44:f4:e1:14:7a:
2d:cf:40:06:21:e3:2c:9f:f2:5c:84:8d:cb:7f:cb:6d:aa:2d:
db:ee:7a:c8:e0:a2:56:e6:52:03:af:02:b1:36:aa:01:1f:a0:
f3:c4:68:92:83:f2:06:cf:4b:45:15:77:60:95:4c:79:e4:fa:
d2:4b:e7:99:90:f7:ee:f0:88:90:94:4e:02:57:52:e6:b1:52:
77:50:d4:11:5b:0c:d4:7a:e2:c1:60:30:90:d0:8e:ba:27:5c:
ef:77:af:77:62:f5:56:ca:16:9f:f7:31:c5:78:71:60:f7:81:
5e:ef:6f:39:b0:60:aa:50:67:c3:f3:5b:fa:52:d7:e7:a3:95:
a0:46:93:31:88:2a:29:8c:ef:53:c6:86:8c:2a:0c:e5:61:6f:
fb:9b:7d:2a:4d:c6:e9:a6:61:49:86:86:7e:45:aa:3d:10:e2:
71:e2:c1:29:30:02:8c:05:dc:e9:5d:a7:b6:e3:94:7a:65:41:
24:c7:c5:48:24:d9:5c:0e:fc:80:c3:83:fb:e1:73:19:0f:03:
32:b2:4c:af:d8:a7:e1:fe:ed:dc:d1:ba:16:e3:1a:82:49:d9:
95:ac:03:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks7WVhBfbrlzWxV3jJMNjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiZWNjYzlkMWE3NmU5MTQ2OWNiNjNiMTJiZjcyNWQ3ZGVi
YWZiMWIwHhcNMjUwMTAyMDE0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGY0YTA2N2UyZDAwZDhiZTBiODljZGQ2NzVlMTVkMzNkMDU1MDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtX0n/+V/EF1vbK1xtmyN1PSxqgmq
0AgkCnQV4I77sM2GN0q2bWb7uYTxQf8J2j6KvtFOxzX9hCzvhoADGeKHbi+4c8Lb
ybH0MJ2140ajEC4ZLHpM/lEfUv8/rIauw3WjtueHzy2H+TMISmjxBUVS65CDfAt5
/2Jvoyri+HO91dc2RRq9EBToYd5s9CLudJVjBDY0PQqXHFLZqRK7EnW3KWVf12rW
hfNeJxhX7gTRxK0OwTmkseSFMXcBbZSaLnqJX+hAkjFwEVERw93Kmif5KpunyALl
c7Tc8uCS7iHhnPK6pVZtxSCVt5BGpWuMSr8uKGU6Vb5RGo8RIAF3mh28TQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO30oGfi0A2L4Lic3WdeFdM9BVAhMB8GA1UdIwQY
MBaAFEvszJ0adukUactjsSv3JdfeuvsbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUy16TW5ScDI2UlJweTJPeEtfY2wxOTY2LXhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NjhmMTQtYTcyMS00NmYwLTkxOTkt
NGY0Yjk5NGUwZWIyLzEvN2ZTZ1otTFFEWXZndUp6ZFoxNFYwejBGVUNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NjhmMTQtYTcyMS00NmYwLTkxOTktNGY0Yjk5NGUwZWIy
LzEvUy16TW5ScDI2UlJweTJPeEtfY2wxOTY2LXhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVLLMA0G
CSqGSIb3DQEBCwUAA4IBAQBSC8UV52z42fBzwuwsAJ7X79TWq4cgi17wZuXB/7QN
RPThFHotz0AGIeMsn/JchI3Lf8ttqi3b7nrI4KJW5lIDrwKxNqoBH6DzxGiSg/IG
z0tFFXdglUx55PrSS+eZkPfu8IiQlE4CV1LmsVJ3UNQRWwzUeuLBYDCQ0I66J1zv
d693YvVWyhaf9zHFeHFg94Fe7285sGCqUGfD81v6Utfno5WgRpMxiCopjO9TxoaM
KgzlYW/7m30qTcbppmFJhoZ+Rao9EOJx4sEpMAKMBdzpXae245R6ZUEkx8VIJNlc
DvyAw4P74XMZDwMyskyv2Kfh/u3c0boW4xqCSdmVrAO0
-----END CERTIFICATE-----
Generated at Tue Apr 15 19:59:44 2025 by rpki-client