Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/dfc110-7924-49a9-8564-0bebfcbde1f3/1/1fA5PORVd3jPdWz7xA5f_vnyxD0.roa
File: 1fA5PORVd3jPdWz7xA5f_vnyxD0.roa (raw, json)
Hash identifier: ykI4OL9fWsgYZNYcziWcElBypDNzSjFchoDv23Mnzrs=
Subject key identifier: D5:F0:39:3C:E4:55:77:78:CF:75:6C:FB:C4:0E:5F:FE:F9:F2:C4:3D
Certificate issuer: /CN=736d724e239efb7f2f7bea526a9e0c5e7fc89bbe
Certificate serial: 019424B3A9DA9EC3ABBC4E631C4FCDF58487
Authority key identifier: 73:6D:72:4E:23:9E:FB:7F:2F:7B:EA:52:6A:9E:0C:5E:7F:C8:9B:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c21yTiOe-38ve-pSap4MXn_Im74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/dfc110-7924-49a9-8564-0bebfcbde1f3/1/1fA5PORVd3jPdWz7xA5f_vnyxD0.roa
Signing time: Thu 02 Jan 2025 01:49:01 +0000
ROA not before: Thu 02 Jan 2025 01:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208200
IP address blocks: 45.154.72.0/23 maxlen: 24
2a0f:b300::/36 maxlen: 48
2a0f:b300:1000::/36 maxlen: 48
2a0f:b300:b300::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/dfc110-7924-49a9-8564-0bebfcbde1f3/1/c21yTiOe-38ve-pSap4MXn_Im74.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/dfc110-7924-49a9-8564-0bebfcbde1f3/1/c21yTiOe-38ve-pSap4MXn_Im74.mft
rsync://rpki.ripe.net/repository/DEFAULT/c21yTiOe-38ve-pSap4MXn_Im74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:a9:da:9e:c3:ab:bc:4e:63:1c:4f:cd:f5:84:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=736d724e239efb7f2f7bea526a9e0c5e7fc89bbe
Validity
Not Before: Jan 2 01:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5f0393ce4557778cf756cfbc40e5ffef9f2c43d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e6:1e:03:fc:bd:14:8e:6f:7a:2f:65:aa:6f:
80:df:1e:f8:b1:06:c3:18:da:aa:4a:f5:2f:e9:de:
a9:56:ec:04:3f:77:57:9f:69:37:1e:95:c0:93:f0:
e6:60:78:c5:cf:25:d3:fd:d3:ae:23:11:47:c1:d4:
4d:78:22:d4:b3:f5:11:55:f3:79:a9:dc:11:a6:2e:
9b:51:f9:9a:a2:1e:fc:30:1c:e2:fc:2b:e7:31:9c:
99:c6:a4:48:e9:a4:9e:94:a1:b0:4b:60:78:57:94:
e5:d9:97:61:a6:24:83:2a:25:bf:d0:f7:87:fc:68:
b7:6f:4b:3c:d9:0e:74:64:f4:54:26:6a:c6:c1:69:
e3:39:1f:12:38:0e:0e:69:2c:82:af:3f:95:1f:45:
48:4f:11:37:c9:5d:3e:f9:48:c2:ba:c2:a6:ae:68:
1c:a5:57:0f:71:9c:a4:bf:e6:d6:6b:04:06:e0:e8:
ae:98:6c:85:ea:e4:4e:f3:56:2b:e4:33:95:a2:e8:
6b:2c:fe:c2:44:2d:b8:4f:4b:c5:5e:3c:1b:2f:96:
7a:35:4c:46:0a:8d:37:03:a3:50:34:4e:81:cf:c2:
c2:48:fb:62:7b:5e:d8:ad:0a:aa:0c:cf:43:01:65:
4f:4d:a6:15:8c:c9:69:49:9c:b3:09:94:2b:a9:cd:
16:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:F0:39:3C:E4:55:77:78:CF:75:6C:FB:C4:0E:5F:FE:F9:F2:C4:3D
X509v3 Authority Key Identifier:
keyid:73:6D:72:4E:23:9E:FB:7F:2F:7B:EA:52:6A:9E:0C:5E:7F:C8:9B:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c21yTiOe-38ve-pSap4MXn_Im74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfc110-7924-49a9-8564-0bebfcbde1f3/1/1fA5PORVd3jPdWz7xA5f_vnyxD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfc110-7924-49a9-8564-0bebfcbde1f3/1/c21yTiOe-38ve-pSap4MXn_Im74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.72.0/23
