Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/soZqy3HUC6xiStBTbgTdR73Vw2c.roa
File: soZqy3HUC6xiStBTbgTdR73Vw2c.roa (raw, json)
Hash identifier: 0/K+cWWK8CwD0JZ/wMwAQQYw/af8O4bhKs39qQrbVB4=
Subject key identifier: B2:86:6A:CB:71:D4:0B:AC:62:4A:D0:53:6E:04:DD:47:BD:D5:C3:67
Certificate issuer: /CN=a4cb50e78a3a31e3375cf2aab865e845ff2e99c1
Certificate serial: 019493FB49498C38A50FC97B42AA90C811A7
Authority key identifier: A4:CB:50:E7:8A:3A:31:E3:37:5C:F2:AA:B8:65:E8:45:FF:2E:99:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pMtQ54o6MeM3XPKquGXoRf8umcE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/soZqy3HUC6xiStBTbgTdR73Vw2c.roa
Signing time: Thu 23 Jan 2025 16:25:06 +0000
ROA not before: Thu 23 Jan 2025 16:25:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30848
IP address blocks: 82.145.96.0/23 maxlen: 24
82.145.102.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/pMtQ54o6MeM3XPKquGXoRf8umcE.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/pMtQ54o6MeM3XPKquGXoRf8umcE.mft
rsync://rpki.ripe.net/repository/DEFAULT/pMtQ54o6MeM3XPKquGXoRf8umcE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:93:fb:49:49:8c:38:a5:0f:c9:7b:42:aa:90:c8:11:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4cb50e78a3a31e3375cf2aab865e845ff2e99c1
Validity
Not Before: Jan 23 16:25:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2866acb71d40bac624ad0536e04dd47bdd5c367
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b1:7d:9c:64:8f:e5:b0:33:d1:1a:bc:18:f8:
28:cf:89:09:df:0a:1f:12:08:04:5d:5c:5f:8f:f0:
17:db:be:f2:5d:32:5d:c5:7b:c2:98:a5:15:64:f0:
74:d8:6f:ca:39:ed:d7:5d:38:c7:f0:52:64:44:cf:
f7:4c:64:cb:66:61:0b:39:f3:60:48:57:7b:ff:56:
3b:51:8d:06:b4:a7:65:23:93:a2:70:8c:5f:b2:70:
56:1a:8f:18:37:76:28:9b:8f:c3:b5:17:31:3e:41:
5b:68:2f:8f:ae:46:19:c2:b8:3a:18:ce:b0:e3:d9:
2f:5c:10:da:ec:32:85:51:6b:6e:a1:c2:16:52:d9:
fe:cb:8c:b1:aa:1f:79:2c:4c:28:20:fe:73:4d:31:
5c:79:b2:b9:0b:b4:d3:ec:0a:50:da:0c:02:5c:79:
8e:bc:23:0d:4d:f2:1a:df:8e:4d:82:ad:9c:8c:49:
12:f7:13:30:3e:4a:6f:b3:3f:32:98:c8:06:2c:a3:
ac:c1:a6:1c:fd:aa:79:97:77:5f:60:da:b0:65:93:
8d:6f:10:43:0f:1e:d6:bd:85:20:f0:ad:12:e1:66:
78:e0:28:06:4e:c8:47:a1:36:42:f0:a1:a7:b7:e2:
62:33:75:c5:b4:8b:92:e4:be:67:f7:18:89:b0:19:
bb:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:86:6A:CB:71:D4:0B:AC:62:4A:D0:53:6E:04:DD:47:BD:D5:C3:67
X509v3 Authority Key Identifier:
keyid:A4:CB:50:E7:8A:3A:31:E3:37:5C:F2:AA:B8:65:E8:45:FF:2E:99:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pMtQ54o6MeM3XPKquGXoRf8umcE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/soZqy3HUC6xiStBTbgTdR73Vw2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/pMtQ54o6MeM3XPKquGXoRf8umcE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.145.96.0/23
