Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/t-rsVL4BJwEwBBoHBVhIML92hRs.roa
File: t-rsVL4BJwEwBBoHBVhIML92hRs.roa (raw, json)
Hash identifier: ejUp8ew1AaALCNdiAT72D3nSXem/ndlDi+OAao2nEnA=
Subject key identifier: B7:EA:EC:54:BE:01:27:01:30:04:1A:07:05:58:48:30:BF:76:85:1B
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 01946393B3057A3D936F87510AA5C53838EB
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/t-rsVL4BJwEwBBoHBVhIML92hRs.roa
Signing time: Tue 14 Jan 2025 06:50:11 +0000
ROA not before: Tue 14 Jan 2025 06:50:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137409
IP address blocks: 45.8.24.0/24 maxlen: 24
45.8.25.0/24 maxlen: 24
2a0e:4201::/32 maxlen: 48
2a0e:4202::/32 maxlen: 48
2a0e:4203::/32 maxlen: 48
2a0e:4205::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.mft
rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:63:93:b3:05:7a:3d:93:6f:87:51:0a:a5:c5:38:38:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Jan 14 06:50:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b7eaec54be01270130041a0705584830bf76851b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:98:cf:6a:2f:da:64:00:83:6d:0e:77:a1:f1:
9e:4c:d8:47:cb:f8:36:e2:ab:38:e9:0d:16:5b:05:
bb:86:24:ab:b9:0c:76:99:ed:69:fb:64:18:4b:83:
08:46:41:9b:67:6c:f3:0c:7e:86:5e:47:a3:cb:52:
82:1d:ea:89:74:b7:0e:18:8e:85:d3:8e:15:2c:47:
2e:2a:63:34:d5:0b:51:53:c1:a1:6b:7f:fe:dc:17:
8a:b3:6e:b9:0d:1d:a2:c3:a2:aa:e5:1d:39:d7:41:
13:4f:07:ef:c6:90:9f:58:cb:28:69:a8:84:0d:14:
e7:23:7f:74:59:33:ee:2e:9c:02:d1:1a:77:e1:f0:
8e:ab:0a:af:f9:72:06:40:ce:a4:d3:45:0a:54:e8:
0e:e5:da:98:33:86:a2:a8:b7:f0:fe:48:ea:1d:a5:
70:08:e2:14:db:a3:69:e3:f4:c4:8a:66:f6:0b:19:
14:f5:72:26:4c:e9:17:d6:df:8f:3c:41:b4:0a:e1:
e3:43:d1:df:c3:f0:c2:2a:01:cd:f8:3d:2a:64:e3:
94:8e:4b:cc:06:08:80:7d:13:89:0f:f0:a0:17:68:
f7:5f:92:9d:52:a9:d6:00:1b:c6:a1:f6:78:c8:ad:
e7:a5:b2:c4:7d:bd:ab:ff:d2:99:15:f2:eb:84:7c:
07:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:EA:EC:54:BE:01:27:01:30:04:1A:07:05:58:48:30:BF:76:85:1B
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/t-rsVL4BJwEwBBoHBVhIML92hRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.24.0/23
IPv6:
2a0e:4201::-2a0e:4203:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:4205::/32
Signature Algorithm: sha256WithRSAEncryption
9a:ed:07:03:0d:76:22:2f:dc:56:1f:d9:77:be:1f:ed:3e:77:
47:33:bf:7c:a9:33:77:1c:b2:35:ab:de:3d:75:5a:f5:5a:21:
d0:f0:f1:e5:38:41:f9:2c:c3:60:8e:52:7c:27:a7:fd:65:80:
dc:81:b4:d8:0b:a6:91:7e:ad:a9:59:43:93:2a:bb:54:9f:4e:
de:80:d4:cc:22:3e:93:0d:ed:7c:e2:ac:c7:56:e9:eb:df:aa:
32:53:aa:32:ee:79:b3:67:5a:5f:3f:3a:23:92:df:0a:0f:11:
13:7f:52:20:ce:c4:a7:2e:3c:ff:f1:2d:0d:0e:bd:b2:9c:fa:
a2:e9:2a:47:31:93:4b:48:73:d0:ba:b1:6c:9e:b1:c2:8b:60:
5d:9f:ae:15:b6:32:b3:04:39:53:fd:20:1f:a1:1d:0c:cb:46:
bd:d2:c6:a0:9c:46:0f:73:ff:61:a1:e6:8d:bd:a7:c1:a2:dd:
c7:ea:6d:69:38:a9:63:54:a0:56:66:6b:bb:4b:d8:5a:4b:19:
b4:57:1f:05:16:22:57:55:37:33:9d:0a:5d:77:9f:47:56:66:
c3:0b:9f:9c:50:7c:56:d9:d5:22:20:9d:f4:0a:f8:e2:ab:a5:
64:3c:98:e0:0b:05:7e:c4:8d:02:b1:6d:65:31:a3:b0:f5:f6:
39:26:79:43
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZRjk7MFej2Tb4dRCqXFODjrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjUwMTE0MDY1MDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2VhZWM1NGJlMDEyNzAxMzAwNDFhMDcwNTU4NDgzMGJmNzY4NTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZjPai/aZACDbQ53ofGeTNhHy/g2
4qs46Q0WWwW7hiSruQx2me1p+2QYS4MIRkGbZ2zzDH6GXkejy1KCHeqJdLcOGI6F
044VLEcuKmM01QtRU8Gha3/+3BeKs265DR2iw6Kq5R0510ETTwfvxpCfWMsoaaiE
DRTnI390WTPuLpwC0Rp34fCOqwqv+XIGQM6k00UKVOgO5dqYM4aiqLfw/kjqHaVw
COIU26Np4/TEimb2CxkU9XImTOkX1t+PPEG0CuHjQ9Hfw/DCKgHN+D0qZOOUjkvM
BgiAfROJD/CgF2j3X5KdUqnWABvGofZ4yK3npbLEfb2r/9KZFfLrhHwHOwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFLfq7FS+AScBMAQaBwVYSDC/doUbMB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvdC1yc1ZMNEJKd0V3QkJvSEJWaElNTDkyaFJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAMBAIAATAGAwQBLQgYMB0E
AgACMBcwDgMFACoOQgEDBQIqDkIAAwUAKg5CBTANBgkqhkiG9w0BAQsFAAOCAQEA
mu0HAw12Ii/cVh/Zd74f7T53RzO/fKkzdxyyNavePXVa9Voh0PDx5ThB+SzDYI5S
fCen/WWA3IG02AumkX6tqVlDkyq7VJ9O3oDUzCI+kw3tfOKsx1bp69+qMlOqMu55
s2daXz86I5LfCg8RE39SIM7Epy48//EtDQ69spz6oukqRzGTS0hz0LqxbJ6xwotg
XZ+uFbYyswQ5U/0gH6EdDMtGvdLGoJxGD3P/YaHmjb2nwaLdx+ptaTipY1SgVmZr
u0vYWksZtFcfBRYiV1U3M50KXXefR1ZmwwufnFB8VtnVIiCd9Ar44qulZDyY4AsF
fsSNArFtZTGjsPX2OSZ5Qw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:09 2025 by rpki-client