IPv6:
2a0f:b300::/35
2a0f:b300:b300::/48
Signature Algorithm: sha256WithRSAEncryption
70:94:e2:de:e7:07:44:bd:ac:9c:7b:3f:3c:cf:32:77:50:30:
96:52:de:9e:aa:fe:e7:65:d1:e6:44:d1:41:8d:3b:b4:cb:11:
21:ac:a9:c6:4e:37:3b:a2:e8:62:98:8f:fa:94:55:66:af:7d:
ee:43:a6:77:65:a8:50:fc:72:93:67:61:c9:bd:c7:87:fc:8a:
cc:ae:76:3f:83:d5:c9:7e:37:c7:b8:65:c3:c1:09:11:97:c4:
ee:59:9e:27:59:30:a9:a5:44:74:c9:3f:8e:86:9c:0d:cd:40:
3b:85:31:19:aa:c9:68:09:d9:0a:a9:bd:e0:15:1f:d4:0f:8c:
b2:a2:6d:74:14:ca:d1:0b:cb:99:0c:a3:a2:f8:fe:fd:17:16:
56:a3:1a:61:dd:ab:c2:4e:8b:e9:91:2e:a9:d3:f1:d0:3e:b8:
dd:0c:6c:36:0a:d1:aa:94:fe:54:8d:f4:31:e4:a6:0b:d2:85:
eb:fe:75:04:54:78:b6:8f:ab:79:e2:45:ec:8f:bc:64:6e:77:
06:f0:13:19:1b:b5:02:1f:49:84:2c:3c:a0:5e:05:eb:a7:96:
4c:10:67:13:5f:d3:50:59:00:2f:33:7f:9b:77:b6:65:64:20:
4b:90:8d:a9:e6:06:b2:2e:9c:73:79:24:49:0e:90:df:79:00:
8c:ea:71:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQks6nansOrvE5jHE/N9YSHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczNmQ3MjRlMjM5ZWZiN2YyZjdiZWE1MjZhOWUwYzVlN2Zj
ODliYmUwHhcNMjUwMTAyMDE0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWYwMzkzY2U0NTU3Nzc4Y2Y3NTZjZmJjNDBlNWZmZWY5ZjJjNDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleYeA/y9FI5vei9lqm+A3x74sQbD
GNqqSvUv6d6pVuwEP3dXn2k3HpXAk/DmYHjFzyXT/dOuIxFHwdRNeCLUs/URVfN5
qdwRpi6bUfmaoh78MBzi/CvnMZyZxqRI6aSelKGwS2B4V5Tl2ZdhpiSDKiW/0PeH
/Gi3b0s82Q50ZPRUJmrGwWnjOR8SOA4OaSyCrz+VH0VITxE3yV0++UjCusKmrmgc
pVcPcZykv+bWawQG4OiumGyF6uRO81Yr5DOVouhrLP7CRC24T0vFXjwbL5Z6NUxG
Co03A6NQNE6Bz8LCSPtie17YrQqqDM9DAWVPTaYVjMlpSZyzCZQrqc0WQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNXwOTzkVXd4z3Vs+8QOX/758sQ9MB8GA1UdIwQY
MBaAFHNtck4jnvt/L3vqUmqeDF5/yJu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzIxeVRpT2UtMzh2ZS1wU2FwNE1Ybl9JbTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9kZmMxMTAtNzkyNC00OWE5LTg1NjQt
MGJlYmZjYmRlMWYzLzEvMWZBNVBPUlZkM2pQZFd6N3hBNWZfdm55eEQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9kZmMxMTAtNzkyNC00OWE5LTg1NjQtMGJlYmZjYmRlMWYz
LzEvYzIxeVRpT2UtMzh2ZS1wU2FwNE1Ybl9JbTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAMBAIAATAGAwQBLZpIMBcE
AgACMBEDBgUqD7MAAAMHACoPswCzADANBgkqhkiG9w0BAQsFAAOCAQEAcJTi3ucH
RL2snHs/PM8yd1AwllLenqr+52XR5kTRQY07tMsRIaypxk43O6LoYpiP+pRVZq99
7kOmd2WoUPxyk2dhyb3Hh/yKzK52P4PVyX43x7hlw8EJEZfE7lmeJ1kwqaVEdMk/
joacDc1AO4UxGarJaAnZCqm94BUf1A+MsqJtdBTK0QvLmQyjovj+/RcWVqMaYd2r
wk6L6ZEuqdPx0D643QxsNgrRqpT+VI30MeSmC9KF6/51BFR4to+reeJF7I+8ZG53
BvATGRu1Ah9JhCw8oF4F66eWTBBnE1/TUFkALzN/m3e2ZWQgS5CNqeYGsi6cc3kk
SQ6Q33kAjOpxMg==
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:48:44 2025 by rpki-client