Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/d1a71c-b8f8-412d-9da1-2401b74206f3/1/1-Rgkx9BsEfikK5eKOgyodd6h4gY.roa
File: 1-Rgkx9BsEfikK5eKOgyodd6h4gY.roa (raw, json)
Hash identifier: CT7Rp9+Jw7zWR3AQw89KWuUkHEx7Im+IKlsSdQ20Nq8=
Subject key identifier: F9:18:24:C7:D0:6C:11:F8:A4:2B:97:8A:3A:0C:A8:75:DE:A1:E2:06
Certificate issuer: /CN=f56b2049b3a9aa6f2368e6eeb4bfcd167953a5e9
Certificate serial: 019427B54E1AC5C3F8441C196ADEF1C4CD18
Authority key identifier: F5:6B:20:49:B3:A9:AA:6F:23:68:E6:EE:B4:BF:CD:16:79:53:A5:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9WsgSbOpqm8jaObutL_NFnlTpek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/d1a71c-b8f8-412d-9da1-2401b74206f3/1/1-Rgkx9BsEfikK5eKOgyodd6h4gY.roa
Signing time: Thu 02 Jan 2025 15:49:40 +0000
ROA not before: Thu 02 Jan 2025 15:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43366
IP address blocks: 45.155.212.0/22 maxlen: 25
185.103.76.0/22 maxlen: 24
195.35.114.0/23 maxlen: 24
2a06:2a80::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/d1a71c-b8f8-412d-9da1-2401b74206f3/1/9WsgSbOpqm8jaObutL_NFnlTpek.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/d1a71c-b8f8-412d-9da1-2401b74206f3/1/9WsgSbOpqm8jaObutL_NFnlTpek.mft
rsync://rpki.ripe.net/repository/DEFAULT/9WsgSbOpqm8jaObutL_NFnlTpek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 09:01:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:4e:1a:c5:c3:f8:44:1c:19:6a:de:f1:c4:cd:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f56b2049b3a9aa6f2368e6eeb4bfcd167953a5e9
Validity
Not Before: Jan 2 15:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f91824c7d06c11f8a42b978a3a0ca875dea1e206
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:15:14:6f:10:84:bc:4f:6e:93:76:71:d9:76:
09:a5:5e:04:c3:9c:58:cd:f9:41:6e:52:81:cb:9e:
54:7c:c5:d6:8f:ac:f8:37:22:cf:97:43:8a:f3:45:
1c:ac:3c:98:e6:df:b9:80:7b:00:a2:68:a4:df:39:
b1:dc:86:50:57:e0:44:bb:fc:6a:da:e6:5a:22:f6:
3f:a8:93:14:a8:23:20:30:ce:03:4f:e9:3b:da:d8:
3b:68:d1:84:78:65:e0:3b:b3:b8:06:13:2e:83:74:
e5:d0:ff:a6:a0:5e:6e:79:2f:3a:c0:b1:94:eb:f4:
ed:e8:97:40:a6:dc:dc:d4:ed:2f:fc:4b:09:09:46:
b4:41:53:3e:88:8a:2b:cb:ed:d2:8e:2e:99:03:be:
93:28:63:66:ff:46:69:e2:41:91:d5:36:7b:ef:5d:
86:10:0a:23:0a:8e:60:90:9a:12:d9:3d:b2:4b:a8:
a7:d4:d4:a3:6c:56:82:ea:71:46:60:82:5d:1b:48:
f2:0e:9c:cf:ec:72:75:1d:5c:ee:cd:d4:2b:54:eb:
5e:3d:e6:53:d7:33:a3:a2:cb:0e:4c:9a:b4:23:ef:
bb:e0:91:ec:b5:42:e8:0f:51:b4:7b:77:65:d8:35:
15:a1:a0:fe:38:fe:5b:f9:85:29:5f:49:79:86:ff:
61:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:18:24:C7:D0:6C:11:F8:A4:2B:97:8A:3A:0C:A8:75:DE:A1:E2:06
X509v3 Authority Key Identifier:
keyid:F5:6B:20:49:B3:A9:AA:6F:23:68:E6:EE:B4:BF:CD:16:79:53:A5:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9WsgSbOpqm8jaObutL_NFnlTpek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/d1a71c-b8f8-412d-9da1-2401b74206f3/1/1-Rgkx9BsEfikK5eKOgyodd6h4gY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/d1a71c-b8f8-412d-9da1-2401b74206f3/1/9WsgSbOpqm8jaObutL_NFnlTpek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.212.0/22
