Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/d96189-eee1-4e9f-9d60-95e8d8293098/1/cxA-RyOMLkq935v_LceKQwYPwHs.roa
File: cxA-RyOMLkq935v_LceKQwYPwHs.roa (raw, json)
Hash identifier: HnGDMBYysRSj3AGQ0kR7dSJMblTeuNonvUsGSEcjwQ4=
Subject key identifier: 73:10:3E:47:23:8C:2E:4A:BD:DF:9B:FF:2D:C7:8A:43:06:0F:C0:7B
Certificate issuer: /CN=9a8053bcd2c4d8a7a2a325e2b7464166a5e48ddd
Certificate serial: 01942144221489389C45EB820580B3517CB3
Authority key identifier: 9A:80:53:BC:D2:C4:D8:A7:A2:A3:25:E2:B7:46:41:66:A5:E4:8D:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/moBTvNLE2KeioyXit0ZBZqXkjd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/d96189-eee1-4e9f-9d60-95e8d8293098/1/cxA-RyOMLkq935v_LceKQwYPwHs.roa
Signing time: Wed 01 Jan 2025 09:48:20 +0000
ROA not before: Wed 01 Jan 2025 09:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39862
IP address blocks: 45.132.92.0/24 maxlen: 24
45.132.93.0/24 maxlen: 24
45.132.94.0/24 maxlen: 24
45.132.95.0/24 maxlen: 24
193.34.140.0/24 maxlen: 24
193.34.141.0/24 maxlen: 24
194.50.254.0/24 maxlen: 24
2a0e:69c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/d96189-eee1-4e9f-9d60-95e8d8293098/1/moBTvNLE2KeioyXit0ZBZqXkjd0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/d96189-eee1-4e9f-9d60-95e8d8293098/1/moBTvNLE2KeioyXit0ZBZqXkjd0.mft
rsync://rpki.ripe.net/repository/DEFAULT/moBTvNLE2KeioyXit0ZBZqXkjd0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:22:14:89:38:9c:45:eb:82:05:80:b3:51:7c:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a8053bcd2c4d8a7a2a325e2b7464166a5e48ddd
Validity
Not Before: Jan 1 09:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=73103e47238c2e4abddf9bff2dc78a43060fc07b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:41:19:68:a3:13:74:3f:7a:bb:b7:41:0f:c7:
6b:74:a4:c7:25:69:ca:5a:79:15:a8:e9:a8:39:26:
1a:d4:21:2a:0c:4b:f3:f4:3b:6a:2e:c3:3d:d8:70:
54:77:d6:c0:66:b5:c0:e2:81:cb:7a:80:5c:d3:73:
0e:6a:53:21:ca:51:43:d6:55:c2:8e:f0:f4:bc:29:
19:3a:49:df:c4:f5:54:99:2c:83:03:d5:61:43:dd:
0b:f5:f5:7e:a6:c9:f6:5e:96:8e:25:3b:75:39:32:
84:8d:08:7c:02:51:e1:d7:da:56:4e:6d:2e:a2:1d:
b4:35:27:cf:d8:1d:13:84:d7:12:c6:61:e6:24:80:
16:34:5f:01:bc:fc:9f:f7:b8:5d:37:2f:20:6d:03:
bc:ea:b2:0b:27:2f:b0:de:41:45:1f:b2:6e:59:d8:
8a:fb:0a:7d:9a:11:36:0b:14:cc:62:83:11:8e:54:
36:b6:05:16:d2:1f:2a:f3:3b:c2:f4:bf:51:f6:c9:
8a:58:24:ad:40:7a:67:99:d6:d0:02:73:ff:49:4e:
b2:ce:17:ce:f1:fa:10:b1:70:f2:30:95:40:8e:24:
dc:f6:62:88:1d:b9:c8:c8:11:29:85:5e:e3:f5:a3:
f6:41:6e:31:ba:73:bb:56:3c:de:39:93:ac:08:f6:
ad:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:10:3E:47:23:8C:2E:4A:BD:DF:9B:FF:2D:C7:8A:43:06:0F:C0:7B
X509v3 Authority Key Identifier:
keyid:9A:80:53:BC:D2:C4:D8:A7:A2:A3:25:E2:B7:46:41:66:A5:E4:8D:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/moBTvNLE2KeioyXit0ZBZqXkjd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/d96189-eee1-4e9f-9d60-95e8d8293098/1/cxA-RyOMLkq935v_LceKQwYPwHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/d96189-eee1-4e9f-9d60-95e8d8293098/1/moBTvNLE2KeioyXit0ZBZqXkjd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.92.0/22
193.34.140.0/23
194.50.254.0/24
IPv6:
2a0e:69c0::/48
Signature Algorithm: sha256WithRSAEncryption
ac:08:76:d7:20:43:a3:55:7b:29:44:f0:71:76:e5:0f:49:0c:
c1:65:25:1e:be:24:8f:2c:ed:55:79:71:8b:49:d9:e6:ab:9f:
15:78:89:c3:11:f8:4b:81:77:b4:a1:f3:11:cb:5a:4f:29:d6:
d5:3b:04:b8:bb:bc:b5:05:ca:2a:4a:9a:c2:3e:ba:33:72:c6:
9d:6e:ac:3f:d8:49:94:ce:a3:b5:c3:32:8a:bb:99:53:d0:fd:
4a:4d:89:fb:e5:8c:7f:8f:cb:6f:d0:05:cd:8c:b7:20:c5:6e:
0f:38:aa:77:1f:84:ee:93:34:84:22:5a:95:f5:21:81:50:c6:
a9:b5:20:e3:f3:f5:d6:47:ea:bf:73:8c:b9:02:d5:ad:1b:ac:
8f:07:e7:51:95:d3:1b:12:44:92:3a:b3:a8:4f:1c:bf:7c:98:
fe:f2:4d:3b:61:0c:05:56:a5:2f:24:f4:aa:47:37:34:37:fd:
0f:d0:1e:c7:6f:64:18:47:85:85:3c:b0:a3:46:ef:e2:cc:eb:
e1:7f:4e:6a:31:04:d7:1c:89:3b:da:f5:b1:3e:bf:f3:9c:e4:
08:09:e2:15:82:ed:2a:1c:1c:f9:d4:ac:b0:ca:a8:10:6a:f9:
2a:49:11:90:35:2c:80:fe:ff:5a:0a:97:28:37:93:90:78:20:
08:96:91:c7
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQhRCIUiTicReuCBYCzUXyzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhODA1M2JjZDJjNGQ4YTdhMmEzMjVlMmI3NDY0MTY2YTVl
NDhkZGQwHhcNMjUwMTAxMDk0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzEwM2U0NzIzOGMyZTRhYmRkZjliZmYyZGM3OGE0MzA2MGZjMDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkEZaKMTdD96u7dBD8drdKTHJWnK
WnkVqOmoOSYa1CEqDEvz9DtqLsM92HBUd9bAZrXA4oHLeoBc03MOalMhylFD1lXC
jvD0vCkZOknfxPVUmSyDA9VhQ90L9fV+psn2XpaOJTt1OTKEjQh8AlHh19pWTm0u
oh20NSfP2B0ThNcSxmHmJIAWNF8BvPyf97hdNy8gbQO86rILJy+w3kFFH7JuWdiK
+wp9mhE2CxTMYoMRjlQ2tgUW0h8q8zvC9L9R9smKWCStQHpnmdbQAnP/SU6yzhfO
8foQsXDyMJVAjiTc9mKIHbnIyBEphV7j9aP2QW4xunO7VjzeOZOsCPatRwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFHMQPkcjjC5Kvd+b/y3HikMGD8B7MB8GA1UdIwQY
MBaAFJqAU7zSxNinoqMl4rdGQWal5I3dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW9CVHZOTEUyS2Vpb3lYaXQwWkJacVhramQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9kOTYxODktZWVlMS00ZTlmLTlkNjAt
OTVlOGQ4MjkzMDk4LzEvY3hBLVJ5T01Ma3E5MzV2X0xjZUtRd1lQd0hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9kOTYxODktZWVlMS00ZTlmLTlkNjAtOTVlOGQ4MjkzMDk4
LzEvbW9CVHZOTEUyS2Vpb3lYaXQwWkJacVhramQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQCLYRcAwQB
wSKMAwQAwjL+MA8EAgACMAkDBwAqDmnAAAAwDQYJKoZIhvcNAQELBQADggEBAKwI
dtcgQ6NVeylE8HF25Q9JDMFlJR6+JI8s7VV5cYtJ2earnxV4icMR+EuBd7Sh8xHL
Wk8p1tU7BLi7vLUFyipKmsI+ujNyxp1urD/YSZTOo7XDMoq7mVPQ/UpNifvljH+P
y2/QBc2MtyDFbg84qncfhO6TNIQiWpX1IYFQxqm1IOPz9dZH6r9zjLkC1a0brI8H
51GV0xsSRJI6s6hPHL98mP7yTTthDAVWpS8k9KpHNzQ3/Q/QHsdvZBhHhYU8sKNG
7+LM6+F/TmoxBNcciTva9bE+v/Oc5AgJ4hWC7SocHPnUrLDKqBBq+SpJEZA1LID+
/1oKlyg3k5B4IAiWkcc=
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:37:12 2025 by rpki-client