Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/7p384sXqxwddixUy_mYYBxF3awU.roa
File: 7p384sXqxwddixUy_mYYBxF3awU.roa (raw, json)
Hash identifier: shaUQH6DkAjCcH24QCvbbVnJZikn1zAyihmMsgzPJcI=
Subject key identifier: EE:9D:FC:E2:C5:EA:C7:07:5D:8B:15:32:FE:66:18:07:11:77:6B:05
Certificate issuer: /CN=e14ac611614dd165d94557296ed7ed46c8fc025f
Certificate serial: 0194228D44B87B902AEBC6F28B77E066A7C0
Authority key identifier: E1:4A:C6:11:61:4D:D1:65:D9:45:57:29:6E:D7:ED:46:C8:FC:02:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4UrGEWFN0WXZRVcpbtftRsj8Al8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/7p384sXqxwddixUy_mYYBxF3awU.roa
Signing time: Wed 01 Jan 2025 15:47:50 +0000
ROA not before: Wed 01 Jan 2025 15:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40676
IP address blocks: 45.133.158.0/24 maxlen: 24
45.133.159.0/24 maxlen: 24
141.98.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/4UrGEWFN0WXZRVcpbtftRsj8Al8.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/4UrGEWFN0WXZRVcpbtftRsj8Al8.mft
rsync://rpki.ripe.net/repository/DEFAULT/4UrGEWFN0WXZRVcpbtftRsj8Al8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 15:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:44:b8:7b:90:2a:eb:c6:f2:8b:77:e0:66:a7:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e14ac611614dd165d94557296ed7ed46c8fc025f
Validity
Not Before: Jan 1 15:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee9dfce2c5eac7075d8b1532fe66180711776b05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:78:2b:f1:c8:19:88:b1:9e:96:70:4b:6d:76:
2e:51:9a:15:c9:81:0b:24:3b:ae:71:8d:a0:bb:d9:
51:2e:ae:0b:c8:96:6b:7d:47:12:c0:ff:5e:64:59:
a6:f8:08:3b:9f:3c:f4:2a:e8:fb:0f:d2:60:b2:3b:
25:05:fd:9d:0a:26:7f:29:6b:0f:3a:12:a1:2e:9a:
25:55:67:6d:7d:85:e4:79:30:56:59:16:1e:72:eb:
e1:1e:42:87:32:3e:df:bc:c9:90:92:6b:8b:a8:d5:
e4:75:76:bd:00:49:59:56:b4:4f:dd:46:f6:61:fe:
83:50:c1:72:54:15:82:8f:ca:46:c1:df:bf:e0:49:
cf:4f:8a:a0:d5:ac:6e:c4:3d:f1:d9:4f:ee:e0:56:
60:e5:f9:b1:91:76:3f:67:1b:d6:1d:b2:4e:2a:e6:
7b:ca:28:0b:16:78:59:45:e7:1a:29:ea:b0:cf:54:
97:1d:1b:60:bc:ce:b0:60:94:43:0b:38:2c:b3:53:
9c:74:47:b8:8a:a6:4c:80:4d:cf:d0:64:d2:78:fb:
bf:9a:61:99:c9:59:0b:de:00:3d:71:b4:cc:ee:d5:
dd:72:bb:43:19:ab:af:e8:a0:4a:02:ef:04:0c:18:
61:1b:16:26:9c:aa:2e:a2:29:04:22:2e:98:5c:c7:
aa:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:9D:FC:E2:C5:EA:C7:07:5D:8B:15:32:FE:66:18:07:11:77:6B:05
X509v3 Authority Key Identifier:
keyid:E1:4A:C6:11:61:4D:D1:65:D9:45:57:29:6E:D7:ED:46:C8:FC:02:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4UrGEWFN0WXZRVcpbtftRsj8Al8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/7p384sXqxwddixUy_mYYBxF3awU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/4UrGEWFN0WXZRVcpbtftRsj8Al8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.158.0/23
