Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/otL3ipoFuqjiEEcYGbzvm0cmCRM.roa
File: otL3ipoFuqjiEEcYGbzvm0cmCRM.roa (raw, json)
Hash identifier: Hm7+wNRiAkfLjuC5gLUOglUK3bjHw41+C5XDlTTqhx0=
Subject key identifier: A2:D2:F7:8A:9A:05:BA:A8:E2:10:47:18:19:BC:EF:9B:47:26:09:13
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 0195D3FC6B2936C85E075E6307C31FFBEAC4
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/otL3ipoFuqjiEEcYGbzvm0cmCRM.roa
Signing time: Wed 26 Mar 2025 19:44:49 +0000
ROA not before: Wed 26 Mar 2025 19:44:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213535
IP address blocks: 45.67.139.0/24 maxlen: 24
185.117.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d3:fc:6b:29:36:c8:5e:07:5e:63:07:c3:1f:fb:ea:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Mar 26 19:44:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2d2f78a9a05baa8e210471819bcef9b47260913
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e6:94:90:7f:76:3b:30:4c:5a:39:27:f4:83:
bf:5b:ca:2e:5c:81:6a:ab:06:c6:fc:55:3d:1e:e6:
b5:eb:fc:7b:ec:1a:c6:f3:07:94:b8:cf:6d:a4:6d:
ad:3b:74:52:70:23:c1:7f:f6:64:8e:e5:32:2d:8f:
22:1c:6b:13:a3:c7:20:c1:8c:b4:4d:fa:13:fd:41:
7d:66:e9:2f:36:09:46:65:ee:55:05:f0:22:2f:bd:
99:cb:d0:1d:cd:40:2d:07:85:98:ae:e2:7f:1e:b4:
89:0f:5f:d0:aa:c4:cd:99:a7:26:fd:8a:14:e1:dd:
9b:42:cc:04:57:2e:19:02:f0:fa:9f:33:ee:04:b5:
7d:22:7c:28:ec:5c:9b:b8:92:ba:8e:34:4d:5d:d7:
a0:1b:34:bd:a1:84:2d:fc:3a:e4:c5:16:55:ee:0b:
b3:09:7b:c7:ff:df:38:5e:f5:05:54:fb:7b:e4:46:
ba:c3:d3:36:56:01:5e:b2:c4:94:8f:db:6a:c1:5c:
fd:f2:6f:07:70:16:92:7b:3b:38:d0:ed:b6:b4:00:
c1:c5:c2:d1:44:ad:de:60:29:70:19:a0:ca:1e:f6:
13:2d:61:4f:7c:87:32:9a:4a:fc:41:05:10:ce:8c:
67:f8:94:47:df:d0:c3:4c:68:e4:bc:a2:7c:ad:be:
5e:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:D2:F7:8A:9A:05:BA:A8:E2:10:47:18:19:BC:EF:9B:47:26:09:13
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/otL3ipoFuqjiEEcYGbzvm0cmCRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.139.0/24
185.117.0.0/24
Signature Algorithm: sha256WithRSAEncryption
81:ed:32:4b:da:4f:4c:93:08:00:d9:93:8f:e0:47:f5:dd:af:
5f:1a:24:db:38:8b:e0:4f:b8:fd:7a:3a:6a:19:b7:f2:08:bf:
e9:2e:52:c2:7f:b4:6a:b4:af:aa:25:be:4d:7e:91:03:82:ba:
e9:f8:1d:9a:f8:64:c1:a0:e0:ab:27:2e:c6:2e:2e:1f:ad:08:
ac:62:41:85:be:27:00:23:f8:78:71:4f:7b:c6:98:23:97:33:
e1:1a:cc:87:13:58:61:01:a7:99:e4:6b:43:7c:27:a3:62:81:
9c:42:43:b0:90:fc:7d:c6:73:ea:1f:29:96:f1:5d:d6:35:7e:
fc:ce:ff:66:7a:cd:20:52:08:2d:f2:1d:dc:2c:3c:4e:65:31:
2a:52:97:93:8c:52:aa:41:d6:3e:e1:24:0f:d5:7c:2e:2c:fa:
af:34:a5:3c:a1:ef:37:f1:1d:23:56:82:14:ff:cd:72:8a:c7:
ef:8c:39:2a:58:b2:ac:02:3b:07:0d:a6:85:9c:b9:a0:49:c6:
4f:21:08:dd:cb:3e:7a:44:bf:e7:cf:48:e7:0e:da:32:6c:1d:
7a:fa:a0:fc:ab:d3:51:8d:53:e1:62:8f:7a:7a:e9:75:50:9b:
00:f4:e5:57:f6:40:28:5e:13:32:70:74:d0:ef:69:47:1f:14:
a9:30:91:f3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZXT/GspNsheB15jB8Mf++rEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjUwMzI2MTk0NDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmQyZjc4YTlhMDViYWE4ZTIxMDQ3MTgxOWJjZWY5YjQ3MjYwOTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxuaUkH92OzBMWjkn9IO/W8ouXIFq
qwbG/FU9Hua16/x77BrG8weUuM9tpG2tO3RScCPBf/ZkjuUyLY8iHGsTo8cgwYy0
TfoT/UF9ZukvNglGZe5VBfAiL72Zy9AdzUAtB4WYruJ/HrSJD1/QqsTNmacm/YoU
4d2bQswEVy4ZAvD6nzPuBLV9Inwo7FybuJK6jjRNXdegGzS9oYQt/DrkxRZV7guz
CXvH/984XvUFVPt75Ea6w9M2VgFessSUj9tqwVz98m8HcBaSezs40O22tADBxcLR
RK3eYClwGaDKHvYTLWFPfIcymkr8QQUQzoxn+JRH39DDTGjkvKJ8rb5eqwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKLS94qaBbqo4hBHGBm875tHJgkTMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvb3RMM2lwb0Z1cWppRUVjWUdienZtMGNtQ1JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALUOLAwQA
uXUAMA0GCSqGSIb3DQEBCwUAA4IBAQCB7TJL2k9MkwgA2ZOP4Ef13a9fGiTbOIvg
T7j9ejpqGbfyCL/pLlLCf7RqtK+qJb5NfpEDgrrp+B2a+GTBoOCrJy7GLi4frQis
YkGFvicAI/h4cU97xpgjlzPhGsyHE1hhAaeZ5GtDfCejYoGcQkOwkPx9xnPqHymW
8V3WNX78zv9mes0gUggt8h3cLDxOZTEqUpeTjFKqQdY+4SQP1XwuLPqvNKU8oe83
8R0jVoIU/81yisfvjDkqWLKsAjsHDaaFnLmgScZPIQjdyz56RL/nz0jnDtoybB16
+qD8q9NRjVPhYo96eul1UJsA9OVX9kAoXhMycHTQ72lHHxSpMJHz
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:23:32 2025 by rpki-client