Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/df21cb-08ac-4e5c-b854-e3ab9087d403/1/7TyGUQq5_upn7OI_8rMQkinORFg.roa
File: 7TyGUQq5_upn7OI_8rMQkinORFg.roa (raw, json)
Hash identifier: KGYsAjI6sTjQq+H3tQWHe4y4uTdeAqiVMRj2OW3ueCg=
Subject key identifier: ED:3C:86:51:0A:B9:FE:EA:67:EC:E2:3F:F2:B3:10:92:29:CE:44:58
Certificate issuer: /CN=9b32a2e8fcbeee63020ba93daab9076c37bc9991
Certificate serial: 01942669DF181D4F35A5349CF8B9071F6238
Authority key identifier: 9B:32:A2:E8:FC:BE:EE:63:02:0B:A9:3D:AA:B9:07:6C:37:BC:99:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mzKi6Py-7mMCC6k9qrkHbDe8mZE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/df21cb-08ac-4e5c-b854-e3ab9087d403/1/7TyGUQq5_upn7OI_8rMQkinORFg.roa
Signing time: Thu 02 Jan 2025 09:47:40 +0000
ROA not before: Thu 02 Jan 2025 09:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58224
IP address blocks: 45.15.200.0/24 maxlen: 24
45.15.201.0/24 maxlen: 24
45.15.202.0/24 maxlen: 24
45.15.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/df21cb-08ac-4e5c-b854-e3ab9087d403/1/mzKi6Py-7mMCC6k9qrkHbDe8mZE.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/df21cb-08ac-4e5c-b854-e3ab9087d403/1/mzKi6Py-7mMCC6k9qrkHbDe8mZE.mft
rsync://rpki.ripe.net/repository/DEFAULT/mzKi6Py-7mMCC6k9qrkHbDe8mZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 09:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:69:df:18:1d:4f:35:a5:34:9c:f8:b9:07:1f:62:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b32a2e8fcbeee63020ba93daab9076c37bc9991
Validity
Not Before: Jan 2 09:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ed3c86510ab9feea67ece23ff2b3109229ce4458
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f2:f8:61:9a:62:5e:2c:0e:cc:af:76:3a:98:
df:8a:1a:71:50:0a:72:b2:68:4f:cd:90:e1:fd:c8:
9a:0d:d9:4c:d1:24:15:33:aa:38:cb:97:19:0d:fe:
bf:02:35:69:ef:28:19:45:cd:d9:10:ff:d4:e8:fe:
16:fd:64:3a:e6:be:64:81:47:6b:cd:78:71:84:97:
a1:e9:15:d6:f1:cf:44:c0:44:04:1c:43:b8:2b:94:
3c:16:9d:07:c8:26:08:ea:ab:71:1a:0e:27:f2:f6:
68:48:74:a6:12:3a:0f:da:55:d4:09:13:23:d6:7d:
5e:de:19:76:7d:a8:8e:b2:99:2b:94:6d:c6:d0:94:
5f:3e:63:92:c5:a8:45:5a:2c:92:89:45:f6:8c:ae:
f5:80:02:7c:06:4a:46:a0:41:e5:f5:65:0f:b7:cf:
e9:2c:80:9f:3a:24:c8:f2:32:de:44:16:9f:e5:33:
f1:b0:9d:9a:95:f9:e4:dc:7a:5e:4f:85:db:bd:a8:
c8:28:ad:d0:b6:0d:f3:89:8d:6f:2b:8a:af:0f:41:
7f:fb:8c:6c:84:8c:c1:35:53:f3:97:eb:f6:7d:ce:
29:d5:06:03:6c:7f:fb:e4:8f:e2:2e:32:eb:80:30:
fd:b5:f5:dc:a7:73:f3:ec:bb:24:9d:d6:60:cb:e5:
2d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:3C:86:51:0A:B9:FE:EA:67:EC:E2:3F:F2:B3:10:92:29:CE:44:58
X509v3 Authority Key Identifier:
