Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/NojFSrrS5JKJQebH50O-Sn9xxis.roa
File: NojFSrrS5JKJQebH50O-Sn9xxis.roa (raw, json)
Hash identifier: 99amkQAhCwzYf+SSxz6XlFlKrJhhJL3h7GCB1tqsJIA=
Subject key identifier: 36:88:C5:4A:BA:D2:E4:92:89:41:E6:C7:E7:43:BE:4A:7F:71:C6:2B
Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954
Certificate serial: 0196904395D248B3DB5FF643BCB88FEBFD38
Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/NojFSrrS5JKJQebH50O-Sn9xxis.roa
Signing time: Fri 02 May 2025 09:11:10 +0000
ROA not before: Fri 02 May 2025 09:11:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 45.117.53.0/24 maxlen: 24
45.123.145.0/24 maxlen: 24
2a0d:3900::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 22:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:90:43:95:d2:48:b3:db:5f:f6:43:bc:b8:8f:eb:fd:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954
Validity
Not Before: May 2 09:11:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3688c54abad2e4928941e6c7e743be4a7f71c62b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:53:c6:7e:48:ce:4e:a1:34:fc:aa:e9:4b:2b:
7b:88:7f:0c:fa:a2:75:4e:06:c5:f0:08:e6:b4:d2:
f7:e4:80:4e:66:66:06:88:42:ab:b2:bf:af:5f:6b:
61:78:50:60:6b:84:fb:cf:d0:f0:0c:e5:8e:81:b9:
ff:66:9d:d7:2d:c1:54:4b:3b:1e:5d:ab:ac:23:e8:
80:14:dc:f1:41:b9:35:d9:23:1e:f1:dc:6a:6d:85:
7d:e2:aa:4e:25:e1:6b:4f:1b:40:00:eb:12:81:e1:
f5:ec:be:b1:18:e9:8d:fc:c6:7d:2b:89:68:0c:49:
c2:96:b0:88:4b:23:b8:5a:d8:d4:16:52:b9:f3:f7:
ce:da:fd:5b:47:b8:9d:30:36:3e:b8:3e:f2:39:a4:
00:b9:4c:f9:ef:7b:ae:72:52:bf:e1:f2:4f:5a:2b:
3c:09:c6:9f:fe:87:63:80:9f:f9:25:eb:2c:d1:6c:
8c:d1:29:12:03:64:8c:3a:78:07:47:63:47:30:f1:
a8:29:b4:34:93:5a:23:ed:93:1c:10:f4:c1:70:fe:
67:4a:dd:f8:a2:1b:c0:26:ae:05:5a:ca:67:ac:5a:
e5:cf:3e:c2:3c:1a:eb:ee:29:2e:b0:ff:32:c3:41:
32:7d:7f:19:10:ec:25:99:aa:8d:90:da:b9:d2:ba:
a8:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:88:C5:4A:BA:D2:E4:92:89:41:E6:C7:E7:43:BE:4A:7F:71:C6:2B
X509v3 Authority Key Identifier:
keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/NojFSrrS5JKJQebH50O-Sn9xxis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.117.53.0/24
45.123.145.0/24
IPv6:
2a0d:3900::/29
Signature Algorithm: sha256WithRSAEncryption
3e:34:ea:be:ec:d8:93:69:cf:37:f9:ca:ce:b5:2c:b6:60:f4:
6a:2b:01:aa:a3:43:69:71:8d:34:24:09:55:45:f2:6d:5e:a7:
3b:11:af:3e:9e:95:70:41:4c:4e:64:7b:80:48:e3:10:35:2d:
43:1b:36:8b:6d:8c:dd:f4:6a:5f:36:1d:bb:da:f0:f8:e1:ca:
6d:9b:62:80:2b:3f:e5:d7:df:04:69:56:b6:ed:90:0e:49:20:
e1:4e:ff:cc:fe:7e:1f:b9:14:81:e7:c1:83:fe:43:02:28:d5:
74:cf:66:a8:b3:48:6e:9f:76:26:69:b2:cd:b6:e3:0b:0e:44:
7f:b3:80:9b:bd:58:a5:cf:ea:ed:65:f3:44:5b:1d:ea:56:7d:
24:12:20:d8:f3:00:56:ae:b5:7b:d2:39:49:6c:e3:3c:e8:aa:
35:76:24:77:9b:84:d7:74:bd:c3:21:e3:1a:b0:33:19:d9:f1:
59:01:cd:5c:66:6d:ca:97:eb:4e:23:fc:7a:2c:9f:cc:fa:d2:
94:17:8c:c0:0e:6b:e7:e7:d4:aa:aa:c5:46:89:8f:80:24:33:
7c:e3:96:73:ef:12:4d:8f:7e:a8:b8:e2:4b:4b:c5:22:f6:d0:
39:58:f2:99:3d:db:d2:05:ae:40:f8:a8:49:68:e0:79:ab:93:
33:54:15:b0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZaQQ5XSSLPbX/ZDvLiP6/04MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw
Njc5NTQwHhcNMjUwNTAyMDkxMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjg4YzU0YWJhZDJlNDkyODk0MWU2YzdlNzQzYmU0YTdmNzFjNjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFPGfkjOTqE0/KrpSyt7iH8M+qJ1
TgbF8AjmtNL35IBOZmYGiEKrsr+vX2theFBga4T7z9DwDOWOgbn/Zp3XLcFUSzse
XausI+iAFNzxQbk12SMe8dxqbYV94qpOJeFrTxtAAOsSgeH17L6xGOmN/MZ9K4lo
DEnClrCISyO4WtjUFlK58/fO2v1bR7idMDY+uD7yOaQAuUz573uuclK/4fJPWis8
Ccaf/odjgJ/5Jess0WyM0SkSA2SMOngHR2NHMPGoKbQ0k1oj7ZMcEPTBcP5nSt34
ohvAJq4FWspnrFrlzz7CPBrr7ikusP8yw0EyfX8ZEOwlmaqNkNq50rqo9wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDaIxUq60uSSiUHmx+dDvkp/ccYrMB8GA1UdIwQY
MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt
NmVhYzYyZTYwZGY3LzEvTm9qRlNyclM1SktKUWViSDUwTy1Tbjl4eGlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3
LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALXU1AwQA
LXuRMA0EAgACMAcDBQMqDTkAMA0GCSqGSIb3DQEBCwUAA4IBAQA+NOq+7NiTac83
+crOtSy2YPRqKwGqo0NpcY00JAlVRfJtXqc7Ea8+npVwQUxOZHuASOMQNS1DGzaL
bYzd9GpfNh272vD44cptm2KAKz/l198EaVa27ZAOSSDhTv/M/n4fuRSB58GD/kMC
KNV0z2aos0hun3YmabLNtuMLDkR/s4CbvVilz+rtZfNEWx3qVn0kEiDY8wBWrrV7
0jlJbOM86Ko1diR3m4TXdL3DIeMasDMZ2fFZAc1cZm3Kl+tOI/x6LJ/M+tKUF4zA
Dmvn59SqqsVGiY+AJDN845Zz7xJNj36ouOJLS8Ui9tA5WPKZPdvSBa5A+KhJaOB5
q5MzVBWw
-----END CERTIFICATE-----
Generated at Sat Jun 7 02:53:27 2025 by rpki-client