Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/349b83-6f74-49ec-a4fc-57462c283294/1/R2V69ZkOUTYrzFoNRRlCyipVFJY.roa
File: R2V69ZkOUTYrzFoNRRlCyipVFJY.roa (raw, json)
Hash identifier: 1fYxoQiQnyI9X886nVPbCzerEk6YCs6KXxGjMqHwwf0=
Subject key identifier: 47:65:7A:F5:99:0E:51:36:2B:CC:5A:0D:45:19:42:CA:2A:55:14:96
Certificate issuer: /CN=08cd67b5f97ba795a6bf86906b771c1dd2cb1dc9
Certificate serial: 0195FA69C24DF2228F7CA0EADC3A1FE83DEB
Authority key identifier: 08:CD:67:B5:F9:7B:A7:95:A6:BF:86:90:6B:77:1C:1D:D2:CB:1D:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CM1ntfl7p5Wmv4aQa3ccHdLLHck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/349b83-6f74-49ec-a4fc-57462c283294/1/R2V69ZkOUTYrzFoNRRlCyipVFJY.roa
Signing time: Thu 03 Apr 2025 06:49:49 +0000
ROA not before: Thu 03 Apr 2025 06:49:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212555
IP address blocks: 45.11.108.0/24 maxlen: 24
45.11.109.0/24 maxlen: 24
45.11.110.0/24 maxlen: 24
45.11.111.0/24 maxlen: 24
45.158.104.0/24 maxlen: 24
45.158.105.0/24 maxlen: 24
45.158.106.0/24 maxlen: 24
45.158.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/349b83-6f74-49ec-a4fc-57462c283294/1/CM1ntfl7p5Wmv4aQa3ccHdLLHck.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/349b83-6f74-49ec-a4fc-57462c283294/1/CM1ntfl7p5Wmv4aQa3ccHdLLHck.mft
rsync://rpki.ripe.net/repository/DEFAULT/CM1ntfl7p5Wmv4aQa3ccHdLLHck.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 21:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fa:69:c2:4d:f2:22:8f:7c:a0:ea:dc:3a:1f:e8:3d:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08cd67b5f97ba795a6bf86906b771c1dd2cb1dc9
Validity
Not Before: Apr 3 06:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=47657af5990e51362bcc5a0d451942ca2a551496
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:4f:ec:ce:9e:cc:a1:aa:09:95:06:0d:0b:d1:
c8:b4:1b:8d:e9:86:eb:7d:45:9c:ba:83:6e:7e:0d:
c6:95:87:c6:98:b5:a1:9d:d0:b7:92:c2:f6:e9:66:
96:be:79:29:73:0c:c4:79:3e:f7:52:f1:64:79:44:
15:b0:e3:b2:2f:28:5b:f8:c5:d1:81:60:71:28:19:
41:ee:20:de:d3:6f:03:40:6f:9a:6a:43:5c:77:bc:
78:4a:fc:1c:f0:d5:59:1c:c5:50:c7:ec:56:db:43:
53:e4:ee:b4:3f:19:74:07:bd:f3:94:42:51:eb:ff:
90:b3:ed:4b:79:a5:45:a3:80:03:80:49:ca:56:a4:
0e:e1:ec:94:a4:5c:4e:65:b0:b0:a4:67:c0:4a:a5:
39:e6:f1:f2:f2:ab:70:6f:f6:f1:74:cb:7a:ca:bc:
eb:be:ac:aa:60:e6:99:f2:23:18:1a:7c:28:48:97:
cc:21:9d:bb:80:74:47:8f:be:f7:83:13:c0:14:8e:
3f:52:39:f5:ba:d7:37:b6:d0:01:29:1a:56:48:9e:
4a:ea:db:6c:da:16:39:51:30:f5:14:bb:88:f1:70:
aa:db:18:d0:21:a7:ae:8f:cd:bb:37:c7:ba:fc:f0:
d8:5e:b8:09:79:0c:7e:d8:f2:b8:df:a3:d3:10:a0:
be:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:65:7A:F5:99:0E:51:36:2B:CC:5A:0D:45:19:42:CA:2A:55:14:96
X509v3 Authority Key Identifier:
