Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/1f3322-6af7-47ab-8dc5-99a11f6385ab/1/mV1hZytX8BcNK6MuHKBDE6HH6LY.roa
File: mV1hZytX8BcNK6MuHKBDE6HH6LY.roa (raw, json)
Hash identifier: Izn1ppuqIeq4brUj4agoXptLWgkQ3/6X3t/Q9E4R05U=
Subject key identifier: 99:5D:61:67:2B:57:F0:17:0D:2B:A3:2E:1C:A0:43:13:A1:C7:E8:B6
Certificate issuer: /CN=0bebcee4d23379aed81aecffc7a742b35acdddb3
Certificate serial: 019420D6209B68D5D22772C6DDBE1A04159D
Authority key identifier: 0B:EB:CE:E4:D2:33:79:AE:D8:1A:EC:FF:C7:A7:42:B3:5A:CD:DD:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C-vO5NIzea7YGuz_x6dCs1rN3bM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/1f3322-6af7-47ab-8dc5-99a11f6385ab/1/mV1hZytX8BcNK6MuHKBDE6HH6LY.roa
Signing time: Wed 01 Jan 2025 07:48:11 +0000
ROA not before: Wed 01 Jan 2025 07:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206236
IP address blocks: 45.14.232.0/22 maxlen: 22
195.245.66.0/24 maxlen: 24
2a0e:1580::/29 maxlen: 29
2a10:1a40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/1f3322-6af7-47ab-8dc5-99a11f6385ab/1/C-vO5NIzea7YGuz_x6dCs1rN3bM.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/1f3322-6af7-47ab-8dc5-99a11f6385ab/1/C-vO5NIzea7YGuz_x6dCs1rN3bM.mft
rsync://rpki.ripe.net/repository/DEFAULT/C-vO5NIzea7YGuz_x6dCs1rN3bM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:20:9b:68:d5:d2:27:72:c6:dd:be:1a:04:15:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bebcee4d23379aed81aecffc7a742b35acdddb3
Validity
Not Before: Jan 1 07:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=995d61672b57f0170d2ba32e1ca04313a1c7e8b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:c5:45:3e:cc:19:36:04:73:41:8d:4e:08:e1:
3e:fb:56:9c:32:db:c3:aa:65:37:ae:fc:cd:d2:51:
47:80:19:dc:6c:7c:a2:b0:6d:55:6b:13:b4:5d:90:
9e:e6:9d:88:21:98:9c:ab:f9:55:ae:77:88:92:6a:
e6:70:b4:6a:b3:91:41:86:3c:44:7d:fa:e2:e8:eb:
47:d3:97:64:82:73:14:c5:89:ec:df:1d:82:84:06:
07:26:03:19:1b:0d:11:6f:0d:c1:c0:62:ee:e8:2e:
bc:9d:f1:31:c7:28:16:b2:ae:2a:65:7b:6c:5b:ee:
c6:e4:c5:29:e6:47:d6:ed:3e:c6:99:f8:c8:09:70:
6c:b5:17:1d:dd:43:6e:70:e3:4f:b0:d7:33:f1:4e:
c4:29:aa:4b:f1:52:50:f5:5a:5e:81:8c:b1:6b:d2:
53:0c:a1:0b:24:f2:2c:8b:d1:98:ec:21:13:f8:e1:
f6:9b:01:3e:f8:1a:75:bd:a2:98:ff:de:41:f6:64:
64:bf:37:03:e7:3a:f8:58:ee:b4:b2:01:31:a8:19:
24:2d:bc:a7:c9:f4:95:7c:09:fb:05:e4:1c:28:7a:
95:59:76:6d:27:75:df:96:be:b6:82:09:2d:4a:7c:
9b:e0:75:c3:5f:fa:13:f6:cd:72:61:65:0a:42:d5:
61:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:5D:61:67:2B:57:F0:17:0D:2B:A3:2E:1C:A0:43:13:A1:C7:E8:B6
X509v3 Authority Key Identifier:
keyid:0B:EB:CE:E4:D2:33:79:AE:D8:1A:EC:FF:C7:A7:42:B3:5A:CD:DD:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C-vO5NIzea7YGuz_x6dCs1rN3bM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1f3322-6af7-47ab-8dc5-99a11f6385ab/1/mV1hZytX8BcNK6MuHKBDE6HH6LY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1f3322-6af7-47ab-8dc5-99a11f6385ab/1/C-vO5NIzea7YGuz_x6dCs1rN3bM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.232.0/22
