Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/43W-eGhoB0OzAzZeV-7lIQQDIOo.roa
File: 43W-eGhoB0OzAzZeV-7lIQQDIOo.roa (raw, json)
Hash identifier: Fa6j80QC7xY8XwzuoZlxIB/I65MycNffdEY3vuz4Q0w=
Subject key identifier: E3:75:BE:78:68:68:07:43:B3:03:36:5E:57:EE:E5:21:04:03:20:EA
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 019421B1CBB8D8D9A12F9420020DEFCB77A9
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/43W-eGhoB0OzAzZeV-7lIQQDIOo.roa
Signing time: Wed 01 Jan 2025 11:48:07 +0000
ROA not before: Wed 01 Jan 2025 11:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1902
IP address blocks: 145.236.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.mft
rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:cb:b8:d8:d9:a1:2f:94:20:02:0d:ef:cb:77:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 1 11:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e375be7868680743b303365e57eee521040320ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:28:0c:67:9d:38:58:7e:07:47:b5:ee:2c:38:
ab:2e:37:e9:f5:a4:f5:8b:32:35:41:fb:d1:9e:e0:
44:07:42:68:37:a9:bb:55:0c:36:98:2d:4d:ef:6f:
39:7f:a7:3e:7b:af:c7:05:ab:84:d8:cd:75:77:ac:
0d:d2:fd:35:56:f5:9d:9a:3d:10:55:0f:c3:f6:65:
fa:43:37:2e:01:f8:65:ee:d0:39:36:a0:68:4a:f2:
36:da:66:79:ce:81:e9:df:e2:c0:45:86:26:6e:d5:
a6:f6:fe:94:21:45:6e:fa:69:7c:b5:0d:18:72:2e:
4e:00:a0:55:45:62:ba:54:18:78:5f:1c:ae:85:a2:
ac:37:a0:cb:f9:f9:e0:02:77:bf:0a:ae:5e:f5:0d:
18:60:fd:98:b4:b8:b1:18:dd:e3:a5:cf:f8:de:de:
f2:82:dd:15:d0:e6:22:3f:69:42:fb:08:a8:82:c9:
36:41:33:d2:7e:22:7b:b8:d2:f0:e9:e8:d8:f8:f3:
a9:dc:2e:52:b1:bd:94:90:6f:2c:6d:0b:ac:1b:6c:
b1:57:14:41:de:51:62:d7:a6:0b:f2:72:ac:ec:cc:
0b:c5:7e:d2:a0:01:69:e7:e7:46:e5:fa:af:75:03:
6e:0d:03:90:1f:c4:43:47:5f:be:8c:5a:a4:df:da:
7c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:75:BE:78:68:68:07:43:B3:03:36:5E:57:EE:E5:21:04:03:20:EA
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/43W-eGhoB0OzAzZeV-7lIQQDIOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.236.24.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:c9:1e:00:86:10:0a:36:f4:7d:40:e7:33:86:54:3d:9a:cf:
20:ef:d5:63:b3:3e:d3:58:d4:75:af:9e:af:ef:0a:ba:c4:55:
e2:e5:ed:89:cb:96:96:27:f9:99:40:53:44:c4:21:ce:9e:46:
66:4f:d5:dd:e6:2a:0c:91:d2:d5:db:6a:21:c7:5d:71:18:41:
aa:0c:67:84:f2:8a:5a:cb:79:3f:ef:c8:46:a9:93:22:c9:5f:
f4:3c:47:17:61:55:69:b8:7d:79:67:e8:5d:66:53:56:1b:49:
48:01:a1:bd:56:88:82:6d:85:66:bc:24:cb:fc:bf:5f:dc:c9:
cf:fa:6e:85:12:c9:6f:c7:6a:28:bd:85:82:12:6d:2d:d3:c5:
af:f9:7d:ec:1c:48:57:37:55:a8:09:90:e6:e2:fa:a8:13:e9:
62:31:10:cb:ed:3e:16:bc:17:a4:9c:de:e9:65:e6:6b:30:4b:
23:4e:1b:0b:56:da:31:ad:dd:2c:e8:d2:78:2c:59:8f:f4:cd:
ce:52:d3:12:92:76:cb:c6:04:62:f1:a7:7d:9b:58:fe:09:5a:
4d:4d:21:ef:f0:1b:5b:55:e8:69:c6:5d:da:f2:2c:06:4c:6f:
2b:f9:d7:4f:a7:bd:e6:ad:d0:e5:c1:52:64:d4:b8:86:46:09:
de:03:b3:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhscu42NmhL5QgAg3vy3epMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjUwMTAxMTE0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzc1YmU3ODY4NjgwNzQzYjMwMzM2NWU1N2VlZTUyMTA0MDMyMGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCgMZ504WH4HR7XuLDirLjfp9aT1
izI1QfvRnuBEB0JoN6m7VQw2mC1N7285f6c+e6/HBauE2M11d6wN0v01VvWdmj0Q
VQ/D9mX6QzcuAfhl7tA5NqBoSvI22mZ5zoHp3+LARYYmbtWm9v6UIUVu+ml8tQ0Y
ci5OAKBVRWK6VBh4XxyuhaKsN6DL+fngAne/Cq5e9Q0YYP2YtLixGN3jpc/43t7y
gt0V0OYiP2lC+wiogsk2QTPSfiJ7uNLw6ejY+POp3C5Ssb2UkG8sbQusG2yxVxRB
3lFi16YL8nKs7MwLxX7SoAFp5+dG5fqvdQNuDQOQH8RDR1++jFqk39p8FwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFON1vnhoaAdDswM2Xlfu5SEEAyDqMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvNDNXLWVHaG9CME96QXpaZVYtN2xJUVFESU9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkewYMA0G
CSqGSIb3DQEBCwUAA4IBAQBtyR4AhhAKNvR9QOczhlQ9ms8g79Vjsz7TWNR1r56v
7wq6xFXi5e2Jy5aWJ/mZQFNExCHOnkZmT9Xd5ioMkdLV22ohx11xGEGqDGeE8opa
y3k/78hGqZMiyV/0PEcXYVVpuH15Z+hdZlNWG0lIAaG9VoiCbYVmvCTL/L9f3MnP
+m6FEslvx2oovYWCEm0t08Wv+X3sHEhXN1WoCZDm4vqoE+liMRDL7T4WvBeknN7p
ZeZrMEsjThsLVtoxrd0s6NJ4LFmP9M3OUtMSknbLxgRi8ad9m1j+CVpNTSHv8Btb
Vehpxl3a8iwGTG8r+ddPp73mrdDlwVJk1LiGRgneA7N9
-----END CERTIFICATE-----
Generated at Sun Apr 13 15:39:30 2025 by rpki-client