82.145.102.0/23
Signature Algorithm: sha256WithRSAEncryption
13:cb:a2:49:c4:b5:e2:4d:8a:79:94:8a:a4:86:e2:46:83:4b:
c6:fd:ff:0a:d0:7c:96:71:34:92:8f:4f:ec:3f:36:32:f6:7f:
97:0d:0d:39:e5:b9:ae:c1:7b:c5:c4:a0:c0:12:b1:b0:0c:03:
c4:e3:27:37:ee:3b:a3:1e:95:70:98:4b:90:ec:2b:13:7a:5a:
df:ce:4f:74:be:23:a9:99:36:b8:e5:fb:8b:8e:65:3a:43:0b:
3d:61:6d:64:83:c1:ea:4d:14:90:24:6e:58:99:f1:cc:02:20:
d7:13:be:49:48:cf:9b:90:83:e5:c1:67:4d:24:76:01:74:f8:
ce:1b:a3:23:4e:a3:ad:a0:25:45:08:31:a4:c8:6d:72:3e:f4:
c9:4e:db:b1:f1:19:82:b9:63:a1:e1:d4:e3:ff:36:a0:4e:0e:
b6:84:a9:af:17:d8:7c:4f:e8:65:4d:c8:11:ac:a5:91:55:37:
ae:e2:a8:11:1d:08:1f:5e:6f:f0:ee:6d:63:c1:ad:57:df:4a:
2f:5b:ca:61:a6:b1:23:e9:99:a8:88:3a:cd:43:ba:0c:de:d5:
a1:f4:ef:bb:63:0a:61:6d:ab:f7:03:40:9c:4c:fb:0a:81:2d:
11:05:0d:5f:dd:a5:95:e6:0f:03:12:c2:e5:d2:76:94:03:41:
24:b0:1f:13
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZST+0lJjDilD8l7QqqQyBGnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0Y2I1MGU3OGEzYTMxZTMzNzVjZjJhYWI4NjVlODQ1ZmYy
ZTk5YzEwHhcNMjUwMTIzMTYyNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjg2NmFjYjcxZDQwYmFjNjI0YWQwNTM2ZTA0ZGQ0N2JkZDVjMzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7F9nGSP5bAz0Rq8GPgoz4kJ3wof
EggEXVxfj/AX277yXTJdxXvCmKUVZPB02G/KOe3XXTjH8FJkRM/3TGTLZmELOfNg
SFd7/1Y7UY0GtKdlI5OicIxfsnBWGo8YN3Yom4/DtRcxPkFbaC+PrkYZwrg6GM6w
49kvXBDa7DKFUWtuocIWUtn+y4yxqh95LEwoIP5zTTFcebK5C7TT7ApQ2gwCXHmO
vCMNTfIa345Ngq2cjEkS9xMwPkpvsz8ymMgGLKOswaYc/ap5l3dfYNqwZZONbxBD
Dx7WvYUg8K0S4WZ44CgGTshHoTZC8KGnt+JiM3XFtIuS5L5n9xiJsBm7CQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLKGastx1AusYkrQU24E3Ue91cNnMB8GA1UdIwQY
MBaAFKTLUOeKOjHjN1zyqrhl6EX/LpnBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE10UTU0bzZNZU0zWFBLcXVHWG9SZjh1bWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9iMWYyZTAtOGE2MC00YzhhLTkwZGMt
NGJlNzk0ZDY0MDZkLzEvc29acXkzSFVDNnhpU3RCVGJnVGRSNzNWdzJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9iMWYyZTAtOGE2MC00YzhhLTkwZGMtNGJlNzk0ZDY0MDZk
LzEvcE10UTU0bzZNZU0zWFBLcXVHWG9SZjh1bWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBUpFgAwQB
UpFmMA0GCSqGSIb3DQEBCwUAA4IBAQATy6JJxLXiTYp5lIqkhuJGg0vG/f8K0HyW
cTSSj0/sPzYy9n+XDQ055bmuwXvFxKDAErGwDAPE4yc37jujHpVwmEuQ7CsTelrf
zk90viOpmTa45fuLjmU6Qws9YW1kg8HqTRSQJG5YmfHMAiDXE75JSM+bkIPlwWdN
JHYBdPjOG6MjTqOtoCVFCDGkyG1yPvTJTtux8RmCuWOh4dTj/zagTg62hKmvF9h8
T+hlTcgRrKWRVTeu4qgRHQgfXm/w7m1jwa1X30ovW8phprEj6ZmoiDrNQ7oM3tWh
9O+7Ywphbav3A0CcTPsKgS0RBQ1f3aWV5g8DEsLl0naUA0EksB8T
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:53:35 2025 by rpki-client