Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/d44dd0-05b7-4427-a082-1b7ec38e9f44/1/sOcMNTKEK2vEMDsn_cwPjTFtrV4.roa
File: sOcMNTKEK2vEMDsn_cwPjTFtrV4.roa (raw, json)
Hash identifier: pJ6YvqIq3DawUThWjacZ6kiuFXQ2zw291qAdZv05g/Q=
Subject key identifier: B0:E7:0C:35:32:84:2B:6B:C4:30:3B:27:FD:CC:0F:8D:31:6D:AD:5E
Certificate issuer: /CN=85add8eaaeb3a478d7e5df3e7ee1c323f166bf28
Certificate serial: 0194258F1394C1BE43F2A36628569F0AB590
Authority key identifier: 85:AD:D8:EA:AE:B3:A4:78:D7:E5:DF:3E:7E:E1:C3:23:F1:66:BF:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ha3Y6q6zpHjX5d8-fuHDI_Fmvyg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/d44dd0-05b7-4427-a082-1b7ec38e9f44/1/sOcMNTKEK2vEMDsn_cwPjTFtrV4.roa
Signing time: Thu 02 Jan 2025 05:48:41 +0000
ROA not before: Thu 02 Jan 2025 05:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208630
IP address blocks: 45.84.236.0/24 maxlen: 24
45.84.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/d44dd0-05b7-4427-a082-1b7ec38e9f44/1/ha3Y6q6zpHjX5d8-fuHDI_Fmvyg.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/d44dd0-05b7-4427-a082-1b7ec38e9f44/1/ha3Y6q6zpHjX5d8-fuHDI_Fmvyg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ha3Y6q6zpHjX5d8-fuHDI_Fmvyg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:13:94:c1:be:43:f2:a3:66:28:56:9f:0a:b5:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85add8eaaeb3a478d7e5df3e7ee1c323f166bf28
Validity
Not Before: Jan 2 05:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b0e70c3532842b6bc4303b27fdcc0f8d316dad5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:19:48:a4:7f:59:a0:62:5b:51:1a:f8:ab:4f:
96:fe:10:97:c5:96:36:11:42:c0:80:81:c3:96:01:
43:de:b7:fe:64:63:a3:07:9d:35:28:43:40:6a:4a:
49:8e:49:70:c1:10:95:84:ce:68:91:94:ce:d3:1d:
0f:72:db:08:1a:dd:af:90:87:cc:9a:c6:07:9a:f9:
6b:a4:29:3e:cc:39:3b:e5:f9:8d:7b:0d:0d:34:47:
46:c2:20:ca:05:7a:a7:4a:5d:7f:62:7d:2c:e3:61:
81:f7:49:8d:78:e1:85:64:ed:5f:df:e1:40:57:47:
32:ad:25:c3:3e:ed:2b:a1:3f:17:e9:94:b5:61:e2:
1c:2f:b9:a4:97:b5:79:cd:e1:da:8a:65:b4:49:fd:
2d:58:82:eb:2d:0d:8b:cb:d0:ea:16:2f:29:3a:9e:
cb:24:4e:a9:86:c9:a0:ef:da:c8:a3:aa:4c:c8:27:
3b:4f:cc:66:d1:ee:71:2d:a0:bc:d6:88:db:59:59:
82:8c:b6:68:a7:e7:12:b9:f1:6d:20:7a:e1:6c:a0:
c7:66:3d:30:31:ac:e7:5a:2d:d4:e1:10:c0:d8:81:
60:98:53:ff:94:5f:27:c5:c9:51:52:7c:46:a1:8e:
3f:35:7b:4d:05:6d:4e:ba:be:d9:28:0f:c3:0c:71:
de:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:E7:0C:35:32:84:2B:6B:C4:30:3B:27:FD:CC:0F:8D:31:6D:AD:5E
X509v3 Authority Key Identifier:
keyid:85:AD:D8:EA:AE:B3:A4:78:D7:E5:DF:3E:7E:E1:C3:23:F1:66:BF:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ha3Y6q6zpHjX5d8-fuHDI_Fmvyg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/d44dd0-05b7-4427-a082-1b7ec38e9f44/1/sOcMNTKEK2vEMDsn_cwPjTFtrV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/d44dd0-05b7-4427-a082-1b7ec38e9f44/1/ha3Y6q6zpHjX5d8-fuHDI_Fmvyg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.236.0/24
