Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/AOzgmFptP-TTohv3IqoDSstHBco.roa
File: AOzgmFptP-TTohv3IqoDSstHBco.roa (raw, json)
Hash identifier: E03eZxbf/EuXdLKDt7qVPONNosnX3JMcim9Rf3ahviw=
Subject key identifier: 00:EC:E0:98:5A:6D:3F:E4:D3:A2:1B:F7:22:AA:03:4A:CB:47:05:CA
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 0194221FF30477A46B3CEA57BF0C0BEE1159
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/AOzgmFptP-TTohv3IqoDSstHBco.roa
Signing time: Wed 01 Jan 2025 13:48:26 +0000
ROA not before: Wed 01 Jan 2025 13:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202592
IP address blocks: 45.12.100.0/22 maxlen: 24
185.96.56.0/22 maxlen: 24
185.136.16.0/22 maxlen: 24
2a05:ff00::/29 maxlen: 48
2a07:5b40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 21:19:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:f3:04:77:a4:6b:3c:ea:57:bf:0c:0b:ee:11:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Jan 1 13:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00ece0985a6d3fe4d3a21bf722aa034acb4705ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f2:1a:92:56:97:e1:a1:3a:a9:9b:db:f4:6c:
f6:17:26:92:98:97:6d:fe:0d:f7:a7:8a:09:66:77:
4f:ce:1a:a9:1a:05:89:a0:ce:e8:d8:f7:16:bc:03:
a8:e1:60:74:ee:52:9f:3b:ff:88:33:e7:94:07:90:
0b:6c:37:2e:77:4e:47:ed:25:cc:b6:9b:a6:5a:ac:
5d:a9:16:8a:1d:56:5f:8d:3b:b4:28:a5:49:69:43:
f8:f6:15:e3:03:58:00:4d:8e:a7:02:9d:5d:92:f1:
8e:1e:7d:5c:f1:25:21:8c:79:1e:1e:4a:db:4c:06:
1a:d5:5f:56:e0:2c:23:87:5d:98:33:c8:45:d8:c8:
a1:6a:6d:e6:e3:1a:19:6b:9b:81:ef:8b:52:25:f7:
59:99:03:b9:05:40:12:5d:ff:80:bf:92:58:09:ca:
05:b4:26:57:e7:3d:1a:e6:fd:6a:dc:7f:ce:79:5d:
1f:3a:cf:2e:f3:8f:0c:6f:84:93:94:d8:13:d6:47:
00:53:0f:1f:bb:d0:d9:04:31:ac:5b:2e:d7:93:36:
5b:ef:ba:38:0a:2c:13:d3:70:0c:d2:25:8d:9d:bc:
b8:69:9f:12:20:1e:07:38:09:da:b2:9e:2e:f4:f6:
df:9d:0e:5b:3e:08:eb:7b:4b:37:6c:74:73:ba:05:
07:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:EC:E0:98:5A:6D:3F:E4:D3:A2:1B:F7:22:AA:03:4A:CB:47:05:CA
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/AOzgmFptP-TTohv3IqoDSstHBco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.100.0/22
185.96.56.0/22
185.136.16.0/22
IPv6:
2a05:ff00::/29
2a07:5b40::/29
Signature Algorithm: sha256WithRSAEncryption
5e:4e:1e:08:9d:82:28:bf:da:81:ec:0a:82:9d:a3:cc:8e:62:
51:58:02:77:c5:61:13:f7:02:8e:d2:0d:0e:4d:a7:e6:cd:71:
ae:72:fd:86:b1:95:7b:55:6e:17:4f:2d:b4:4a:00:59:74:f6:
56:92:b1:67:62:1a:a5:b3:4e:72:e6:99:41:ac:64:7e:12:4d:
00:4a:f6:11:21:ee:30:79:5a:f3:a4:17:82:8c:a3:57:36:42:
8d:6e:20:65:99:46:ab:8c:9c:9b:74:a1:bd:55:16:e2:eb:96:
79:f9:ed:7a:54:ca:f4:f1:dc:ef:77:c7:09:de:d4:ab:6d:68:
9a:02:b7:ce:a2:f6:7f:5e:1e:03:f6:98:f3:62:27:7f:ef:8d:
4e:fe:0d:f7:17:ed:3a:b1:7e:eb:2f:4b:db:45:c9:ed:7d:f5:
3c:cb:ca:2c:67:74:7a:9e:6d:52:03:f3:4a:95:da:8e:c0:fa:
f6:c9:6f:fa:58:c8:5d:f8:3d:d4:8c:eb:a4:64:b3:4f:9c:e8:
8f:14:81:a7:42:0b:1c:2d:b2:dd:50:1c:d6:25:56:e9:66:92:
a8:50:33:c4:3c:8b:1f:d9:6a:40:0e:66:f2:94:39:72:6d:3a:
9d:c2:cd:62:07:14:01:12:b8:59:2c:21:c5:0a:09:a6:60:05:
99:8c:27:b6
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQiH/MEd6RrPOpXvwwL7hFZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjUwMTAxMTM0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGVjZTA5ODVhNmQzZmU0ZDNhMjFiZjcyMmFhMDM0YWNiNDcwNWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPIaklaX4aE6qZvb9Gz2FyaSmJdt
/g33p4oJZndPzhqpGgWJoM7o2PcWvAOo4WB07lKfO/+IM+eUB5ALbDcud05H7SXM
tpumWqxdqRaKHVZfjTu0KKVJaUP49hXjA1gATY6nAp1dkvGOHn1c8SUhjHkeHkrb
TAYa1V9W4Cwjh12YM8hF2Miham3m4xoZa5uB74tSJfdZmQO5BUASXf+Av5JYCcoF
tCZX5z0a5v1q3H/OeV0fOs8u848Mb4STlNgT1kcAUw8fu9DZBDGsWy7XkzZb77o4
CiwT03AM0iWNnby4aZ8SIB4HOAnasp4u9PbfnQ5bPgjre0s3bHRzugUHHwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFADs4JhabT/k06Ib9yKqA0rLRwXKMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvQU96Z21GcHRQLVRUb2h2M0lxb0RTc3RIQmNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCLQxkAwQC
uWA4AwQCuYgQMBQEAgACMA4DBQMqBf8AAwUDKgdbQDANBgkqhkiG9w0BAQsFAAOC
AQEAXk4eCJ2CKL/agewKgp2jzI5iUVgCd8VhE/cCjtINDk2n5s1xrnL9hrGVe1Vu
F08ttEoAWXT2VpKxZ2IapbNOcuaZQaxkfhJNAEr2ESHuMHla86QXgoyjVzZCjW4g
ZZlGq4ycm3ShvVUW4uuWefntelTK9PHc73fHCd7Uq21omgK3zqL2f14eA/aY82In
f++NTv4N9xftOrF+6y9L20XJ7X31PMvKLGd0ep5tUgPzSpXajsD69slv+ljIXfg9
1IzrpGSzT5zojxSBp0ILHC2y3VAc1iVW6WaSqFAzxDyLH9lqQA5m8pQ5cm06ncLN
YgcUARK4WSwhxQoJpmAFmYwntg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:43:31 2025 by rpki-client