Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/b1pNAkro7aHA3V-NejpmqoURwAk.roa
File: b1pNAkro7aHA3V-NejpmqoURwAk.roa (raw, json)
Hash identifier: spfghQnj6hS6URb2NmqLLwW6s6Py+YxHJ+ws3VJ1shQ=
Subject key identifier: 6F:5A:4D:02:4A:E8:ED:A1:C0:DD:5F:8D:7A:3A:66:AA:85:11:C0:09
Certificate issuer: /CN=382f86f2dbd0776c4e519c9c9ae4fad0426f39ff
Certificate serial: 0194B6C2CA8757A3CA3FB2289E80DBCBC7BF
Authority key identifier: 38:2F:86:F2:DB:D0:77:6C:4E:51:9C:9C:9A:E4:FA:D0:42:6F:39:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OC-G8tvQd2xOUZycmuT60EJvOf8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/b1pNAkro7aHA3V-NejpmqoURwAk.roa
Signing time: Thu 30 Jan 2025 10:30:06 +0000
ROA not before: Thu 30 Jan 2025 10:30:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8075
IP address blocks: 45.157.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OC-G8tvQd2xOUZycmuT60EJvOf8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b6:c2:ca:87:57:a3:ca:3f:b2:28:9e:80:db:cb:c7:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=382f86f2dbd0776c4e519c9c9ae4fad0426f39ff
Validity
Not Before: Jan 30 10:30:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f5a4d024ae8eda1c0dd5f8d7a3a66aa8511c009
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:96:19:d7:6a:36:e9:e8:a0:b8:93:6d:ed:a2:
05:36:e4:5d:6b:7b:7a:f1:05:a1:df:bb:23:1a:4a:
9c:69:da:3a:b8:b2:84:ad:9e:dc:e8:43:fb:8c:3f:
fa:b3:c5:2a:06:d0:dd:42:4d:25:06:24:ea:02:c4:
d3:8c:3a:50:06:be:d0:a2:78:53:27:24:64:1d:1c:
38:3f:58:62:db:86:2c:c0:4b:c4:08:cf:b5:da:55:
85:f6:76:e0:dc:85:16:ef:c2:ed:76:71:f8:8d:4a:
0b:4a:cd:bf:1a:26:fb:d1:e5:4f:8a:9f:ba:66:67:
2d:c1:7e:81:1e:29:a2:64:72:97:7f:5c:e0:46:57:
f7:9e:04:6e:28:66:78:af:ed:f1:23:1a:48:fe:4b:
36:aa:6f:a4:72:9a:24:6a:50:91:a3:f4:a8:be:8e:
bd:cf:1e:e9:88:a9:6a:2d:48:3e:14:c8:d7:45:eb:
d3:64:d7:18:1f:84:f5:9d:5e:e5:78:61:33:3c:ea:
06:8d:13:b8:48:bc:56:48:19:98:26:1d:98:df:48:
28:14:ff:ca:c1:af:6e:e1:35:8c:7b:60:25:0e:9d:
04:56:71:04:e0:11:9c:ae:c1:15:64:7c:e1:79:4d:
b7:11:59:64:2a:31:6d:61:8e:63:73:60:54:d8:e1:
80:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:5A:4D:02:4A:E8:ED:A1:C0:DD:5F:8D:7A:3A:66:AA:85:11:C0:09
X509v3 Authority Key Identifier:
keyid:38:2F:86:F2:DB:D0:77:6C:4E:51:9C:9C:9A:E4:FA:D0:42:6F:39:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OC-G8tvQd2xOUZycmuT60EJvOf8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/b1pNAkro7aHA3V-NejpmqoURwAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/04748d-923b-4284-9628-203563f845bb/1/OC-G8tvQd2xOUZycmuT60EJvOf8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.47.0/24
