Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/ChcX6dEQMX7PgnkGnKeX9TQTPSU.roa
File: ChcX6dEQMX7PgnkGnKeX9TQTPSU.roa (raw, json)
Hash identifier: 9GX5XaBmVeFjM4n7HjAG7e5pB9imRwZnEdAGfd1ulvc=
Subject key identifier: 0A:17:17:E9:D1:10:31:7E:CF:82:79:06:9C:A7:97:F5:34:13:3D:25
Certificate issuer: /CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Certificate serial: 019427475DA490F09E13C97B9578ACD33170
Authority key identifier: 94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/ChcX6dEQMX7PgnkGnKeX9TQTPSU.roa
Signing time: Thu 02 Jan 2025 13:49:35 +0000
ROA not before: Thu 02 Jan 2025 13:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62240
IP address blocks: 45.86.230.0/24 maxlen: 24
91.231.186.0/24 maxlen: 24
195.54.161.0/24 maxlen: 24
2a10:1fc0:7::/48 maxlen: 48
2a10:1fc0:a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Apr 2025 13:43:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:5d:a4:90:f0:9e:13:c9:7b:95:78:ac:d3:31:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Validity
Not Before: Jan 2 13:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a1717e9d110317ecf8279069ca797f534133d25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ab:2d:aa:36:83:f8:71:e2:82:86:bd:f5:b8:
a9:16:76:f0:38:18:20:d0:3a:ff:e1:60:b0:5a:02:
d0:69:20:6c:ef:c4:f6:1e:44:9c:4c:82:24:2f:67:
3f:60:59:41:c7:75:7d:cb:87:34:a6:2d:41:cb:8d:
af:58:f4:c1:43:66:6a:c2:52:77:e0:84:aa:de:ce:
3d:60:73:fa:84:d5:f5:6c:d8:6e:d2:a0:86:43:dd:
34:e1:51:d7:be:19:dd:04:8b:25:9a:64:4f:5f:ad:
13:83:be:f5:77:e3:c9:a0:9b:b7:8d:5c:0c:08:b3:
d4:9c:44:2e:9f:e2:ee:f1:ce:0b:f0:44:f8:c7:e6:
e1:bf:57:3e:e3:68:9f:5b:6f:14:fd:de:4c:76:ba:
a1:a4:35:0d:f2:7d:fd:09:e1:21:1e:99:f8:7d:15:
5f:bd:3d:33:19:55:84:de:7b:2d:27:0a:f0:14:b8:
c9:97:35:2d:e8:51:31:90:23:2b:9e:e0:c8:eb:bb:
73:a3:ef:ef:5e:4b:b3:f9:16:e8:9a:27:c0:29:c8:
83:46:15:c5:35:85:ec:66:dc:46:09:98:39:fd:da:
9d:7c:fa:1a:ca:31:87:e8:d6:fe:03:a1:2f:82:33:
00:9b:d4:5a:02:32:30:51:f6:b5:32:43:c2:ae:5c:
f9:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:17:17:E9:D1:10:31:7E:CF:82:79:06:9C:A7:97:F5:34:13:3D:25
X509v3 Authority Key Identifier:
keyid:94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/ChcX6dEQMX7PgnkGnKeX9TQTPSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.230.0/24
91.231.186.0/24
195.54.161.0/24
IPv6:
2a10:1fc0:7::/48
2a10:1fc0:a::/48
Signature Algorithm: sha256WithRSAEncryption
