Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/KO1YGIQXzqmCT0PfoP9U_bP8Ik0.roa
File: KO1YGIQXzqmCT0PfoP9U_bP8Ik0.roa (raw, json)
Hash identifier: snMWMSvb7n+P3ZpH6VNK6nVq04jDlvUE+5CJBun4qik=
Subject key identifier: 28:ED:58:18:84:17:CE:A9:82:4F:43:DF:A0:FF:54:FD:B3:FC:22:4D
Certificate issuer: /CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Certificate serial: 019427B5AF3D57BECC6D0790851DFC0BC216
Authority key identifier: 66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/KO1YGIQXzqmCT0PfoP9U_bP8Ik0.roa
Signing time: Thu 02 Jan 2025 15:50:05 +0000
ROA not before: Thu 02 Jan 2025 15:50:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57179
IP address blocks: 45.94.128.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 00:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:af:3d:57:be:cc:6d:07:90:85:1d:fc:0b:c2:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Validity
Not Before: Jan 2 15:50:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28ed58188417cea9824f43dfa0ff54fdb3fc224d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:73:04:59:65:1c:c4:43:28:52:42:20:f9:16:
ae:18:88:ea:16:1d:f7:aa:a1:0e:53:30:53:eb:ec:
3d:4c:68:76:f4:df:2d:74:cb:66:19:0c:c4:05:8f:
4f:08:e8:71:9e:69:15:e4:d4:d1:bd:ae:84:19:38:
02:84:9e:3f:1e:3c:c9:f2:47:4b:34:17:5e:0b:a5:
8a:b2:a4:8b:23:9a:a6:fa:61:85:b4:15:36:fc:80:
ed:86:c0:3c:8b:2c:a3:59:84:6a:cf:c1:8e:3b:a0:
4e:3a:b2:a9:84:b1:3c:63:2b:81:6d:b4:e0:8c:48:
8a:17:f9:8f:27:5e:44:d1:e3:12:ef:15:aa:14:0c:
ad:b7:5c:3e:69:2c:44:9f:65:ee:ef:6d:15:3b:e9:
1e:83:53:c8:e2:38:3c:c1:82:33:b4:36:74:26:94:
c5:7e:87:00:38:bc:d0:c0:bb:12:74:c6:38:9a:cc:
c7:78:5c:31:1b:82:4e:d2:30:09:65:3a:1e:c4:3e:
24:e6:50:25:0c:64:8f:54:22:bf:11:54:1a:06:62:
6c:a7:d6:5e:a0:0d:f9:93:fc:a5:94:5c:77:f2:07:
74:5b:aa:9e:5d:36:42:25:e2:a1:3c:a6:78:5f:a5:
b9:28:66:01:ac:45:e1:5a:ab:c7:65:82:69:aa:84:
fe:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:ED:58:18:84:17:CE:A9:82:4F:43:DF:A0:FF:54:FD:B3:FC:22:4D
X509v3 Authority Key Identifier:
keyid:66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/KO1YGIQXzqmCT0PfoP9U_bP8Ik0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.128.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:83:03:66:4f:ee:00:8f:92:7d:fd:75:5f:6f:4b:76:8f:a7:
54:23:26:d1:92:f9:a6:35:75:e8:22:e9:d8:bc:b3:78:1e:ba:
5e:b1:27:6b:2e:3a:be:31:d9:77:97:d7:3c:32:49:e7:e9:a7:
3a:22:d6:c6:9e:ce:0c:68:93:e1:3e:36:77:8c:77:12:a1:a6:
b9:70:55:03:74:df:c3:96:4f:cf:32:91:ef:a4:34:b6:2f:50:
6e:6c:ca:b6:57:b9:1b:d3:c9:cb:84:b5:02:01:36:12:73:e6:
22:f4:a4:7a:0e:ae:92:07:47:bc:bd:ab:14:10:f1:6a:27:02:
7e:37:b4:e1:1d:3a:92:d3:aa:12:51:d7:db:ee:62:f3:7f:aa:
2c:ed:21:cc:36:38:a2:7b:22:20:82:5a:fc:ef:61:8c:8c:54:
78:d8:f4:f9:32:19:c3:de:d6:17:8e:ae:a0:3e:f8:d2:15:40:
b2:96:8e:7e:58:61:51:c7:b1:fe:3c:75:99:83:73:57:00:69:
80:5b:68:7b:4c:98:4e:88:f8:71:ae:16:57:a0:32:88:53:ab:
41:7e:82:21:80:c0:f4:ea:d7:b3:92:e9:32:87:37:97:31:13:
30:6d:8f:f1:64:49:23:8f:3c:77:8e:e8:56:be:28:f0:60:e2:
b9:c7:00:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnta89V77MbQeQhR38C8IWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGUxZDlkY2RiMjVjMWU1MzJjNWM5YjY5ZGZhNzU3ZTMw
NjIxMGUwHhcNMjUwMTAyMTU1MDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGVkNTgxODg0MTdjZWE5ODI0ZjQzZGZhMGZmNTRmZGIzZmMyMjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHMEWWUcxEMoUkIg+RauGIjqFh33
qqEOUzBT6+w9TGh29N8tdMtmGQzEBY9PCOhxnmkV5NTRva6EGTgChJ4/HjzJ8kdL
NBdeC6WKsqSLI5qm+mGFtBU2/IDthsA8iyyjWYRqz8GOO6BOOrKphLE8YyuBbbTg
jEiKF/mPJ15E0eMS7xWqFAytt1w+aSxEn2Xu720VO+keg1PI4jg8wYIztDZ0JpTF
focAOLzQwLsSdMY4mszHeFwxG4JO0jAJZToexD4k5lAlDGSPVCK/EVQaBmJsp9Ze
oA35k/yllFx38gd0W6qeXTZCJeKhPKZ4X6W5KGYBrEXhWqvHZYJpqoT+RwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCjtWBiEF86pgk9D36D/VP2z/CJNMB8GA1UdIwQY
MBaAFGbeHZ3NslweUyxcm2nfp1fjBiEOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYt
NDA0Nzk4NzA5NzZlLzEvS08xWUdJUVh6cW1DVDBQZm9QOVVfYlA4SWswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYtNDA0Nzk4NzA5NzZl
LzEvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLV6AMA0G
CSqGSIb3DQEBCwUAA4IBAQAbgwNmT+4Aj5J9/XVfb0t2j6dUIybRkvmmNXXoIunY
vLN4HrpesSdrLjq+Mdl3l9c8Mknn6ac6ItbGns4MaJPhPjZ3jHcSoaa5cFUDdN/D
lk/PMpHvpDS2L1BubMq2V7kb08nLhLUCATYSc+Yi9KR6Dq6SB0e8vasUEPFqJwJ+
N7ThHTqS06oSUdfb7mLzf6os7SHMNjiieyIgglr872GMjFR42PT5MhnD3tYXjq6g
PvjSFUCylo5+WGFRx7H+PHWZg3NXAGmAW2h7TJhOiPhxrhZXoDKIU6tBfoIhgMD0
6tezkukyhzeXMRMwbY/xZEkjjzx3juhWvijwYOK5xwBc
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:15:40 2025 by rpki-client