195.245.66.0/24
IPv6:
2a0e:1580::/29
2a10:1a40::/29
Signature Algorithm: sha256WithRSAEncryption
65:3e:2a:7d:58:d6:d3:43:17:a1:9e:70:d3:6a:ca:1d:94:56:
f7:68:5e:71:38:05:c8:ff:75:25:55:4e:a5:b3:5f:ef:b3:dd:
a1:42:85:b4:6b:bb:a3:66:56:fe:46:0d:98:49:b6:6a:82:ed:
d0:ea:c3:2f:44:e5:85:95:dc:1c:77:1c:72:26:3b:fa:df:20:
2c:40:a1:47:0d:02:67:7f:37:1b:65:f7:66:f4:3d:86:fc:60:
72:fa:cf:ff:92:31:b1:cd:71:ad:d7:42:97:4f:a3:58:65:39:
a1:49:1d:f3:45:9c:1b:a5:5d:6a:90:4a:62:83:7f:b9:49:0d:
31:c4:9b:59:86:27:62:c5:47:2d:fa:2c:5a:ab:44:99:c9:a8:
59:b4:20:4b:ee:8b:d0:b0:5e:c7:e4:1b:89:7c:7c:6e:7b:a5:
fe:5f:fb:81:77:ad:16:b8:9a:3e:3a:6a:76:c7:08:c5:27:a2:
d5:83:e1:87:3b:9f:0f:4c:ed:42:df:57:e9:05:d7:8f:5b:bc:
f0:61:95:c6:bd:ec:bf:82:55:a1:50:07:6a:01:06:99:7a:a4:
2b:eb:8a:b2:8c:36:4d:5c:38:e2:5c:d7:82:29:c3:d7:0a:00:
9d:4f:5f:35:7b:98:e9:ce:38:ca:80:5f:6c:52:91:91:e7:31:
5a:e3:ed:ee
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQg1iCbaNXSJ3LG3b4aBBWdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZWJjZWU0ZDIzMzc5YWVkODFhZWNmZmM3YTc0MmIzNWFj
ZGRkYjMwHhcNMjUwMTAxMDc0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTVkNjE2NzJiNTdmMDE3MGQyYmEzMmUxY2EwNDMxM2ExYzdlOGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA48VFPswZNgRzQY1OCOE++1acMtvD
qmU3rvzN0lFHgBncbHyisG1VaxO0XZCe5p2IIZicq/lVrneIkmrmcLRqs5FBhjxE
ffri6OtH05dkgnMUxYns3x2ChAYHJgMZGw0Rbw3BwGLu6C68nfExxygWsq4qZXts
W+7G5MUp5kfW7T7GmfjICXBstRcd3UNucONPsNcz8U7EKapL8VJQ9VpegYyxa9JT
DKELJPIsi9GY7CET+OH2mwE++Bp1vaKY/95B9mRkvzcD5zr4WO60sgExqBkkLbyn
yfSVfAn7BeQcKHqVWXZtJ3Xflr62ggktSnyb4HXDX/oT9s1yYWUKQtVhFwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFJldYWcrV/AXDSujLhygQxOhx+i2MB8GA1UdIwQY
MBaAFAvrzuTSM3mu2Brs/8enQrNazd2zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQy12TzVOSXplYTdZR3V6X3g2ZENzMXJOM2JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8xZjMzMjItNmFmNy00N2FiLThkYzUt
OTlhMTFmNjM4NWFiLzEvbVYxaFp5dFg4QmNOSzZNdUhLQkRFNkhINkxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8xZjMzMjItNmFmNy00N2FiLThkYzUtOTlhMTFmNjM4NWFi
LzEvQy12TzVOSXplYTdZR3V6X3g2ZENzMXJOM2JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLQ7oAwQA
w/VCMBQEAgACMA4DBQMqDhWAAwUDKhAaQDANBgkqhkiG9w0BAQsFAAOCAQEAZT4q
fVjW00MXoZ5w02rKHZRW92hecTgFyP91JVVOpbNf77PdoUKFtGu7o2ZW/kYNmEm2
aoLt0OrDL0TlhZXcHHccciY7+t8gLEChRw0CZ383G2X3ZvQ9hvxgcvrP/5Ixsc1x
rddCl0+jWGU5oUkd80WcG6VdapBKYoN/uUkNMcSbWYYnYsVHLfosWqtEmcmoWbQg
S+6L0LBex+QbiXx8bnul/l/7gXetFriaPjpqdscIxSei1YPhhzufD0ztQt9X6QXX
j1u88GGVxr3sv4JVoVAHagEGmXqkK+uKsow2TVw44lzXginD1woAnU9fNXuY6c44
yoBfbFKRkecxWuPt7g==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:35 2025 by rpki-client