Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/c8d65e-e5c8-4120-ae1d-b097d9f8ec22/1/4aMsThSQ8pto7QNh_kFB73sOXo8.roa
File: 4aMsThSQ8pto7QNh_kFB73sOXo8.roa (raw, json)
Hash identifier: HEBFusOcNgQfdZRF0U/he5dAzzkTri4ddTPSMK0+giU=
Subject key identifier: E1:A3:2C:4E:14:90:F2:9B:68:ED:03:61:FE:41:41:EF:7B:0E:5E:8F
Certificate issuer: /CN=dc102f6131ce5a746eb5981dd4c1d6b4e17b033f
Certificate serial: 019423696B488C2C775228FB0593CCF37F07
Authority key identifier: DC:10:2F:61:31:CE:5A:74:6E:B5:98:1D:D4:C1:D6:B4:E1:7B:03:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3BAvYTHOWnRutZgd1MHWtOF7Az8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/c8d65e-e5c8-4120-ae1d-b097d9f8ec22/1/4aMsThSQ8pto7QNh_kFB73sOXo8.roa
Signing time: Wed 01 Jan 2025 19:48:18 +0000
ROA not before: Wed 01 Jan 2025 19:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60781
IP address blocks: 45.13.84.0/22 maxlen: 22
45.13.84.0/24 maxlen: 24
45.13.85.0/24 maxlen: 24
45.13.86.0/24 maxlen: 24
45.13.87.0/24 maxlen: 24
2a12:fd00::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/c8d65e-e5c8-4120-ae1d-b097d9f8ec22/1/3BAvYTHOWnRutZgd1MHWtOF7Az8.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/c8d65e-e5c8-4120-ae1d-b097d9f8ec22/1/3BAvYTHOWnRutZgd1MHWtOF7Az8.mft
rsync://rpki.ripe.net/repository/DEFAULT/3BAvYTHOWnRutZgd1MHWtOF7Az8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:6b:48:8c:2c:77:52:28:fb:05:93:cc:f3:7f:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc102f6131ce5a746eb5981dd4c1d6b4e17b033f
Validity
Not Before: Jan 1 19:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e1a32c4e1490f29b68ed0361fe4141ef7b0e5e8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:a1:42:a0:7c:b3:52:2e:a9:d8:9d:fb:ce:a8:
49:5e:b6:68:ea:8f:7d:57:91:a7:cf:74:95:85:87:
90:b5:da:bc:7d:63:f2:09:52:36:7a:da:f1:c6:b3:
fb:a6:3b:6b:12:f2:9b:77:7f:d2:32:9a:45:6a:40:
d6:28:65:79:51:6d:9b:ae:55:de:b9:82:97:fe:1e:
d5:84:66:8f:bf:fa:bd:d3:06:55:87:e2:68:89:66:
29:cb:d2:05:c8:f2:42:37:f7:94:8f:68:c7:00:a7:
37:87:6c:bc:94:3c:b8:c7:0c:df:9e:ce:69:69:48:
d5:01:82:02:2d:05:b0:db:d3:ba:ca:fe:a0:da:b0:
cc:b7:a6:25:d4:53:19:41:80:65:71:21:4d:22:04:
8e:d5:a4:e0:21:fd:d0:18:82:67:46:b2:c1:e0:a1:
17:e8:5d:2d:05:b8:32:01:e6:f6:3f:11:8f:b9:dd:
eb:f3:bc:e1:09:ec:e6:30:c3:33:82:0b:ff:5e:f1:
cc:ed:f0:c8:95:84:24:1a:5d:ad:d9:06:27:e8:6c:
2b:b8:e6:32:7a:b2:dd:bc:f6:6b:96:ea:11:3c:52:
62:6f:b5:a9:b2:ea:51:81:04:ef:f6:d3:3c:69:c5:
13:80:d3:b7:d3:1e:64:c3:6a:53:ef:dc:93:66:05:
da:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:A3:2C:4E:14:90:F2:9B:68:ED:03:61:FE:41:41:EF:7B:0E:5E:8F
X509v3 Authority Key Identifier:
keyid:DC:10:2F:61:31:CE:5A:74:6E:B5:98:1D:D4:C1:D6:B4:E1:7B:03:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BAvYTHOWnRutZgd1MHWtOF7Az8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c8d65e-e5c8-4120-ae1d-b097d9f8ec22/1/4aMsThSQ8pto7QNh_kFB73sOXo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c8d65e-e5c8-4120-ae1d-b097d9f8ec22/1/3BAvYTHOWnRutZgd1MHWtOF7Az8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.84.0/22
IPv6:
2a12:fd00::/36
Signature Algorithm: sha256WithRSAEncryption
03:2d:23:1c:10:50:d2:10:25:5c:05:e9:e7:15:f7:02:35:d0:
75:6f:3b:19:58:c5:f3:e7:68:46:f1:3e:43:0a:d8:4d:80:2c:
f7:ec:98:ca:13:d5:21:4c:4f:09:29:82:93:00:fb:92:58:cf:
e8:a6:26:19:80:67:1e:ac:9e:66:dd:5a:b0:f0:f8:dc:e8:da:
34:3c:ba:cf:b8:aa:37:af:8b:2f:86:41:68:62:12:0c:74:93:
89:1f:58:a6:61:8a:58:be:bd:af:6a:1b:4a:df:98:54:8d:3b:
7f:1b:f4:6b:bb:ed:fd:b0:05:7d:02:e4:de:4b:12:22:cd:0e:
cf:37:c6:9d:be:9f:79:32:3e:81:d3:94:ab:93:62:c3:9b:5d:
7c:9a:29:05:e3:e6:f2:17:ad:5e:2f:5d:69:d9:45:ef:8e:c6:
e9:1c:a1:d1:be:f4:98:51:cd:db:80:aa:02:1b:30:00:35:c2:
bf:64:0c:96:da:71:64:fb:ae:8c:78:88:73:96:a7:5d:8c:a0:
ca:d1:fa:8f:eb:78:51:34:1f:3d:31:37:58:05:65:f3:be:32:
5c:c9:5a:f7:45:dd:ec:9c:9d:50:bc:35:bf:e4:97:c2:30:42:
da:9d:82:af:5c:15:fc:6b:d9:88:f1:1f:59:90:e8:cb:10:e4:
42:28:82:1d
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQjaWtIjCx3Uij7BZPM838HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTAyZjYxMzFjZTVhNzQ2ZWI1OTgxZGQ0YzFkNmI0ZTE3
YjAzM2YwHhcNMjUwMTAxMTk0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWEzMmM0ZTE0OTBmMjliNjhlZDAzNjFmZTQxNDFlZjdiMGU1ZThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2qFCoHyzUi6p2J37zqhJXrZo6o99
V5Gnz3SVhYeQtdq8fWPyCVI2etrxxrP7pjtrEvKbd3/SMppFakDWKGV5UW2brlXe
uYKX/h7VhGaPv/q90wZVh+JoiWYpy9IFyPJCN/eUj2jHAKc3h2y8lDy4xwzfns5p
aUjVAYICLQWw29O6yv6g2rDMt6Yl1FMZQYBlcSFNIgSO1aTgIf3QGIJnRrLB4KEX
6F0tBbgyAeb2PxGPud3r87zhCezmMMMzggv/XvHM7fDIlYQkGl2t2QYn6GwruOYy
erLdvPZrluoRPFJib7WpsupRgQTv9tM8acUTgNO30x5kw2pT79yTZgXaIQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFOGjLE4UkPKbaO0DYf5BQe97Dl6PMB8GA1UdIwQY
MBaAFNwQL2Exzlp0brWYHdTB1rThewM/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JBdllUSE9XblJ1dFpnZDFNSFd0T0Y3QXo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9jOGQ2NWUtZTVjOC00MTIwLWFlMWQt
YjA5N2Q5ZjhlYzIyLzEvNGFNc1RoU1E4cHRvN1FOaF9rRkI3M3NPWG84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9jOGQ2NWUtZTVjOC00MTIwLWFlMWQtYjA5N2Q5ZjhlYzIy
LzEvM0JBdllUSE9XblJ1dFpnZDFNSFd0T0Y3QXo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCLQ1UMA4E
AgACMAgDBgQqEv0AADANBgkqhkiG9w0BAQsFAAOCAQEAAy0jHBBQ0hAlXAXp5xX3
AjXQdW87GVjF8+doRvE+QwrYTYAs9+yYyhPVIUxPCSmCkwD7kljP6KYmGYBnHqye
Zt1asPD43OjaNDy6z7iqN6+LL4ZBaGISDHSTiR9YpmGKWL69r2obSt+YVI07fxv0
a7vt/bAFfQLk3ksSIs0OzzfGnb6feTI+gdOUq5Niw5tdfJopBePm8hetXi9dadlF
747G6Ryh0b70mFHN24CqAhswADXCv2QMltpxZPuujHiIc5anXYygytH6j+t4UTQf
PTE3WAVl874yXMla90Xd7JydULw1v+SXwjBC2p2Cr1wV/GvZiPEfWZDoyxDkQiiC
HQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:28:40 2025 by rpki-client