Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/433127-e2cf-41a1-9913-7a0f72cbb2d5/1/ySyYBbjTtcDUqBz7Jvsy_dqOh5M.roa
File: ySyYBbjTtcDUqBz7Jvsy_dqOh5M.roa (raw, json)
Hash identifier: y0xUTw1/EmIP+eH68EDACE2M7Q+xfY7/HmSGSbV7MZE=
Subject key identifier: C9:2C:98:05:B8:D3:B5:C0:D4:A8:1C:FB:26:FB:32:FD:DA:8E:87:93
Certificate issuer: /CN=38b59daedd43cc9575ac35953e3f396e21bb6d80
Certificate serial: 019422FB425D79D43BFE69475600983EC1EF
Authority key identifier: 38:B5:9D:AE:DD:43:CC:95:75:AC:35:95:3E:3F:39:6E:21:BB:6D:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLWdrt1DzJV1rDWVPj85biG7bYA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/433127-e2cf-41a1-9913-7a0f72cbb2d5/1/ySyYBbjTtcDUqBz7Jvsy_dqOh5M.roa
Signing time: Wed 01 Jan 2025 17:47:59 +0000
ROA not before: Wed 01 Jan 2025 17:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61309
IP address blocks: 45.147.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/433127-e2cf-41a1-9913-7a0f72cbb2d5/1/OLWdrt1DzJV1rDWVPj85biG7bYA.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/433127-e2cf-41a1-9913-7a0f72cbb2d5/1/OLWdrt1DzJV1rDWVPj85biG7bYA.mft
rsync://rpki.ripe.net/repository/DEFAULT/OLWdrt1DzJV1rDWVPj85biG7bYA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:42:5d:79:d4:3b:fe:69:47:56:00:98:3e:c1:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b59daedd43cc9575ac35953e3f396e21bb6d80
Validity
Not Before: Jan 1 17:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c92c9805b8d3b5c0d4a81cfb26fb32fdda8e8793
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:56:51:0b:49:00:4f:e0:96:3b:7a:19:f1:56:
64:5e:09:63:a4:44:de:2b:ee:7f:ca:c8:04:1f:9d:
3c:f8:33:82:31:72:83:f8:48:2a:ec:6c:3a:4d:de:
ec:a8:b3:90:88:ac:32:72:2c:f6:08:d1:8d:cf:06:
ba:04:7c:34:44:61:52:a6:36:6a:5d:9b:f4:e6:84:
0a:b4:b2:5e:dc:71:59:9c:eb:a8:ba:5e:a6:75:cc:
e6:51:8a:77:59:0b:8a:1a:58:0d:65:f7:bf:72:dd:
c6:23:a0:bc:a6:2f:e1:98:7a:01:b7:3b:7f:ea:41:
95:37:85:21:4f:2a:2e:26:bb:4b:43:7b:ab:ae:fd:
c8:0e:9a:9f:ad:93:ba:6a:05:e3:0c:0a:06:2a:25:
5c:eb:47:e8:4c:3b:36:48:30:ec:d3:1c:e4:2e:18:
d9:a7:e0:d0:d1:7a:f7:22:18:66:1c:48:8f:77:36:
ad:93:85:9e:b0:b6:22:e2:08:9f:13:2f:78:ba:e0:
ec:be:90:6a:25:97:31:88:6b:e6:fe:bc:db:50:06:
98:f7:13:8a:89:68:28:6d:fe:1b:0b:aa:63:71:3e:
f2:fa:d9:46:50:ff:e2:16:da:5a:4a:a6:76:f3:41:
d1:6c:a5:40:c0:1d:8a:fd:56:ac:3e:d4:d9:b6:55:
1f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:2C:98:05:B8:D3:B5:C0:D4:A8:1C:FB:26:FB:32:FD:DA:8E:87:93
X509v3 Authority Key Identifier:
keyid:38:B5:9D:AE:DD:43:CC:95:75:AC:35:95:3E:3F:39:6E:21:BB:6D:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLWdrt1DzJV1rDWVPj85biG7bYA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/433127-e2cf-41a1-9913-7a0f72cbb2d5/1/ySyYBbjTtcDUqBz7Jvsy_dqOh5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/433127-e2cf-41a1-9913-7a0f72cbb2d5/1/OLWdrt1DzJV1rDWVPj85biG7bYA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.42.0/24
