Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4a3caf-f84c-4c76-8065-962206b1686b/1/kwCip9bpks_MxIN5r8NE5b6pcCA.roa
File: kwCip9bpks_MxIN5r8NE5b6pcCA.roa (raw, json)
Hash identifier: ZeSOKj/aYYMZXd7Dug4q1iZDEoHYeGkqnVSfcCaU2uA=
Subject key identifier: 93:00:A2:A7:D6:E9:92:CF:CC:C4:83:79:AF:C3:44:E5:BE:A9:70:20
Certificate issuer: /CN=806757de8ffcdd1fd9af78b645536bda7c76c30e
Certificate serial: 0195181C4C4FF5F61F011463DB579E7ACD46
Authority key identifier: 80:67:57:DE:8F:FC:DD:1F:D9:AF:78:B6:45:53:6B:DA:7C:76:C3:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gGdX3o_83R_Zr3i2RVNr2nx2ww4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4a3caf-f84c-4c76-8065-962206b1686b/1/kwCip9bpks_MxIN5r8NE5b6pcCA.roa
Signing time: Tue 18 Feb 2025 08:11:02 +0000
ROA not before: Tue 18 Feb 2025 08:11:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 45.155.103.0/24 maxlen: 24
156.67.62.0/24 maxlen: 24
156.67.63.0/24 maxlen: 24
195.162.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/4a3caf-f84c-4c76-8065-962206b1686b/1/gGdX3o_83R_Zr3i2RVNr2nx2ww4.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/4a3caf-f84c-4c76-8065-962206b1686b/1/gGdX3o_83R_Zr3i2RVNr2nx2ww4.mft
rsync://rpki.ripe.net/repository/DEFAULT/gGdX3o_83R_Zr3i2RVNr2nx2ww4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:18:1c:4c:4f:f5:f6:1f:01:14:63:db:57:9e:7a:cd:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=806757de8ffcdd1fd9af78b645536bda7c76c30e
Validity
Not Before: Feb 18 08:11:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9300a2a7d6e992cfccc48379afc344e5bea97020
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:8a:c4:6c:b1:47:4c:60:f6:80:73:02:24:93:
8d:85:2e:23:a8:5e:45:14:5a:92:a8:1d:bb:b8:e2:
2d:b6:57:1d:df:f4:d9:07:05:be:43:2e:2c:2f:73:
f7:4c:a6:49:37:06:1f:11:b4:32:d9:f5:23:00:14:
97:64:21:39:71:3c:e6:bb:71:75:dc:3a:29:91:7e:
e0:53:09:9f:5c:78:c7:8e:64:b9:20:e7:e9:2a:8c:
0f:a3:cf:1b:b1:58:78:16:83:1e:b3:90:2e:fb:90:
38:f0:3c:db:64:92:d5:45:e4:90:1c:da:07:d6:ff:
6c:b4:ad:71:d6:04:22:a1:c6:7d:09:ec:14:e0:37:
b8:b7:68:bf:99:9b:7f:c6:e4:9d:28:e1:bf:2a:c2:
f8:05:9f:c6:71:57:49:da:b2:37:9c:02:95:ef:d8:
e7:6f:dc:43:fc:34:c4:62:2c:ba:76:8e:32:57:cd:
01:5a:4f:5b:cd:fe:1c:4b:11:4f:3f:41:d8:e4:74:
d7:79:33:b7:94:6d:6e:ca:3d:41:8e:8d:36:ab:c0:
30:8e:20:f9:5b:9c:2e:ed:5c:51:0b:d6:f4:d0:d3:
c7:cc:67:b9:87:ad:81:96:52:77:7b:a2:0f:77:18:
14:24:61:d2:f9:c7:8c:1f:30:c2:c4:49:8b:5e:6e:
fd:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:00:A2:A7:D6:E9:92:CF:CC:C4:83:79:AF:C3:44:E5:BE:A9:70:20
X509v3 Authority Key Identifier:
keyid:80:67:57:DE:8F:FC:DD:1F:D9:AF:78:B6:45:53:6B:DA:7C:76:C3:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gGdX3o_83R_Zr3i2RVNr2nx2ww4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4a3caf-f84c-4c76-8065-962206b1686b/1/kwCip9bpks_MxIN5r8NE5b6pcCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4a3caf-f84c-4c76-8065-962206b1686b/1/gGdX3o_83R_Zr3i2RVNr2nx2ww4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.103.0/24
