Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/1-00kYJOaOfeDOZyUsYo9mltfKMg.roa
File: 1-00kYJOaOfeDOZyUsYo9mltfKMg.roa (raw, json)
Hash identifier: NhRxYgOCNmxal0p9S2yR4nl5HC65MQQSwZ13b2MwWvk=
Subject key identifier: FB:4D:24:60:93:9A:39:F7:83:39:9C:94:B1:8A:3D:9A:5B:5F:28:C8
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 019424450E0C55E5BF2C2D272910142D7DA6
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/1-00kYJOaOfeDOZyUsYo9mltfKMg.roa
Signing time: Wed 01 Jan 2025 23:48:12 +0000
ROA not before: Wed 01 Jan 2025 23:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9123
IP address blocks: 45.129.128.0/24 maxlen: 24
45.132.50.0/24 maxlen: 24
194.26.138.0/24 maxlen: 24
194.32.236.0/24 maxlen: 24
213.109.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 08:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:0e:0c:55:e5:bf:2c:2d:27:29:10:14:2d:7d:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Jan 1 23:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fb4d2460939a39f783399c94b18a3d9a5b5f28c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:39:a3:13:a9:b3:ef:55:7e:e8:28:42:41:17:
27:03:4a:7c:31:23:11:de:85:13:09:b0:57:b3:06:
0c:1d:26:8f:d2:4c:06:68:dd:67:03:5c:df:b7:1d:
35:a1:b0:d2:70:3d:8a:d8:f2:60:8f:84:8f:37:11:
79:1c:2c:7f:51:20:8f:17:fd:17:08:54:60:6e:4a:
a5:ac:16:eb:51:49:6f:ce:ac:6a:d5:eb:48:0e:b8:
6a:73:ba:22:e6:f6:7c:15:36:02:87:cc:04:b3:6b:
29:fa:ee:f1:4e:98:d4:79:79:d2:86:94:26:4d:28:
bb:0f:21:aa:f7:90:09:2c:6b:b0:23:a9:75:2b:74:
5f:a9:dd:da:6e:75:61:21:17:be:b3:aa:29:9f:98:
dc:f6:13:b0:46:30:9e:62:a1:f7:5a:0c:8b:4c:6b:
3f:a7:ab:ba:19:7b:c0:59:5a:59:b3:6a:50:6c:de:
0b:4a:ab:54:a0:3d:5e:b7:77:00:e1:89:18:83:5e:
25:b3:12:8e:6f:80:0a:46:0b:6f:d5:03:12:d2:1c:
5b:f7:14:cb:b4:56:70:5a:ac:80:3a:ef:95:cd:9e:
fb:21:3c:39:75:db:fb:5b:97:df:fb:60:ea:61:86:
1c:16:37:72:88:b1:e5:6a:1a:0a:3f:6a:80:7e:e8:
3f:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:4D:24:60:93:9A:39:F7:83:39:9C:94:B1:8A:3D:9A:5B:5F:28:C8
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/1-00kYJOaOfeDOZyUsYo9mltfKMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.128.0/24
45.132.50.0/24
194.26.138.0/24
194.32.236.0/24
213.109.204.0/24
Signature Algorithm: sha256WithRSAEncryption
97:b5:9a:34:78:6c:a6:73:30:73:76:05:0e:73:6c:cd:06:c6:
44:ee:27:d1:5e:a5:7b:54:9f:69:0d:2e:45:7b:66:a3:07:da:
27:dc:e6:ac:fa:8f:f6:d8:9d:c8:2f:7e:76:5a:d3:e7:92:d4:
14:98:44:a4:1c:f5:aa:fd:15:17:73:bb:8c:a3:53:a0:53:5a:
bf:f8:54:34:a1:e0:0b:a6:b2:1f:a0:6a:16:27:af:33:bc:a4:
b9:01:49:ce:85:dc:74:1f:4c:d3:a3:d9:d0:5b:a1:e3:67:62:
09:9a:4f:fd:df:5d:f9:d6:93:e8:e2:3b:8d:60:f1:ba:de:92:
db:0b:6b:8e:e4:82:dd:4e:bc:13:8f:ec:b2:69:30:b2:db:21:
f6:e7:ef:d7:cc:c4:97:d0:d9:c0:c8:bd:67:23:81:8f:5c:2e:
ab:25:6f:81:d0:71:db:44:df:4e:8e:0a:13:d6:b3:fa:ab:ad:
dd:3b:1c:f7:e2:ca:cb:03:73:f7:c4:70:32:d5:fb:ca:f5:b1:
b5:25:96:40:12:72:70:17:ac:86:38:fe:ef:de:1a:7a:59:8b:
3a:39:7f:29:3e:92:f5:aa:58:f5:ba:68:c1:60:61:e7:6f:16:
04:df:aa:8e:6b:76:63:54:de:0e:bd:f9:73:cb:f9:a8:df:3c:
5e:d4:2b:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQkRQ4MVeW/LC0nKRAULX2mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjUwMTAxMjM0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjRkMjQ2MDkzOWEzOWY3ODMzOTljOTRiMThhM2Q5YTViNWYyOGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0DmjE6mz71V+6ChCQRcnA0p8MSMR
3oUTCbBXswYMHSaP0kwGaN1nA1zftx01obDScD2K2PJgj4SPNxF5HCx/USCPF/0X
CFRgbkqlrBbrUUlvzqxq1etIDrhqc7oi5vZ8FTYCh8wEs2sp+u7xTpjUeXnShpQm
TSi7DyGq95AJLGuwI6l1K3Rfqd3abnVhIRe+s6opn5jc9hOwRjCeYqH3WgyLTGs/
p6u6GXvAWVpZs2pQbN4LSqtUoD1et3cA4YkYg14lsxKOb4AKRgtv1QMS0hxb9xTL
tFZwWqyAOu+VzZ77ITw5ddv7W5ff+2DqYYYcFjdyiLHlahoKP2qAfug/kwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPtNJGCTmjn3gzmclLGKPZpbXyjIMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvMS0wMGtZSk9hT2ZlRE9aeVVzWW85bWx0ZktNZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzYvYTViZmI2LTZhMTAtNGZiYy1hZjQ4LThiZmJkZDQ1Y2I2
Mi8xLzEydTBqcFBvb0FXTVhIS29Hb2VaUlZNSDdsWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAC2BgAME
AC2EMgMEAMIaigMEAMIg7AMEANVtzDANBgkqhkiG9w0BAQsFAAOCAQEAl7WaNHhs
pnMwc3YFDnNszQbGRO4n0V6le1SfaQ0uRXtmowfaJ9zmrPqP9tidyC9+dlrT55LU
FJhEpBz1qv0VF3O7jKNToFNav/hUNKHgC6ayH6BqFievM7ykuQFJzoXcdB9M06PZ
0Fuh42diCZpP/d9d+daT6OI7jWDxut6S2wtrjuSC3U68E4/ssmkwstsh9ufv18zE
l9DZwMi9ZyOBj1wuqyVvgdBx20TfTo4KE9az+qut3Tsc9+LKywNz98RwMtX7yvWx
tSWWQBJycBeshjj+794aelmLOjl/KT6S9apY9bpowWBh528WBN+qjmt2Y1TeDr35
c8v5qN88XtQrSw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:36:41 2025 by rpki-client