keyid:08:CD:67:B5:F9:7B:A7:95:A6:BF:86:90:6B:77:1C:1D:D2:CB:1D:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CM1ntfl7p5Wmv4aQa3ccHdLLHck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/349b83-6f74-49ec-a4fc-57462c283294/1/R2V69ZkOUTYrzFoNRRlCyipVFJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/349b83-6f74-49ec-a4fc-57462c283294/1/CM1ntfl7p5Wmv4aQa3ccHdLLHck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.108.0/22
45.158.104.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:52:3f:fe:bc:25:41:38:6f:40:d5:97:bb:0b:f8:c3:ff:25:
6e:06:9e:29:6e:87:a4:23:ad:6c:1b:2a:f5:50:56:67:ca:2b:
cf:ef:b1:be:93:85:79:6c:b9:86:2d:d5:62:2e:63:fd:c4:ed:
b2:f6:09:91:ed:62:4d:e3:89:57:63:9d:d0:4a:6b:67:80:69:
61:b5:f7:e5:91:32:eb:d3:44:99:da:01:08:ac:6b:97:32:ad:
57:1a:95:82:72:18:00:2b:12:fd:74:23:c9:e8:ba:aa:d8:49:
e0:7b:97:65:53:82:84:f0:95:9f:23:80:de:c0:01:be:78:26:
dd:42:4b:4e:92:6d:22:bd:3b:3b:b2:43:1b:d1:79:27:fb:90:
5a:4a:c7:97:ea:2b:01:90:07:3a:27:53:d0:40:ca:5d:91:ad:
60:cb:31:51:03:27:5b:a6:7f:4c:ae:ec:49:45:98:49:4a:a2:
a3:ec:71:36:59:db:a5:96:55:34:fd:cd:ff:3f:1a:3a:7a:bf:
ee:8a:65:99:b6:57:cf:7d:0d:20:b7:7b:3c:37:97:0c:00:eb:
93:4d:1d:78:90:47:65:1a:13:5d:c3:52:05:80:bf:59:74:65:
f5:5a:c4:d6:4e:a7:89:4a:2f:53:ab:36:2d:0b:3f:2a:4d:79:
56:2a:c1:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZX6acJN8iKPfKDq3Dof6D3rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4Y2Q2N2I1Zjk3YmE3OTVhNmJmODY5MDZiNzcxYzFkZDJj
YjFkYzkwHhcNMjUwNDAzMDY0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzY1N2FmNTk5MGU1MTM2MmJjYzVhMGQ0NTE5NDJjYTJhNTUxNDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0/szp7MoaoJlQYNC9HItBuN6Ybr
fUWcuoNufg3GlYfGmLWhndC3ksL26WaWvnkpcwzEeT73UvFkeUQVsOOyLyhb+MXR
gWBxKBlB7iDe028DQG+aakNcd7x4Svwc8NVZHMVQx+xW20NT5O60Pxl0B73zlEJR
6/+Qs+1LeaVFo4ADgEnKVqQO4eyUpFxOZbCwpGfASqU55vHy8qtwb/bxdMt6yrzr
vqyqYOaZ8iMYGnwoSJfMIZ27gHRHj773gxPAFI4/Ujn1utc3ttABKRpWSJ5K6tts
2hY5UTD1FLuI8XCq2xjQIaeuj827N8e6/PDYXrgJeQx+2PK436PTEKC+aQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEdlevWZDlE2K8xaDUUZQsoqVRSWMB8GA1UdIwQY
MBaAFAjNZ7X5e6eVpr+GkGt3HB3Syx3JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ00xbnRmbDdwNVdtdjRhUWEzY2NIZExMSGNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8zNDliODMtNmY3NC00OWVjLWE0ZmMt
NTc0NjJjMjgzMjk0LzEvUjJWNjlaa09VVFlyekZvTlJSbEN5aXBWRkpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8zNDliODMtNmY3NC00OWVjLWE0ZmMtNTc0NjJjMjgzMjk0
LzEvQ00xbnRmbDdwNVdtdjRhUWEzY2NIZExMSGNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLQtsAwQC
LZ5oMA0GCSqGSIb3DQEBCwUAA4IBAQCyUj/+vCVBOG9A1Ze7C/jD/yVuBp4pboek
I61sGyr1UFZnyivP77G+k4V5bLmGLdViLmP9xO2y9gmR7WJN44lXY53QSmtngGlh
tfflkTLr00SZ2gEIrGuXMq1XGpWCchgAKxL9dCPJ6Lqq2Enge5dlU4KE8JWfI4De
wAG+eCbdQktOkm0ivTs7skMb0Xkn+5BaSseX6isBkAc6J1PQQMpdka1gyzFRAydb
pn9MruxJRZhJSqKj7HE2WdulllU0/c3/Pxo6er/uimWZtlfPfQ0gt3s8N5cMAOuT
TR14kEdlGhNdw1IFgL9ZdGX1WsTWTqeJSi9TqzYtCz8qTXlWKsGC
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:54:53 2025 by rpki-client