156.67.62.0/23
195.162.69.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:66:c9:0c:60:e2:53:22:52:69:32:50:32:2b:37:64:4a:cf:
6d:9b:7b:79:49:ee:2c:1f:3e:b3:28:a9:8a:d4:0f:37:2a:ae:
a9:70:d3:50:6e:90:a8:78:0e:a0:bf:25:14:cf:fd:0e:02:1b:
fc:cb:70:3b:87:a8:53:dc:d4:c8:01:6f:43:39:68:18:04:1b:
05:e3:d5:6c:5e:eb:0f:a0:3f:d6:88:74:4b:3f:2a:24:1d:f2:
48:42:60:34:bf:ac:bd:90:f7:41:10:14:1c:54:fd:f5:f4:6e:
8f:1d:9c:80:da:0b:10:9e:af:af:ef:9c:33:c9:46:2e:c6:e3:
a6:d2:b5:0c:de:7b:94:61:55:e5:6e:b3:5d:2e:9f:b3:59:15:
87:c6:b5:4c:6b:b4:69:bc:3f:e6:4f:3f:3c:24:1f:73:80:f3:
85:1c:4f:ac:08:b9:77:c4:4b:ae:cb:a7:bc:21:42:1f:e7:3b:
49:85:51:29:ee:2a:ad:62:04:67:4c:5a:bb:6b:c8:f7:03:67:
31:46:76:87:b4:4a:c8:89:b9:f6:5d:dd:12:6c:95:71:08:f2:
66:92:a4:7b:18:82:fd:59:2b:57:69:15:4f:8b:a6:e9:a0:cc:
f7:e1:64:aa:f1:91:87:d4:f6:bc:6b:cd:05:74:fd:11:98:b0:
3c:7d:ff:13
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZUYHExP9fYfARRj21eees1GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNjc1N2RlOGZmY2RkMWZkOWFmNzhiNjQ1NTM2YmRhN2M3
NmMzMGUwHhcNMjUwMjE4MDgxMTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzAwYTJhN2Q2ZTk5MmNmY2NjNDgzNzlhZmMzNDRlNWJlYTk3MDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIrEbLFHTGD2gHMCJJONhS4jqF5F
FFqSqB27uOIttlcd3/TZBwW+Qy4sL3P3TKZJNwYfEbQy2fUjABSXZCE5cTzmu3F1
3DopkX7gUwmfXHjHjmS5IOfpKowPo88bsVh4FoMes5Au+5A48DzbZJLVReSQHNoH
1v9stK1x1gQiocZ9CewU4De4t2i/mZt/xuSdKOG/KsL4BZ/GcVdJ2rI3nAKV79jn
b9xD/DTEYiy6do4yV80BWk9bzf4cSxFPP0HY5HTXeTO3lG1uyj1Bjo02q8AwjiD5
W5wu7VxRC9b00NPHzGe5h62BllJ3e6IPdxgUJGHS+ceMHzDCxEmLXm79WQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJMAoqfW6ZLPzMSDea/DROW+qXAgMB8GA1UdIwQY
MBaAFIBnV96P/N0f2a94tkVTa9p8dsMOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0dkWDNvXzgzUl9acjNpMlJWTnIybngyd3c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80YTNjYWYtZjg0Yy00Yzc2LTgwNjUt
OTYyMjA2YjE2ODZiLzEva3dDaXA5YnBrc19NeElONXI4TkU1YjZwY0NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80YTNjYWYtZjg0Yy00Yzc2LTgwNjUtOTYyMjA2YjE2ODZi
LzEvZ0dkWDNvXzgzUl9acjNpMlJWTnIybngyd3c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZtnAwQB
nEM+AwQAw6JFMA0GCSqGSIb3DQEBCwUAA4IBAQAaZskMYOJTIlJpMlAyKzdkSs9t
m3t5Se4sHz6zKKmK1A83Kq6pcNNQbpCoeA6gvyUUz/0OAhv8y3A7h6hT3NTIAW9D
OWgYBBsF49VsXusPoD/WiHRLPyokHfJIQmA0v6y9kPdBEBQcVP319G6PHZyA2gsQ
nq+v75wzyUYuxuOm0rUM3nuUYVXlbrNdLp+zWRWHxrVMa7RpvD/mTz88JB9zgPOF
HE+sCLl3xEuuy6e8IUIf5ztJhVEp7iqtYgRnTFq7a8j3A2cxRnaHtErIibn2Xd0S
bJVxCPJmkqR7GIL9WStXaRVPi6bpoMz34WSq8ZGH1Pa8a80FdP0RmLA8ff8T
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:38:15 2025 by rpki-client