Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/86a426-56ee-46dd-9425-7f92c34eb07c/1/Dotq45i-CIL8miP4blqY3J6J13s.roa
File: Dotq45i-CIL8miP4blqY3J6J13s.roa (raw, json)
Hash identifier: AeEyJtBFVLSGPDiSeedlZidCthzwYAlppOftvZd9mwo=
Subject key identifier: 0E:8B:6A:E3:98:BE:08:82:FC:9A:23:F8:6E:5A:98:DC:9E:89:D7:7B
Certificate issuer: /CN=9c2cb7f9ca0efd72be258a4a09358806374b4662
Certificate serial: 019425222FA30F157FA73EBE85A6BF8B08BB
Authority key identifier: 9C:2C:B7:F9:CA:0E:FD:72:BE:25:8A:4A:09:35:88:06:37:4B:46:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nCy3-coO_XK-JYpKCTWIBjdLRmI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/86a426-56ee-46dd-9425-7f92c34eb07c/1/Dotq45i-CIL8miP4blqY3J6J13s.roa
Signing time: Thu 02 Jan 2025 03:49:44 +0000
ROA not before: Thu 02 Jan 2025 03:49:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12533
IP address blocks: 82.145.98.0/23 maxlen: 23
82.145.100.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/86a426-56ee-46dd-9425-7f92c34eb07c/1/nCy3-coO_XK-JYpKCTWIBjdLRmI.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/86a426-56ee-46dd-9425-7f92c34eb07c/1/nCy3-coO_XK-JYpKCTWIBjdLRmI.mft
rsync://rpki.ripe.net/repository/DEFAULT/nCy3-coO_XK-JYpKCTWIBjdLRmI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 20:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:2f:a3:0f:15:7f:a7:3e:be:85:a6:bf:8b:08:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c2cb7f9ca0efd72be258a4a09358806374b4662
Validity
Not Before: Jan 2 03:49:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e8b6ae398be0882fc9a23f86e5a98dc9e89d77b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a3:bc:4f:4e:92:e6:35:96:4d:84:40:50:26:
5c:7f:dc:25:ca:3b:f3:3a:f4:4a:34:31:34:f6:47:
ba:ed:0f:73:15:1e:58:3c:27:a7:67:26:7d:ce:eb:
5c:37:55:f7:7f:db:23:29:96:00:24:bb:56:32:19:
d8:22:fd:8f:46:0e:fd:7d:89:a4:e2:3c:ae:91:94:
6b:ee:6e:8e:54:0c:f3:97:82:5d:79:7e:ed:1d:2f:
73:f4:6b:f9:13:88:b3:46:2f:91:df:19:03:80:44:
7c:82:c8:9d:f5:20:60:cd:b7:df:ce:04:bd:c7:c1:
41:79:2f:6e:62:08:c2:d8:dd:39:75:88:6d:69:9b:
5d:be:4a:c2:cf:ab:0d:a2:40:e0:ce:cf:e5:bb:2b:
4f:de:34:e9:e7:23:92:7b:48:d9:39:a8:52:60:1c:
37:26:82:81:e2:77:54:9e:7e:07:10:be:8f:f5:50:
bf:0f:28:d0:e8:2a:53:1a:e1:fa:d0:b7:11:c1:d2:
99:99:4c:85:ee:46:a4:87:2d:8f:3a:4a:73:f3:02:
8e:85:f3:c1:4c:3f:e2:71:00:f6:fb:4e:6a:6b:db:
af:ec:e6:2f:46:38:d5:49:ea:05:48:bd:5a:69:e0:
68:3a:cf:20:43:2f:d5:04:99:b8:61:b7:63:0a:4d:
d5:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:8B:6A:E3:98:BE:08:82:FC:9A:23:F8:6E:5A:98:DC:9E:89:D7:7B
X509v3 Authority Key Identifier:
keyid:9C:2C:B7:F9:CA:0E:FD:72:BE:25:8A:4A:09:35:88:06:37:4B:46:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nCy3-coO_XK-JYpKCTWIBjdLRmI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/86a426-56ee-46dd-9425-7f92c34eb07c/1/Dotq45i-CIL8miP4blqY3J6J13s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/86a426-56ee-46dd-9425-7f92c34eb07c/1/nCy3-coO_XK-JYpKCTWIBjdLRmI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.145.98.0-82.145.101.255
Signature Algorithm: sha256WithRSAEncryption
b3:ae:3b:59:e5:43:67:1c:b0:1f:6b:28:ad:63:6b:0a:9f:19:
51:ed:6d:7d:fe:59:7f:fe:57:48:92:f2:0f:f5:02:3f:bf:2d:
51:a3:af:03:e1:a7:94:7e:46:45:fd:07:74:8f:45:a1:17:28:
09:5a:24:b3:1c:06:3a:21:ba:ee:f6:ae:ba:e8:9c:6f:23:82:
a5:a9:39:0e:59:39:b9:a1:c2:e1:57:b9:96:5c:33:97:ad:93:
0a:75:61:78:cc:1e:5f:7b:18:44:c1:79:9e:cd:29:32:f3:9b:
6d:73:3b:a4:b0:22:35:1a:6c:ce:ab:7a:53:ac:81:5c:27:04:
82:fe:e2:92:7f:bc:3d:4e:44:11:23:7e:55:1e:8f:b5:93:6d:
09:48:cb:21:35:39:21:ab:4f:5e:e7:a1:e9:dc:b0:ce:22:b5:
bc:06:20:59:8f:82:39:84:1d:83:a4:2d:41:a8:96:76:56:c6:
02:93:ce:a4:b0:30:5e:67:e2:6f:4b:c3:a1:61:8b:55:8d:ea:
38:1b:f7:a9:1e:d8:28:1e:5e:ba:ba:7d:7e:20:8d:26:ef:bf:
87:a3:50:c4:2a:96:08:65:7b:6b:07:f5:95:96:77:6c:be:94:
2a:e0:ab:46:42:0b:9c:24:f1:2b:c8:02:f5:53:27:17:b3:39:
ae:35:0d:f0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQlIi+jDxV/pz6+haa/iwi7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMmNiN2Y5Y2EwZWZkNzJiZTI1OGE0YTA5MzU4ODA2Mzc0
YjQ2NjIwHhcNMjUwMTAyMDM0OTQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZThiNmFlMzk4YmUwODgyZmM5YTIzZjg2ZTVhOThkYzllODlkNzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqO8T06S5jWWTYRAUCZcf9wlyjvz
OvRKNDE09ke67Q9zFR5YPCenZyZ9zutcN1X3f9sjKZYAJLtWMhnYIv2PRg79fYmk
4jyukZRr7m6OVAzzl4JdeX7tHS9z9Gv5E4izRi+R3xkDgER8gsid9SBgzbffzgS9
x8FBeS9uYgjC2N05dYhtaZtdvkrCz6sNokDgzs/luytP3jTp5yOSe0jZOahSYBw3
JoKB4ndUnn4HEL6P9VC/DyjQ6CpTGuH60LcRwdKZmUyF7kakhy2POkpz8wKOhfPB
TD/icQD2+05qa9uv7OYvRjjVSeoFSL1aaeBoOs8gQy/VBJm4YbdjCk3VDwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFA6LauOYvgiC/Joj+G5amNyeidd7MB8GA1UdIwQY
MBaAFJwst/nKDv1yviWKSgk1iAY3S0ZiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkN5My1jb09fWEstSllwS0NUV0lCamRMUm1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC84NmE0MjYtNTZlZS00NmRkLTk0MjUt
N2Y5MmMzNGViMDdjLzEvRG90cTQ1aS1DSUw4bWlQNGJscVkzSjZKMTNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC84NmE0MjYtNTZlZS00NmRkLTk0MjUtN2Y5MmMzNGViMDdj
LzEvbkN5My1jb09fWEstSllwS0NUV0lCamRMUm1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFSkWID
BAFSkWQwDQYJKoZIhvcNAQELBQADggEBALOuO1nlQ2ccsB9rKK1jawqfGVHtbX3+
WX/+V0iS8g/1Aj+/LVGjrwPhp5R+RkX9B3SPRaEXKAlaJLMcBjohuu72rrronG8j
gqWpOQ5ZObmhwuFXuZZcM5etkwp1YXjMHl97GETBeZ7NKTLzm21zO6SwIjUabM6r
elOsgVwnBIL+4pJ/vD1ORBEjflUej7WTbQlIyyE1OSGrT17noencsM4itbwGIFmP
gjmEHYOkLUGolnZWxgKTzqSwMF5n4m9Lw6Fhi1WN6jgb96ke2CgeXrq6fX4gjSbv
v4ejUMQqlghle2sH9ZWWd2y+lCrgq0ZCC5wk8SvIAvVTJxezOa41DfA=
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:27:19 2025 by rpki-client