Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/e82de9-25f4-466e-9c0c-c08997a7a08f/1/ywM-ydmbzESoETxNsRnDQ6bbYxg.roa
File: ywM-ydmbzESoETxNsRnDQ6bbYxg.roa (raw, json)
Hash identifier: GmNC6UbYgSd9tbGR+GgvLCmczbY/RBGea7VtxVomphs=
Subject key identifier: CB:03:3E:C9:D9:9B:CC:44:A8:11:3C:4D:B1:19:C3:43:A6:DB:63:18
Certificate issuer: /CN=814edbd19634cbb91a0d2dafd759d4c9a7e77b7a
Certificate serial: 0195EC2A4C0EA6DE209FDF88B376BCA23D70
Authority key identifier: 81:4E:DB:D1:96:34:CB:B9:1A:0D:2D:AF:D7:59:D4:C9:A7:E7:7B:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gU7b0ZY0y7kaDS2v11nUyafne3o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/e82de9-25f4-466e-9c0c-c08997a7a08f/1/ywM-ydmbzESoETxNsRnDQ6bbYxg.roa
Signing time: Mon 31 Mar 2025 12:25:49 +0000
ROA not before: Mon 31 Mar 2025 12:25:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215403
IP address blocks: 45.92.12.0/24 maxlen: 24
45.92.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/e82de9-25f4-466e-9c0c-c08997a7a08f/1/gU7b0ZY0y7kaDS2v11nUyafne3o.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/e82de9-25f4-466e-9c0c-c08997a7a08f/1/gU7b0ZY0y7kaDS2v11nUyafne3o.mft
rsync://rpki.ripe.net/repository/DEFAULT/gU7b0ZY0y7kaDS2v11nUyafne3o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 14:20:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ec:2a:4c:0e:a6:de:20:9f:df:88:b3:76:bc:a2:3d:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=814edbd19634cbb91a0d2dafd759d4c9a7e77b7a
Validity
Not Before: Mar 31 12:25:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb033ec9d99bcc44a8113c4db119c343a6db6318
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:da:a1:f8:d8:17:f7:24:2f:73:03:ee:d8:3a:
56:51:aa:c8:ea:b1:c0:99:a4:c9:0b:6d:48:32:fc:
1d:f3:9c:f4:be:2f:38:c7:93:4b:b6:b5:e5:24:69:
a5:63:30:00:19:9d:9c:b0:01:9e:2d:49:42:c2:98:
7b:f2:ce:85:be:35:c8:f8:c2:55:a5:01:b2:1a:d4:
75:cc:b6:7d:28:26:31:e3:10:d4:da:c8:58:bf:51:
5c:28:02:93:c0:72:fa:dc:7c:de:80:c7:99:20:29:
2a:1a:06:91:19:53:55:17:4d:dc:25:bb:0b:76:dc:
7a:9d:30:8d:ba:bf:af:38:67:50:7b:95:87:23:4e:
c7:ad:01:65:04:ea:b5:65:dc:de:d2:8a:e7:a7:a5:
7b:20:42:e4:95:22:b8:e2:fd:ae:92:9f:ac:eb:c3:
ee:46:9a:a1:ed:6b:1a:7a:38:f8:ec:a6:6c:ed:00:
d2:c6:5b:b8:e1:cc:51:37:65:a3:73:ea:02:4f:8e:
3d:81:8a:8f:71:69:2f:d3:5a:a1:20:31:39:10:d7:
2c:7c:e4:6a:74:99:62:49:0d:dd:81:51:b2:85:3a:
c0:59:8d:44:ab:52:7b:79:a1:db:ec:fc:e8:c4:8a:
a4:34:69:e5:3e:61:08:36:1c:cc:a2:6d:16:4c:bd:
14:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:03:3E:C9:D9:9B:CC:44:A8:11:3C:4D:B1:19:C3:43:A6:DB:63:18
X509v3 Authority Key Identifier:
