Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/hdNNHQIFwnpnxNggYxU1p6Z-XGk.roa
File: hdNNHQIFwnpnxNggYxU1p6Z-XGk.roa (raw, json)
Hash identifier: tOBVPWHOBl8156ZGKWKuty1/zjQtgPwsgL3f1n3MYGU=
Subject key identifier: 85:D3:4D:1D:02:05:C2:7A:67:C4:D8:20:63:15:35:A7:A6:7E:5C:69
Certificate issuer: /CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Certificate serial: 019424457D1F92B57D308C84E0CEDFCDEA23
Authority key identifier: C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/hdNNHQIFwnpnxNggYxU1p6Z-XGk.roa
Signing time: Wed 01 Jan 2025 23:48:41 +0000
ROA not before: Wed 01 Jan 2025 23:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215680
IP address blocks: 45.136.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wtIegEq3cTrXh33eYDqngksxmDw.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wtIegEq3cTrXh33eYDqngksxmDw.mft
rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:7d:1f:92:b5:7d:30:8c:84:e0:ce:df:cd:ea:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Validity
Not Before: Jan 1 23:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85d34d1d0205c27a67c4d820631535a7a67e5c69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5d:82:e5:83:64:9e:6d:c6:0b:3a:2f:53:73:
0d:2f:5f:6b:7c:3e:3c:c7:c8:50:b4:47:06:8f:1a:
b8:37:13:ed:63:e2:82:36:c8:54:7b:05:09:6c:87:
49:8c:89:b8:5c:52:36:e5:d8:a8:1b:e2:52:3b:58:
30:ee:c4:68:15:b6:7c:9c:19:c0:e6:38:49:af:09:
94:91:ae:6f:54:d0:b6:f6:85:fd:76:4b:68:d8:d6:
47:9b:23:58:91:5b:d3:7d:03:f4:e4:3d:a3:b9:e3:
81:5b:ae:be:9d:35:b4:00:28:16:0d:c0:20:ef:01:
ad:1f:9a:ec:49:0a:a8:91:2f:00:b9:ac:92:39:a7:
d3:84:26:fb:e7:84:7e:ff:cb:0e:7f:3d:a1:69:e1:
c7:0e:25:e9:63:7a:1c:63:2a:61:bf:43:2e:a9:ee:
3c:d5:c0:99:36:eb:ad:1e:00:ab:df:a3:ec:00:98:
d9:4a:37:69:c1:6d:f6:ca:62:5e:9f:f1:11:4a:8b:
78:29:ef:de:e3:1f:e4:6f:c5:50:de:c2:00:dc:56:
be:9f:d2:04:81:67:80:3c:b7:c0:bd:8d:79:b0:d2:
ba:e2:2d:47:be:9f:c2:0d:18:58:0a:bf:0e:de:e6:
9c:c3:e3:02:a7:e9:3f:d6:a7:1d:be:32:5b:59:e6:
cb:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:D3:4D:1D:02:05:C2:7A:67:C4:D8:20:63:15:35:A7:A6:7E:5C:69
X509v3 Authority Key Identifier:
keyid:C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/hdNNHQIFwnpnxNggYxU1p6Z-XGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wtIegEq3cTrXh33eYDqngksxmDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.141.0/24
Signature Algorithm: sha256WithRSAEncryption
09:95:8b:21:17:9f:ee:35:0c:3c:db:95:dc:67:99:93:27:6f:
d9:9d:65:58:35:ce:5e:96:25:03:f6:23:69:7e:ff:f8:f8:c9:
6d:40:ad:f1:e5:72:41:44:d3:2d:e7:40:27:14:55:ad:43:4e:
63:b7:b8:e1:84:fb:67:7a:ba:5a:63:e6:8f:2d:53:37:08:78:
08:3f:5e:0c:d3:40:57:ee:6a:55:be:cc:fd:28:e5:da:7b:0e:
25:83:d9:2f:63:5f:98:8f:65:cd:dd:7f:93:57:21:bf:ca:17:
2a:57:f0:2a:c3:86:d3:78:f2:58:98:07:02:23:01:0c:42:9f:
f5:30:17:08:a0:bd:3f:c2:6c:39:cf:90:72:3d:15:df:76:8f:
fa:28:96:ae:a0:6f:1d:77:3d:54:f7:11:13:15:6d:f6:be:3c:
9c:65:19:0e:fb:d4:68:aa:10:a8:24:d2:cb:bc:36:57:55:95:
a7:03:03:cb:88:07:85:20:03:fc:0e:f6:8f:f1:b4:25:5c:10:
4c:cb:54:94:e5:09:49:80:36:0d:63:85:4e:53:d1:fa:26:38:
8b:1a:9f:b8:21:ba:80:e5:02:ad:ff:f5:7b:0d:a7:8c:ea:76:
94:03:79:1e:fc:c9:6e:62:17:6d:c3:10:bd:5d:e6:32:27:d2:
e3:3c:46:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRX0fkrV9MIyE4M7fzeojMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDIxZTgwNGFiNzcxM2FkNzg3N2RkZTYwM2FhNzgyNGIz
MTk4M2MwHhcNMjUwMTAxMjM0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWQzNGQxZDAyMDVjMjdhNjdjNGQ4MjA2MzE1MzVhN2E2N2U1YzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApF2C5YNknm3GCzovU3MNL19rfD48
x8hQtEcGjxq4NxPtY+KCNshUewUJbIdJjIm4XFI25dioG+JSO1gw7sRoFbZ8nBnA
5jhJrwmUka5vVNC29oX9dkto2NZHmyNYkVvTfQP05D2jueOBW66+nTW0ACgWDcAg
7wGtH5rsSQqokS8AuaySOafThCb754R+/8sOfz2haeHHDiXpY3ocYyphv0Muqe48
1cCZNuutHgCr36PsAJjZSjdpwW32ymJen/ERSot4Ke/e4x/kb8VQ3sIA3Fa+n9IE
gWeAPLfAvY15sNK64i1Hvp/CDRhYCr8O3uacw+MCp+k/1qcdvjJbWebL+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIXTTR0CBcJ6Z8TYIGMVNaemflxpMB8GA1UdIwQY
MBaAFMLSHoBKt3E614d93mA6p4JLMZg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYt
NTlhZTA5ZWRiZWI5LzEvaGROTkhRSUZ3bnBueE5nZ1l4VTFwNlotWEdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYtNTlhZTA5ZWRiZWI5
LzEvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYiNMA0G
CSqGSIb3DQEBCwUAA4IBAQAJlYshF5/uNQw825XcZ5mTJ2/ZnWVYNc5eliUD9iNp
fv/4+MltQK3x5XJBRNMt50AnFFWtQ05jt7jhhPtnerpaY+aPLVM3CHgIP14M00BX
7mpVvsz9KOXaew4lg9kvY1+Yj2XN3X+TVyG/yhcqV/Aqw4bTePJYmAcCIwEMQp/1
MBcIoL0/wmw5z5ByPRXfdo/6KJauoG8ddz1U9xETFW32vjycZRkO+9RoqhCoJNLL
vDZXVZWnAwPLiAeFIAP8DvaP8bQlXBBMy1SU5QlJgDYNY4VOU9H6JjiLGp+4IbqA
5QKt//V7DaeM6naUA3ke/MluYhdtwxC9XeYyJ9LjPEZW
-----END CERTIFICATE-----
Generated at Fri Apr 18 01:37:45 2025 by rpki-client