Signature Algorithm: sha256WithRSAEncryption
33:43:8b:0f:44:51:95:d8:e8:ed:c2:63:01:30:46:09:de:20:
6d:a2:d6:a6:65:56:4e:76:b5:c3:64:bc:5c:e6:f7:6a:51:5f:
24:f2:fc:e6:a3:d7:cc:c4:aa:32:d1:88:5d:15:ac:5e:ba:44:
0c:ca:1f:e3:30:ad:05:43:bd:8e:ee:d6:76:80:5e:c2:df:da:
fa:11:dc:f7:9a:ea:52:2f:a3:9a:09:8a:49:ed:ab:56:7d:23:
c1:a7:92:92:d2:3a:c0:0c:6b:9f:5d:cb:b3:c9:8c:c9:8b:99:
eb:c2:ed:aa:5f:71:25:52:d3:0a:4a:4b:8e:a2:42:04:92:d9:
03:4e:13:33:2f:ae:89:12:7c:c8:21:6f:57:06:21:d2:33:92:
c2:e5:0d:71:3a:17:cb:ab:b3:9c:b9:18:44:88:ea:ce:9b:fc:
a5:2c:e0:80:f5:d9:ac:18:ed:5a:c3:ce:a6:7a:bc:29:33:9c:
ee:e0:ef:dc:d9:d7:11:be:ed:f9:a2:f1:a4:72:93:74:34:76:
4a:d7:69:fb:95:fd:07:d5:eb:ed:d2:6e:86:d2:7f:07:a8:b1:
3b:d3:de:28:ad:79:13:47:0e:c8:52:d4:f7:90:db:6b:60:c7:
33:97:ad:36:3c:48:55:66:61:2f:66:4b:b6:1c:5f:2a:b4:7e:
4e:cc:00:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+0JdedQ7/mlHVgCYPsHvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjU5ZGFlZGQ0M2NjOTU3NWFjMzU5NTNlM2YzOTZlMjFi
YjZkODAwHhcNMjUwMTAxMTc0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTJjOTgwNWI4ZDNiNWMwZDRhODFjZmIyNmZiMzJmZGRhOGU4NzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3FZRC0kAT+CWO3oZ8VZkXgljpETe
K+5/ysgEH508+DOCMXKD+Egq7Gw6Td7sqLOQiKwyciz2CNGNzwa6BHw0RGFSpjZq
XZv05oQKtLJe3HFZnOuoul6mdczmUYp3WQuKGlgNZfe/ct3GI6C8pi/hmHoBtzt/
6kGVN4UhTyouJrtLQ3urrv3IDpqfrZO6agXjDAoGKiVc60foTDs2SDDs0xzkLhjZ
p+DQ0Xr3IhhmHEiPdzatk4WesLYi4gifEy94uuDsvpBqJZcxiGvm/rzbUAaY9xOK
iWgobf4bC6pjcT7y+tlGUP/iFtpaSqZ280HRbKVAwB2K/VasPtTZtlUfIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMksmAW407XA1Kgc+yb7Mv3ajoeTMB8GA1UdIwQY
MBaAFDi1na7dQ8yVdaw1lT4/OW4hu22AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xXZHJ0MUR6SlYxckRXVlBqODViaUc3YllBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC80MzMxMjctZTJjZi00MWExLTk5MTMt
N2EwZjcyY2JiMmQ1LzEveVN5WUJialR0Y0RVcUJ6N0p2c3lfZHFPaDVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC80MzMxMjctZTJjZi00MWExLTk5MTMtN2EwZjcyY2JiMmQ1
LzEvT0xXZHJ0MUR6SlYxckRXVlBqODViaUc3YllBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZMqMA0G
CSqGSIb3DQEBCwUAA4IBAQAzQ4sPRFGV2OjtwmMBMEYJ3iBtotamZVZOdrXDZLxc
5vdqUV8k8vzmo9fMxKoy0YhdFaxeukQMyh/jMK0FQ72O7tZ2gF7C39r6Edz3mupS
L6OaCYpJ7atWfSPBp5KS0jrADGufXcuzyYzJi5nrwu2qX3ElUtMKSkuOokIEktkD
ThMzL66JEnzIIW9XBiHSM5LC5Q1xOhfLq7OcuRhEiOrOm/ylLOCA9dmsGO1aw86m
erwpM5zu4O/c2dcRvu35ovGkcpN0NHZK12n7lf0H1evt0m6G0n8HqLE7094orXkT
Rw7IUtT3kNtrYMczl602PEhVZmEvZku2HF8qtH5OzABK
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:31:45 2025 by rpki-client