Signature Algorithm: sha256WithRSAEncryption
da:43:59:48:f5:7f:ba:fe:d8:fd:2b:cd:35:cc:bc:7f:94:3e:
b7:8c:97:4d:85:0b:59:f7:85:b6:cb:23:5e:f6:fc:24:78:a3:
97:1e:44:01:5e:ef:f7:04:4e:20:1c:86:e1:15:ef:cd:d1:0b:
74:f6:45:ea:d3:59:60:63:4d:66:33:ea:64:a3:c2:30:8d:e8:
4d:8f:3b:e9:4d:23:fd:d1:b1:92:70:7a:96:f0:8b:ee:fc:eb:
d9:43:eb:dc:e7:60:d2:4e:51:02:e2:8c:7e:cc:b3:b9:5f:d6:
78:06:b7:69:cf:fb:95:e6:61:85:7a:8a:c8:d6:22:5f:12:ee:
81:bb:5b:c0:98:4d:1f:83:b9:22:b6:b9:6d:7a:20:29:ed:d7:
d8:fd:78:19:4a:ec:9d:81:37:df:b4:2c:64:2f:8d:65:8b:60:
e6:b9:5e:8e:e7:7f:b1:5d:2f:d1:46:c2:6e:ac:e4:55:3a:73:
ff:27:28:ca:5b:97:4d:98:f1:11:5f:57:72:ce:60:45:af:43:
ba:d7:e4:a8:3a:bf:7e:8b:25:65:e1:e8:6a:20:a5:eb:82:63:
6b:eb:50:33:7e:52:ff:8e:b9:29:7d:f5:71:76:f2:99:2d:45:
a7:21:7d:94:20:48:01:02:62:2c:5e:db:70:df:e1:a8:62:b5:
2e:8d:e7:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZS2wsqHV6PKP7IonoDby8e/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MmY4NmYyZGJkMDc3NmM0ZTUxOWM5YzlhZTRmYWQwNDI2
ZjM5ZmYwHhcNMjUwMTMwMTAzMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjVhNGQwMjRhZThlZGExYzBkZDVmOGQ3YTNhNjZhYTg1MTFjMDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspYZ12o26eiguJNt7aIFNuRda3t6
8QWh37sjGkqcado6uLKErZ7c6EP7jD/6s8UqBtDdQk0lBiTqAsTTjDpQBr7QonhT
JyRkHRw4P1hi24YswEvECM+12lWF9nbg3IUW78LtdnH4jUoLSs2/Gib70eVPip+6
ZmctwX6BHimiZHKXf1zgRlf3ngRuKGZ4r+3xIxpI/ks2qm+kcpokalCRo/Sovo69
zx7piKlqLUg+FMjXRevTZNcYH4T1nV7leGEzPOoGjRO4SLxWSBmYJh2Y30goFP/K
wa9u4TWMe2AlDp0EVnEE4BGcrsEVZHzheU23EVlkKjFtYY5jc2BU2OGAnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG9aTQJK6O2hwN1fjXo6ZqqFEcAJMB8GA1UdIwQY
MBaAFDgvhvLb0HdsTlGcnJrk+tBCbzn/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0MtRzh0dlFkMnhPVVp5Y211VDYwRUp2T2Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wNDc0OGQtOTIzYi00Mjg0LTk2Mjgt
MjAzNTYzZjg0NWJiLzEvYjFwTkFrcm83YUhBM1YtTmVqcG1xb1VSd0FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wNDc0OGQtOTIzYi00Mjg0LTk2MjgtMjAzNTYzZjg0NWJi
LzEvT0MtRzh0dlFkMnhPVVp5Y211VDYwRUp2T2Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ0vMA0G
CSqGSIb3DQEBCwUAA4IBAQDaQ1lI9X+6/tj9K801zLx/lD63jJdNhQtZ94W2yyNe
9vwkeKOXHkQBXu/3BE4gHIbhFe/N0Qt09kXq01lgY01mM+pko8IwjehNjzvpTSP9
0bGScHqW8Ivu/OvZQ+vc52DSTlEC4ox+zLO5X9Z4Brdpz/uV5mGFeorI1iJfEu6B
u1vAmE0fg7kitrlteiAp7dfY/XgZSuydgTfftCxkL41li2DmuV6O53+xXS/RRsJu
rORVOnP/JyjKW5dNmPERX1dyzmBFr0O61+SoOr9+iyVl4ehqIKXrgmNr61AzflL/
jrkpffVxdvKZLUWnIX2UIEgBAmIsXttw3+GoYrUujefd
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:40:59 2025 by rpki-client