Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/0c3554-ccad-4698-bf9f-b1fcf3896999/1/m3oyez4opl0YbbQ1CR2fl2aO7F8.roa
File: m3oyez4opl0YbbQ1CR2fl2aO7F8.roa (raw, json)
Hash identifier: FqYvVOjK/elvRD3q2xJweF4ZvocMCS6cmWVMXbFh3Mg=
Subject key identifier: 9B:7A:32:7B:3E:28:A6:5D:18:6D:B4:35:09:1D:9F:97:66:8E:EC:5F
Certificate issuer: /CN=71b6d0e0072d0cab29bfa8737de2a53e51418276
Certificate serial: 019423D6FFA73C4016A95AD2C0BB2BF57659
Authority key identifier: 71:B6:D0:E0:07:2D:0C:AB:29:BF:A8:73:7D:E2:A5:3E:51:41:82:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cbbQ4ActDKspv6hzfeKlPlFBgnY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/0c3554-ccad-4698-bf9f-b1fcf3896999/1/m3oyez4opl0YbbQ1CR2fl2aO7F8.roa
Signing time: Wed 01 Jan 2025 21:48:00 +0000
ROA not before: Wed 01 Jan 2025 21:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208718
IP address blocks: 45.87.192.0/24 maxlen: 24
45.87.193.0/24 maxlen: 24
45.87.194.0/24 maxlen: 24
45.87.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/0c3554-ccad-4698-bf9f-b1fcf3896999/1/cbbQ4ActDKspv6hzfeKlPlFBgnY.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/0c3554-ccad-4698-bf9f-b1fcf3896999/1/cbbQ4ActDKspv6hzfeKlPlFBgnY.mft
rsync://rpki.ripe.net/repository/DEFAULT/cbbQ4ActDKspv6hzfeKlPlFBgnY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:ff:a7:3c:40:16:a9:5a:d2:c0:bb:2b:f5:76:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71b6d0e0072d0cab29bfa8737de2a53e51418276
Validity
Not Before: Jan 1 21:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b7a327b3e28a65d186db435091d9f97668eec5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:93:0b:66:8b:3a:51:f2:93:20:94:7b:9d:97:
22:82:ac:87:3c:47:43:ce:f9:66:43:ad:de:3e:58:
84:a1:19:f2:b0:5c:ec:01:f9:c9:4c:34:14:ea:17:
25:e9:21:6a:8e:22:bc:8c:e0:7e:fb:8a:44:07:c6:
0d:c4:00:d2:3b:ff:f6:c6:6c:f5:85:02:62:c6:7c:
8d:8b:1c:64:cf:96:a0:75:91:30:e4:fa:ac:ec:ee:
17:ca:c5:e7:44:69:92:80:eb:3d:62:61:4a:bd:52:
3d:85:67:91:de:34:aa:25:13:24:85:51:a4:48:48:
78:49:ee:04:3e:8b:64:e2:85:68:e0:e6:a6:20:fb:
a5:17:a5:60:15:77:9c:e8:67:cb:38:14:79:40:39:
13:e0:89:30:e2:93:13:b5:2b:83:02:b5:7a:74:fb:
95:79:38:fe:ff:1f:a2:04:6c:9f:ff:c4:e5:0a:d0:
95:6f:06:c4:89:28:77:27:e8:28:0d:24:9c:a0:1a:
eb:d9:3f:5f:f9:ca:bd:36:4d:d2:f0:9a:8f:bc:64:
78:5d:f1:65:d6:9b:b4:eb:e1:01:75:96:3a:ef:31:
10:25:b4:80:61:1b:11:5c:ec:fb:e7:7c:dd:06:10:
b8:2d:90:59:7c:9b:df:a6:a2:be:4c:e3:23:b1:a6:
7b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:7A:32:7B:3E:28:A6:5D:18:6D:B4:35:09:1D:9F:97:66:8E:EC:5F
X509v3 Authority Key Identifier:
