Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/llHtclG6f1G98XzEQoU5V3npQDE.roa
File: llHtclG6f1G98XzEQoU5V3npQDE.roa (raw, json)
Hash identifier: FAgxbUrd8hbiiUHLWVlvLY2IGvMj6hA5ER/FD7sBjS8=
Subject key identifier: 96:51:ED:72:51:BA:7F:51:BD:F1:7C:C4:42:85:39:57:79:E9:40:31
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 01942444915A9CFB95B43197887BF89C74C3
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/llHtclG6f1G98XzEQoU5V3npQDE.roa
Signing time: Wed 01 Jan 2025 23:47:40 +0000
ROA not before: Wed 01 Jan 2025 23:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 55933
IP address blocks: 45.89.232.0/23 maxlen: 24
45.92.158.0/23 maxlen: 23
45.92.158.0/24 maxlen: 24
45.92.159.0/24 maxlen: 24
45.94.43.0/24 maxlen: 24
185.207.152.0/22 maxlen: 22
185.207.152.0/24 maxlen: 24
185.207.154.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:91:5a:9c:fb:95:b4:31:97:88:7b:f8:9c:74:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 1 23:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9651ed7251ba7f51bdf17cc44285395779e94031
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:5b:e0:3d:5e:90:e7:b4:3b:f3:3a:e3:82:c2:
07:9a:9c:b7:52:6f:dc:ed:20:47:cc:91:b9:74:c5:
3e:e0:7b:dc:2c:78:c3:37:87:b3:2d:89:10:b9:01:
90:45:05:75:9a:f9:31:12:b3:b3:4c:37:fb:22:2d:
60:fd:7c:fb:62:61:73:9e:1e:8c:e0:6c:ca:f5:9b:
84:ef:6d:ec:cf:9e:ff:d6:63:25:7d:c5:10:a8:4c:
55:99:b3:dd:5e:ba:87:1a:9c:f7:fe:17:cb:fa:53:
85:ee:d4:d8:11:b1:47:11:c1:1e:3c:02:0e:0b:21:
89:5e:ad:56:ef:bf:d0:8e:55:ce:d4:4c:b0:42:5e:
d1:09:d5:d5:1e:80:25:a8:82:56:7d:00:2d:6d:ed:
d4:e6:92:0b:46:a1:f5:06:0e:8f:3b:cf:01:05:25:
f4:7e:8d:00:1b:8a:21:f9:74:80:5c:19:f7:47:ca:
9d:2d:e4:ac:fd:cf:3a:c9:0e:e4:d7:62:54:6f:9a:
28:46:9e:a4:f6:67:a8:f2:87:e4:14:51:fd:a4:f8:
d4:a6:ea:36:85:87:6f:0d:5d:b5:df:01:04:d0:78:
a7:80:a7:da:37:4f:5c:29:ee:e8:d7:b8:3c:fa:d4:
62:04:f6:84:9b:b2:0b:db:48:84:f8:b8:d7:60:eb:
d5:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:51:ED:72:51:BA:7F:51:BD:F1:7C:C4:42:85:39:57:79:E9:40:31
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/llHtclG6f1G98XzEQoU5V3npQDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.232.0/23
45.92.158.0/23
45.94.43.0/24
185.207.152.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:43:3d:5e:03:03:de:36:db:7d:e6:03:50:2f:7e:5a:5e:0b:
26:ec:6f:6c:c1:5d:d6:34:31:6f:a5:da:43:fa:d1:f6:4b:8d:
9a:60:99:94:6e:37:31:af:ac:46:3f:59:ca:fe:64:35:33:5e:
8d:4e:5e:18:ef:b3:38:cd:6e:89:fd:f4:dc:44:1b:0b:3b:f2:
36:db:1b:da:cd:ef:da:f4:cb:9e:7c:c9:6d:87:d0:93:03:83:
c5:b5:46:48:86:6b:c0:2f:68:70:e2:0d:4e:87:3d:04:2f:fe:
c7:6f:f3:54:59:5b:85:7f:3f:fe:c2:5d:b4:d9:c5:ee:6d:01:
f2:15:c2:23:87:08:d1:9c:6a:3e:c7:fd:a6:e1:2f:9b:d4:1c:
58:b0:8b:57:d4:cf:9f:0d:2a:06:c3:a3:18:af:f0:82:a4:18:
37:18:94:cc:63:db:05:f4:25:c4:5f:a0:ea:df:91:8d:e0:a0:
be:62:90:76:82:93:65:a2:35:84:00:ca:ef:fc:25:c1:3e:aa:
59:43:96:09:7d:7e:94:3f:c4:89:94:b3:1c:d4:25:b7:0c:fd:
a3:d5:0f:59:7a:d3:5b:95:ba:58:1c:09:83:27:3d:80:53:eb:
7a:ce:6a:84:c1:54:16:ec:38:e0:a7:6a:ea:b3:55:88:75:49:
02:39:8a:a2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQkRJFanPuVtDGXiHv4nHTDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjUwMTAxMjM0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjUxZWQ3MjUxYmE3ZjUxYmRmMTdjYzQ0Mjg1Mzk1Nzc5ZTk0MDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1vgPV6Q57Q78zrjgsIHmpy3Um/c
7SBHzJG5dMU+4HvcLHjDN4ezLYkQuQGQRQV1mvkxErOzTDf7Ii1g/Xz7YmFznh6M
4GzK9ZuE723sz57/1mMlfcUQqExVmbPdXrqHGpz3/hfL+lOF7tTYEbFHEcEePAIO
CyGJXq1W77/QjlXO1EywQl7RCdXVHoAlqIJWfQAtbe3U5pILRqH1Bg6PO88BBSX0
fo0AG4oh+XSAXBn3R8qdLeSs/c86yQ7k12JUb5ooRp6k9meo8ofkFFH9pPjUpuo2
hYdvDV213wEE0HingKfaN09cKe7o17g8+tRiBPaEm7IL20iE+LjXYOvVrwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJZR7XJRun9RvfF8xEKFOVd56UAxMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvbGxIdGNsRzZmMUc5OFh6RVFvVTVWM25wUURFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLVnoAwQB
LVyeAwQALV4rAwQCuc+YMA0GCSqGSIb3DQEBCwUAA4IBAQAtQz1eAwPeNtt95gNQ
L35aXgsm7G9swV3WNDFvpdpD+tH2S42aYJmUbjcxr6xGP1nK/mQ1M16NTl4Y77M4
zW6J/fTcRBsLO/I22xvaze/a9MuefMlth9CTA4PFtUZIhmvAL2hw4g1Ohz0EL/7H
b/NUWVuFfz/+wl202cXubQHyFcIjhwjRnGo+x/2m4S+b1BxYsItX1M+fDSoGw6MY
r/CCpBg3GJTMY9sF9CXEX6Dq35GN4KC+YpB2gpNlojWEAMrv/CXBPqpZQ5YJfX6U
P8SJlLMc1CW3DP2j1Q9ZetNblbpYHAmDJz2AU+t6zmqEwVQW7Djgp2rqs1WIdUkC
OYqi
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:34:40 2025 by rpki-client