45.84.238.0/24
Signature Algorithm: sha256WithRSAEncryption
27:08:d5:ce:23:e8:23:17:1f:19:6e:3d:6a:24:67:a3:e9:1d:
f3:aa:b5:ba:37:2d:78:62:2c:f9:92:54:83:56:04:de:4e:1d:
98:45:99:98:c6:c3:3b:6d:70:7e:92:08:32:97:ed:fc:b1:b0:
45:f4:ef:f5:28:c7:b8:a8:ba:b9:1b:c4:fc:97:fb:fd:a4:fb:
c1:96:64:fb:6b:d0:b2:6f:cf:52:71:b3:ca:44:ef:82:1d:a8:
40:f9:1d:53:75:5e:6c:dc:d3:b9:36:c3:0d:87:4b:a9:1c:1a:
4f:ef:0b:20:d9:ac:b5:62:e0:f8:04:8e:34:eb:7d:86:cb:56:
dc:8a:7d:a2:5b:ef:38:d7:85:f4:36:5f:a7:ff:e5:43:4d:b4:
81:f6:49:20:0c:ff:dd:30:54:5f:f6:aa:d6:89:1a:89:dc:dd:
d3:d8:1e:26:b6:7f:2e:b7:4f:c0:c7:85:4e:25:58:dd:4d:24:
6b:a8:0c:06:71:7a:6d:d9:30:1e:e7:9e:4c:23:ed:42:a1:99:
be:17:55:ed:da:0a:03:84:41:7f:be:cb:ce:4e:1d:74:96:69:
a4:49:8b:c4:4e:38:5d:7c:b5:39:b1:d1:00:9d:2b:f0:97:28:
47:4f:68:a9:5a:75:0f:05:81:12:2f:54:be:4d:62:be:eb:36:
76:17:98:83
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQljxOUwb5D8qNmKFafCrWQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YWRkOGVhYWViM2E0NzhkN2U1ZGYzZTdlZTFjMzIzZjE2
NmJmMjgwHhcNMjUwMTAyMDU0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGU3MGMzNTMyODQyYjZiYzQzMDNiMjdmZGNjMGY4ZDMxNmRhZDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxlIpH9ZoGJbURr4q0+W/hCXxZY2
EULAgIHDlgFD3rf+ZGOjB501KENAakpJjklwwRCVhM5okZTO0x0PctsIGt2vkIfM
msYHmvlrpCk+zDk75fmNew0NNEdGwiDKBXqnSl1/Yn0s42GB90mNeOGFZO1f3+FA
V0cyrSXDPu0roT8X6ZS1YeIcL7mkl7V5zeHaimW0Sf0tWILrLQ2Ly9DqFi8pOp7L
JE6phsmg79rIo6pMyCc7T8xm0e5xLaC81ojbWVmCjLZop+cSufFtIHrhbKDHZj0w
MaznWi3U4RDA2IFgmFP/lF8nxclRUnxGoY4/NXtNBW1Our7ZKA/DDHHezwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLDnDDUyhCtrxDA7J/3MD40xba1eMB8GA1UdIwQY
MBaAFIWt2Oqus6R41+XfPn7hwyPxZr8oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGEzWTZxNnpwSGpYNWQ4LWZ1SERJX0ZtdnlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9kNDRkZDAtMDViNy00NDI3LWEwODIt
MWI3ZWMzOGU5ZjQ0LzEvc09jTU5US0VLMnZFTURzbl9jd1BqVEZ0clY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9kNDRkZDAtMDViNy00NDI3LWEwODItMWI3ZWMzOGU5ZjQ0
LzEvaGEzWTZxNnpwSGpYNWQ4LWZ1SERJX0ZtdnlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVTsAwQA
LVTuMA0GCSqGSIb3DQEBCwUAA4IBAQAnCNXOI+gjFx8Zbj1qJGej6R3zqrW6Ny14
Yiz5klSDVgTeTh2YRZmYxsM7bXB+kggyl+38sbBF9O/1KMe4qLq5G8T8l/v9pPvB
lmT7a9Cyb89ScbPKRO+CHahA+R1TdV5s3NO5NsMNh0upHBpP7wsg2ay1YuD4BI40
632Gy1bcin2iW+8414X0Nl+n/+VDTbSB9kkgDP/dMFRf9qrWiRqJ3N3T2B4mtn8u
t0/Ax4VOJVjdTSRrqAwGcXpt2TAe555MI+1CoZm+F1Xt2goDhEF/vsvOTh10lmmk
SYvETjhdfLU5sdEAnSvwlyhHT2ipWnUPBYESL1S+TWK+6zZ2F5iD
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:18:54 2025 by rpki-client