Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/3e7654-5124-4a6e-9497-9a9ed1ef2e8d/1/L9Epons4uT1wXNuXFQwslR3fQbg.roa
File: L9Epons4uT1wXNuXFQwslR3fQbg.roa (raw, json)
Hash identifier: U/slM2H+Gow9RoMpX0WbDkfqNCWRtnO7wmFezh1cp24=
Subject key identifier: 2F:D1:29:A2:7B:38:B9:3D:70:5C:DB:97:15:0C:2C:95:1D:DF:41:B8
Certificate issuer: /CN=21f10e34421baff174d60678f32fa5e35cdf957e
Certificate serial: 01941FFA0FFD9CB218EDA6F4A4E1CD08C0B8
Authority key identifier: 21:F1:0E:34:42:1B:AF:F1:74:D6:06:78:F3:2F:A5:E3:5C:DF:95:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IfEONEIbr_F01gZ48y-l41zflX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/3e7654-5124-4a6e-9497-9a9ed1ef2e8d/1/L9Epons4uT1wXNuXFQwslR3fQbg.roa
Signing time: Wed 01 Jan 2025 03:47:49 +0000
ROA not before: Wed 01 Jan 2025 03:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208594
IP address blocks: 45.94.148.0/22 maxlen: 24
45.94.148.0/24 maxlen: 24
45.94.149.0/24 maxlen: 24
45.94.150.0/24 maxlen: 24
45.94.151.0/24 maxlen: 24
2a0e:2ec0::/29 maxlen: 64
2a0e:2ec0:1::/48 maxlen: 48
2a0e:2ec0:2::/48 maxlen: 48
2a0e:2ec0:3::/48 maxlen: 48
2a0e:2ec0:4::/48 maxlen: 48
2a0e:2ec0:5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/3e7654-5124-4a6e-9497-9a9ed1ef2e8d/1/IfEONEIbr_F01gZ48y-l41zflX4.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/3e7654-5124-4a6e-9497-9a9ed1ef2e8d/1/IfEONEIbr_F01gZ48y-l41zflX4.mft
rsync://rpki.ripe.net/repository/DEFAULT/IfEONEIbr_F01gZ48y-l41zflX4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 06:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:0f:fd:9c:b2:18:ed:a6:f4:a4:e1:cd:08:c0:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21f10e34421baff174d60678f32fa5e35cdf957e
Validity
Not Before: Jan 1 03:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2fd129a27b38b93d705cdb97150c2c951ddf41b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:78:72:43:00:3d:56:f8:66:ce:c9:21:72:20:
21:f4:39:d1:7c:fa:08:e2:b8:c8:02:46:0d:9f:48:
3d:18:2c:e2:b7:b1:9a:1c:b4:47:ab:e9:e8:b8:a2:
3e:a3:48:6d:7e:65:8d:02:81:45:d4:ef:31:19:d7:
d0:78:db:44:b8:b8:e7:df:65:54:44:d6:63:18:d8:
27:be:6e:45:d7:2a:1c:74:2c:2c:f5:d8:b9:f1:57:
76:39:6b:0d:67:ec:99:91:3c:c5:6a:c2:a8:93:52:
30:40:c2:fd:da:e2:46:86:c4:99:a1:70:df:00:96:
69:b9:b7:70:42:f5:55:37:60:5f:7c:81:c0:30:c8:
cc:c1:df:e2:0a:d4:27:5b:70:4a:15:7e:5c:bd:21:
d8:55:33:bd:82:38:a0:cf:ce:85:96:0d:8e:91:f4:
6d:c9:b0:7e:55:68:43:38:8c:9d:37:79:0f:ea:9d:
b7:81:90:43:f0:56:bb:c0:6f:a4:d4:c8:b2:35:55:
87:da:06:a5:db:61:b5:75:4b:fd:a2:d0:dc:04:91:
71:dc:39:fb:eb:38:86:85:70:14:14:7a:48:74:8a:
50:c3:28:8f:3c:91:0f:30:d4:bb:f2:cb:04:3d:0c:
9b:52:b5:40:c1:d2:87:1c:79:b2:82:ef:04:7f:ca:
9d:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:D1:29:A2:7B:38:B9:3D:70:5C:DB:97:15:0C:2C:95:1D:DF:41:B8
X509v3 Authority Key Identifier:
