Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/gUnvqabgjFuZZqPEsRfFyMGXFJM.roa
File: gUnvqabgjFuZZqPEsRfFyMGXFJM.roa (raw, json)
Hash identifier: srGZ4Htu3smmiXwJeoF/K3aRLO1/y7rAki7pua611kw=
Subject key identifier: 81:49:EF:A9:A6:E0:8C:5B:99:66:A3:C4:B1:17:C5:C8:C1:97:14:93
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01944795124B9E639E98EA079F1CA06251AD
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/gUnvqabgjFuZZqPEsRfFyMGXFJM.roa
Signing time: Wed 08 Jan 2025 20:22:19 +0000
ROA not before: Wed 08 Jan 2025 20:22:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203511
IP address blocks: 45.9.30.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.151.2.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:47:95:12:4b:9e:63:9e:98:ea:07:9f:1c:a0:62:51:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 8 20:22:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8149efa9a6e08c5b9966a3c4b117c5c8c1971493
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:dc:0b:2e:ad:f1:d3:a0:ae:10:47:d1:3e:d1:
bd:9b:df:93:44:ec:ff:72:46:a0:47:42:1b:e9:82:
20:4d:0a:21:a2:d6:a1:a8:82:78:08:5d:c9:73:36:
f9:44:0c:7a:a1:9e:25:34:e9:77:5a:49:6b:7f:cf:
7d:fa:f0:c1:81:e0:5d:df:c9:d2:8a:bd:a5:67:da:
8f:46:9e:90:65:ae:f4:fd:d3:3f:91:29:49:51:7d:
b2:3b:16:da:fe:34:eb:51:20:2a:1a:3c:1c:73:b0:
a4:09:b2:77:de:5c:47:41:9a:64:d7:5e:7e:7c:d6:
e1:2a:a8:5c:31:1e:24:07:35:01:2a:08:90:95:ff:
2d:9c:0e:ef:1d:ad:11:7b:1c:5f:85:22:56:34:fb:
9c:44:c4:4e:33:50:47:09:22:b9:05:8d:21:06:6e:
24:0e:56:48:1e:dc:18:78:9f:35:f7:4d:e0:d0:c9:
c9:8f:f4:59:c3:53:a4:2c:2c:e8:d0:ed:53:0b:a9:
9c:c6:20:44:56:b6:97:5a:2b:dd:dc:11:e2:78:67:
2e:bd:7b:27:42:0c:3e:78:70:d8:09:9f:a2:81:5a:
45:76:ae:af:98:43:0b:f5:6b:7c:90:83:09:e7:09:
2b:e6:23:8f:2f:8d:63:3a:b0:df:47:40:44:a9:d1:
a1:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:49:EF:A9:A6:E0:8C:5B:99:66:A3:C4:B1:17:C5:C8:C1:97:14:93
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/gUnvqabgjFuZZqPEsRfFyMGXFJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.30.0/24
45.94.171.0/24
45.151.2.0/24
77.83.37.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:d3:21:8f:84:a5:a3:d4:01:1b:ed:4f:5f:99:6a:22:b7:bd:
72:e6:e5:55:c7:f4:3c:4f:1b:95:6d:1f:ad:d3:18:6c:80:e0:
cf:9e:19:55:59:93:a3:4f:3e:2e:5a:31:ce:03:8f:32:da:58:
e7:fd:5a:cd:d4:d8:6b:9e:db:f9:a8:4a:58:57:a8:97:fc:72:
6e:39:a3:1b:35:4f:ea:35:ce:ee:d0:2a:89:52:32:66:88:b9:
c0:04:bb:29:24:07:56:8f:99:45:22:c6:74:25:f8:54:23:3b:
4e:6a:2b:a0:36:28:8a:4a:91:62:0c:bb:a0:84:77:4b:20:71:
fe:d2:63:42:c2:93:d6:7d:6a:54:ec:ba:ea:34:1e:7f:96:8b:
de:14:c3:de:f3:f0:b5:73:16:95:ac:ed:1f:95:a6:e0:8b:1f:
26:be:57:4b:86:74:c9:01:11:86:e8:44:cd:db:5b:ea:92:5f:
4b:c7:57:ab:a3:16:f7:05:5f:38:a1:16:fb:4c:81:0a:79:ad:
1c:d2:48:cc:70:b8:18:1a:47:b7:90:32:be:26:ea:47:b6:f2:
39:76:4a:86:6b:72:3a:c6:36:bf:f1:fd:48:ca:b7:19:d3:83:
59:5d:59:ec:52:42:fb:f3:c9:a6:91:a1:99:ed:79:f1:c0:dc:
e7:69:c8:53
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZRHlRJLnmOemOoHnxygYlGtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjUwMTA4MjAyMjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTQ5ZWZhOWE2ZTA4YzViOTk2NmEzYzRiMTE3YzVjOGMxOTcxNDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydwLLq3x06CuEEfRPtG9m9+TROz/
ckagR0Ib6YIgTQohotahqIJ4CF3Jczb5RAx6oZ4lNOl3Wklrf899+vDBgeBd38nS
ir2lZ9qPRp6QZa70/dM/kSlJUX2yOxba/jTrUSAqGjwcc7CkCbJ33lxHQZpk115+
fNbhKqhcMR4kBzUBKgiQlf8tnA7vHa0RexxfhSJWNPucRMROM1BHCSK5BY0hBm4k
DlZIHtwYeJ81903g0MnJj/RZw1OkLCzo0O1TC6mcxiBEVraXWivd3BHieGcuvXsn
Qgw+eHDYCZ+igVpFdq6vmEML9Wt8kIMJ5wkr5iOPL41jOrDfR0BEqdGhFQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIFJ76mm4IxbmWajxLEXxcjBlxSTMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvZ1VudnFhYmdqRnVaWnFQRXNSZkZ5TUdYRkpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQkeAwQA
LV6rAwQALZcCAwQATVMlMA0GCSqGSIb3DQEBCwUAA4IBAQC60yGPhKWj1AEb7U9f
mWoit71y5uVVx/Q8TxuVbR+t0xhsgODPnhlVWZOjTz4uWjHOA48y2ljn/VrN1Nhr
ntv5qEpYV6iX/HJuOaMbNU/qNc7u0CqJUjJmiLnABLspJAdWj5lFIsZ0JfhUIztO
aiugNiiKSpFiDLughHdLIHH+0mNCwpPWfWpU7LrqNB5/loveFMPe8/C1cxaVrO0f
labgix8mvldLhnTJARGG6ETN21vqkl9Lx1eroxb3BV84oRb7TIEKea0c0kjMcLgY
Gke3kDK+JupHtvI5dkqGa3I6xja/8f1IyrcZ04NZXVnsUkL788mmkaGZ7XnxwNzn
achT
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:55:57 2025 by rpki-client