Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/b30916-2125-4a4f-9a36-2641975443ff/1/fOUkBLPvgdmMw3qOCphjRq4t0eY.roa
File: fOUkBLPvgdmMw3qOCphjRq4t0eY.roa (raw, json)
Hash identifier: r4VQRSy7Gza9d4nweiTC6bFhiBWBCqInaEx5ZdTsmu8=
Subject key identifier: 7C:E5:24:04:B3:EF:81:D9:8C:C3:7A:8E:0A:98:63:46:AE:2D:D1:E6
Certificate issuer: /CN=cb4ed88c5bfbc2b956fcbb30d14e832bdbb9610d
Certificate serial: 01942444F1214FB5D0FF954C2CFECA819143
Authority key identifier: CB:4E:D8:8C:5B:FB:C2:B9:56:FC:BB:30:D1:4E:83:2B:DB:B9:61:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y07YjFv7wrlW_Lsw0U6DK9u5YQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/b30916-2125-4a4f-9a36-2641975443ff/1/fOUkBLPvgdmMw3qOCphjRq4t0eY.roa
Signing time: Wed 01 Jan 2025 23:48:05 +0000
ROA not before: Wed 01 Jan 2025 23:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25431
IP address blocks: 45.10.48.0/24 maxlen: 24
217.24.16.0/20 maxlen: 20
217.24.16.0/22 maxlen: 22
217.24.20.0/22 maxlen: 22
217.24.24.0/22 maxlen: 22
217.24.28.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/b30916-2125-4a4f-9a36-2641975443ff/1/y07YjFv7wrlW_Lsw0U6DK9u5YQ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/b30916-2125-4a4f-9a36-2641975443ff/1/y07YjFv7wrlW_Lsw0U6DK9u5YQ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/y07YjFv7wrlW_Lsw0U6DK9u5YQ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:f1:21:4f:b5:d0:ff:95:4c:2c:fe:ca:81:91:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb4ed88c5bfbc2b956fcbb30d14e832bdbb9610d
Validity
Not Before: Jan 1 23:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ce52404b3ef81d98cc37a8e0a986346ae2dd1e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:b7:b9:80:0c:92:fa:ae:d9:34:24:5e:3c:57:
e2:4b:4a:1f:2b:08:1a:8c:76:8c:16:ec:c9:15:df:
82:fa:a8:ad:17:8e:93:f9:d0:e5:9b:95:d0:d1:f5:
66:30:f1:92:54:58:11:72:6a:d2:55:18:3a:4f:86:
7e:28:b7:35:d3:4d:92:2f:ca:eb:87:8c:40:67:62:
61:6c:2b:cd:06:52:cf:76:48:da:36:a5:9f:7a:7c:
c8:6e:35:2d:91:aa:62:61:e6:58:6a:f1:12:4c:51:
5b:26:df:c9:ae:db:52:87:7f:66:db:76:ea:66:13:
29:95:e5:5e:ae:92:38:ac:75:87:83:78:d9:4a:6f:
76:40:25:c9:e5:f2:86:46:82:ac:59:7c:36:bd:d5:
2e:4c:10:36:c6:56:c3:55:ae:ad:ed:a6:59:8b:e3:
13:e1:25:60:d3:8c:4e:c6:cc:06:5d:fd:75:80:3b:
c8:81:36:98:24:23:18:81:f1:cf:57:1f:d6:66:8d:
2c:86:c9:2d:e7:ce:0f:98:79:37:6b:f5:7f:61:58:
04:a0:a4:ec:ab:02:b5:e4:f2:c3:b8:46:d0:5d:a4:
5f:e3:43:6a:91:b0:ce:af:ca:04:5e:9b:5d:20:08:
88:40:b9:ac:2e:13:20:87:30:a2:aa:7a:aa:1d:51:
1e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:E5:24:04:B3:EF:81:D9:8C:C3:7A:8E:0A:98:63:46:AE:2D:D1:E6
X509v3 Authority Key Identifier:
keyid:CB:4E:D8:8C:5B:FB:C2:B9:56:FC:BB:30:D1:4E:83:2B:DB:B9:61:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y07YjFv7wrlW_Lsw0U6DK9u5YQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/b30916-2125-4a4f-9a36-2641975443ff/1/fOUkBLPvgdmMw3qOCphjRq4t0eY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/b30916-2125-4a4f-9a36-2641975443ff/1/y07YjFv7wrlW_Lsw0U6DK9u5YQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.48.0/24
217.24.16.0/20
Signature Algorithm: sha256WithRSAEncryption
78:04:18:7b:87:29:af:a9:d9:e2:c0:b7:cf:90:98:fd:ac:75:
d0:17:73:7c:52:49:6b:1a:59:71:9e:12:c5:9c:36:fe:8d:21:
19:58:71:d1:cb:da:0a:be:aa:ab:89:a2:d9:3c:c5:14:2b:8f:
28:d5:a0:4c:9f:0e:94:f1:d2:52:fd:a3:dd:ae:8a:06:96:28:
cc:8e:fe:15:db:b6:5b:b0:ef:35:38:1e:e7:c4:f5:6a:3b:3b:
c1:ba:83:0f:50:af:49:ac:81:41:20:34:70:c9:b2:55:ca:dc:
90:d3:ca:32:7e:0b:07:77:0b:a3:30:9d:68:83:76:3a:70:9a:
ea:18:b2:22:d1:a1:3f:d0:ee:fa:c2:73:31:b6:a9:42:e1:c4:
05:91:27:73:3d:d5:70:8f:a6:7f:bd:98:71:98:c6:16:cd:13:
1d:42:74:3d:97:af:25:e0:54:9f:17:17:51:b8:47:88:4a:5b:
45:cd:17:cd:ca:fa:53:8a:86:f6:67:07:d2:b7:06:0c:cb:be:
2f:1e:37:58:bf:fc:cc:da:a2:27:f2:94:83:87:34:7b:c8:3a:
10:f4:53:c8:60:85:ae:ef:c6:9e:36:8b:96:b3:5f:d5:04:94:
6f:57:a2:c3:f1:aa:f6:c3:6c:09:32:6b:d0:92:c3:7c:77:db:
7c:95:e8:2a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQkRPEhT7XQ/5VMLP7KgZFDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNGVkODhjNWJmYmMyYjk1NmZjYmIzMGQxNGU4MzJiZGJi
OTYxMGQwHhcNMjUwMTAxMjM0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2U1MjQwNGIzZWY4MWQ5OGNjMzdhOGUwYTk4NjM0NmFlMmRkMWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7e5gAyS+q7ZNCRePFfiS0ofKwga
jHaMFuzJFd+C+qitF46T+dDlm5XQ0fVmMPGSVFgRcmrSVRg6T4Z+KLc1002SL8rr
h4xAZ2JhbCvNBlLPdkjaNqWfenzIbjUtkapiYeZYavESTFFbJt/JrttSh39m23bq
ZhMpleVerpI4rHWHg3jZSm92QCXJ5fKGRoKsWXw2vdUuTBA2xlbDVa6t7aZZi+MT
4SVg04xOxswGXf11gDvIgTaYJCMYgfHPVx/WZo0shskt584PmHk3a/V/YVgEoKTs
qwK15PLDuEbQXaRf40NqkbDOr8oEXptdIAiIQLmsLhMghzCiqnqqHVEeCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHzlJASz74HZjMN6jgqYY0auLdHmMB8GA1UdIwQY
MBaAFMtO2Ixb+8K5Vvy7MNFOgyvbuWENMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTA3WWpGdjd3cmxXX0xzdzBVNkRLOXU1WVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9iMzA5MTYtMjEyNS00YTRmLTlhMzYt
MjY0MTk3NTQ0M2ZmLzEvZk9Va0JMUHZnZG1NdzNxT0NwaGpScTR0MGVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9iMzA5MTYtMjEyNS00YTRmLTlhMzYtMjY0MTk3NTQ0M2Zm
LzEveTA3WWpGdjd3cmxXX0xzdzBVNkRLOXU1WVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQowAwQE
2RgQMA0GCSqGSIb3DQEBCwUAA4IBAQB4BBh7hymvqdniwLfPkJj9rHXQF3N8Uklr
GllxnhLFnDb+jSEZWHHRy9oKvqqriaLZPMUUK48o1aBMnw6U8dJS/aPdrooGlijM
jv4V27ZbsO81OB7nxPVqOzvBuoMPUK9JrIFBIDRwybJVytyQ08oyfgsHdwujMJ1o
g3Y6cJrqGLIi0aE/0O76wnMxtqlC4cQFkSdzPdVwj6Z/vZhxmMYWzRMdQnQ9l68l
4FSfFxdRuEeISltFzRfNyvpTiob2ZwfStwYMy74vHjdYv/zM2qIn8pSDhzR7yDoQ
9FPIYIWu78aeNouWs1/VBJRvV6LD8ar2w2wJMmvQksN8d9t8legq
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:51:22 2025 by rpki-client