Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/82445f-d1d7-46b0-af4f-766c06e5f075/1/q1cKMx3v15DpBk7XfHsCbT0Hr0M.roa
File: q1cKMx3v15DpBk7XfHsCbT0Hr0M.roa (raw, json)
Hash identifier: kJPl8z55kb+AOqX1mvjlXQAxwXPA4H1QahAgTk9/aUg=
Subject key identifier: AB:57:0A:33:1D:EF:D7:90:E9:06:4E:D7:7C:7B:02:6D:3D:07:AF:43
Certificate issuer: /CN=f8555a7883f92b9f9ba422a96b4e397bf5fb8fc7
Certificate serial: 0194258F67CC8345265C017EC3E5109B427F
Authority key identifier: F8:55:5A:78:83:F9:2B:9F:9B:A4:22:A9:6B:4E:39:7B:F5:FB:8F:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-FVaeIP5K5-bpCKpa045e_X7j8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/82445f-d1d7-46b0-af4f-766c06e5f075/1/q1cKMx3v15DpBk7XfHsCbT0Hr0M.roa
Signing time: Thu 02 Jan 2025 05:49:02 +0000
ROA not before: Thu 02 Jan 2025 05:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15511
IP address blocks: 45.159.184.0/24 maxlen: 24
45.159.185.0/24 maxlen: 24
45.159.186.0/24 maxlen: 24
185.115.100.0/24 maxlen: 24
185.115.101.0/24 maxlen: 24
185.115.102.0/24 maxlen: 24
185.115.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/82445f-d1d7-46b0-af4f-766c06e5f075/1/1-FVaeIP5K5-bpCKpa045e_X7j8c.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/82445f-d1d7-46b0-af4f-766c06e5f075/1/1-FVaeIP5K5-bpCKpa045e_X7j8c.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-FVaeIP5K5-bpCKpa045e_X7j8c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:67:cc:83:45:26:5c:01:7e:c3:e5:10:9b:42:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8555a7883f92b9f9ba422a96b4e397bf5fb8fc7
Validity
Not Before: Jan 2 05:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ab570a331defd790e9064ed77c7b026d3d07af43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d0:a3:3d:84:6f:f3:48:ba:0d:37:e9:cc:7e:
ce:67:1c:44:f5:0f:c9:80:f0:bb:3a:89:49:51:1c:
f1:09:97:a0:ec:75:64:d0:05:c8:63:fd:9b:5d:64:
cf:05:a2:ff:3a:c1:d3:fd:90:a6:7b:31:b4:ff:7f:
bd:a3:03:db:22:7e:c7:93:83:f6:d2:14:22:ba:14:
b6:47:13:f2:66:f0:25:73:a1:4f:9d:a4:87:30:85:
b3:e7:73:4d:6c:c8:f0:7a:9b:a4:70:db:e4:86:4a:
50:be:68:90:81:51:55:01:48:49:a5:e6:37:6d:95:
f5:53:03:35:43:5f:21:d6:9d:5f:14:bd:c1:d4:21:
1a:92:63:b7:8f:d3:63:4f:85:3a:20:4e:12:c1:a2:
12:4c:be:20:90:f1:ba:16:68:58:54:80:b7:46:44:
e9:0c:83:d0:b8:9e:b1:4f:18:ea:f9:0e:2e:f6:c0:
cb:38:d7:c0:7f:92:bb:ce:d9:50:c2:d4:3f:71:49:
79:de:f8:0b:2f:07:6a:60:3c:d3:ed:5f:50:86:2a:
6a:14:9b:78:32:3c:c4:24:4e:21:20:d9:cd:8d:9d:
00:2f:f0:89:2a:0c:8c:09:a3:12:a0:f3:8d:f9:a7:
d7:57:b3:fd:43:64:62:30:14:4a:01:a5:b1:82:1a:
b1:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:57:0A:33:1D:EF:D7:90:E9:06:4E:D7:7C:7B:02:6D:3D:07:AF:43
X509v3 Authority Key Identifier:
keyid:F8:55:5A:78:83:F9:2B:9F:9B:A4:22:A9:6B:4E:39:7B:F5:FB:8F:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-FVaeIP5K5-bpCKpa045e_X7j8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/82445f-d1d7-46b0-af4f-766c06e5f075/1/q1cKMx3v15DpBk7XfHsCbT0Hr0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/82445f-d1d7-46b0-af4f-766c06e5f075/1/1-FVaeIP5K5-bpCKpa045e_X7j8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.184.0-45.159.186.255
185.115.100.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:6b:f6:88:a2:c8:a4:d2:93:81:29:d8:c8:a4:0a:62:61:7c:
27:b9:68:e3:ec:5a:28:24:41:56:e0:22:d1:49:48:45:24:40:
b8:36:62:06:a1:1f:17:9b:79:c0:db:72:65:53:04:f4:c4:19:
b8:2a:31:25:51:25:2b:96:9a:5b:11:ef:0b:50:7b:f0:99:18:
1e:6f:1a:32:13:ec:3a:5a:81:39:14:ae:a4:27:55:e7:7e:b1:
35:7e:e6:c6:c2:f1:32:36:79:1c:8a:60:58:12:d9:74:0b:34:
14:f9:d6:fe:63:f0:75:8e:17:00:60:f7:57:12:00:10:9e:77:
84:7d:5b:a4:5e:83:92:e4:cb:29:87:11:86:ab:55:dc:63:33:
f9:4a:c5:d3:a1:95:99:19:f5:67:00:ee:84:24:36:79:08:97:
02:72:0b:a1:40:e9:e5:3b:1e:24:27:08:bf:f4:22:e5:f4:6b:
88:1f:11:5f:d8:d2:d0:2a:d1:5b:06:01:a0:76:e1:56:03:5a:
cf:94:76:51:fc:dd:e3:63:47:ef:b9:35:fc:40:a6:98:be:b4:
14:23:c2:37:1b:86:0b:64:77:1f:3d:3d:53:76:9f:e1:87:d7:
ed:a4:5b:7e:1e:4f:61:11:90:15:99:40:cc:cf:13:be:af:51:
8f:97:44:c9
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQlj2fMg0UmXAF+w+UQm0J/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NTU1YTc4ODNmOTJiOWY5YmE0MjJhOTZiNGUzOTdiZjVm
YjhmYzcwHhcNMjUwMTAyMDU0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjU3MGEzMzFkZWZkNzkwZTkwNjRlZDc3YzdiMDI2ZDNkMDdhZjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdCjPYRv80i6DTfpzH7OZxxE9Q/J
gPC7OolJURzxCZeg7HVk0AXIY/2bXWTPBaL/OsHT/ZCmezG0/3+9owPbIn7Hk4P2
0hQiuhS2RxPyZvAlc6FPnaSHMIWz53NNbMjwepukcNvkhkpQvmiQgVFVAUhJpeY3
bZX1UwM1Q18h1p1fFL3B1CEakmO3j9NjT4U6IE4SwaISTL4gkPG6FmhYVIC3RkTp
DIPQuJ6xTxjq+Q4u9sDLONfAf5K7ztlQwtQ/cUl53vgLLwdqYDzT7V9QhipqFJt4
MjzEJE4hINnNjZ0AL/CJKgyMCaMSoPON+afXV7P9Q2RiMBRKAaWxghqxwQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFKtXCjMd79eQ6QZO13x7Am09B69DMB8GA1UdIwQY
MBaAFPhVWniD+Sufm6QiqWtOOXv1+4/HMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1GVmFlSVA1SzUtYnBDS3BhMDQ1ZV9YN2o4Yy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2IvODI0NDVmLWQxZDctNDZiMC1hZjRm
LTc2NmMwNmU1ZjA3NS8xL3ExY0tNeDN2MTVEcEJrN1hmSHNDYlQwSHIwTS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2IvODI0NDVmLWQxZDctNDZiMC1hZjRmLTc2NmMwNmU1ZjA3
NS8xLzEtRlZhZUlQNUs1LWJwQ0twYTA0NWVfWDdqOGMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLQYIKwYBBQUHAQcBAf8EHjAcMBoEAgABMBQwDAMEAy2f
uAMEAC2fugMEArlzZDANBgkqhkiG9w0BAQsFAAOCAQEAmmv2iKLIpNKTgSnYyKQK
YmF8J7lo4+xaKCRBVuAi0UlIRSRAuDZiBqEfF5t5wNtyZVME9MQZuCoxJVElK5aa
WxHvC1B78JkYHm8aMhPsOlqBORSupCdV536xNX7mxsLxMjZ5HIpgWBLZdAs0FPnW
/mPwdY4XAGD3VxIAEJ53hH1bpF6DkuTLKYcRhqtV3GMz+UrF06GVmRn1ZwDuhCQ2
eQiXAnILoUDp5TseJCcIv/Qi5fRriB8RX9jS0CrRWwYBoHbhVgNaz5R2Ufzd42NH
77k1/ECmmL60FCPCNxuGC2R3Hz09U3af4YfX7aRbfh5PYRGQFZlAzM8Tvq9Rj5dE
yQ==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:42 2025 by rpki-client