Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/cf720e-4d33-4db1-86e9-fc2ec4bb5967/1/ULOFbzP3h9-3w0H4Yx7Si28ClYo.roa
File: ULOFbzP3h9-3w0H4Yx7Si28ClYo.roa (raw, json)
Hash identifier: d25VIffAJQDV7vgvStWkaS/C+7kyYqCn7zctEo0yqWU=
Subject key identifier: 50:B3:85:6F:33:F7:87:DF:B7:C3:41:F8:63:1E:D2:8B:6F:02:95:8A
Certificate issuer: /CN=0e170ee859e91f4973de4a572b1bad2f3a5d1825
Certificate serial: 019420681025DBD62DC0226A76A5300FBB5F
Authority key identifier: 0E:17:0E:E8:59:E9:1F:49:73:DE:4A:57:2B:1B:AD:2F:3A:5D:18:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DhcO6FnpH0lz3kpXKxutLzpdGCU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/cf720e-4d33-4db1-86e9-fc2ec4bb5967/1/ULOFbzP3h9-3w0H4Yx7Si28ClYo.roa
Signing time: Wed 01 Jan 2025 05:47:58 +0000
ROA not before: Wed 01 Jan 2025 05:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208202
IP address blocks: 45.154.52.0/24 maxlen: 24
45.154.53.0/24 maxlen: 24
45.154.54.0/24 maxlen: 24
45.154.55.0/24 maxlen: 24
2a0f:ad00::/32 maxlen: 32
2a0f:ad01::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/cf720e-4d33-4db1-86e9-fc2ec4bb5967/1/DhcO6FnpH0lz3kpXKxutLzpdGCU.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/cf720e-4d33-4db1-86e9-fc2ec4bb5967/1/DhcO6FnpH0lz3kpXKxutLzpdGCU.mft
rsync://rpki.ripe.net/repository/DEFAULT/DhcO6FnpH0lz3kpXKxutLzpdGCU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 02:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:10:25:db:d6:2d:c0:22:6a:76:a5:30:0f:bb:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e170ee859e91f4973de4a572b1bad2f3a5d1825
Validity
Not Before: Jan 1 05:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=50b3856f33f787dfb7c341f8631ed28b6f02958a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:95:f4:d2:57:21:f6:da:f4:bf:76:92:78:d5:
96:43:ac:4d:4f:e6:03:9f:0b:a3:38:40:04:c7:b6:
3e:9c:36:e0:38:21:ed:57:53:02:04:21:89:b2:2f:
1e:6a:2d:aa:73:14:7d:bf:c1:b7:84:09:ce:49:a6:
03:a8:d6:63:54:b2:20:6f:1b:1c:b0:31:c9:21:87:
40:45:a1:46:ee:9b:6e:23:e4:18:84:fa:45:c2:16:
55:78:17:af:a1:04:98:26:8c:c1:96:a1:6f:b1:18:
5c:45:14:1c:49:3a:c1:0e:ef:fa:41:b7:c4:35:d9:
f0:89:f4:c5:88:25:1b:a8:65:9f:41:ba:65:d7:89:
e3:c9:60:a0:c0:c2:de:29:34:77:10:61:fb:ce:c5:
63:54:5c:c8:5b:6d:fa:8a:33:9b:41:d6:eb:e5:31:
dd:72:eb:c4:3d:b2:75:13:3b:7e:09:6c:77:4e:0b:
53:fe:e9:0d:68:95:a1:72:67:8a:c4:ef:3b:4b:fb:
f4:34:08:ed:37:54:a2:e9:23:18:d7:96:87:a8:80:
9b:5d:b2:36:b1:ec:5d:bf:b9:2f:d1:56:ee:c7:01:
75:f6:1e:a0:cb:a2:c5:f3:99:34:c0:bc:6c:df:dd:
e6:82:24:9b:41:e2:49:c0:dd:b4:66:b6:9c:ef:eb:
ae:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:B3:85:6F:33:F7:87:DF:B7:C3:41:F8:63:1E:D2:8B:6F:02:95:8A
X509v3 Authority Key Identifier:
keyid:0E:17:0E:E8:59:E9:1F:49:73:DE:4A:57:2B:1B:AD:2F:3A:5D:18:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DhcO6FnpH0lz3kpXKxutLzpdGCU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/cf720e-4d33-4db1-86e9-fc2ec4bb5967/1/ULOFbzP3h9-3w0H4Yx7Si28ClYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/cf720e-4d33-4db1-86e9-fc2ec4bb5967/1/DhcO6FnpH0lz3kpXKxutLzpdGCU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.52.0/22
IPv6:
2a0f:ad00::/31
Signature Algorithm: sha256WithRSAEncryption
96:e8:87:4d:ed:28:c3:6b:44:62:dc:41:64:0a:56:23:57:73:
6e:28:7c:cf:8e:d8:c7:53:75:62:ad:0a:c8:1a:06:ed:82:15:
a7:70:cc:ae:31:59:50:bc:f2:ce:ab:7f:5e:9d:58:ac:73:51:
cf:65:69:28:ba:fe:27:6a:6b:0c:af:92:a5:b3:e1:6c:ca:e4:
99:38:75:17:8b:c8:99:2d:33:93:b0:2e:ad:73:64:24:ee:7a:
e7:3b:69:b7:a0:46:10:31:54:9a:ec:8e:fe:0b:7f:2e:74:85:
5a:75:a2:40:5a:6c:c4:10:49:ea:b7:f1:e7:f7:fa:35:4b:c1:
55:f2:7d:11:00:3c:11:8f:49:f4:a6:97:46:d2:1a:8e:29:bb:
27:98:0f:2c:64:36:88:33:f9:a3:14:aa:9d:a6:2c:1a:da:61:
0f:88:63:d0:fd:ba:48:82:d9:86:d1:b7:a6:10:f6:f0:70:dd:
78:10:24:75:bc:8d:e2:39:b0:e7:30:bd:1b:f0:d4:76:22:8b:
a9:aa:b5:6e:0f:5f:d3:f2:be:af:c0:b9:c5:18:4e:87:f4:17:
d8:98:d6:50:c2:7b:3a:9a:68:42:46:ec:20:ee:b4:a4:0a:19:
3a:f9:d6:ab:b4:77:42:20:f3:5a:9b:8d:20:af:11:a7:06:e3:
9f:07:1e:af
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQgaBAl29YtwCJqdqUwD7tfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMTcwZWU4NTllOTFmNDk3M2RlNGE1NzJiMWJhZDJmM2E1
ZDE4MjUwHhcNMjUwMTAxMDU0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGIzODU2ZjMzZjc4N2RmYjdjMzQxZjg2MzFlZDI4YjZmMDI5NThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6JX00lch9tr0v3aSeNWWQ6xNT+YD
nwujOEAEx7Y+nDbgOCHtV1MCBCGJsi8eai2qcxR9v8G3hAnOSaYDqNZjVLIgbxsc
sDHJIYdARaFG7ptuI+QYhPpFwhZVeBevoQSYJozBlqFvsRhcRRQcSTrBDu/6QbfE
NdnwifTFiCUbqGWfQbpl14njyWCgwMLeKTR3EGH7zsVjVFzIW236ijObQdbr5THd
cuvEPbJ1Ezt+CWx3TgtT/ukNaJWhcmeKxO87S/v0NAjtN1Si6SMY15aHqICbXbI2
sexdv7kv0VbuxwF19h6gy6LF85k0wLxs393mgiSbQeJJwN20Zrac7+uuawIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFCzhW8z94fft8NB+GMe0otvApWKMB8GA1UdIwQY
MBaAFA4XDuhZ6R9Jc95KVysbrS86XRglMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGhjTzZGbnBIMGx6M2twWEt4dXRMenBkR0NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9jZjcyMGUtNGQzMy00ZGIxLTg2ZTkt
ZmMyZWM0YmI1OTY3LzEvVUxPRmJ6UDNoOS0zdzBINFl4N1NpMjhDbFlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9jZjcyMGUtNGQzMy00ZGIxLTg2ZTktZmMyZWM0YmI1OTY3
LzEvRGhjTzZGbnBIMGx6M2twWEt4dXRMenBkR0NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZo0MA0E
AgACMAcDBQEqD60AMA0GCSqGSIb3DQEBCwUAA4IBAQCW6IdN7SjDa0Ri3EFkClYj
V3NuKHzPjtjHU3VirQrIGgbtghWncMyuMVlQvPLOq39enVisc1HPZWkouv4namsM
r5Kls+FsyuSZOHUXi8iZLTOTsC6tc2Qk7nrnO2m3oEYQMVSa7I7+C38udIVadaJA
WmzEEEnqt/Hn9/o1S8FV8n0RADwRj0n0ppdG0hqOKbsnmA8sZDaIM/mjFKqdpiwa
2mEPiGPQ/bpIgtmG0bemEPbwcN14ECR1vI3iObDnML0b8NR2IoupqrVuD1/T8r6v
wLnFGE6H9BfYmNZQwns6mmhCRuwg7rSkChk6+dartHdCIPNam40grxGnBuOfBx6v
-----END CERTIFICATE-----
Generated at Thu Mar 13 11:09:43 2025 by rpki-client