Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/9f0Q6rSiXJjkh_lJREdgBWV3nxk.roa
File: 9f0Q6rSiXJjkh_lJREdgBWV3nxk.roa (raw, json)
Hash identifier: TCvx1Dq9UNFJ/C/RNxBohy4u4C9d1rsY7iM9ireTjM8=
Subject key identifier: F5:FD:10:EA:B4:A2:5C:98:E4:87:F9:49:44:47:60:05:65:77:9F:19
Certificate issuer: /CN=098643201a2aa24a0b877a3adfca7a892047dbfc
Certificate serial: 019420682C55C8E472C8FB3C18DF4045B99D
Authority key identifier: 09:86:43:20:1A:2A:A2:4A:0B:87:7A:3A:DF:CA:7A:89:20:47:DB:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/9f0Q6rSiXJjkh_lJREdgBWV3nxk.roa
Signing time: Wed 01 Jan 2025 05:48:05 +0000
ROA not before: Wed 01 Jan 2025 05:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58243
IP address blocks: 45.14.96.0/22 maxlen: 22
185.84.120.0/22 maxlen: 22
193.163.169.0/24 maxlen: 24
2a03:70e0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.mft
rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 17:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:2c:55:c8:e4:72:c8:fb:3c:18:df:40:45:b9:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=098643201a2aa24a0b877a3adfca7a892047dbfc
Validity
Not Before: Jan 1 05:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f5fd10eab4a25c98e487f9494447600565779f19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:5c:a1:02:f7:63:b2:d1:95:b1:4b:9c:cd:72:
79:6c:8e:21:3b:80:e6:dc:94:f3:36:41:25:ec:9b:
07:1d:9f:1b:ed:be:40:d8:ac:cd:ec:21:a3:11:cf:
6d:84:05:0f:8c:86:70:16:c0:31:52:69:2f:21:fd:
de:a2:06:48:ca:a5:d0:6c:68:1d:5a:9b:82:fa:78:
fa:60:8c:e6:b5:bd:4f:27:83:8f:68:12:c0:32:db:
d5:fb:1c:7d:8b:4d:c8:b9:49:0c:32:53:4c:f9:db:
43:d6:84:26:2a:86:98:e5:e7:0e:4c:bb:be:18:ce:
66:f7:14:b0:98:31:8e:87:fa:31:be:7b:4f:fa:3a:
9b:84:39:1e:0c:ba:4a:b4:f0:02:29:19:d9:39:d2:
68:55:2f:49:d2:bb:79:8a:0b:3a:63:18:d4:bd:ff:
5b:e8:97:af:dc:b4:df:91:ac:90:51:b2:20:7e:6b:
65:20:6b:c7:db:c8:a7:56:33:8e:18:21:d7:20:47:
ff:21:a1:b9:3c:93:a5:67:05:88:3b:bc:10:93:dd:
04:49:f2:02:15:87:88:3e:c5:9d:5f:6d:23:87:32:
c0:89:e4:d2:50:bf:0a:c0:a4:7b:97:f6:dc:03:34:
98:e4:86:31:88:b8:62:ac:4f:40:3e:dc:02:56:39:
ad:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:FD:10:EA:B4:A2:5C:98:E4:87:F9:49:44:47:60:05:65:77:9F:19
X509v3 Authority Key Identifier:
keyid:09:86:43:20:1A:2A:A2:4A:0B:87:7A:3A:DF:CA:7A:89:20:47:DB:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CYZDIBoqokoLh3o638p6iSBH2_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/9f0Q6rSiXJjkh_lJREdgBWV3nxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/2d7f4c-c3d5-4557-93c4-78bfd24cf107/1/CYZDIBoqokoLh3o638p6iSBH2_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.96.0/22
