Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/eadbf8-8e44-4271-a72b-0c756fd248c8/1/SaZ443oipq0bsfJDLYjIo19nSYE.roa
File: SaZ443oipq0bsfJDLYjIo19nSYE.roa (raw, json)
Hash identifier: bbGAwjIFSt24TQW5ErR63eFYBdAf3A/1rF+QUtCNcps=
Subject key identifier: 49:A6:78:E3:7A:22:A6:AD:1B:B1:F2:43:2D:88:C8:A3:5F:67:49:81
Certificate issuer: /CN=ee28d94d484033f77e6f9381a02da3e242167dae
Certificate serial: 0196D5284E0BD96AA491642EEF14A5647F8B
Authority key identifier: EE:28:D9:4D:48:40:33:F7:7E:6F:93:81:A0:2D:A3:E2:42:16:7D:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7ijZTUhAM_d-b5OBoC2j4kIWfa4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/eadbf8-8e44-4271-a72b-0c756fd248c8/1/SaZ443oipq0bsfJDLYjIo19nSYE.roa
Signing time: Thu 15 May 2025 18:15:10 +0000
ROA not before: Thu 15 May 2025 18:15:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213659
IP address blocks: 45.156.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/eadbf8-8e44-4271-a72b-0c756fd248c8/1/7ijZTUhAM_d-b5OBoC2j4kIWfa4.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/eadbf8-8e44-4271-a72b-0c756fd248c8/1/7ijZTUhAM_d-b5OBoC2j4kIWfa4.mft
rsync://rpki.ripe.net/repository/DEFAULT/7ijZTUhAM_d-b5OBoC2j4kIWfa4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 09:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d5:28:4e:0b:d9:6a:a4:91:64:2e:ef:14:a5:64:7f:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee28d94d484033f77e6f9381a02da3e242167dae
Validity
Not Before: May 15 18:15:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=49a678e37a22a6ad1bb1f2432d88c8a35f674981
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:a7:23:d1:c0:dd:20:51:0d:df:04:d8:0b:5f:
25:40:df:37:a0:f2:2a:1d:b6:3d:bb:64:be:e7:fa:
45:4a:27:38:a8:4e:d9:0f:00:0e:12:bc:6e:15:dd:
b6:24:93:5c:d8:4f:40:40:af:3b:fe:4c:05:86:27:
85:05:4a:f9:54:f7:c0:c8:ba:02:e3:8c:21:2e:da:
9a:74:64:af:02:47:c7:d8:0c:df:34:24:0c:f4:9b:
0f:06:7e:2f:f1:aa:26:91:85:32:87:bd:2e:5c:a4:
a8:e7:8d:18:b4:d5:8f:0e:3b:4e:65:f1:ea:0c:80:
05:c1:fc:bf:fd:16:c2:01:e6:d2:68:d6:29:04:32:
2e:ea:a3:e4:d9:9e:4e:91:db:bb:56:5f:03:72:48:
6c:0c:c5:16:64:2a:75:e4:c4:db:f7:e4:e7:03:16:
05:49:68:4c:db:28:07:5c:f1:89:f7:66:5b:63:d6:
85:32:b2:69:6e:40:a2:61:98:68:f0:bb:a4:f0:ad:
1f:56:59:f1:2b:65:d0:af:c0:d7:91:eb:6f:0e:c7:
d8:b3:0d:fa:1b:6e:54:dc:78:c9:05:bb:67:f7:a1:
d1:c8:1f:b1:fd:3d:7a:fd:20:1c:07:81:78:1b:61:
23:02:dc:ec:c5:12:1c:76:b7:dc:1c:47:94:e3:65:
0f:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:A6:78:E3:7A:22:A6:AD:1B:B1:F2:43:2D:88:C8:A3:5F:67:49:81
X509v3 Authority Key Identifier:
keyid:EE:28:D9:4D:48:40:33:F7:7E:6F:93:81:A0:2D:A3:E2:42:16:7D:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7ijZTUhAM_d-b5OBoC2j4kIWfa4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/eadbf8-8e44-4271-a72b-0c756fd248c8/1/SaZ443oipq0bsfJDLYjIo19nSYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/eadbf8-8e44-4271-a72b-0c756fd248c8/1/7ijZTUhAM_d-b5OBoC2j4kIWfa4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.117.0/24
Signature Algorithm: sha256WithRSAEncryption
71:6d:26:7d:b6:da:54:01:a9:c8:67:5a:f0:4a:18:c4:54:a2:
48:ab:d1:ed:73:a9:72:b8:19:f8:89:cf:72:70:2d:49:50:ff:
67:a5:c0:0a:fd:b5:b6:26:ba:23:b9:b3:1b:14:d5:e0:ed:58:
97:77:36:c4:e4:34:f7:27:d6:02:31:39:51:62:19:2c:35:fc:
01:b4:ef:6b:24:cf:7a:d0:c2:36:00:ba:ea:8d:54:39:b2:47:
6c:86:5e:00:62:0e:26:9e:14:a7:d6:a4:27:87:1c:43:cf:a7:
9d:27:0a:60:08:06:df:d3:f6:19:56:a1:b1:df:68:31:0d:3d:
8d:9b:ee:64:05:3b:ac:c8:94:f4:3a:a8:79:55:09:b3:9c:16:
da:db:d1:3b:3c:7d:75:5a:5a:34:2f:27:5f:ad:4b:b1:89:2e:
4a:a3:53:9d:5a:29:42:8f:c7:e1:ab:67:7d:4a:63:1c:29:b1:
46:f1:c0:89:25:29:13:33:95:0d:f7:14:97:bb:08:6a:12:3f:
d2:61:ec:a2:87:60:24:f7:3d:02:d0:6a:a0:3f:92:06:e2:cf:
db:f3:31:0b:14:d8:cb:5c:25:0b:78:54:5d:de:8d:f2:69:94:
0e:9d:23:5b:29:90:47:19:a2:58:23:03:eb:e2:ae:cc:d0:9e:
68:62:24:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZbVKE4L2WqkkWQu7xSlZH+LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMjhkOTRkNDg0MDMzZjc3ZTZmOTM4MWEwMmRhM2UyNDIx
NjdkYWUwHhcNMjUwNTE1MTgxNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWE2NzhlMzdhMjJhNmFkMWJiMWYyNDMyZDg4YzhhMzVmNjc0OTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0acj0cDdIFEN3wTYC18lQN83oPIq
HbY9u2S+5/pFSic4qE7ZDwAOErxuFd22JJNc2E9AQK87/kwFhieFBUr5VPfAyLoC
44whLtqadGSvAkfH2AzfNCQM9JsPBn4v8aomkYUyh70uXKSo540YtNWPDjtOZfHq
DIAFwfy//RbCAebSaNYpBDIu6qPk2Z5Okdu7Vl8DckhsDMUWZCp15MTb9+TnAxYF
SWhM2ygHXPGJ92ZbY9aFMrJpbkCiYZho8Luk8K0fVlnxK2XQr8DXketvDsfYsw36
G25U3HjJBbtn96HRyB+x/T16/SAcB4F4G2EjAtzsxRIcdrfcHEeU42UPQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEmmeON6IqatG7HyQy2IyKNfZ0mBMB8GA1UdIwQY
MBaAFO4o2U1IQDP3fm+TgaAto+JCFn2uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2lqWlRVaEFNX2QtYjVPQm9DMmo0a0lXZmE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9lYWRiZjgtOGU0NC00MjcxLWE3MmIt
MGM3NTZmZDI0OGM4LzEvU2FaNDQzb2lwcTBic2ZKRExZaklvMTluU1lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9lYWRiZjgtOGU0NC00MjcxLWE3MmItMGM3NTZmZDI0OGM4
LzEvN2lqWlRVaEFNX2QtYjVPQm9DMmo0a0lXZmE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZx1MA0G
CSqGSIb3DQEBCwUAA4IBAQBxbSZ9ttpUAanIZ1rwShjEVKJIq9Htc6lyuBn4ic9y
cC1JUP9npcAK/bW2JrojubMbFNXg7ViXdzbE5DT3J9YCMTlRYhksNfwBtO9rJM96
0MI2ALrqjVQ5skdshl4AYg4mnhSn1qQnhxxDz6edJwpgCAbf0/YZVqGx32gxDT2N
m+5kBTusyJT0Oqh5VQmznBba29E7PH11Wlo0LydfrUuxiS5Ko1OdWilCj8fhq2d9
SmMcKbFG8cCJJSkTM5UN9xSXuwhqEj/SYeyih2Ak9z0C0GqgP5IG4s/b8zELFNjL
XCULeFRd3o3yaZQOnSNbKZBHGaJYIwPr4q7M0J5oYiTl
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:50:23 2025 by rpki-client