Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/ANN3yij6Pv42jesVx_2PncKCKJY.roa
File: ANN3yij6Pv42jesVx_2PncKCKJY.roa (raw, json)
Hash identifier: +1OzTspDU/3k/ft0LyHt0ta6VXUOvGYf8p5JDnVMYMY=
Subject key identifier: 00:D3:77:CA:28:FA:3E:FE:36:8D:EB:15:C7:FD:8F:9D:C2:82:28:96
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 019424448EE832447BD880CFCDF9FE782991
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/ANN3yij6Pv42jesVx_2PncKCKJY.roa
Signing time: Wed 01 Jan 2025 23:47:40 +0000
ROA not before: Wed 01 Jan 2025 23:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43959
IP address blocks: 45.14.64.0/24 maxlen: 24
45.14.65.0/24 maxlen: 24
45.14.66.0/24 maxlen: 24
45.14.67.0/24 maxlen: 24
92.60.43.0/24 maxlen: 24
2a09:7::/36 maxlen: 48
2a0d:c7c1::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 17:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:8e:e8:32:44:7b:d8:80:cf:cd:f9:fe:78:29:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 1 23:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00d377ca28fa3efe368deb15c7fd8f9dc2822896
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a0:26:66:48:86:47:36:88:a7:8b:cc:54:58:
c9:dc:ee:6c:d3:80:06:7a:4a:8a:97:ab:79:e8:23:
1f:a5:3f:d6:5a:5f:32:c4:4c:3e:f0:21:5d:4e:ee:
8c:45:41:c2:7f:ce:b5:57:e2:9a:81:de:12:51:1d:
7b:87:69:c7:73:66:2d:6f:72:c6:cd:40:ec:32:0a:
f5:1e:93:8a:17:3f:31:e8:6d:0a:62:ba:36:1e:79:
9b:0a:bb:1a:f0:1c:65:71:89:7e:d7:79:c6:85:de:
39:11:b8:87:ca:47:6c:cd:c8:33:82:39:50:94:f2:
39:ee:29:9c:2f:a2:b6:f1:b8:e6:22:86:5b:96:87:
55:ad:c9:1c:ba:26:e0:f9:20:f0:c1:03:1c:b9:79:
51:33:09:52:7c:5b:07:c3:61:3c:bf:73:13:b6:8e:
f4:18:a7:e7:41:36:90:71:2e:b6:e7:01:40:e2:e1:
5e:7a:d2:0c:c1:e1:1d:ed:c7:69:5a:91:23:47:94:
68:5b:58:94:76:00:13:83:e9:e7:50:64:81:3d:c4:
74:98:f0:c1:73:8e:f0:9f:48:3b:a8:bd:27:1a:78:
13:86:f4:0f:ab:27:27:44:5f:ec:a0:9c:a0:05:c3:
c7:b9:06:fa:34:2d:57:9c:1c:ff:5a:82:24:4a:98:
02:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:D3:77:CA:28:FA:3E:FE:36:8D:EB:15:C7:FD:8F:9D:C2:82:28:96
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/ANN3yij6Pv42jesVx_2PncKCKJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.64.0/22
92.60.43.0/24
IPv6:
2a09:7::/36
2a0d:c7c1::/32
Signature Algorithm: sha256WithRSAEncryption
05:55:89:c4:95:fc:24:1f:05:2e:a8:d9:73:72:a4:86:b4:42:
5e:e0:2f:c0:9e:fd:a7:f3:99:f2:71:17:3d:38:8a:fc:c9:96:
e7:fd:2d:96:b0:da:32:e1:5e:66:07:b3:df:27:4f:ef:0f:91:
71:9b:7b:57:1c:be:1a:a1:69:bb:35:ca:42:49:e9:e2:e8:07:
57:71:ab:75:8d:a7:4b:4c:3e:6f:54:63:40:04:63:55:be:af:
b4:f5:f4:ee:58:24:eb:f9:6d:b2:08:6b:ad:83:8c:f1:79:a0:
3e:f9:b6:48:ee:3f:8c:94:c5:cc:a3:e6:a4:2c:8d:90:d4:08:
61:6b:c7:c5:c8:dc:a9:4b:8e:cb:dd:9c:9f:44:33:a3:74:18:
d6:a6:58:f0:aa:cf:00:65:90:57:8d:b2:9d:78:ae:c1:e4:75:
63:13:b1:32:6d:4e:a0:5d:0b:c3:f6:fe:23:18:16:ff:d2:58:
ce:8c:1e:df:c4:50:4d:c7:ab:f1:df:4b:90:e1:95:3f:b0:db:
0c:8a:7d:fe:5c:96:d2:af:d2:b4:ff:01:af:dd:7e:a5:5e:0d:
ea:96:7b:34:42:a0:ba:af:19:dc:29:08:a7:b1:ee:22:07:9d:
34:6c:87:82:5b:3b:6f:c1:1e:0c:53:81:26:80:63:ec:45:39:
6d:62:46:eb
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQkRI7oMkR72IDPzfn+eCmRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjUwMTAxMjM0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGQzNzdjYTI4ZmEzZWZlMzY4ZGViMTVjN2ZkOGY5ZGMyODIyODk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6AmZkiGRzaIp4vMVFjJ3O5s04AG
ekqKl6t56CMfpT/WWl8yxEw+8CFdTu6MRUHCf861V+Kagd4SUR17h2nHc2Ytb3LG
zUDsMgr1HpOKFz8x6G0KYro2HnmbCrsa8BxlcYl+13nGhd45EbiHykdszcgzgjlQ
lPI57imcL6K28bjmIoZblodVrckcuibg+SDwwQMcuXlRMwlSfFsHw2E8v3MTto70
GKfnQTaQcS625wFA4uFeetIMweEd7cdpWpEjR5RoW1iUdgATg+nnUGSBPcR0mPDB
c47wn0g7qL0nGngThvQPqycnRF/soJygBcPHuQb6NC1XnBz/WoIkSpgC6QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFADTd8oo+j7+No3rFcf9j53CgiiWMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvQU5OM3lpajZQdjQyamVzVnhfMlBuY0tDS0pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzASBAIAATAMAwQCLQ5AAwQA
XDwrMBUEAgACMA8DBgQqCQAHAAMFACoNx8EwDQYJKoZIhvcNAQELBQADggEBAAVV
icSV/CQfBS6o2XNypIa0Ql7gL8Ce/afzmfJxFz04ivzJluf9LZaw2jLhXmYHs98n
T+8PkXGbe1ccvhqhabs1ykJJ6eLoB1dxq3WNp0tMPm9UY0AEY1W+r7T19O5YJOv5
bbIIa62DjPF5oD75tkjuP4yUxcyj5qQsjZDUCGFrx8XI3KlLjsvdnJ9EM6N0GNam
WPCqzwBlkFeNsp14rsHkdWMTsTJtTqBdC8P2/iMYFv/SWM6MHt/EUE3Hq/HfS5Dh
lT+w2wyKff5cltKv0rT/Aa/dfqVeDeqWezRCoLqvGdwpCKex7iIHnTRsh4JbO2/B
HgxTgSaAY+xFOW1iRus=
-----END CERTIFICATE-----
Generated at Fri Apr 11 03:05:53 2025 by rpki-client