Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/AKzMSRcZgpLFIDOoJFm6RiCjq0U.roa
File: AKzMSRcZgpLFIDOoJFm6RiCjq0U.roa (raw, json)
Hash identifier: MWUZM3gusC6t0/FzBRnYEfC0fu0Vd+kt3fkmuA3jrSY=
Subject key identifier: 00:AC:CC:49:17:19:82:92:C5:20:33:A8:24:59:BA:46:20:A3:AB:45
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 0195D5861846EACA5A40678BF5EF22441327
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/AKzMSRcZgpLFIDOoJFm6RiCjq0U.roa
Signing time: Thu 27 Mar 2025 02:54:49 +0000
ROA not before: Thu 27 Mar 2025 02:54:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 141718
IP address blocks: 45.155.90.0/24 maxlen: 24
45.155.226.0/24 maxlen: 24
45.156.222.0/24 maxlen: 24
45.156.223.0/24 maxlen: 24
103.211.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.mft
rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 21:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d5:86:18:46:ea:ca:5a:40:67:8b:f5:ef:22:44:13:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Mar 27 02:54:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00accc4917198292c52033a82459ba4620a3ab45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a4:8c:61:22:6c:5e:4d:ce:9b:1e:7b:21:21:
6d:0f:23:ee:58:0f:0b:40:a5:1b:b9:53:c1:ce:5a:
85:61:65:be:0b:5a:68:9f:c7:73:50:23:66:8d:a8:
ac:85:3b:af:a0:0e:b4:ed:8b:1d:f4:12:66:5c:b7:
1f:d3:b5:a6:bf:9b:17:17:11:4f:93:50:eb:9e:e3:
d8:4e:31:bb:3b:37:68:dd:2c:1b:47:5d:4b:15:df:
83:5e:4c:93:61:eb:27:71:fa:bb:09:e6:e4:0b:c9:
17:89:14:13:a0:b4:a6:f9:0f:31:93:36:87:c9:c5:
71:b6:98:71:87:12:65:a9:72:24:87:4b:de:ef:f0:
21:ab:b0:f6:1e:79:52:89:62:b9:fb:66:4c:b4:60:
29:52:0d:4f:5d:8f:80:d7:d8:f2:95:97:0b:63:00:
e5:f2:8e:2a:ec:4d:03:d3:aa:fa:4b:dc:ab:ee:3b:
eb:0b:0e:ed:8a:c3:d8:b8:8e:40:24:0b:b8:97:82:
32:2f:75:db:9f:96:96:5a:85:38:bb:30:19:1f:42:
a7:51:ca:23:44:07:61:98:73:3b:13:e5:4f:f6:16:
23:9c:e7:18:b7:02:79:73:ce:c9:c8:cb:4a:cc:fe:
26:2f:5e:83:76:35:a3:11:fb:7e:28:b4:10:eb:2c:
3e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:AC:CC:49:17:19:82:92:C5:20:33:A8:24:59:BA:46:20:A3:AB:45
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/AKzMSRcZgpLFIDOoJFm6RiCjq0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.90.0/24
45.155.226.0/24
45.156.222.0/23
103.211.103.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:1e:8d:58:bd:4e:cf:89:46:bc:82:5d:d5:94:f9:4b:a9:88:
de:d7:9b:57:d3:a5:5a:69:9b:4d:b9:c3:c4:38:45:d9:9f:0a:
be:84:3d:7a:02:b7:15:04:e3:cc:69:3b:b6:ab:c3:0f:79:9d:
fd:a2:fe:09:ce:c1:d1:4f:e4:da:23:9b:fd:a9:c4:c5:04:b9:
c3:db:2e:91:20:28:30:ea:46:8c:28:a3:d0:ef:9a:0c:61:6e:
33:5b:ce:97:fd:4c:d1:74:a5:65:61:62:cc:34:b7:20:9b:16:
0a:f6:a2:17:e6:5b:43:38:0b:b7:93:c3:6d:55:0d:ce:48:9f:
4b:98:d3:ee:22:5c:3f:5d:ae:cb:7e:17:a5:69:f2:c1:c9:af:
ea:4d:04:10:30:d9:2a:73:76:80:8e:b3:cc:21:02:0e:ed:f9:
64:1b:6a:2a:5f:f4:fa:21:32:48:69:de:af:9f:8c:d4:dd:a2:
93:1a:e7:5c:41:98:63:8c:66:69:27:64:6d:87:c5:b4:a3:23:
9c:c3:a5:ba:bc:12:72:da:ce:aa:01:25:70:06:86:2e:a2:20:
c9:0f:87:6e:e5:6f:21:c0:ca:69:7e:c9:35:7e:c6:e5:da:d8:
1e:9d:a2:dc:63:7a:9a:ae:c7:1c:cc:96:01:9c:39:79:d5:e0:
ca:af:9f:f9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZXVhhhG6spaQGeL9e8iRBMnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjUwMzI3MDI1NDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGFjY2M0OTE3MTk4MjkyYzUyMDMzYTgyNDU5YmE0NjIwYTNhYjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqSMYSJsXk3Omx57ISFtDyPuWA8L
QKUbuVPBzlqFYWW+C1pon8dzUCNmjaishTuvoA607Ysd9BJmXLcf07Wmv5sXFxFP
k1DrnuPYTjG7Ozdo3SwbR11LFd+DXkyTYesncfq7CebkC8kXiRQToLSm+Q8xkzaH
ycVxtphxhxJlqXIkh0ve7/Ahq7D2HnlSiWK5+2ZMtGApUg1PXY+A19jylZcLYwDl
8o4q7E0D06r6S9yr7jvrCw7tisPYuI5AJAu4l4IyL3Xbn5aWWoU4uzAZH0KnUcoj
RAdhmHM7E+VP9hYjnOcYtwJ5c87JyMtKzP4mL16DdjWjEft+KLQQ6yw+GwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFACszEkXGYKSxSAzqCRZukYgo6tFMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvQUt6TVNSY1pncExGSURPb0pGbTZSaUNqcTBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZtaAwQA
LZviAwQBLZzeAwQAZ9NnMA0GCSqGSIb3DQEBCwUAA4IBAQAvHo1YvU7PiUa8gl3V
lPlLqYje15tX06VaaZtNucPEOEXZnwq+hD16ArcVBOPMaTu2q8MPeZ39ov4JzsHR
T+TaI5v9qcTFBLnD2y6RICgw6kaMKKPQ75oMYW4zW86X/UzRdKVlYWLMNLcgmxYK
9qIX5ltDOAu3k8NtVQ3OSJ9LmNPuIlw/Xa7LfhelafLBya/qTQQQMNkqc3aAjrPM
IQIO7flkG2oqX/T6ITJIad6vn4zU3aKTGudcQZhjjGZpJ2Rth8W0oyOcw6W6vBJy
2s6qASVwBoYuoiDJD4du5W8hwMppfsk1fsbl2tgenaLcY3qarscczJYBnDl51eDK
r5/5
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:17:28 2025 by rpki-client