Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/USACkltJE4QqwVVNlMM3MAOHbI4.roa
File: USACkltJE4QqwVVNlMM3MAOHbI4.roa (raw, json)
Hash identifier: JKLOLgv3d9BtTTCj6wlSjdzlBfme6YgxxZZXaxE+z9Y=
Subject key identifier: 51:20:02:92:5B:49:13:84:2A:C1:55:4D:94:C3:37:30:03:87:6C:8E
Certificate issuer: /CN=f8203a0c04b81fe1766fa41bd31b73b588188ac7
Certificate serial: 019420D61ECD8D131DE75BEAB471D9719C65
Authority key identifier: F8:20:3A:0C:04:B8:1F:E1:76:6F:A4:1B:D3:1B:73:B5:88:18:8A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-CA6DAS4H-F2b6Qb0xtztYgYisc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/USACkltJE4QqwVVNlMM3MAOHbI4.roa
Signing time: Wed 01 Jan 2025 07:48:11 +0000
ROA not before: Wed 01 Jan 2025 07:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60721
IP address blocks: 45.136.104.0/24 maxlen: 24
45.136.105.0/24 maxlen: 24
45.136.107.0/24 maxlen: 24
185.26.144.0/24 maxlen: 24
185.26.145.0/24 maxlen: 24
185.26.146.0/24 maxlen: 24
185.26.147.0/24 maxlen: 24
185.126.176.0/24 maxlen: 24
185.153.228.0/24 maxlen: 24
185.153.229.0/24 maxlen: 24
185.153.230.0/24 maxlen: 24
185.153.231.0/24 maxlen: 24
185.162.144.0/24 maxlen: 24
185.162.147.0/24 maxlen: 24
185.171.24.0/24 maxlen: 24
185.171.25.0/24 maxlen: 24
185.171.26.0/24 maxlen: 24
185.171.27.0/24 maxlen: 24
185.247.136.0/24 maxlen: 24
185.247.138.0/24 maxlen: 24
185.247.139.0/24 maxlen: 24
2a04:3880::/30 maxlen: 30
2a06:c380::/29 maxlen: 29
2a0b:6000::/29 maxlen: 29
2a0d:a2c0::/29 maxlen: 29
2a0d:c480::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/1-CA6DAS4H-F2b6Qb0xtztYgYisc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/1-CA6DAS4H-F2b6Qb0xtztYgYisc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-CA6DAS4H-F2b6Qb0xtztYgYisc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 01:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:1e:cd:8d:13:1d:e7:5b:ea:b4:71:d9:71:9c:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8203a0c04b81fe1766fa41bd31b73b588188ac7
Validity
Not Before: Jan 1 07:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=512002925b4913842ac1554d94c3373003876c8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:0f:89:02:da:28:ec:7f:6e:33:c3:26:07:46:
ef:e4:2b:e7:86:5d:e1:43:cf:07:8a:73:97:9e:0d:
42:4e:8e:0d:5a:9c:e3:0b:63:95:52:80:77:05:cd:
fd:dd:6c:b3:6c:a1:4c:dd:43:91:f4:26:dc:53:a7:
d6:71:da:08:e2:46:1d:02:6c:0c:77:0f:bc:77:60:
c7:b5:ee:1c:89:f0:8d:21:14:ee:bf:f3:5f:15:65:
5a:ae:c0:01:e4:50:ae:34:85:4f:8b:14:48:45:30:
30:a5:04:c3:88:7d:4e:ec:1b:f7:43:6a:51:ee:57:
5b:dd:27:df:fa:c4:36:4f:dd:9f:39:0e:62:ce:4a:
7a:40:c1:9e:12:e7:a7:34:87:c4:55:11:d5:a0:cb:
40:87:8e:f9:de:ce:40:44:9d:7e:14:9b:4b:e6:93:
8c:f9:ec:5d:01:ed:e9:c0:fc:98:8c:17:00:8a:9a:
51:81:76:ef:51:33:d8:be:42:ec:7c:ea:fa:a2:fb:
42:49:a8:ad:8d:c0:9a:5e:39:c2:77:88:12:47:35:
68:74:26:a0:da:a2:cc:27:8f:64:0c:07:ee:fb:27:
15:56:d9:1e:22:ad:cc:4a:bc:49:e1:ff:aa:9f:32:
1e:04:5e:37:e4:ec:ea:c8:6e:89:31:59:69:28:85:
3b:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:20:02:92:5B:49:13:84:2A:C1:55:4D:94:C3:37:30:03:87:6C:8E
X509v3 Authority Key Identifier:
