Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/r39ohg_NZTgE7vtYFVHPRToAzuA.roa
File: r39ohg_NZTgE7vtYFVHPRToAzuA.roa (raw, json)
Hash identifier: 4FTLuNfEgCKiNNKOFBDQPOMSv9rbnZNd+FbSRU1rmMA=
Subject key identifier: AF:7F:68:86:0F:CD:65:38:04:EE:FB:58:15:51:CF:45:3A:00:CE:E0
Certificate issuer: /CN=5e8d07b45f7d83124c9f8c0fac03bec02468b37e
Certificate serial: 019423D7B997D815B142418C1AA50E2A851B
Authority key identifier: 5E:8D:07:B4:5F:7D:83:12:4C:9F:8C:0F:AC:03:BE:C0:24:68:B3:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xo0HtF99gxJMn4wPrAO-wCRos34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/r39ohg_NZTgE7vtYFVHPRToAzuA.roa
Signing time: Wed 01 Jan 2025 21:48:47 +0000
ROA not before: Wed 01 Jan 2025 21:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 45.15.106.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/Xo0HtF99gxJMn4wPrAO-wCRos34.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/Xo0HtF99gxJMn4wPrAO-wCRos34.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xo0HtF99gxJMn4wPrAO-wCRos34.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:b9:97:d8:15:b1:42:41:8c:1a:a5:0e:2a:85:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e8d07b45f7d83124c9f8c0fac03bec02468b37e
Validity
Not Before: Jan 1 21:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af7f68860fcd653804eefb581551cf453a00cee0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f7:bc:a9:dc:96:e0:ca:3b:cb:27:60:04:91:
c3:bc:bc:17:79:5e:f8:ba:ed:c0:44:52:74:3c:25:
10:e8:34:47:91:6d:f1:98:af:7a:42:cf:9e:78:13:
9c:66:70:e3:f5:f3:60:5d:26:ef:80:9f:8f:12:64:
40:b2:61:c7:41:f2:6a:47:49:01:05:18:51:f5:eb:
58:ac:17:db:c0:90:c3:35:8b:81:26:c2:1a:0f:a1:
e5:54:7b:fe:92:64:27:c0:b1:b0:83:31:5c:93:08:
8d:92:52:71:d7:4c:e3:93:b9:d9:c6:3d:cb:bd:31:
ba:25:ef:48:38:cb:4a:7d:96:6d:96:7f:f2:09:96:
b4:a9:64:0b:03:6f:98:0b:b6:85:8c:e1:55:4b:e2:
4d:fa:0c:4f:89:1b:27:d0:f4:1f:ca:53:9b:4c:ea:
ac:db:96:9e:5f:40:34:8d:6d:be:78:18:f0:e4:4d:
2b:d0:ac:2e:5c:24:ca:16:ac:6a:68:d2:55:33:17:
84:44:b3:e9:b7:1a:cd:d0:1b:8e:1c:33:b2:63:61:
d8:11:d6:05:72:25:7e:3b:3c:dc:90:e5:11:39:41:
12:4c:49:1c:39:58:02:fc:cd:1a:03:e2:23:56:de:
34:87:39:34:bb:13:f5:4e:e1:da:0e:11:c2:2b:d7:
2b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:7F:68:86:0F:CD:65:38:04:EE:FB:58:15:51:CF:45:3A:00:CE:E0
X509v3 Authority Key Identifier:
keyid:5E:8D:07:B4:5F:7D:83:12:4C:9F:8C:0F:AC:03:BE:C0:24:68:B3:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xo0HtF99gxJMn4wPrAO-wCRos34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/r39ohg_NZTgE7vtYFVHPRToAzuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/Xo0HtF99gxJMn4wPrAO-wCRos34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.106.0/23