keyid:81:4E:DB:D1:96:34:CB:B9:1A:0D:2D:AF:D7:59:D4:C9:A7:E7:7B:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gU7b0ZY0y7kaDS2v11nUyafne3o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/e82de9-25f4-466e-9c0c-c08997a7a08f/1/ywM-ydmbzESoETxNsRnDQ6bbYxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/e82de9-25f4-466e-9c0c-c08997a7a08f/1/gU7b0ZY0y7kaDS2v11nUyafne3o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.12.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:1a:6a:bd:ed:49:49:e9:f8:0b:c5:60:7e:58:bf:3d:cd:46:
ed:c4:21:25:05:e9:66:34:51:4e:09:df:67:5d:9c:3d:eb:92:
fb:fe:76:57:78:ed:6b:8f:dc:b4:a3:c0:3c:da:69:a0:b8:bd:
6a:73:e1:14:d9:71:85:76:60:2b:99:f1:a3:8f:6c:3e:2b:e7:
69:8b:dd:28:82:04:8e:f7:1a:56:1b:04:fe:eb:69:7b:ce:ab:
3c:79:f9:99:8f:c2:fb:73:b3:92:2e:08:d6:a0:bd:f1:e0:d8:
0f:15:33:e7:d0:c8:17:09:b5:e8:de:7b:56:aa:9f:5d:3b:df:
34:01:51:73:70:d8:39:12:b2:b3:4c:71:63:54:8a:a8:e6:30:
24:35:3b:53:18:de:45:c8:98:09:58:66:f1:33:36:bb:cc:1c:
d6:bf:b7:5c:dc:b4:fa:d8:8b:23:ed:75:c1:a8:b2:df:b9:03:
04:69:f7:e4:d7:89:6e:1b:ab:5c:e1:8e:e9:7d:24:b0:82:db:
ac:ca:ca:30:13:bf:84:a5:9a:d6:03:21:f9:46:4d:50:16:5b:
c2:4e:08:62:6d:d5:0b:4c:2e:dd:a7:51:ff:ca:c2:ae:ec:06:
b5:6e:48:fc:b9:a4:48:05:4c:e4:6f:1f:90:19:16:09:54:ae:
be:74:d9:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXsKkwOpt4gn9+Is3a8oj1wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNGVkYmQxOTYzNGNiYjkxYTBkMmRhZmQ3NTlkNGM5YTdl
NzdiN2EwHhcNMjUwMzMxMTIyNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjAzM2VjOWQ5OWJjYzQ0YTgxMTNjNGRiMTE5YzM0M2E2ZGI2MzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9qh+NgX9yQvcwPu2DpWUarI6rHA
maTJC21IMvwd85z0vi84x5NLtrXlJGmlYzAAGZ2csAGeLUlCwph78s6FvjXI+MJV
pQGyGtR1zLZ9KCYx4xDU2shYv1FcKAKTwHL63HzegMeZICkqGgaRGVNVF03cJbsL
dtx6nTCNur+vOGdQe5WHI07HrQFlBOq1Zdze0ornp6V7IELklSK44v2ukp+s68Pu
Rpqh7Wsaejj47KZs7QDSxlu44cxRN2Wjc+oCT449gYqPcWkv01qhIDE5ENcsfORq
dJliSQ3dgVGyhTrAWY1Eq1J7eaHb7PzoxIqkNGnlPmEINhzMom0WTL0UcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMsDPsnZm8xEqBE8TbEZw0Om22MYMB8GA1UdIwQY
MBaAFIFO29GWNMu5Gg0tr9dZ1Mmn53t6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1U3YjBaWTB5N2thRFMydjExblV5YWZuZTNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9lODJkZTktMjVmNC00NjZlLTljMGMt
YzA4OTk3YTdhMDhmLzEveXdNLXlkbWJ6RVNvRVR4TnNSbkRRNmJiWXhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9lODJkZTktMjVmNC00NjZlLTljMGMtYzA4OTk3YTdhMDhm
LzEvZ1U3YjBaWTB5N2thRFMydjExblV5YWZuZTNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLVwMMA0G
CSqGSIb3DQEBCwUAA4IBAQAPGmq97UlJ6fgLxWB+WL89zUbtxCElBelmNFFOCd9n
XZw965L7/nZXeO1rj9y0o8A82mmguL1qc+EU2XGFdmArmfGjj2w+K+dpi90oggSO
9xpWGwT+62l7zqs8efmZj8L7c7OSLgjWoL3x4NgPFTPn0MgXCbXo3ntWqp9dO980
AVFzcNg5ErKzTHFjVIqo5jAkNTtTGN5FyJgJWGbxMza7zBzWv7dc3LT62Isj7XXB
qLLfuQMEaffk14luG6tc4Y7pfSSwgtusysowE7+EpZrWAyH5Rk1QFlvCTghibdUL
TC7dp1H/ysKu7Aa1bkj8uaRIBUzkbx+QGRYJVK6+dNlN
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:45:56 2025 by rpki-client