Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/1-0Y1K8-7iyhXdhoTYDD_MThh3vE.roa
File: 1-0Y1K8-7iyhXdhoTYDD_MThh3vE.roa (raw, json)
Hash identifier: UqK1yASRyJvFv5c4mwnLEN1kbb6bTTjQR+7JRYc/30A=
Subject key identifier: FB:46:35:2B:CF:BB:8B:28:57:76:1A:13:60:30:FF:31:38:61:DE:F1
Certificate issuer: /CN=c8d5e37178d8524c72660a1d796165999e586622
Certificate serial: 01943FE59898D74F0009D9006206D17BE6D5
Authority key identifier: C8:D5:E3:71:78:D8:52:4C:72:66:0A:1D:79:61:65:99:9E:58:66:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yNXjcXjYUkxyZgodeWFlmZ5YZiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/1-0Y1K8-7iyhXdhoTYDD_MThh3vE.roa
Signing time: Tue 07 Jan 2025 08:33:18 +0000
ROA not before: Tue 07 Jan 2025 08:33:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59456
IP address blocks: 45.152.40.0/22 maxlen: 22
91.239.15.0/24 maxlen: 24
185.55.24.0/22 maxlen: 22
195.244.18.0/24 maxlen: 24
2a01:8cc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/yNXjcXjYUkxyZgodeWFlmZ5YZiI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/yNXjcXjYUkxyZgodeWFlmZ5YZiI.mft
rsync://rpki.ripe.net/repository/DEFAULT/yNXjcXjYUkxyZgodeWFlmZ5YZiI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3f:e5:98:98:d7:4f:00:09:d9:00:62:06:d1:7b:e6:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8d5e37178d8524c72660a1d796165999e586622
Validity
Not Before: Jan 7 08:33:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fb46352bcfbb8b2857761a136030ff313861def1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:9e:15:4e:7b:e7:d6:fc:a3:6a:b4:02:b8:6f:
55:17:10:b6:54:20:dd:01:47:69:9e:f3:5f:4a:27:
4e:f5:4a:70:72:92:3b:b0:13:b6:5e:92:85:47:db:
98:d0:e3:fb:7a:d7:8a:02:d0:ef:44:45:1e:0c:2f:
4e:05:8d:f2:44:46:85:da:2a:a4:8d:df:d7:8c:0c:
a9:ff:b1:59:d9:4d:0e:e4:c4:e0:74:4f:63:68:18:
78:86:12:4c:96:f0:1b:e5:e5:c0:b3:07:08:fb:8f:
a9:f1:49:24:4d:7e:ad:b5:4d:c2:44:ba:ef:f7:38:
c3:55:7d:65:8e:89:72:cb:69:cd:3c:2a:48:a0:69:
73:a7:32:1b:11:90:ba:5f:1a:d9:87:25:0d:ff:4a:
8c:96:86:c6:75:98:21:01:c1:15:77:0a:5a:51:c1:
53:11:d6:c8:be:53:83:a6:34:e5:dc:5e:c7:e1:f6:
20:34:49:cf:ee:30:af:de:28:b9:49:f6:f9:c8:25:
cd:14:6d:92:36:97:c3:2f:24:be:d0:c2:13:d0:3b:
2c:ec:84:4a:83:b5:de:6e:ea:90:64:e5:61:5a:fb:
94:33:99:69:e3:81:7c:a0:d0:c5:85:6b:40:97:b7:
86:30:9c:95:5f:a5:1d:be:1c:34:d7:5a:7a:0c:78:
9d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:46:35:2B:CF:BB:8B:28:57:76:1A:13:60:30:FF:31:38:61:DE:F1
X509v3 Authority Key Identifier:
keyid:C8:D5:E3:71:78:D8:52:4C:72:66:0A:1D:79:61:65:99:9E:58:66:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yNXjcXjYUkxyZgodeWFlmZ5YZiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/1-0Y1K8-7iyhXdhoTYDD_MThh3vE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/yNXjcXjYUkxyZgodeWFlmZ5YZiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.40.0/22