185.103.76.0/22
195.35.114.0/23
IPv6:
2a06:2a80::/29
Signature Algorithm: sha256WithRSAEncryption
67:2e:8a:ee:f6:61:60:df:0f:39:e2:47:48:4e:e2:db:35:78:
a3:1c:6e:f6:b7:52:6b:18:76:bd:48:6e:b9:84:8b:7b:64:1a:
5f:66:0f:66:ef:d8:65:92:20:87:bf:44:67:cd:d4:01:be:2d:
ec:0c:2b:ee:e8:f7:2d:63:df:31:ac:3f:49:48:ca:e5:35:c3:
90:c0:e9:4c:a1:8e:bb:5e:4c:bb:6f:66:8b:2c:6c:b9:cf:9b:
98:4a:10:d3:04:55:db:a4:73:81:81:62:44:bf:13:6f:76:36:
19:a4:64:8f:2d:41:09:b7:95:71:28:96:c2:66:a7:84:ea:d7:
68:f1:07:b4:00:5e:26:7b:be:0e:28:ac:93:1f:fc:67:54:f0:
7b:da:48:3f:d7:d4:e9:dc:5b:5f:a7:34:22:ea:69:46:65:44:
28:1f:2c:f3:89:74:e5:ca:ce:36:66:49:7d:d5:81:b2:63:af:
c0:9a:fd:0d:e6:76:a3:e4:ee:33:f6:5a:0c:c7:99:06:23:f7:
a5:4f:fd:ce:fc:d9:71:60:dd:90:57:6b:12:7e:d8:ed:7d:39:
bf:e1:2e:29:38:39:78:2c:96:46:79:e8:92:30:c8:4e:67:2b:
a5:17:23:96:be:9a:4c:ab:0c:50:61:ff:e4:7f:36:7f:08:2a:
ec:df:9d:c3
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQntU4axcP4RBwZat7xxM0YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NmIyMDQ5YjNhOWFhNmYyMzY4ZTZlZWI0YmZjZDE2Nzk1
M2E1ZTkwHhcNMjUwMTAyMTU0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTE4MjRjN2QwNmMxMWY4YTQyYjk3OGEzYTBjYTg3NWRlYTFlMjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxUUbxCEvE9uk3Zx2XYJpV4Ew5xY
zflBblKBy55UfMXWj6z4NyLPl0OK80UcrDyY5t+5gHsAomik3zmx3IZQV+BEu/xq
2uZaIvY/qJMUqCMgMM4DT+k72tg7aNGEeGXgO7O4BhMug3Tl0P+moF5ueS86wLGU
6/Tt6JdAptzc1O0v/EsJCUa0QVM+iIory+3Sji6ZA76TKGNm/0Zp4kGR1TZ7712G
EAojCo5gkJoS2T2yS6in1NSjbFaC6nFGYIJdG0jyDpzP7HJ1HVzuzdQrVOtePeZT
1zOjossOTJq0I++74JHstULoD1G0e3dl2DUVoaD+OP5b+YUpX0l5hv9hawIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPkYJMfQbBH4pCuXijoMqHXeoeIGMB8GA1UdIwQY
MBaAFPVrIEmzqapvI2jm7rS/zRZ5U6XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVdzZ1NiT3BxbThqYU9idXRMX05GbmxUcGVrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9kMWE3MWMtYjhmOC00MTJkLTlkYTEt
MjQwMWI3NDIwNmYzLzEvMS1SZ2t4OUJzRWZpa0s1ZUtPZ3lvZGQ2aDRnWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDIvZDFhNzFjLWI4ZjgtNDEyZC05ZGExLTI0MDFiNzQyMDZm
My8xLzlXc2dTYk9wcW04amFPYnV0TF9ORm5sVHBlay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA6BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAi2b1AME
ArlnTAMEAcMjcjANBAIAAjAHAwUDKgYqgDANBgkqhkiG9w0BAQsFAAOCAQEAZy6K
7vZhYN8POeJHSE7i2zV4oxxu9rdSaxh2vUhuuYSLe2QaX2YPZu/YZZIgh79EZ83U
Ab4t7Awr7uj3LWPfMaw/SUjK5TXDkMDpTKGOu15Mu29miyxsuc+bmEoQ0wRV26Rz
gYFiRL8Tb3Y2GaRkjy1BCbeVcSiWwmanhOrXaPEHtABeJnu+Diiskx/8Z1Twe9pI
P9fU6dxbX6c0IuppRmVEKB8s84l05crONmZJfdWBsmOvwJr9DeZ2o+TuM/ZaDMeZ
BiP3pU/9zvzZcWDdkFdrEn7Y7X05v+EuKTg5eCyWRnnokjDITmcrpRcjlr6aTKsM
UGH/5H82fwgq7N+dww==
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:56:32 2025 by rpki-client