Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/3511af-0b4e-40b3-bf8f-479c114656fc/1/j2BsJZHL3LgBeU5YdWYJa32hdy4.roa
File: j2BsJZHL3LgBeU5YdWYJa32hdy4.roa (raw, json)
Hash identifier: d+oREESRuLvMYhUCDv9aLTd0uG0phphp5vORkyTT7cw=
Subject key identifier: 8F:60:6C:25:91:CB:DC:B8:01:79:4E:58:75:66:09:6B:7D:A1:77:2E
Certificate issuer: /CN=de4682e6b28660bd88a9b4d28cb1d75ef7cc6d7f
Certificate serial: 019421443BF72B87D46FC05E62912E77F459
Authority key identifier: DE:46:82:E6:B2:86:60:BD:88:A9:B4:D2:8C:B1:D7:5E:F7:CC:6D:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3kaC5rKGYL2IqbTSjLHXXvfMbX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/3511af-0b4e-40b3-bf8f-479c114656fc/1/j2BsJZHL3LgBeU5YdWYJa32hdy4.roa
Signing time: Wed 01 Jan 2025 09:48:27 +0000
ROA not before: Wed 01 Jan 2025 09:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25160
IP address blocks: 45.88.112.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/3511af-0b4e-40b3-bf8f-479c114656fc/1/3kaC5rKGYL2IqbTSjLHXXvfMbX8.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/3511af-0b4e-40b3-bf8f-479c114656fc/1/3kaC5rKGYL2IqbTSjLHXXvfMbX8.mft
rsync://rpki.ripe.net/repository/DEFAULT/3kaC5rKGYL2IqbTSjLHXXvfMbX8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 12:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:3b:f7:2b:87:d4:6f:c0:5e:62:91:2e:77:f4:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de4682e6b28660bd88a9b4d28cb1d75ef7cc6d7f
Validity
Not Before: Jan 1 09:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f606c2591cbdcb801794e587566096b7da1772e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:75:3d:96:5d:ed:4e:34:94:52:b7:41:d8:ba:
8f:4c:ae:16:56:01:1d:b8:78:da:1d:c2:6f:be:80:
2a:99:02:71:1b:de:78:6d:bf:fc:4b:f8:4f:42:86:
c9:89:92:52:91:fb:52:e1:7e:56:de:ae:b9:aa:14:
e2:79:fe:32:8e:5f:ee:9b:14:40:1a:26:fa:17:92:
d3:62:a1:32:9a:c8:d6:5e:44:6d:68:7a:e2:df:0b:
cf:c9:01:82:70:99:af:41:a8:25:86:6c:d6:17:a5:
33:82:e9:fc:7e:03:6b:99:16:a4:e3:b4:37:be:14:
08:91:ed:b0:3d:98:c5:4a:c0:ca:41:6d:7b:92:46:
28:28:6b:12:93:ba:0e:2d:3d:0b:ca:4a:57:ed:6e:
28:a7:ad:f6:5f:98:83:92:e2:ba:9b:63:e1:0d:1d:
57:69:ec:cb:c8:d2:4f:b5:a1:57:14:4b:91:e9:7c:
75:74:8b:9a:7e:e8:a4:c9:a0:9e:fe:f8:44:69:32:
4a:48:6e:e2:32:6c:b0:d2:8e:75:de:d4:cd:a7:ff:
cd:0a:7b:23:90:37:3d:c5:7b:61:8a:08:5f:5a:9c:
59:5b:2f:2b:fc:2f:84:0f:96:85:29:05:55:01:05:
a5:76:7b:fb:5c:e1:fe:38:42:7d:63:be:2f:37:5f:
3a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:60:6C:25:91:CB:DC:B8:01:79:4E:58:75:66:09:6B:7D:A1:77:2E
X509v3 Authority Key Identifier:
keyid:DE:46:82:E6:B2:86:60:BD:88:A9:B4:D2:8C:B1:D7:5E:F7:CC:6D:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3kaC5rKGYL2IqbTSjLHXXvfMbX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/3511af-0b4e-40b3-bf8f-479c114656fc/1/j2BsJZHL3LgBeU5YdWYJa32hdy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/3511af-0b4e-40b3-bf8f-479c114656fc/1/3kaC5rKGYL2IqbTSjLHXXvfMbX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.112.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:b0:b2:30:c0:17:74:83:ec:ad:a2:d5:d6:bd:2c:f7:7b:ba:
4c:cc:d2:23:e7:72:04:3a:e3:44:3a:46:20:97:45:5a:17:13:
b0:c0:70:8a:4f:fe:7d:19:64:da:f5:24:b6:58:4b:15:2c:d3:
86:83:e5:ad:8f:36:65:8d:c2:23:0e:1a:1f:f5:a1:06:8d:58:
32:36:bb:16:45:00:28:f3:e0:2c:86:d8:fc:55:ee:52:ad:94:
a4:e7:31:67:36:d0:8e:db:86:a7:b1:fb:a3:12:3f:15:27:47:
e4:0d:39:29:0f:ef:99:10:9b:1f:78:f6:99:78:25:c9:92:05:
c4:31:31:e6:b1:e8:58:bc:e8:ff:dc:82:f9:d3:51:d6:bb:de:
67:43:d4:00:f4:c7:da:e4:f7:34:a1:6d:db:87:69:a1:b9:21:
3f:5a:ee:53:2c:5e:d7:60:cf:7a:9e:23:7b:76:c6:9e:ef:1e:
20:ec:82:63:9d:ba:eb:d4:0e:0e:4f:6e:69:b6:03:76:6b:00:
a3:71:90:94:9f:33:57:ef:3f:22:b3:fd:b1:de:44:6a:df:1c:
fe:4d:8c:76:82:83:db:f6:23:f7:43:a4:89:f3:6a:b2:43:ee:
5d:0e:9a:54:c1:5e:8b:fa:10:7a:47:64:78:39:36:35:cb:32:
31:4d:b0:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRDv3K4fUb8BeYpEud/RZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDY4MmU2YjI4NjYwYmQ4OGE5YjRkMjhjYjFkNzVlZjdj
YzZkN2YwHhcNMjUwMTAxMDk0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjYwNmMyNTkxY2JkY2I4MDE3OTRlNTg3NTY2MDk2YjdkYTE3NzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXU9ll3tTjSUUrdB2LqPTK4WVgEd
uHjaHcJvvoAqmQJxG954bb/8S/hPQobJiZJSkftS4X5W3q65qhTief4yjl/umxRA
Gib6F5LTYqEymsjWXkRtaHri3wvPyQGCcJmvQaglhmzWF6Uzgun8fgNrmRak47Q3
vhQIke2wPZjFSsDKQW17kkYoKGsSk7oOLT0LykpX7W4op632X5iDkuK6m2PhDR1X
aezLyNJPtaFXFEuR6Xx1dIuafuikyaCe/vhEaTJKSG7iMmyw0o513tTNp//NCnsj
kDc9xXthighfWpxZWy8r/C+ED5aFKQVVAQWldnv7XOH+OEJ9Y74vN186iwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI9gbCWRy9y4AXlOWHVmCWt9oXcuMB8GA1UdIwQY
MBaAFN5GguayhmC9iKm00oyx1173zG1/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2thQzVyS0dZTDJJcWJUU2pMSFhYdmZNYlg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8zNTExYWYtMGI0ZS00MGIzLWJmOGYt
NDc5YzExNDY1NmZjLzEvajJCc0paSEwzTGdCZVU1WWRXWUphMzJoZHk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8zNTExYWYtMGI0ZS00MGIzLWJmOGYtNDc5YzExNDY1NmZj
LzEvM2thQzVyS0dZTDJJcWJUU2pMSFhYdmZNYlg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVhwMA0G
CSqGSIb3DQEBCwUAA4IBAQB9sLIwwBd0g+ytotXWvSz3e7pMzNIj53IEOuNEOkYg
l0VaFxOwwHCKT/59GWTa9SS2WEsVLNOGg+WtjzZljcIjDhof9aEGjVgyNrsWRQAo
8+Ashtj8Ve5SrZSk5zFnNtCO24ansfujEj8VJ0fkDTkpD++ZEJsfePaZeCXJkgXE
MTHmsehYvOj/3IL501HWu95nQ9QA9Mfa5Pc0oW3bh2mhuSE/Wu5TLF7XYM96niN7
dsae7x4g7IJjnbrr1A4OT25ptgN2awCjcZCUnzNX7z8is/2x3kRq3xz+TYx2goPb
9iP3Q6SJ82qyQ+5dDppUwV6L+hB6R2R4OTY1yzIxTbA8
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:36:39 2025 by rpki-client