Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/1kY2nGT8PP1V1pxbzH8gDFZHRGw.roa
File: 1kY2nGT8PP1V1pxbzH8gDFZHRGw.roa (raw, json)
Hash identifier: pbZtP+N8idLMQTinI/aHUKYzG+cdVac5nacfjqhyPdo=
Subject key identifier: D6:46:36:9C:64:FC:3C:FD:55:D6:9C:5B:CC:7F:20:0C:56:47:44:6C
Certificate issuer: /CN=3aca50858a1856ffa02e91356f14236e7c38b85a
Certificate serial: 0194C29BEEA9A1B8AFF4B3F4BBC74D2D2400
Authority key identifier: 3A:CA:50:85:8A:18:56:FF:A0:2E:91:35:6F:14:23:6E:7C:38:B8:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OspQhYoYVv-gLpE1bxQjbnw4uFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/1kY2nGT8PP1V1pxbzH8gDFZHRGw.roa
Signing time: Sat 01 Feb 2025 17:43:06 +0000
ROA not before: Sat 01 Feb 2025 17:43:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51255
IP address blocks: 45.9.194.0/24 maxlen: 27
2a0e:1101::/42 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/OspQhYoYVv-gLpE1bxQjbnw4uFo.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/OspQhYoYVv-gLpE1bxQjbnw4uFo.mft
rsync://rpki.ripe.net/repository/DEFAULT/OspQhYoYVv-gLpE1bxQjbnw4uFo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 07:43:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c2:9b:ee:a9:a1:b8:af:f4:b3:f4:bb:c7:4d:2d:24:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aca50858a1856ffa02e91356f14236e7c38b85a
Validity
Not Before: Feb 1 17:43:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d646369c64fc3cfd55d69c5bcc7f200c5647446c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:bc:24:5e:63:f2:e6:5c:78:8f:12:6e:24:8d:
b3:96:82:61:03:07:7d:8a:dd:79:c3:da:f1:c4:8b:
ac:f2:45:af:e2:3a:68:5c:2d:00:7d:56:1b:f7:4a:
d0:b2:e1:ea:3b:bb:61:1e:22:1c:ee:8d:64:9a:3d:
d5:5c:d1:bc:1c:59:94:e3:09:ec:3b:c0:e4:8b:89:
98:32:3f:6e:8c:ea:fb:53:52:59:ee:be:89:32:59:
64:d9:41:0f:56:de:b7:86:e6:89:c8:3f:fb:31:e6:
8e:4e:eb:66:29:aa:b5:02:cf:13:07:47:d2:c6:66:
0d:17:8f:81:62:8c:a6:05:86:a0:ad:1b:19:6d:7c:
d1:23:77:1e:05:30:80:be:d7:24:0f:ed:44:86:36:
99:38:4f:ef:76:fd:84:ae:1e:12:ac:41:d1:c7:cb:
4c:35:32:7e:ca:6d:56:56:77:b5:9b:09:41:b0:05:
26:9c:11:4c:46:65:b0:83:f3:02:1b:cd:04:f6:ee:
a6:50:36:87:aa:3c:b7:c9:42:96:be:34:7e:f8:07:
f2:d7:50:51:a3:99:61:10:82:ae:e7:ae:42:63:e9:
27:55:ac:40:5f:38:b1:83:88:9e:de:90:04:f6:8a:
d7:b2:6a:6b:b4:3c:8d:41:f4:5d:ca:34:11:6d:10:
bc:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:46:36:9C:64:FC:3C:FD:55:D6:9C:5B:CC:7F:20:0C:56:47:44:6C
X509v3 Authority Key Identifier:
keyid:3A:CA:50:85:8A:18:56:FF:A0:2E:91:35:6F:14:23:6E:7C:38:B8:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OspQhYoYVv-gLpE1bxQjbnw4uFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/1kY2nGT8PP1V1pxbzH8gDFZHRGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/OspQhYoYVv-gLpE1bxQjbnw4uFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.194.0/24