keyid:F8:20:3A:0C:04:B8:1F:E1:76:6F:A4:1B:D3:1B:73:B5:88:18:8A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-CA6DAS4H-F2b6Qb0xtztYgYisc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/USACkltJE4QqwVVNlMM3MAOHbI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/1-CA6DAS4H-F2b6Qb0xtztYgYisc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.104.0/23
45.136.107.0/24
185.26.144.0/22
185.126.176.0/24
185.153.228.0/22
185.162.144.0/24
185.162.147.0/24
185.171.24.0/22
185.247.136.0/24
185.247.138.0/23
IPv6:
2a04:3880::/30
2a06:c380::/29
2a0b:6000::/29
2a0d:a2c0::/29
2a0d:c480::/29
Signature Algorithm: sha256WithRSAEncryption
d0:09:62:98:31:b2:0b:56:d0:0a:78:f4:62:33:9f:f7:ad:40:
96:6b:2e:3b:4c:0e:ae:ee:41:5a:15:50:de:5f:67:af:f4:2d:
00:d1:4b:8e:d6:f1:1f:4f:8e:f3:97:78:bf:57:03:97:ea:dd:
b0:80:8e:f8:30:76:ff:23:e8:05:a1:0f:84:2b:e8:d0:82:a5:
2b:ee:0d:6e:3e:d5:d1:4f:c4:d6:81:12:da:43:17:d1:1c:88:
6e:92:6d:49:66:7d:07:b9:34:21:e5:cd:ea:d3:0c:e7:c3:92:
3f:88:4e:ab:e5:51:d8:c2:e1:4f:69:36:a2:de:b5:98:d6:1b:
28:a3:4b:0c:e9:23:9d:35:79:77:c1:9c:f9:9d:20:68:f9:e4:
48:50:f1:f1:31:7e:86:9a:e9:3f:ef:43:f9:78:55:1e:f3:0e:
08:6f:3f:2e:51:3b:eb:b2:ff:84:a4:12:99:55:37:9d:fc:36:
3e:52:11:bf:e0:23:85:9c:fe:ec:2e:45:61:46:a5:e9:0c:75:
6f:90:e3:3e:05:13:a7:cc:7a:05:d7:51:14:c7:0e:23:2a:0a:
13:d5:11:a6:75:33:a0:ce:b6:bf:6b:e0:74:e4:da:1a:76:34:
51:54:31:63:4f:c2:9c:3d:4b:b5:51:e7:1d:7b:7e:33:b6:5c:
16:4b:33:1a
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZQg1h7NjRMd51vqtHHZcZxlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MjAzYTBjMDRiODFmZTE3NjZmYTQxYmQzMWI3M2I1ODgx
ODhhYzcwHhcNMjUwMTAxMDc0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTIwMDI5MjViNDkxMzg0MmFjMTU1NGQ5NGMzMzczMDAzODc2YzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4A+JAtoo7H9uM8MmB0bv5Cvnhl3h
Q88HinOXng1CTo4NWpzjC2OVUoB3Bc393WyzbKFM3UOR9CbcU6fWcdoI4kYdAmwM
dw+8d2DHte4cifCNIRTuv/NfFWVarsAB5FCuNIVPixRIRTAwpQTDiH1O7Bv3Q2pR
7ldb3Sff+sQ2T92fOQ5izkp6QMGeEuenNIfEVRHVoMtAh4753s5ARJ1+FJtL5pOM
+exdAe3pwPyYjBcAippRgXbvUTPYvkLsfOr6ovtCSaitjcCaXjnCd4gSRzVodCag
2qLMJ49kDAfu+ycVVtkeIq3MSrxJ4f+qnzIeBF435OzqyG6JMVlpKIU7/QIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFFEgApJbSROEKsFVTZTDNzADh2yOMB8GA1UdIwQY
MBaAFPggOgwEuB/hdm+kG9Mbc7WIGIrHMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1DQTZEQVM0SC1GMmI2UWIweHR6dFlnWWlzYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIvZTE0Y2EzLWRhOGUtNGI1OC04NjNh
LTMzODk2MjBjMWJkNy8xL1VTQUNrbHRKRTRRcXdWVk5sTU0zTUFPSGJJNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWIvZTE0Y2EzLWRhOGUtNGI1OC04NjNhLTMzODk2MjBjMWJk
Ny8xLzEtQ0E2REFTNEgtRjJiNlFiMHh0enRZZ1lpc2MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgYAGCCsGAQUFBwEHAQH/BHEwbzBCBAIAATA8AwQBLYho
AwQALYhrAwQCuRqQAwQAuX6wAwQCuZnkAwQAuaKQAwQAuaKTAwQCuasYAwQAufeI
AwQBufeKMCkEAgACMCMDBQIqBDiAAwUDKgbDgAMFAyoLYAADBQMqDaLAAwUDKg3E
gDANBgkqhkiG9w0BAQsFAAOCAQEA0AlimDGyC1bQCnj0YjOf961AlmsuO0wOru5B
WhVQ3l9nr/QtANFLjtbxH0+O85d4v1cDl+rdsICO+DB2/yPoBaEPhCvo0IKlK+4N
bj7V0U/E1oES2kMX0RyIbpJtSWZ9B7k0IeXN6tMM58OSP4hOq+VR2MLhT2k2ot61
mNYbKKNLDOkjnTV5d8Gc+Z0gaPnkSFDx8TF+hprpP+9D+XhVHvMOCG8/LlE767L/
hKQSmVU3nfw2PlIRv+AjhZz+7C5FYUal6Qx1b5DjPgUTp8x6BddRFMcOIyoKE9UR
pnUzoM62v2vgdOTaGnY0UVQxY0/CnD1LtVHnHXt+M7ZcFkszGg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:34:30 2025 by rpki-client