Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/HaXYrvGGq_oy2CUT-e8wmOoMg18.roa
File: HaXYrvGGq_oy2CUT-e8wmOoMg18.roa (raw, json)
Hash identifier: dLNE8jcEedbfMWuFDLIqjknh2OJKCxgk9h/Zha7YqZI=
Subject key identifier: 1D:A5:D8:AE:F1:86:AB:FA:32:D8:25:13:F9:EF:30:98:EA:0C:83:5F
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 019505B4FFD221B50E558E77B82C7FE3E50D
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/HaXYrvGGq_oy2CUT-e8wmOoMg18.roa
Signing time: Fri 14 Feb 2025 18:25:02 +0000
ROA not before: Fri 14 Feb 2025 18:25:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214383
IP address blocks: 45.81.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:05:b4:ff:d2:21:b5:0e:55:8e:77:b8:2c:7f:e3:e5:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Feb 14 18:25:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1da5d8aef186abfa32d82513f9ef3098ea0c835f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c9:39:36:35:89:b3:ad:d7:52:18:8b:d7:17:
45:c0:83:ad:15:0d:2a:21:ae:6b:97:23:9e:0e:28:
26:0c:e1:98:83:0e:41:d1:1e:c9:92:c2:ff:73:ec:
bc:bf:c4:c8:3a:99:7d:9a:54:cc:1e:74:ad:d4:36:
e9:dd:09:67:28:b0:10:47:18:ce:08:79:37:6d:9e:
a5:d5:08:67:78:c6:a5:16:68:6b:a6:d6:cd:b7:ad:
ee:b4:57:99:93:f1:62:2e:ce:91:9a:ae:bc:a1:b0:
26:27:09:ea:28:3a:de:bb:0e:48:5c:f3:1a:14:d5:
4d:cb:b9:d9:18:0d:69:a3:33:96:99:2a:e8:0b:a7:
f9:b7:3c:34:af:e0:28:7d:ba:46:9d:22:99:5d:24:
01:80:cc:4d:3c:df:e3:e3:82:49:50:85:af:4e:7d:
c6:4d:86:53:dd:39:70:e7:e3:ef:04:78:14:a5:3e:
45:24:c2:84:24:6e:1c:94:66:82:f6:90:70:61:ee:
dc:80:35:22:0f:53:bc:28:f5:85:9f:d7:94:31:48:
45:e0:ba:09:59:c2:97:5e:95:c5:a6:b0:49:6b:ec:
b1:91:45:9c:47:ec:21:c1:02:7c:2f:15:82:d5:70:
9a:3f:51:ec:4e:b0:e9:31:ce:2c:6a:34:56:f3:96:
3f:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:A5:D8:AE:F1:86:AB:FA:32:D8:25:13:F9:EF:30:98:EA:0C:83:5F
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/HaXYrvGGq_oy2CUT-e8wmOoMg18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.20.0/24
Signature Algorithm: sha256WithRSAEncryption
05:46:02:89:f3:97:aa:50:b9:63:10:d8:34:d3:a9:bb:ba:41:
2f:6f:c8:36:a6:40:fa:05:0f:21:dc:83:89:5c:1e:77:2d:29:
03:6b:a4:a3:64:89:6d:33:cd:60:f3:4f:2d:ce:26:d3:fa:4b:
0d:2d:f6:c3:85:b6:5a:d3:4e:8a:f4:09:43:75:3a:1b:c8:48:
1b:08:99:2b:eb:93:0d:ac:f8:4a:ba:b7:bb:81:b6:09:92:8b:
0d:b7:a5:8c:28:e5:6f:66:6a:78:cc:dc:ca:d5:d9:7f:5c:91:
8e:48:1f:b5:59:f8:01:86:36:92:90:37:b7:b3:68:53:03:5e:
87:c4:58:1a:ec:90:f6:fa:b9:dc:30:9f:3a:64:a3:c1:59:ce:
8f:c9:d3:92:07:02:10:c6:d6:49:f1:06:61:8d:2e:7d:7a:d6:
ec:02:3a:bb:0b:49:fb:48:7a:5e:22:94:56:b0:bf:c5:5e:33:
3e:09:72:b3:89:b7:72:c4:73:0a:62:57:29:62:bc:34:d4:2a:
c8:b1:2c:f4:d0:68:34:2c:ad:43:20:e7:bb:12:c5:e6:76:9d:
53:43:5b:7f:99:31:13:cf:ed:e5:f6:95:c1:df:cc:d2:6c:66:
b9:c6:7c:0c:53:43:29:5e:90:b8:17:6c:0c:51:ef:69:e9:8e:
91:17:43:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUFtP/SIbUOVY53uCx/4+UNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUwMjE0MTgyNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGE1ZDhhZWYxODZhYmZhMzJkODI1MTNmOWVmMzA5OGVhMGM4MzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8k5NjWJs63XUhiL1xdFwIOtFQ0q
Ia5rlyOeDigmDOGYgw5B0R7JksL/c+y8v8TIOpl9mlTMHnSt1Dbp3QlnKLAQRxjO
CHk3bZ6l1QhneMalFmhrptbNt63utFeZk/FiLs6Rmq68obAmJwnqKDreuw5IXPMa
FNVNy7nZGA1pozOWmSroC6f5tzw0r+AofbpGnSKZXSQBgMxNPN/j44JJUIWvTn3G
TYZT3Tlw5+PvBHgUpT5FJMKEJG4clGaC9pBwYe7cgDUiD1O8KPWFn9eUMUhF4LoJ
WcKXXpXFprBJa+yxkUWcR+whwQJ8LxWC1XCaP1HsTrDpMc4sajRW85Y/0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB2l2K7xhqv6MtglE/nvMJjqDINfMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvSGFYWXJ2R0dxX295MkNVVC1lOHdtT29NZzE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVEUMA0G
CSqGSIb3DQEBCwUAA4IBAQAFRgKJ85eqULljENg006m7ukEvb8g2pkD6BQ8h3IOJ
XB53LSkDa6SjZIltM81g808tzibT+ksNLfbDhbZa006K9AlDdTobyEgbCJkr65MN
rPhKure7gbYJkosNt6WMKOVvZmp4zNzK1dl/XJGOSB+1WfgBhjaSkDe3s2hTA16H
xFga7JD2+rncMJ86ZKPBWc6PydOSBwIQxtZJ8QZhjS59etbsAjq7C0n7SHpeIpRW
sL/FXjM+CXKzibdyxHMKYlcpYrw01CrIsSz00Gg0LK1DIOe7EsXmdp1TQ1t/mTET
z+3l9pXB38zSbGa5xnwMU0MpXpC4F2wMUe9p6Y6RF0Po
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:58:33 2025 by rpki-client