IPv6:
2a0e:1101::/42
Signature Algorithm: sha256WithRSAEncryption
34:e9:f4:9f:35:ca:a1:e3:7f:06:47:d3:32:0b:29:78:6b:0a:
dc:e3:97:26:fe:fb:84:6c:96:c0:f5:b4:cb:c8:db:36:4b:27:
cc:99:5a:01:25:ab:0a:93:4f:17:89:a0:aa:69:b3:94:b4:b3:
32:0e:04:1a:a1:3c:fc:1e:a1:33:c9:6a:a2:d3:b7:20:e3:a2:
70:f9:d8:02:20:c4:94:dd:5c:81:30:21:df:c7:ed:69:c9:2d:
2e:e4:c4:3f:4f:7c:a9:77:35:45:38:19:db:ee:34:61:33:8d:
91:63:89:e4:3f:40:23:ec:aa:cc:0f:98:1e:3d:22:99:89:78:
d6:de:d6:b9:84:b7:f4:ff:28:ef:a8:52:38:5c:4d:66:43:93:
e7:3e:19:65:52:c6:35:da:7f:d5:26:44:f9:33:cc:4d:02:31:
2c:04:6a:ea:36:42:36:cc:48:23:7c:bc:5f:1d:3b:be:a6:3b:
4b:c7:f2:b8:c2:55:8e:53:3b:8d:50:a2:a2:a1:30:13:8c:b5:
f7:14:7a:b6:c1:a8:23:38:3a:8b:7d:d2:47:97:6c:84:f4:7a:
15:9d:db:ff:10:6e:24:1f:91:1d:e4:f2:ae:46:50:6b:d9:b2:
0f:18:48:02:bb:02:08:ff:e7:57:37:8b:31:93:19:0c:e6:e6:
c3:5c:97:e9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZTCm+6pobiv9LP0u8dNLSQAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhY2E1MDg1OGExODU2ZmZhMDJlOTEzNTZmMTQyMzZlN2Mz
OGI4NWEwHhcNMjUwMjAxMTc0MzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjQ2MzY5YzY0ZmMzY2ZkNTVkNjljNWJjYzdmMjAwYzU2NDc0NDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7wkXmPy5lx4jxJuJI2zloJhAwd9
it15w9rxxIus8kWv4jpoXC0AfVYb90rQsuHqO7thHiIc7o1kmj3VXNG8HFmU4wns
O8Dki4mYMj9ujOr7U1JZ7r6JMllk2UEPVt63huaJyD/7MeaOTutmKaq1As8TB0fS
xmYNF4+BYoymBYagrRsZbXzRI3ceBTCAvtckD+1EhjaZOE/vdv2Erh4SrEHRx8tM
NTJ+ym1WVne1mwlBsAUmnBFMRmWwg/MCG80E9u6mUDaHqjy3yUKWvjR++Afy11BR
o5lhEIKu565CY+knVaxAXzixg4ie3pAE9orXsmprtDyNQfRdyjQRbRC8owIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNZGNpxk/Dz9VdacW8x/IAxWR0RsMB8GA1UdIwQY
MBaAFDrKUIWKGFb/oC6RNW8UI258OLhaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3NwUWhZb1lWdi1nTHBFMWJ4UWpibnc0dUZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8xMmI5MzctODkwZC00N2I1LWEwNDEt
MzMxZDdmYzc3YmQ0LzEvMWtZMm5HVDhQUDFWMXB4YnpIOGdERlpIUkd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8xMmI5MzctODkwZC00N2I1LWEwNDEtMzMxZDdmYzc3YmQ0
LzEvT3NwUWhZb1lWdi1nTHBFMWJ4UWpibnc0dUZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALQnCMA8E
AgACMAkDBwYqDhEBAAAwDQYJKoZIhvcNAQELBQADggEBADTp9J81yqHjfwZH0zIL
KXhrCtzjlyb++4RslsD1tMvI2zZLJ8yZWgElqwqTTxeJoKpps5S0szIOBBqhPPwe
oTPJaqLTtyDjonD52AIgxJTdXIEwId/H7WnJLS7kxD9PfKl3NUU4GdvuNGEzjZFj
ieQ/QCPsqswPmB49IpmJeNbe1rmEt/T/KO+oUjhcTWZDk+c+GWVSxjXaf9UmRPkz
zE0CMSwEauo2QjbMSCN8vF8dO76mO0vH8rjCVY5TO41QoqKhMBOMtfcUerbBqCM4
Oot90keXbIT0ehWd2/8QbiQfkR3k8q5GUGvZsg8YSAK7Agj/51c3izGTGQzm5sNc
l+k=
-----END CERTIFICATE-----
Generated at Wed Mar 12 12:01:54 2025 by rpki-client