5d:d3:2a:b8:98:ce:8c:bc:ca:45:21:d9:1f:70:73:32:29:dd:
46:2f:9d:98:30:8a:ea:2a:23:12:ae:48:10:19:1e:d7:06:71:
87:5b:bd:65:13:17:6e:c1:ef:4d:3f:de:c0:7d:88:af:d9:f8:
97:32:a1:a4:06:e5:be:66:b1:aa:b7:19:20:d9:3a:ac:35:19:
43:c6:f6:11:6a:7f:c6:1e:34:e5:a9:5b:e5:41:9b:42:28:5a:
92:6c:d9:d9:88:9b:3d:d4:5d:8f:27:50:37:a2:05:cf:54:b3:
32:d3:69:ab:41:c7:c8:16:c9:e8:82:a8:f8:9a:0f:36:6c:6f:
c8:6e:4c:a4:58:fe:7f:54:6d:dd:28:5b:0e:51:8f:4e:bd:af:
d2:46:08:c9:ef:a9:ba:aa:cb:ce:7a:af:7b:ca:05:f6:b3:98:
e0:1d:ca:52:aa:fa:a4:da:68:6b:70:59:b4:0b:1c:ef:e4:d0:
25:ff:e1:48:e1:75:b1:e9:84:d9:36:db:85:bb:d7:a7:97:90:
db:87:b5:ca:61:3f:35:98:92:8b:7f:5c:85:8d:f6:e0:21:f7:
89:f8:ea:a1:d1:48:4c:63:c7:71:2d:34:c4:f8:d5:89:f5:b3:
c1:a4:0c:5a:60:97:15:9d:15:29:27:8d:4e:fa:e6:f5:01:ec:
95:29:85:4e
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZQnR12kkPCeE8l7lXis0zFwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzMyMGQwMzA5MzAxNzhlNmY3Y2VlZjkxZDJhYjg3ODRk
M2RjMTYwHhcNMjUwMTAyMTM0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTE3MTdlOWQxMTAzMTdlY2Y4Mjc5MDY5Y2E3OTdmNTM0MTMzZDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6stqjaD+HHigoa99bipFnbwOBgg
0Dr/4WCwWgLQaSBs78T2HkScTIIkL2c/YFlBx3V9y4c0pi1By42vWPTBQ2ZqwlJ3
4ISq3s49YHP6hNX1bNhu0qCGQ9004VHXvhndBIslmmRPX60Tg771d+PJoJu3jVwM
CLPUnEQun+Lu8c4L8ET4x+bhv1c+42ifW28U/d5MdrqhpDUN8n39CeEhHpn4fRVf
vT0zGVWE3nstJwrwFLjJlzUt6FExkCMrnuDI67tzo+/vXkuz+RbomifAKciDRhXF
NYXsZtxGCZg5/dqdfPoayjGH6Nb+A6EvgjMAm9RaAjIwUfa1MkPCrlz5WQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFAoXF+nREDF+z4J5Bpynl/U0Ez0lMB8GA1UdIwQY
MBaAFJRzINAwkwF45vfO75HSq4eE09wWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEt
OGFjNGEyMTkzOGI0LzEvQ2hjWDZkRVFNWDdQZ25rR25LZVg5VFFUUFNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEtOGFjNGEyMTkzOGI0
LzEvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQALVbmAwQA
W+e6AwQAwzahMBgEAgACMBIDBwAqEB/AAAcDBwAqEB/AAAowDQYJKoZIhvcNAQEL
BQADggEBAF3TKriYzoy8ykUh2R9wczIp3UYvnZgwiuoqIxKuSBAZHtcGcYdbvWUT
F27B700/3sB9iK/Z+JcyoaQG5b5msaq3GSDZOqw1GUPG9hFqf8YeNOWpW+VBm0Io
WpJs2dmImz3UXY8nUDeiBc9UszLTaatBx8gWyeiCqPiaDzZsb8huTKRY/n9Ubd0o
Ww5Rj069r9JGCMnvqbqqy856r3vKBfazmOAdylKq+qTaaGtwWbQLHO/k0CX/4Ujh
dbHphNk224W716eXkNuHtcphPzWYkot/XIWN9uAh94n46qHRSExjx3EtNMT41Yn1
s8GkDFpglxWdFSknjU765vUB7JUphU4=
-----END CERTIFICATE-----
Generated at Thu Apr 3 22:34:21 2025 by rpki-client