Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/53100f-1bb3-4219-9c82-2398704ab50c/1/FseoG8adiLo0RLAf1UjvghOTljU.roa
File: FseoG8adiLo0RLAf1UjvghOTljU.roa (raw, json)
Hash identifier: KjYrZHqJ+HstyQr/uUASJXDHhJKgj2NLAuGOtjEwvqg=
Subject key identifier: 16:C7:A8:1B:C6:9D:88:BA:34:44:B0:1F:D5:48:EF:82:13:93:96:35
Certificate issuer: /CN=1b68656126198373d07886bf4ab8fb06b9006780
Certificate serial: 01942144353336A47B67362E9135877916FC
Authority key identifier: 1B:68:65:61:26:19:83:73:D0:78:86:BF:4A:B8:FB:06:B9:00:67:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G2hlYSYZg3PQeIa_Srj7BrkAZ4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/53100f-1bb3-4219-9c82-2398704ab50c/1/FseoG8adiLo0RLAf1UjvghOTljU.roa
Signing time: Wed 01 Jan 2025 09:48:25 +0000
ROA not before: Wed 01 Jan 2025 09:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208621
IP address blocks: 45.92.36.0/24 maxlen: 24
45.92.37.0/24 maxlen: 24
45.92.38.0/24 maxlen: 24
45.92.39.0/24 maxlen: 24
2a0e:1bc0::/35 maxlen: 35
2a0e:1bc0:2000::/35 maxlen: 35
2a0e:1bc0:4000::/35 maxlen: 35
2a0e:1bc0:6000::/35 maxlen: 35
2a0e:1bc1::/35 maxlen: 35
2a0e:1bc1:2000::/35 maxlen: 35
2a0e:1bc1:4000::/35 maxlen: 35
2a0e:1bc1:6000::/35 maxlen: 35
2a0e:1bc4::/35 maxlen: 35
2a0e:1bc5::/35 maxlen: 35
2a0e:1bc7::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/53100f-1bb3-4219-9c82-2398704ab50c/1/G2hlYSYZg3PQeIa_Srj7BrkAZ4A.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/53100f-1bb3-4219-9c82-2398704ab50c/1/G2hlYSYZg3PQeIa_Srj7BrkAZ4A.mft
rsync://rpki.ripe.net/repository/DEFAULT/G2hlYSYZg3PQeIa_Srj7BrkAZ4A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:35:33:36:a4:7b:67:36:2e:91:35:87:79:16:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b68656126198373d07886bf4ab8fb06b9006780
Validity
Not Before: Jan 1 09:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=16c7a81bc69d88ba3444b01fd548ef8213939635
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:05:0d:fb:71:b0:1e:ba:d0:7f:ae:25:fb:ce:
df:4b:09:6a:6f:5d:60:41:eb:c7:15:49:0a:d0:ba:
da:0c:93:aa:42:7a:ab:0a:13:ec:ba:1b:f4:78:4d:
64:54:ce:a1:69:df:3f:cb:01:86:51:d8:e9:55:98:
c5:42:a6:8e:90:33:e3:f9:5b:7b:5c:c9:56:e7:19:
fd:3b:16:e9:e9:1c:26:e0:80:75:01:ca:28:05:cf:
b7:ed:3d:23:6f:0c:4b:f3:9a:01:da:31:e8:63:58:
4e:24:4b:bc:6f:6c:c5:7b:51:89:11:9c:aa:98:97:
ad:d0:16:5b:7f:60:3d:af:59:46:12:f2:7a:7d:a3:
7a:8f:88:a3:9c:e2:fe:63:1e:f5:97:78:4e:e0:d8:
95:88:fc:f5:61:d0:6c:8e:79:26:3c:7e:ab:96:85:
38:01:d0:64:0b:c9:e6:a3:dd:71:e6:c8:89:ac:0a:
87:a1:e4:b8:c8:44:7e:90:4f:17:53:86:4a:67:94:
88:3c:c6:f8:9f:a8:9b:04:aa:2f:3e:7a:6d:8a:39:
10:68:81:44:4d:15:18:44:e0:d1:a6:7e:68:ba:7d:
fd:59:13:09:13:c4:cf:4e:60:cd:b5:c3:c4:24:8d:
fb:16:b2:82:22:71:23:77:d8:7a:c2:06:15:2f:99:
25:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:C7:A8:1B:C6:9D:88:BA:34:44:B0:1F:D5:48:EF:82:13:93:96:35
X509v3 Authority Key Identifier:
keyid:1B:68:65:61:26:19:83:73:D0:78:86:BF:4A:B8:FB:06:B9:00:67:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G2hlYSYZg3PQeIa_Srj7BrkAZ4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/53100f-1bb3-4219-9c82-2398704ab50c/1/FseoG8adiLo0RLAf1UjvghOTljU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/53100f-1bb3-4219-9c82-2398704ab50c/1/G2hlYSYZg3PQeIa_Srj7BrkAZ4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.36.0/22
IPv6:
2a0e:1bc0::/33
2a0e:1bc1::/33
2a0e:1bc4::/35
2a0e:1bc5::/35
2a0e:1bc7::/35
Signature Algorithm: sha256WithRSAEncryption
04:fd:66:d4:39:23:7c:ea:94:d2:26:06:03:e3:87:a9:ff:35:
5f:7b:e0:11:9a:60:23:62:d8:b8:c1:45:32:2b:4b:53:a7:a0:
ab:3b:cb:fd:26:05:81:cd:50:59:cb:b0:e0:63:61:90:e8:e3:
2b:cf:ae:6a:09:43:c3:45:54:fc:70:f7:78:8e:1b:6b:49:32:
05:8a:4b:c7:d3:50:84:0c:a8:f6:c9:30:d3:c0:31:a1:26:77:
c0:e2:63:1a:00:0e:56:74:87:91:c7:c9:bb:13:ef:85:49:e4:
1c:d3:60:4b:fe:de:7e:f0:a4:e6:29:d4:3e:cb:57:15:d0:ba:
9a:ea:88:b0:3d:31:db:93:09:00:71:28:71:0b:17:4e:43:7c:
e5:51:98:06:7b:82:37:ee:b3:c5:28:1a:86:30:b2:6d:8c:ce:
4d:54:50:d8:b2:cd:e7:62:4f:89:33:5d:94:1c:ef:fe:b5:9d:
fd:ed:9f:e6:6a:55:7b:27:b4:8d:38:6a:db:7f:04:f4:b3:94:
57:fa:7f:d1:8a:a3:20:1a:66:76:2f:7d:fc:a0:89:87:c8:76:
89:7f:35:32:f4:87:03:50:83:93:3e:c7:0b:c2:9e:ee:1f:0e:
60:85:c0:85:c7:74:f3:72:05:6e:ed:e7:b0:b0:7b:15:d9:01:
59:ca:0e:0a
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQhRDUzNqR7ZzYukTWHeRb8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiNjg2NTYxMjYxOTgzNzNkMDc4ODZiZjRhYjhmYjA2Yjkw
MDY3ODAwHhcNMjUwMTAxMDk0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmM3YTgxYmM2OWQ4OGJhMzQ0NGIwMWZkNTQ4ZWY4MjEzOTM5NjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0AUN+3GwHrrQf64l+87fSwlqb11g
QevHFUkK0LraDJOqQnqrChPsuhv0eE1kVM6had8/ywGGUdjpVZjFQqaOkDPj+Vt7
XMlW5xn9Oxbp6Rwm4IB1AcooBc+37T0jbwxL85oB2jHoY1hOJEu8b2zFe1GJEZyq
mJet0BZbf2A9r1lGEvJ6faN6j4ijnOL+Yx71l3hO4NiViPz1YdBsjnkmPH6rloU4
AdBkC8nmo91x5siJrAqHoeS4yER+kE8XU4ZKZ5SIPMb4n6ibBKovPnptijkQaIFE
TRUYRODRpn5oun39WRMJE8TPTmDNtcPEJI37FrKCInEjd9h6wgYVL5kl6wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFBbHqBvGnYi6NESwH9VI74ITk5Y1MB8GA1UdIwQY
MBaAFBtoZWEmGYNz0HiGv0q4+wa5AGeAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzJobFlTWVpnM1BRZUlhX1NyajdCcmtBWjRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS81MzEwMGYtMWJiMy00MjE5LTljODIt
MjM5ODcwNGFiNTBjLzEvRnNlb0c4YWRpTG8wUkxBZjFVanZnaE9UbGpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS81MzEwMGYtMWJiMy00MjE5LTljODItMjM5ODcwNGFiNTBj
LzEvRzJobFlTWVpnM1BRZUlhX1NyajdCcmtBWjRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAMBAIAATAGAwQCLVwkMC4E
AgACMCgDBgcqDhvAAAMGByoOG8EAAwYFKg4bxAADBgUqDhvFAAMGBSoOG8cAMA0G
CSqGSIb3DQEBCwUAA4IBAQAE/WbUOSN86pTSJgYD44ep/zVfe+ARmmAjYti4wUUy
K0tTp6CrO8v9JgWBzVBZy7DgY2GQ6OMrz65qCUPDRVT8cPd4jhtrSTIFikvH01CE
DKj2yTDTwDGhJnfA4mMaAA5WdIeRx8m7E++FSeQc02BL/t5+8KTmKdQ+y1cV0Lqa
6oiwPTHbkwkAcShxCxdOQ3zlUZgGe4I37rPFKBqGMLJtjM5NVFDYss3nYk+JM12U
HO/+tZ397Z/malV7J7SNOGrbfwT0s5RX+n/RiqMgGmZ2L338oImHyHaJfzUy9IcD
UIOTPscLwp7uHw5ghcCFx3TzcgVu7eewsHsV2QFZyg4K
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:53:21 2025 by rpki-client