keyid:9B:32:A2:E8:FC:BE:EE:63:02:0B:A9:3D:AA:B9:07:6C:37:BC:99:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mzKi6Py-7mMCC6k9qrkHbDe8mZE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/df21cb-08ac-4e5c-b854-e3ab9087d403/1/7TyGUQq5_upn7OI_8rMQkinORFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/df21cb-08ac-4e5c-b854-e3ab9087d403/1/mzKi6Py-7mMCC6k9qrkHbDe8mZE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.200.0/22
Signature Algorithm: sha256WithRSAEncryption
08:f9:4d:fa:d4:78:df:09:77:11:08:73:eb:55:10:da:a8:46:
5a:be:f9:f3:63:22:bf:19:f0:c0:72:24:38:03:bc:f5:78:68:
a4:9b:e5:aa:80:c9:12:ab:61:85:1e:b4:99:dc:1b:fa:b2:b1:
8b:2f:00:c8:68:4e:8e:63:bd:80:97:7b:56:d3:c9:31:32:cf:
55:0a:8f:26:49:c2:0f:f1:d4:2c:eb:7f:4f:8c:fe:62:0d:cf:
5e:30:70:49:56:5d:86:3a:c0:09:d8:90:fa:1b:6f:28:51:79:
3b:f2:95:7f:39:24:f1:89:92:24:47:82:33:07:06:16:31:14:
fb:4b:0e:de:8b:ac:63:e2:a4:2e:f0:af:17:d7:3d:24:ca:20:
b2:48:51:26:5d:c0:9e:1e:67:0c:57:27:ae:70:f7:47:25:bc:
a9:58:06:b0:07:fd:31:3c:3a:44:12:8c:00:45:13:d6:25:41:
b5:6f:8f:21:9d:86:fa:28:59:e7:88:88:1f:bc:96:d8:8a:03:
ea:7a:e4:ce:45:15:b1:5c:08:2b:88:e8:c2:ce:b9:9f:a5:78:
31:35:38:62:1f:ff:95:dc:de:0e:e0:d3:9e:b1:9d:62:83:ba:
19:3d:6c:2d:1e:ca:5c:15:fc:d3:45:05:9c:78:a8:5a:f4:05:
6e:d2:26:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmad8YHU81pTSc+LkHH2I4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMzJhMmU4ZmNiZWVlNjMwMjBiYTkzZGFhYjkwNzZjMzdi
Yzk5OTEwHhcNMjUwMTAyMDk0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDNjODY1MTBhYjlmZWVhNjdlY2UyM2ZmMmIzMTA5MjI5Y2U0NDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PL4YZpiXiwOzK92OpjfihpxUApy
smhPzZDh/ciaDdlM0SQVM6o4y5cZDf6/AjVp7ygZRc3ZEP/U6P4W/WQ65r5kgUdr
zXhxhJeh6RXW8c9EwEQEHEO4K5Q8Fp0HyCYI6qtxGg4n8vZoSHSmEjoP2lXUCRMj
1n1e3hl2faiOspkrlG3G0JRfPmOSxahFWiySiUX2jK71gAJ8BkpGoEHl9WUPt8/p
LICfOiTI8jLeRBaf5TPxsJ2alfnk3HpeT4XbvajIKK3Qtg3ziY1vK4qvD0F/+4xs
hIzBNVPzl+v2fc4p1QYDbH/75I/iLjLrgDD9tfXcp3Pz7LskndZgy+UtxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO08hlEKuf7qZ+ziP/KzEJIpzkRYMB8GA1UdIwQY
MBaAFJsyouj8vu5jAgupPaq5B2w3vJmRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXpLaTZQeS03bU1DQzZrOXFya0hiRGU4bVpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9kZjIxY2ItMDhhYy00ZTVjLWI4NTQt
ZTNhYjkwODdkNDAzLzEvN1R5R1VRcTVfdXBuN09JXzhyTVFraW5PUkZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9kZjIxY2ItMDhhYy00ZTVjLWI4NTQtZTNhYjkwODdkNDAz
LzEvbXpLaTZQeS03bU1DQzZrOXFya0hiRGU4bVpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQ/IMA0G
CSqGSIb3DQEBCwUAA4IBAQAI+U361HjfCXcRCHPrVRDaqEZavvnzYyK/GfDAciQ4
A7z1eGikm+WqgMkSq2GFHrSZ3Bv6srGLLwDIaE6OY72Al3tW08kxMs9VCo8mScIP
8dQs639PjP5iDc9eMHBJVl2GOsAJ2JD6G28oUXk78pV/OSTxiZIkR4IzBwYWMRT7
Sw7ei6xj4qQu8K8X1z0kyiCySFEmXcCeHmcMVyeucPdHJbypWAawB/0xPDpEEowA
RRPWJUG1b48hnYb6KFnniIgfvJbYigPqeuTORRWxXAgriOjCzrmfpXgxNThiH/+V
3N4O4NOesZ1ig7oZPWwtHspcFfzTRQWceKha9AVu0iY/
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:22:50 2025 by rpki-client