185.84.120.0/22
193.163.169.0/24
IPv6:
2a03:70e0::/32
Signature Algorithm: sha256WithRSAEncryption
8c:a5:4e:0e:88:65:28:10:70:e8:97:6e:20:95:26:63:05:db:
23:18:42:e1:a3:f0:03:8b:cf:ad:95:24:98:3a:5c:66:79:fb:
4c:cb:55:90:f7:44:28:16:9a:ef:50:c0:9a:8f:00:92:5f:01:
e8:62:f1:08:10:4e:ef:e3:92:08:b5:9c:c1:50:b6:8a:da:73:
0d:36:d1:4c:70:f5:12:f4:62:65:bc:e0:46:c8:bc:1a:6f:b2:
1b:85:de:5b:11:fc:2e:1f:d1:52:ed:f1:30:20:09:74:e8:b7:
0c:07:3e:d9:9d:bf:51:d6:4c:3c:15:db:28:29:7c:26:20:fd:
92:d9:6d:13:f2:55:29:11:f2:e6:4a:8d:dd:98:f2:f8:7b:fc:
cf:07:75:cf:db:10:24:c3:11:37:cc:fc:cf:ff:0a:16:29:5a:
43:70:9c:04:fc:c7:82:ac:76:a8:e2:c2:52:4d:1d:05:01:92:
a2:ad:81:03:b5:5f:a7:db:37:da:98:20:31:ab:66:25:22:b1:
75:d7:7c:48:64:24:24:24:a7:e5:f3:47:bb:b5:28:7e:cc:39:
91:99:c1:f0:28:35:f4:c5:bc:09:4f:ce:f9:41:70:b5:55:30:
b8:a6:85:b6:41:ba:0b:f7:06:d9:b8:6d:03:89:47:68:d4:79:
b5:47:4b:30
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQgaCxVyORyyPs8GN9ARbmdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ODY0MzIwMWEyYWEyNGEwYjg3N2EzYWRmY2E3YTg5MjA0
N2RiZmMwHhcNMjUwMTAxMDU0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWZkMTBlYWI0YTI1Yzk4ZTQ4N2Y5NDk0NDQ3NjAwNTY1Nzc5ZjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3FyhAvdjstGVsUuczXJ5bI4hO4Dm
3JTzNkEl7JsHHZ8b7b5A2KzN7CGjEc9thAUPjIZwFsAxUmkvIf3eogZIyqXQbGgd
WpuC+nj6YIzmtb1PJ4OPaBLAMtvV+xx9i03IuUkMMlNM+dtD1oQmKoaY5ecOTLu+
GM5m9xSwmDGOh/oxvntP+jqbhDkeDLpKtPACKRnZOdJoVS9J0rt5igs6YxjUvf9b
6Jev3LTfkayQUbIgfmtlIGvH28inVjOOGCHXIEf/IaG5PJOlZwWIO7wQk90ESfIC
FYeIPsWdX20jhzLAieTSUL8KwKR7l/bcAzSY5IYxiLhirE9APtwCVjmtCwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPX9EOq0olyY5If5SURHYAVld58ZMB8GA1UdIwQY
MBaAFAmGQyAaKqJKC4d6Ot/KeokgR9v8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1laRElCb3Fva29MaDNvNjM4cDZpU0JIMl93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8yZDdmNGMtYzNkNS00NTU3LTkzYzQt
NzhiZmQyNGNmMTA3LzEvOWYwUTZyU2lYSmpraF9sSlJFZGdCV1YzbnhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8yZDdmNGMtYzNkNS00NTU3LTkzYzQtNzhiZmQyNGNmMTA3
LzEvQ1laRElCb3Fva29MaDNvNjM4cDZpU0JIMl93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLQ5gAwQC
uVR4AwQAwaOpMA0EAgACMAcDBQAqA3DgMA0GCSqGSIb3DQEBCwUAA4IBAQCMpU4O
iGUoEHDol24glSZjBdsjGELho/ADi8+tlSSYOlxmeftMy1WQ90QoFprvUMCajwCS
XwHoYvEIEE7v45IItZzBULaK2nMNNtFMcPUS9GJlvOBGyLwab7Ibhd5bEfwuH9FS
7fEwIAl06LcMBz7Znb9R1kw8FdsoKXwmIP2S2W0T8lUpEfLmSo3dmPL4e/zPB3XP
2xAkwxE3zPzP/woWKVpDcJwE/MeCrHao4sJSTR0FAZKirYEDtV+n2zfamCAxq2Yl
IrF113xIZCQkJKfl80e7tSh+zDmRmcHwKDX0xbwJT875QXC1VTC4poW2QboL9wbZ
uG0DiUdo1Hm1R0sw
-----END CERTIFICATE-----
Generated at Mon Apr 14 01:09:24 2025 by rpki-client