91.239.15.0/24
185.55.24.0/22
195.244.18.0/24
IPv6:
2a01:8cc0::/32
Signature Algorithm: sha256WithRSAEncryption
95:f2:da:44:3c:5b:30:e5:c0:b5:bf:5a:c5:c1:7d:35:aa:94:
7d:33:ea:9c:ce:ec:72:e7:ce:b5:c0:f4:40:18:49:d9:f6:10:
a0:c4:a7:e3:0d:e7:83:d4:db:de:4f:49:b5:6f:5a:b4:10:78:
3b:34:52:2b:b4:dc:65:b2:97:ce:7a:34:7a:bd:40:e0:ba:f8:
b1:53:61:3b:db:73:f1:0d:05:e8:a6:6d:6d:3b:da:68:20:bc:
2a:6e:57:9c:d8:4b:bc:7f:5c:6e:77:26:87:61:ef:0f:f6:1b:
f7:60:40:2b:88:c6:fa:4d:d7:f0:4a:f3:a0:56:e2:72:5c:ec:
fb:3f:ff:2a:8c:1b:a2:2f:4f:9f:f3:f8:f1:1a:91:f2:a8:b6:
11:a4:4e:7f:69:61:25:4c:f3:c6:f0:e8:97:33:c1:e4:3c:29:
83:80:a0:c9:27:f2:37:ee:63:3f:b3:fd:f3:63:fa:31:61:29:
9a:31:75:ed:70:a3:e0:f7:21:5b:48:b2:a0:64:d5:78:91:a1:
e2:0b:8a:cb:fc:dd:a5:d6:87:5b:25:8f:aa:a0:9a:3e:6e:ed:
d6:51:72:96:8b:90:a1:d7:c6:87:a9:9a:e5:0d:8a:cc:36:ae:
54:b4:13:84:96:0b:58:0c:13:39:bd:7d:f4:f7:96:77:0f:dc:
39:8e:93:e1
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQ/5ZiY108ACdkAYgbRe+bVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZDVlMzcxNzhkODUyNGM3MjY2MGExZDc5NjE2NTk5OWU1
ODY2MjIwHhcNMjUwMTA3MDgzMzE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjQ2MzUyYmNmYmI4YjI4NTc3NjFhMTM2MDMwZmYzMTM4NjFkZWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZ4VTnvn1vyjarQCuG9VFxC2VCDd
AUdpnvNfSidO9UpwcpI7sBO2XpKFR9uY0OP7eteKAtDvREUeDC9OBY3yREaF2iqk
jd/XjAyp/7FZ2U0O5MTgdE9jaBh4hhJMlvAb5eXAswcI+4+p8UkkTX6ttU3CRLrv
9zjDVX1ljolyy2nNPCpIoGlzpzIbEZC6XxrZhyUN/0qMlobGdZghAcEVdwpaUcFT
EdbIvlODpjTl3F7H4fYgNEnP7jCv3ii5Sfb5yCXNFG2SNpfDLyS+0MIT0Dss7IRK
g7XebuqQZOVhWvuUM5lp44F8oNDFhWtAl7eGMJyVX6Udvhw011p6DHidOwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFPtGNSvPu4soV3YaE2Aw/zE4Yd7xMB8GA1UdIwQY
MBaAFMjV43F42FJMcmYKHXlhZZmeWGYiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU5YamNYallVa3h5WmdvZGVXRmxtWjVZWmlJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9iNTRjYTMtNzNkNS00OTg0LTg3ODIt
OWUwYWVkMmZiOGVjLzEvMS0wWTFLOC03aXloWGRob1RZRERfTVRoaDN2RS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2UvYjU0Y2EzLTczZDUtNDk4NC04NzgyLTllMGFlZDJmYjhl
Yy8xL3lOWGpjWGpZVWt4eVpnb2RlV0ZsbVo1WVppSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBABggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAi2YKAME
AFvvDwMEArk3GAMEAMP0EjANBAIAAjAHAwUAKgGMwDANBgkqhkiG9w0BAQsFAAOC
AQEAlfLaRDxbMOXAtb9axcF9NaqUfTPqnM7scufOtcD0QBhJ2fYQoMSn4w3ng9Tb
3k9JtW9atBB4OzRSK7TcZbKXzno0er1A4Lr4sVNhO9tz8Q0F6KZtbTvaaCC8Km5X
nNhLvH9cbncmh2HvD/Yb92BAK4jG+k3X8ErzoFbiclzs+z//Kowboi9Pn/P48RqR
8qi2EaROf2lhJUzzxvDolzPB5Dwpg4CgySfyN+5jP7P982P6MWEpmjF17XCj4Pch
W0iyoGTVeJGh4guKy/zdpdaHWyWPqqCaPm7t1lFylouQodfGh6ma5Q2KzDauVLQT
hJYLWAwTOb199PeWdw/cOY6T4Q==
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:38:59 2025 by rpki-client