Signature Algorithm: sha256WithRSAEncryption
b8:da:ee:da:ef:a7:1a:1e:22:c8:2e:be:e5:6a:67:a2:8b:f9:
41:23:8a:21:66:a1:ba:de:3f:cc:06:80:6b:8d:23:80:65:a8:
4a:a1:22:5d:0e:4a:e3:e5:9d:f6:d7:87:9a:2f:e4:39:1f:5d:
8e:ce:b0:50:fd:2d:02:2d:59:67:80:52:8e:e1:fb:77:7e:53:
08:f1:4a:59:2e:c4:17:e8:f0:37:4e:ae:5f:b4:77:71:74:46:
ab:0e:d2:91:2a:f6:c8:7d:6a:b5:87:0d:63:36:92:39:c9:66:
24:08:bc:5f:be:00:da:f1:f7:d8:aa:22:64:84:65:e4:94:1e:
fa:29:b2:c9:a9:98:ad:ae:6f:d9:9e:c2:b3:b6:fb:5d:46:88:
08:bb:e7:fd:6a:28:b0:50:03:4c:f8:4e:4d:10:75:c4:95:8f:
83:d4:a9:c0:2b:5f:16:8a:0d:db:26:5f:08:08:49:8f:74:56:
65:5f:ac:e7:ec:4f:7f:0b:40:2f:fb:37:a7:ba:69:c5:45:10:
6a:92:e3:aa:ec:df:86:0b:24:64:31:85:7e:13:5a:2d:a8:f5:
a9:58:ed:29:03:01:04:a0:39:f3:6c:7f:a2:fe:56:38:3c:3f:
f7:52:db:02:b5:a5:09:e5:05:5a:0a:75:ba:a6:aa:bb:46:f4:
8a:ad:9e:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj17mX2BWxQkGMGqUOKoUbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlOGQwN2I0NWY3ZDgzMTI0YzlmOGMwZmFjMDNiZWMwMjQ2
OGIzN2UwHhcNMjUwMTAxMjE0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjdmNjg4NjBmY2Q2NTM4MDRlZWZiNTgxNTUxY2Y0NTNhMDBjZWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfe8qdyW4Mo7yydgBJHDvLwXeV74
uu3ARFJ0PCUQ6DRHkW3xmK96Qs+eeBOcZnDj9fNgXSbvgJ+PEmRAsmHHQfJqR0kB
BRhR9etYrBfbwJDDNYuBJsIaD6HlVHv+kmQnwLGwgzFckwiNklJx10zjk7nZxj3L
vTG6Je9IOMtKfZZtln/yCZa0qWQLA2+YC7aFjOFVS+JN+gxPiRsn0PQfylObTOqs
25aeX0A0jW2+eBjw5E0r0KwuXCTKFqxqaNJVMxeERLPptxrN0BuOHDOyY2HYEdYF
ciV+OzzckOUROUESTEkcOVgC/M0aA+IjVt40hzk0uxP1TuHaDhHCK9crKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK9/aIYPzWU4BO77WBVRz0U6AM7gMB8GA1UdIwQY
MBaAFF6NB7RffYMSTJ+MD6wDvsAkaLN+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG8wSHRGOTlneEpNbjR3UHJBTy13Q1JvczM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9hMTY4ZTktZDA3MC00NGUwLTk0YTQt
NmM4ZmQ4NGJiNWY1LzEvcjM5b2hnX05aVGdFN3Z0WUZWSFBSVG9BenVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9hMTY4ZTktZDA3MC00NGUwLTk0YTQtNmM4ZmQ4NGJiNWY1
LzEvWG8wSHRGOTlneEpNbjR3UHJBTy13Q1JvczM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLQ9qMA0G
CSqGSIb3DQEBCwUAA4IBAQC42u7a76caHiLILr7lameii/lBI4ohZqG63j/MBoBr
jSOAZahKoSJdDkrj5Z3214eaL+Q5H12OzrBQ/S0CLVlngFKO4ft3flMI8UpZLsQX
6PA3Tq5ftHdxdEarDtKRKvbIfWq1hw1jNpI5yWYkCLxfvgDa8ffYqiJkhGXklB76
KbLJqZitrm/ZnsKztvtdRogIu+f9aiiwUANM+E5NEHXElY+D1KnAK18Wig3bJl8I
CEmPdFZlX6zn7E9/C0Av+zenumnFRRBqkuOq7N+GCyRkMYV+E1otqPWpWO0pAwEE
oDnzbH+i/lY4PD/3UtsCtaUJ5QVaCnW6pqq7RvSKrZ4p
-----END CERTIFICATE-----
Generated at Wed Feb 5 15:53:31 2025 by rpki-client