141.98.47.0/24
Signature Algorithm: sha256WithRSAEncryption
e0:96:0a:75:d7:0b:7e:90:0b:57:8a:a6:f0:9a:11:0e:19:43:
cd:eb:fb:54:9b:9b:7c:05:08:fa:97:4b:94:e2:c4:d0:e5:35:
1f:fb:b9:dd:4f:16:d9:b6:2b:8e:93:43:c9:df:00:75:59:87:
5d:92:03:c3:94:74:85:36:e0:85:29:9e:e2:a8:25:4c:6f:15:
26:fe:1a:a7:99:2a:73:20:8e:89:f4:4a:85:19:57:05:8a:e2:
20:22:10:fe:af:52:c5:54:cc:07:4a:31:d8:64:66:bf:d2:24:
ec:47:ce:4c:24:d9:df:14:e9:2f:91:30:fe:1b:97:48:77:c9:
61:37:74:76:da:6e:bc:be:43:62:f9:6d:85:4a:6f:5b:c9:cc:
d5:2f:8a:86:f6:4c:dc:17:f2:e1:0f:7c:06:87:f6:57:ea:4b:
b8:b7:ab:6e:f7:e3:90:42:f4:71:f8:aa:b6:b2:4e:c3:2d:e8:
d4:72:2c:d7:51:9e:94:d2:63:b8:06:a5:dd:a3:08:22:34:d7:
4f:2c:5f:91:94:09:bc:68:6a:9f:fe:45:d3:3b:c8:cf:3c:02:
3c:fe:a5:4b:07:4c:8d:6f:69:dd:0d:84:68:fb:c8:aa:55:67:
fa:bd:ae:6c:a9:8c:35:52:71:33:68:2e:96:97:e3:25:74:68:
08:00:15:bc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQijUS4e5Aq68byi3fgZqfAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNGFjNjExNjE0ZGQxNjVkOTQ1NTcyOTZlZDdlZDQ2Yzhm
YzAyNWYwHhcNMjUwMTAxMTU0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTlkZmNlMmM1ZWFjNzA3NWQ4YjE1MzJmZTY2MTgwNzExNzc2YjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHgr8cgZiLGelnBLbXYuUZoVyYEL
JDuucY2gu9lRLq4LyJZrfUcSwP9eZFmm+Ag7nzz0Kuj7D9JgsjslBf2dCiZ/KWsP
OhKhLpolVWdtfYXkeTBWWRYecuvhHkKHMj7fvMmQkmuLqNXkdXa9AElZVrRP3Ub2
Yf6DUMFyVBWCj8pGwd+/4EnPT4qg1axuxD3x2U/u4FZg5fmxkXY/ZxvWHbJOKuZ7
yigLFnhZRecaKeqwz1SXHRtgvM6wYJRDCzgss1OcdEe4iqZMgE3P0GTSePu/mmGZ
yVkL3gA9cbTM7tXdcrtDGauv6KBKAu8EDBhhGxYmnKouoikEIi6YXMeqfQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO6d/OLF6scHXYsVMv5mGAcRd2sFMB8GA1UdIwQY
MBaAFOFKxhFhTdFl2UVXKW7X7UbI/AJfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFVyR0VXRk4wV1haUlZjcGJ0ZnRSc2o4QWw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS82ZTc5YjgtMmI4Zi00ZWNjLTlhNmUt
NzBlODk4YmIzOGRkLzEvN3AzODRzWHF4d2RkaXhVeV9tWVlCeEYzYXdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS82ZTc5YjgtMmI4Zi00ZWNjLTlhNmUtNzBlODk4YmIzOGRk
LzEvNFVyR0VXRk4wV1haUlZjcGJ0ZnRSc2o4QWw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLYWeAwQA
jWIvMA0GCSqGSIb3DQEBCwUAA4IBAQDglgp11wt+kAtXiqbwmhEOGUPN6/tUm5t8
BQj6l0uU4sTQ5TUf+7ndTxbZtiuOk0PJ3wB1WYddkgPDlHSFNuCFKZ7iqCVMbxUm
/hqnmSpzII6J9EqFGVcFiuIgIhD+r1LFVMwHSjHYZGa/0iTsR85MJNnfFOkvkTD+
G5dId8lhN3R22m68vkNi+W2FSm9byczVL4qG9kzcF/LhD3wGh/ZX6ku4t6tu9+OQ
QvRx+Kq2sk7DLejUcizXUZ6U0mO4BqXdowgiNNdPLF+RlAm8aGqf/kXTO8jPPAI8
/qVLB0yNb2ndDYRo+8iqVWf6va5sqYw1UnEzaC6Wl+MldGgIABW8
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:08:04 2025 by rpki-client