Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/0-YPkmULAfXnz-x8O4HjpPXrRgc.roa
File: 0-YPkmULAfXnz-x8O4HjpPXrRgc.roa (raw, json)
Hash identifier: 4hkO4QjkvJDhiXFvv5DxoiJEgtCK4O1iDNeqMzaTU3Y=
Subject key identifier: D3:E6:0F:92:65:0B:01:F5:E7:CF:EC:7C:3B:81:E3:A4:F5:EB:46:07
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 0195DCAFE5FE3038F9C671F73C8E83076699
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/0-YPkmULAfXnz-x8O4HjpPXrRgc.roa
Signing time: Fri 28 Mar 2025 12:17:50 +0000
ROA not before: Fri 28 Mar 2025 12:17:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396356
IP address blocks: 45.134.20.0/24 maxlen: 24
2a0e:d787::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 14:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:dc:af:e5:fe:30:38:f9:c6:71:f7:3c:8e:83:07:66:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Mar 28 12:17:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d3e60f92650b01f5e7cfec7c3b81e3a4f5eb4607
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:1d:3e:90:44:6f:42:33:6c:bd:78:2e:7a:a6:
b4:47:67:f3:44:0b:46:11:ba:e0:8e:a0:ee:de:f7:
d3:66:c2:09:2f:2e:16:74:8e:e4:34:0d:66:19:29:
fc:d5:82:d4:eb:79:7c:bb:f3:82:e6:bd:96:a1:39:
77:f9:e1:39:25:19:b5:5d:ec:78:ea:5c:0c:63:de:
3c:6c:f7:da:13:2f:97:d5:ea:9a:f8:d6:ae:91:2a:
cf:9c:16:2d:1b:da:67:3e:e2:f5:55:98:44:ce:37:
8f:e2:ab:76:9b:0a:76:76:3b:fc:0b:19:dc:a2:7d:
22:30:2a:45:76:fa:89:51:7f:ee:b8:e9:07:d2:d2:
1b:a3:e3:7f:36:81:e8:f3:cb:d4:51:7c:78:28:55:
42:b1:fe:03:75:7a:ba:b6:09:64:48:cd:62:03:89:
84:fd:3b:67:f1:38:f4:6e:93:30:13:1d:e3:cd:21:
0f:f4:12:a2:ba:17:bf:75:66:32:a1:82:df:4f:34:
f6:1b:2f:df:56:48:c9:90:13:21:ec:9b:65:b4:11:
9f:f9:0b:e5:39:ac:71:b6:48:f6:53:1b:51:08:9d:
38:cd:8d:b0:72:14:6d:3f:64:be:23:fc:2f:75:4e:
f2:bc:93:ce:77:5c:c9:25:0a:95:62:cd:43:a7:55:
7a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:E6:0F:92:65:0B:01:F5:E7:CF:EC:7C:3B:81:E3:A4:F5:EB:46:07
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/0-YPkmULAfXnz-x8O4HjpPXrRgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.20.0/24
IPv6:
2a0e:d787::/32
Signature Algorithm: sha256WithRSAEncryption
04:83:48:60:b8:45:10:37:4e:6f:18:fe:85:18:b0:26:28:34:
6d:5d:14:a6:fa:8d:4b:a9:de:1e:c6:03:3b:cf:f1:f1:af:f1:
64:75:f2:1e:5c:ab:65:0e:52:94:0b:ab:54:29:13:24:b5:14:
f3:79:5e:d3:9d:40:3b:70:dc:85:c6:5b:43:9b:e4:84:f4:84:
40:c0:b2:5c:c2:40:b8:f5:49:a5:4f:cd:33:44:12:16:5c:e1:
79:f3:3b:7f:a4:bf:26:a9:f1:16:0e:2b:46:01:17:97:07:5d:
4d:5c:42:70:1f:54:13:b2:88:c7:91:84:64:e2:89:8b:26:f3:
bd:21:0f:cf:26:bc:d1:86:e1:26:43:2b:a9:6b:10:e1:f0:6f:
e7:2a:50:5f:58:db:b1:08:b8:f4:04:98:63:26:a6:db:23:53:
b3:79:e8:35:36:82:8f:9d:64:de:f2:b1:7d:d1:df:7f:5f:a8:
38:6e:1b:fd:b0:71:d9:53:59:8c:53:2c:f7:15:b7:22:36:b3:
1a:66:0b:25:ac:44:b1:37:26:14:23:6f:88:4e:76:34:32:b1:
fe:5d:d7:60:00:3b:85:5f:e2:a8:34:6d:c5:5a:56:e6:9a:2e:
c3:20:39:19:6d:39:26:3b:65:2a:1e:f5:2b:d0:7b:05:ef:65:
01:9d:cc:c0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZXcr+X+MDj5xnH3PI6DB2aZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjUwMzI4MTIxNzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2U2MGY5MjY1MGIwMWY1ZTdjZmVjN2MzYjgxZTNhNGY1ZWI0NjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvh0+kERvQjNsvXgueqa0R2fzRAtG
EbrgjqDu3vfTZsIJLy4WdI7kNA1mGSn81YLU63l8u/OC5r2WoTl3+eE5JRm1Xex4
6lwMY948bPfaEy+X1eqa+NaukSrPnBYtG9pnPuL1VZhEzjeP4qt2mwp2djv8Cxnc
on0iMCpFdvqJUX/uuOkH0tIbo+N/NoHo88vUUXx4KFVCsf4DdXq6tglkSM1iA4mE
/Ttn8Tj0bpMwEx3jzSEP9BKiuhe/dWYyoYLfTzT2Gy/fVkjJkBMh7JtltBGf+Qvl
Oaxxtkj2UxtRCJ04zY2wchRtP2S+I/wvdU7yvJPOd1zJJQqVYs1Dp1V6SQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNPmD5JlCwH158/sfDuB46T160YHMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvMC1ZUGttVUxBZlhuei14OE80SGpwUFhyUmdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALYYUMA0E
AgACMAcDBQAqDteHMA0GCSqGSIb3DQEBCwUAA4IBAQAEg0hguEUQN05vGP6FGLAm
KDRtXRSm+o1Lqd4exgM7z/Hxr/FkdfIeXKtlDlKUC6tUKRMktRTzeV7TnUA7cNyF
xltDm+SE9IRAwLJcwkC49UmlT80zRBIWXOF58zt/pL8mqfEWDitGAReXB11NXEJw
H1QTsojHkYRk4omLJvO9IQ/PJrzRhuEmQyupaxDh8G/nKlBfWNuxCLj0BJhjJqbb
I1Ozeeg1NoKPnWTe8rF90d9/X6g4bhv9sHHZU1mMUyz3FbciNrMaZgslrESxNyYU
I2+ITnY0MrH+XddgADuFX+KoNG3FWlbmmi7DIDkZbTkmO2UqHvUr0HsF72UBnczA
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:35:26 2025 by rpki-client