keyid:21:F1:0E:34:42:1B:AF:F1:74:D6:06:78:F3:2F:A5:E3:5C:DF:95:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IfEONEIbr_F01gZ48y-l41zflX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/3e7654-5124-4a6e-9497-9a9ed1ef2e8d/1/L9Epons4uT1wXNuXFQwslR3fQbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/3e7654-5124-4a6e-9497-9a9ed1ef2e8d/1/IfEONEIbr_F01gZ48y-l41zflX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.148.0/22
IPv6:
2a0e:2ec0::/29
Signature Algorithm: sha256WithRSAEncryption
62:4f:15:94:f0:7f:d7:04:11:bc:4c:3b:d9:f5:7c:c6:3f:3d:
96:a0:f2:8f:6d:c0:bf:7b:45:c4:58:f6:54:2b:77:01:99:f8:
10:18:4e:36:ed:56:68:71:e8:8f:76:83:8a:b3:ce:86:61:e9:
d3:c3:d6:34:a6:19:ba:6c:49:d5:07:90:fb:e1:f4:8e:bc:e7:
a1:d8:b7:18:ff:bc:d2:69:25:3b:52:f9:5c:3c:4b:40:c7:fa:
60:6c:da:29:eb:43:ed:90:04:b3:a0:b9:25:16:d2:b1:b5:ee:
db:1b:c0:b8:0f:71:9e:0b:19:b6:76:60:a3:9d:8b:11:75:6c:
95:3c:c1:a9:f1:58:df:7f:ad:61:06:2d:a1:04:0e:26:11:30:
f1:72:dd:f1:8a:29:64:94:02:99:74:e0:1b:91:0e:68:9c:12:
3f:bf:d7:b7:e2:06:46:36:ba:65:39:b5:73:6f:5b:d4:3b:e0:
db:1e:8e:a1:3c:bc:ab:aa:e6:19:bd:58:a0:93:d5:c2:9e:58:
60:9a:bc:49:24:99:31:7e:af:6a:1d:12:2a:d6:6d:47:fe:2d:
48:dd:22:96:cd:da:c1:34:56:7c:6b:b1:17:93:56:0c:02:4a:
08:41:be:e8:69:40:38:c1:23:4a:14:93:cc:5d:4f:b3:2d:53:
6d:5b:6e:ae
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQf+g/9nLIY7ab0pOHNCMC4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxZjEwZTM0NDIxYmFmZjE3NGQ2MDY3OGYzMmZhNWUzNWNk
Zjk1N2UwHhcNMjUwMTAxMDM0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmQxMjlhMjdiMzhiOTNkNzA1Y2RiOTcxNTBjMmM5NTFkZGY0MWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXhyQwA9VvhmzskhciAh9DnRfPoI
4rjIAkYNn0g9GCzit7GaHLRHq+nouKI+o0htfmWNAoFF1O8xGdfQeNtEuLjn32VU
RNZjGNgnvm5F1yocdCws9di58Vd2OWsNZ+yZkTzFasKok1IwQML92uJGhsSZoXDf
AJZpubdwQvVVN2BffIHAMMjMwd/iCtQnW3BKFX5cvSHYVTO9gjigz86Flg2OkfRt
ybB+VWhDOIydN3kP6p23gZBD8Fa7wG+k1MiyNVWH2gal22G1dUv9otDcBJFx3Dn7
6ziGhXAUFHpIdIpQwyiPPJEPMNS78ssEPQybUrVAwdKHHHmygu8Ef8qdVwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFC/RKaJ7OLk9cFzblxUMLJUd30G4MB8GA1UdIwQY
MBaAFCHxDjRCG6/xdNYGePMvpeNc35V+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWZFT05FSWJyX0YwMWdaNDh5LWw0MXpmbFg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8zZTc2NTQtNTEyNC00YTZlLTk0OTct
OWE5ZWQxZWYyZThkLzEvTDlFcG9uczR1VDF3WE51WEZRd3NsUjNmUWJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8zZTc2NTQtNTEyNC00YTZlLTk0OTctOWE5ZWQxZWYyZThk
LzEvSWZFT05FSWJyX0YwMWdaNDh5LWw0MXpmbFg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLV6UMA0E
AgACMAcDBQMqDi7AMA0GCSqGSIb3DQEBCwUAA4IBAQBiTxWU8H/XBBG8TDvZ9XzG
Pz2WoPKPbcC/e0XEWPZUK3cBmfgQGE427VZoceiPdoOKs86GYenTw9Y0phm6bEnV
B5D74fSOvOeh2LcY/7zSaSU7UvlcPEtAx/pgbNop60PtkASzoLklFtKxte7bG8C4
D3GeCxm2dmCjnYsRdWyVPMGp8Vjff61hBi2hBA4mETDxct3xiilklAKZdOAbkQ5o
nBI/v9e34gZGNrplObVzb1vUO+DbHo6hPLyrquYZvVigk9XCnlhgmrxJJJkxfq9q
HRIq1m1H/i1I3SKWzdrBNFZ8a7EXk1YMAkoIQb7oaUA4wSNKFJPMXU+zLVNtW26u
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:42:58 2025 by rpki-client