Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/b134b7-7843-4e0b-ac1d-063aea93ad7d/1/vSQNJQ-TqAY10tditE63QDgLi4U.roa
File: vSQNJQ-TqAY10tditE63QDgLi4U.roa (raw, json)
Hash identifier: OmFUSF7SfEkV+4PCWG7ne1LHCjmLdydl9a/jqJ2m+sc=
Subject key identifier: BD:24:0D:25:0F:93:A8:06:35:D2:D7:62:B4:4E:B7:40:38:0B:8B:85
Certificate issuer: /CN=280c3860fb96a823971e2ee62f8abff093861604
Certificate serial: 01941FFAA0943BFC2BC42579762CE9D3EC03
Authority key identifier: 28:0C:38:60:FB:96:A8:23:97:1E:2E:E6:2F:8A:BF:F0:93:86:16:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KAw4YPuWqCOXHi7mL4q_8JOGFgQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/b134b7-7843-4e0b-ac1d-063aea93ad7d/1/vSQNJQ-TqAY10tditE63QDgLi4U.roa
Signing time: Wed 01 Jan 2025 03:48:26 +0000
ROA not before: Wed 01 Jan 2025 03:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213868
IP address blocks: 45.130.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/b134b7-7843-4e0b-ac1d-063aea93ad7d/1/KAw4YPuWqCOXHi7mL4q_8JOGFgQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/b134b7-7843-4e0b-ac1d-063aea93ad7d/1/KAw4YPuWqCOXHi7mL4q_8JOGFgQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/KAw4YPuWqCOXHi7mL4q_8JOGFgQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:a0:94:3b:fc:2b:c4:25:79:76:2c:e9:d3:ec:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=280c3860fb96a823971e2ee62f8abff093861604
Validity
Not Before: Jan 1 03:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd240d250f93a80635d2d762b44eb740380b8b85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:9f:f2:31:44:a0:fc:6e:5b:cb:6e:ba:82:8f:
d8:c3:04:ab:3c:eb:6e:b6:01:c2:b3:e2:24:4e:5c:
3e:2c:a1:55:19:e4:a1:7d:46:eb:5d:e4:5e:3f:06:
cd:79:f8:29:31:ab:1c:da:c2:6a:d6:21:c3:1b:9b:
55:fa:1e:33:ff:35:0f:d6:05:a3:08:9f:5f:b2:18:
10:4a:5c:ba:a7:02:63:90:4d:a4:6b:49:c9:8b:f3:
bb:02:b1:cb:7a:2b:17:64:c8:df:8d:79:0b:77:b4:
d6:bd:93:65:b3:0f:22:01:6a:77:22:58:ea:32:95:
af:33:08:d6:46:fc:5f:ca:c6:84:94:98:9b:d8:06:
5b:bd:41:06:c7:31:89:76:61:2c:14:de:d9:be:3a:
c2:12:b2:56:ba:65:ab:87:c3:fa:68:8e:a6:0b:e6:
c3:62:10:68:61:5c:81:d5:f7:78:ae:d8:49:47:a4:
41:5c:f1:bd:22:cf:40:0e:e7:c1:cf:40:6c:4f:dc:
73:c2:fd:94:30:ea:8c:b8:ec:78:e1:b0:a2:b1:cb:
4a:2b:e1:0c:c7:96:18:06:46:3b:5d:da:b1:46:cd:
56:08:99:87:fe:df:4f:4c:f4:7e:9f:d0:2b:b9:56:
7c:a4:b7:2e:5e:9b:32:d8:35:4e:d2:19:b5:15:e0:
f8:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:24:0D:25:0F:93:A8:06:35:D2:D7:62:B4:4E:B7:40:38:0B:8B:85
X509v3 Authority Key Identifier:
