Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/Slz752llKkDIwat52mz-GoJOFYI.roa
File: Slz752llKkDIwat52mz-GoJOFYI.roa (raw, json)
Hash identifier: dbK45HAD6n07ullId+lq3uCV+sCODin4ejYeTR9kFNU=
Subject key identifier: 4A:5C:FB:E7:69:65:2A:40:C8:C1:AB:79:DA:6C:FE:1A:82:4E:15:82
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 019427489D4E03DC7DC5DD28D2F83A949E04
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/Slz752llKkDIwat52mz-GoJOFYI.roa
Signing time: Thu 02 Jan 2025 13:50:57 +0000
ROA not before: Thu 02 Jan 2025 13:50:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210793
IP address blocks: 45.81.248.0/22 maxlen: 22
45.86.88.0/22 maxlen: 22
45.95.120.0/22 maxlen: 22
147.78.124.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:9d:4e:03:dc:7d:c5:dd:28:d2:f8:3a:94:9e:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 2 13:50:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a5cfbe769652a40c8c1ab79da6cfe1a824e1582
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:3d:78:14:85:97:e6:bf:0c:9b:25:24:c4:8e:
99:e0:d2:ea:c4:9c:d9:d0:a4:a6:a5:5f:e0:9d:0c:
7d:ff:65:6b:88:ba:62:b6:9e:3f:85:d8:41:fe:c5:
a7:44:3e:1a:ad:ce:be:8c:b6:fa:e2:dd:47:8b:80:
17:76:b3:2a:e1:ff:11:36:ec:96:80:c4:96:2c:da:
b1:82:d4:5d:3e:8a:fc:44:3f:65:98:e4:fe:f8:c0:
86:b5:b3:0d:d4:28:f7:d4:79:59:0d:f1:6a:b7:96:
48:ee:59:b8:1b:39:2a:a0:d6:8c:77:13:a5:ea:58:
a0:81:82:cd:b2:c0:93:3f:7e:fc:33:ea:b4:35:a4:
a8:8b:62:83:04:12:2e:17:d9:5e:2d:8e:49:58:58:
d7:ef:71:dd:4d:2d:d6:64:31:0d:39:71:7d:e6:20:
c3:81:1c:fa:87:ea:a4:ac:0a:f0:d7:7a:8d:f6:a0:
f4:c8:21:d4:5a:2b:1d:91:c6:62:76:c9:81:4a:af:
12:74:b3:31:84:8e:7d:09:0a:05:f4:5c:8c:83:05:
07:ed:56:12:d2:9f:0e:aa:45:e4:d8:34:e5:e1:7f:
ca:43:2f:cb:e4:87:12:41:ce:91:37:c1:3e:04:0a:
e7:d7:51:df:8f:38:de:2d:eb:9b:57:b3:39:a9:e9:
c2:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:5C:FB:E7:69:65:2A:40:C8:C1:AB:79:DA:6C:FE:1A:82:4E:15:82
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/Slz752llKkDIwat52mz-GoJOFYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.248.0/22
45.86.88.0/22
45.95.120.0/22
147.78.124.0/22
Signature Algorithm: sha256WithRSAEncryption
38:03:06:0e:44:12:14:b8:5b:12:33:d4:77:2e:e0:51:5a:b4:
55:92:3e:3e:bf:84:c2:d4:d0:40:ed:f7:81:c0:70:e0:51:97:
72:29:b8:d6:7a:a2:02:5a:22:ac:b1:48:03:6a:b4:cb:9d:cb:
e6:ea:0d:7a:44:f0:72:b8:37:1d:c6:38:56:75:98:f1:b1:21:
21:2e:45:eb:42:3d:bb:32:fa:af:7b:de:9b:06:cc:bd:ee:d3:
7e:f4:8c:67:b3:19:5e:4d:85:4c:f6:6e:2e:07:4d:0f:ff:75:
66:93:27:30:39:1f:75:01:23:4a:a2:f0:7a:94:ec:bb:49:19:
84:b8:a9:7a:2a:6b:fc:4a:57:ec:23:27:33:dd:cf:55:9f:d3:
9f:20:8a:9b:ba:3a:c6:e3:2d:c5:ae:b4:a2:ec:8d:48:2c:00:
1e:55:04:d4:2f:91:0d:2e:a5:fc:06:2f:c7:76:df:ec:e0:0b:
53:89:27:e6:86:ac:d4:07:7c:11:df:73:f1:4e:38:dc:48:49:
6a:10:3b:5e:38:5e:51:2d:7d:bf:fb:5c:75:91:79:44:de:71:
86:8b:e2:a1:b8:34:30:9a:17:f3:68:68:e7:79:73:17:07:37:
68:20:94:b4:74:b7:89:d8:91:71:c0:17:dc:f4:a5:59:1f:c7:
fe:cc:ad:92
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQnSJ1OA9x9xd0o0vg6lJ4EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjUwMTAyMTM1MDU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTVjZmJlNzY5NjUyYTQwYzhjMWFiNzlkYTZjZmUxYTgyNGUxNTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqz14FIWX5r8MmyUkxI6Z4NLqxJzZ
0KSmpV/gnQx9/2VriLpitp4/hdhB/sWnRD4arc6+jLb64t1Hi4AXdrMq4f8RNuyW
gMSWLNqxgtRdPor8RD9lmOT++MCGtbMN1Cj31HlZDfFqt5ZI7lm4GzkqoNaMdxOl
6liggYLNssCTP378M+q0NaSoi2KDBBIuF9leLY5JWFjX73HdTS3WZDENOXF95iDD
gRz6h+qkrArw13qN9qD0yCHUWisdkcZidsmBSq8SdLMxhI59CQoF9FyMgwUH7VYS
0p8OqkXk2DTl4X/KQy/L5IcSQc6RN8E+BArn11HfjzjeLeubV7M5qenCHQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEpc++dpZSpAyMGredps/hqCThWCMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvU2x6NzUybGxLa0RJd2F0NTJtei1Hb0pPRllJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLVH4AwQC
LVZYAwQCLV94AwQCk058MA0GCSqGSIb3DQEBCwUAA4IBAQA4AwYORBIUuFsSM9R3
LuBRWrRVkj4+v4TC1NBA7feBwHDgUZdyKbjWeqICWiKssUgDarTLncvm6g16RPBy
uDcdxjhWdZjxsSEhLkXrQj27Mvqve96bBsy97tN+9IxnsxleTYVM9m4uB00P/3Vm
kycwOR91ASNKovB6lOy7SRmEuKl6Kmv8SlfsIycz3c9Vn9OfIIqbujrG4y3FrrSi
7I1ILAAeVQTUL5ENLqX8Bi/Hdt/s4AtTiSfmhqzUB3wR33PxTjjcSElqEDteOF5R
LX2/+1x1kXlE3nGGi+KhuDQwmhfzaGjneXMXBzdoIJS0dLeJ2JFxwBfc9KVZH8f+
zK2S
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:21:57 2025 by rpki-client