keyid:71:B6:D0:E0:07:2D:0C:AB:29:BF:A8:73:7D:E2:A5:3E:51:41:82:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cbbQ4ActDKspv6hzfeKlPlFBgnY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0c3554-ccad-4698-bf9f-b1fcf3896999/1/m3oyez4opl0YbbQ1CR2fl2aO7F8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0c3554-ccad-4698-bf9f-b1fcf3896999/1/cbbQ4ActDKspv6hzfeKlPlFBgnY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.192.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:4b:09:bc:2e:41:3c:14:ca:b3:a1:bd:e5:ee:c4:f4:8e:fd:
9c:bb:85:f9:0f:7e:bc:ed:a8:15:dc:08:2c:4e:55:4c:49:1e:
2c:08:18:66:51:c9:d0:e4:2d:4b:36:19:e5:f1:30:9b:40:e8:
8d:22:c5:17:8b:47:8f:f9:3e:22:80:c2:6b:21:a4:62:21:f7:
40:bc:4e:c5:8a:5c:87:1e:c5:bf:06:5e:ad:55:7e:e1:18:81:
3f:06:62:0d:88:e8:19:c2:30:85:39:34:0c:6d:f1:3c:bd:22:
5f:e2:05:a6:ab:91:03:18:eb:05:0a:c2:c7:52:8a:67:f4:ff:
62:4a:bd:d5:db:74:6b:25:b2:2f:da:6f:31:62:93:bf:ea:c8:
68:7a:58:d4:03:94:dd:bf:cf:d1:cc:20:c2:a0:b3:22:57:4b:
c8:bc:95:e3:7c:df:cc:01:78:51:b7:c3:1a:a4:bb:8b:8f:49:
73:5f:06:a5:bb:d7:af:b1:b9:a5:d2:cf:d1:7b:1c:1a:45:5b:
29:f1:00:67:e9:2e:40:16:96:29:d7:bb:f0:25:2c:ba:83:6c:
3d:7f:9a:e1:f3:5b:07:45:c7:d2:cf:86:1a:7d:cf:9d:52:92:
bf:c3:3c:e4:c6:73:ff:01:93:50:b4:b7:38:46:8b:10:c5:26:
28:5d:1a:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1v+nPEAWqVrSwLsr9XZZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYjZkMGUwMDcyZDBjYWIyOWJmYTg3MzdkZTJhNTNlNTE0
MTgyNzYwHhcNMjUwMTAxMjE0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjdhMzI3YjNlMjhhNjVkMTg2ZGI0MzUwOTFkOWY5NzY2OGVlYzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ZMLZos6UfKTIJR7nZcigqyHPEdD
zvlmQ63ePliEoRnysFzsAfnJTDQU6hcl6SFqjiK8jOB++4pEB8YNxADSO//2xmz1
hQJixnyNixxkz5agdZEw5Pqs7O4XysXnRGmSgOs9YmFKvVI9hWeR3jSqJRMkhVGk
SEh4Se4EPotk4oVo4OamIPulF6VgFXec6GfLOBR5QDkT4Ikw4pMTtSuDArV6dPuV
eTj+/x+iBGyf/8TlCtCVbwbEiSh3J+goDSScoBrr2T9f+cq9Nk3S8JqPvGR4XfFl
1pu06+EBdZY67zEQJbSAYRsRXOz753zdBhC4LZBZfJvfpqK+TOMjsaZ7rwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJt6Mns+KKZdGG20NQkdn5dmjuxfMB8GA1UdIwQY
MBaAFHG20OAHLQyrKb+oc33ipT5RQYJ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2JiUTRBY3RES3NwdjZoemZlS2xQbEZCZ25ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8wYzM1NTQtY2NhZC00Njk4LWJmOWYt
YjFmY2YzODk2OTk5LzEvbTNveWV6NG9wbDBZYmJRMUNSMmZsMmFPN0Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8wYzM1NTQtY2NhZC00Njk4LWJmOWYtYjFmY2YzODk2OTk5
LzEvY2JiUTRBY3RES3NwdjZoemZlS2xQbEZCZ25ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVfAMA0G
CSqGSIb3DQEBCwUAA4IBAQB+Swm8LkE8FMqzob3l7sT0jv2cu4X5D3687agV3Ags
TlVMSR4sCBhmUcnQ5C1LNhnl8TCbQOiNIsUXi0eP+T4igMJrIaRiIfdAvE7FilyH
HsW/Bl6tVX7hGIE/BmINiOgZwjCFOTQMbfE8vSJf4gWmq5EDGOsFCsLHUopn9P9i
Sr3V23RrJbIv2m8xYpO/6shoeljUA5Tdv8/RzCDCoLMiV0vIvJXjfN/MAXhRt8Ma
pLuLj0lzXwalu9evsbml0s/RexwaRVsp8QBn6S5AFpYp17vwJSy6g2w9f5rh81sH
RcfSz4Yafc+dUpK/wzzkxnP/AZNQtLc4RosQxSYoXRrR
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:57:09 2025 by rpki-client