keyid:28:0C:38:60:FB:96:A8:23:97:1E:2E:E6:2F:8A:BF:F0:93:86:16:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KAw4YPuWqCOXHi7mL4q_8JOGFgQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/b134b7-7843-4e0b-ac1d-063aea93ad7d/1/vSQNJQ-TqAY10tditE63QDgLi4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/b134b7-7843-4e0b-ac1d-063aea93ad7d/1/KAw4YPuWqCOXHi7mL4q_8JOGFgQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.47.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:17:d6:ee:91:30:44:b3:49:56:fe:0d:b5:42:84:f6:dc:9b:
1e:38:96:07:6a:7d:5c:a9:8d:2c:49:b4:0d:f6:ce:30:f7:04:
5a:47:4c:4d:c7:4f:90:b7:f3:7e:a8:3c:da:f1:21:28:04:3d:
77:41:ee:c3:96:57:f6:bd:ee:3c:af:d7:93:cc:ac:84:95:cc:
09:08:4d:a9:21:57:9e:03:dd:2d:65:61:57:dd:70:74:da:dc:
6a:1c:fb:34:02:b3:f4:fb:06:08:d1:eb:40:69:fc:9d:3d:f3:
46:12:17:db:01:ae:c8:b4:5c:05:ee:c2:db:4a:99:be:8b:a9:
92:2e:b5:59:9b:76:67:21:0b:6e:f7:3b:7f:a8:9e:19:f1:e2:
ba:74:5e:d4:bb:a0:ba:7e:9d:49:a0:57:6a:4e:c2:ed:f2:dd:
93:e7:e1:ef:9a:3d:f8:28:79:c4:93:45:fa:83:b7:67:d2:c9:
32:26:9b:af:3f:4c:ee:67:f8:85:78:1e:e4:30:b4:7c:cd:36:
93:f9:d3:88:ee:ee:89:e3:50:03:47:4d:24:e4:a0:92:0b:67:
e4:59:4f:8e:bc:f8:50:40:04:f0:48:30:d4:13:2f:64:24:17:
67:1d:43:0a:04:5e:f2:7b:1b:da:a5:05:ae:37:1c:44:02:2d:
88:55:ea:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+qCUO/wrxCV5dizp0+wDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MGMzODYwZmI5NmE4MjM5NzFlMmVlNjJmOGFiZmYwOTM4
NjE2MDQwHhcNMjUwMTAxMDM0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDI0MGQyNTBmOTNhODA2MzVkMmQ3NjJiNDRlYjc0MDM4MGI4Yjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJ/yMUSg/G5by266go/YwwSrPOtu
tgHCs+IkTlw+LKFVGeShfUbrXeRePwbNefgpMasc2sJq1iHDG5tV+h4z/zUP1gWj
CJ9fshgQSly6pwJjkE2ka0nJi/O7ArHLeisXZMjfjXkLd7TWvZNlsw8iAWp3Iljq
MpWvMwjWRvxfysaElJib2AZbvUEGxzGJdmEsFN7ZvjrCErJWumWrh8P6aI6mC+bD
YhBoYVyB1fd4rthJR6RBXPG9Is9ADufBz0BsT9xzwv2UMOqMuOx44bCisctKK+EM
x5YYBkY7XdqxRs1WCJmH/t9PTPR+n9AruVZ8pLcuXpsy2DVO0hm1FeD4hwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL0kDSUPk6gGNdLXYrROt0A4C4uFMB8GA1UdIwQY
MBaAFCgMOGD7lqgjlx4u5i+Kv/CThhYEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0F3NFlQdVdxQ09YSGk3bUw0cV84Sk9HRmdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9iMTM0YjctNzg0My00ZTBiLWFjMWQt
MDYzYWVhOTNhZDdkLzEvdlNRTkpRLVRxQVkxMHRkaXRFNjNRRGdMaTRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9iMTM0YjctNzg0My00ZTBiLWFjMWQtMDYzYWVhOTNhZDdk
LzEvS0F3NFlQdVdxQ09YSGk3bUw0cV84Sk9HRmdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYIvMA0G
CSqGSIb3DQEBCwUAA4IBAQA+F9bukTBEs0lW/g21QoT23JseOJYHan1cqY0sSbQN
9s4w9wRaR0xNx0+Qt/N+qDza8SEoBD13Qe7Dllf2ve48r9eTzKyElcwJCE2pIVee
A90tZWFX3XB02txqHPs0ArP0+wYI0etAafydPfNGEhfbAa7ItFwF7sLbSpm+i6mS
LrVZm3ZnIQtu9zt/qJ4Z8eK6dF7Uu6C6fp1JoFdqTsLt8t2T5+Hvmj34KHnEk0X6
g7dn0skyJpuvP0zuZ/iFeB7kMLR8zTaT+dOI7u6J41ADR00k5KCSC2fkWU+OvPhQ
QATwSDDUEy9kJBdnHUMKBF7yexvapQWuNxxEAi2IVeo5
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:47:03 2025 by rpki-client