Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/1-DCahpulJuiQi8zdfIBNVSBP_a0.roa
File: 1-DCahpulJuiQi8zdfIBNVSBP_a0.roa (raw, json)
Hash identifier: nTSeDU5/i/b0oztZzrG2CtOkwm9ZNipV4GkBR8TKl3w=
Subject key identifier: F8:30:9A:86:9B:A5:26:E8:90:8B:CC:DD:7C:80:4D:55:20:4F:FD:AD
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 019422FB5F6E67A3D60C94DF0A4C165005F5
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/1-DCahpulJuiQi8zdfIBNVSBP_a0.roa
Signing time: Wed 01 Jan 2025 17:48:06 +0000
ROA not before: Wed 01 Jan 2025 17:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41745
IP address blocks: 45.89.63.0/24 maxlen: 32
45.144.232.0/24 maxlen: 32
45.144.233.0/24 maxlen: 32
45.144.234.0/24 maxlen: 32
45.144.235.0/24 maxlen: 32
138.124.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.mft
rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 05:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:5f:6e:67:a3:d6:0c:94:df:0a:4c:16:50:05:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Jan 1 17:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f8309a869ba526e8908bccdd7c804d55204ffdad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:07:40:8f:b8:a8:64:36:e0:4a:28:85:c4:b1:
94:ee:f3:b6:a5:e9:5b:0f:b3:1f:4a:57:0e:84:1f:
92:c1:f9:ae:53:5d:9b:e8:43:33:9b:39:2a:8a:ac:
2b:3d:90:16:eb:86:bc:b2:60:87:7c:9b:31:63:da:
f2:54:7c:92:ad:b3:2c:fe:f6:1a:75:12:77:c2:a7:
8e:35:da:51:3a:67:c0:14:4b:bc:5c:54:5c:7f:67:
69:48:da:06:0e:cc:f2:22:ff:b8:36:1e:f3:fb:81:
cb:d0:48:9e:53:98:9c:f1:bf:5b:86:64:92:bc:4b:
e8:ca:7a:b6:ab:44:dd:5f:29:ab:50:d3:a6:a9:44:
74:49:2a:76:27:3d:72:72:ee:4c:89:f1:ad:b4:dd:
09:7f:5a:0a:28:e1:09:90:0e:db:61:21:8d:08:c9:
17:e8:f7:2c:ee:77:d2:82:d8:bc:2d:00:b4:83:9a:
e8:4e:6e:76:5c:c1:d3:55:74:c6:4f:b8:6d:49:26:
18:6a:9c:c3:ad:c4:b2:ca:04:1c:36:3e:6f:75:b6:
dd:1c:05:91:40:26:86:4c:08:92:f5:d5:89:7e:56:
51:0d:7c:21:dd:35:6a:7e:89:8b:90:2b:4d:3c:3c:
0e:a5:48:56:88:f9:1b:ba:fe:40:cb:e8:34:ff:e3:
38:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:30:9A:86:9B:A5:26:E8:90:8B:CC:DD:7C:80:4D:55:20:4F:FD:AD
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/1-DCahpulJuiQi8zdfIBNVSBP_a0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.63.0/24
45.144.232.0/22
138.124.182.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:20:48:a2:58:ca:34:ad:56:f2:4f:6f:00:95:0f:f7:0a:f6:
a5:9a:d5:22:68:9c:10:d7:bb:e2:77:eb:60:e9:73:a7:cd:07:
5e:c4:c3:e8:34:96:8d:1e:ba:3c:f6:5a:56:de:99:2d:31:3c:
82:e0:09:d6:a1:67:42:e6:af:a3:5b:11:bd:a8:1f:99:e1:21:
c8:15:2e:35:34:77:b7:3c:25:d4:0b:3e:88:b6:5c:ff:6b:34:
3c:00:79:03:24:1d:d4:49:21:24:a8:af:27:8a:95:bb:3e:79:
43:4b:fd:4a:c0:3a:c4:a7:da:7c:6c:2d:97:27:27:a6:ad:0a:
49:01:44:23:a5:b5:e9:7d:a4:48:b7:94:95:9a:3e:b9:c9:bd:
d9:77:6e:ec:19:36:57:3d:73:fc:b0:d8:dd:a8:bf:24:16:21:
55:c2:e5:79:f6:b0:03:c8:da:00:2d:e6:e6:ee:71:9d:31:2c:
54:7c:e7:66:41:74:39:a9:60:54:89:6a:d9:8d:cb:b5:34:40:
00:b8:89:f5:97:82:41:4d:8c:73:9b:da:76:ae:f4:1a:9e:1c:
5e:5c:06:6c:53:87:34:91:fd:90:38:b9:18:83:9d:41:b4:6b:
73:0d:7b:24:19:cc:65:df:91:04:94:4c:7a:9c:31:60:bd:d2:
d3:b2:b2:8f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQi+19uZ6PWDJTfCkwWUAX1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjUwMTAxMTc0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODMwOWE4NjliYTUyNmU4OTA4YmNjZGQ3YzgwNGQ1NTIwNGZmZGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQdAj7ioZDbgSiiFxLGU7vO2pelb
D7MfSlcOhB+SwfmuU12b6EMzmzkqiqwrPZAW64a8smCHfJsxY9ryVHySrbMs/vYa
dRJ3wqeONdpROmfAFEu8XFRcf2dpSNoGDszyIv+4Nh7z+4HL0EieU5ic8b9bhmSS
vEvoynq2q0TdXymrUNOmqUR0SSp2Jz1ycu5MifGttN0Jf1oKKOEJkA7bYSGNCMkX
6Pcs7nfSgti8LQC0g5roTm52XMHTVXTGT7htSSYYapzDrcSyygQcNj5vdbbdHAWR
QCaGTAiS9dWJflZRDXwh3TVqfomLkCtNPDwOpUhWiPkbuv5Ay+g0/+M4GwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPgwmoabpSbokIvM3XyATVUgT/2tMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvMS1EQ2FocHVsSnVpUWk4emRmSUJOVlNCUF9hMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjUvMzBkYzg1LTJkZDgtNGIxYy1iMTUxLTRiZDYzYWRjNzM1
NC8xL3Y0UVJOVVhaQUFkZzltQmlwQ0laTTZMcFdkZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAC1ZPwME
Ai2Q6AMEAIp8tjANBgkqhkiG9w0BAQsFAAOCAQEAjyBIoljKNK1W8k9vAJUP9wr2
pZrVImicENe74nfrYOlzp80HXsTD6DSWjR66PPZaVt6ZLTE8guAJ1qFnQuavo1sR
vagfmeEhyBUuNTR3tzwl1As+iLZc/2s0PAB5AyQd1EkhJKivJ4qVuz55Q0v9SsA6
xKfafGwtlycnpq0KSQFEI6W16X2kSLeUlZo+ucm92Xdu7Bk2Vz1z/LDY3ai/JBYh
VcLlefawA8jaAC3m5u5xnTEsVHznZkF0OalgVIlq2Y3LtTRAALiJ9ZeCQU2Mc5va
dq70Gp4cXlwGbFOHNJH9kDi5GIOdQbRrcw17JBnMZd+RBJRMepwxYL3S07Kyjw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:51:38 2025 by rpki-client