Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ELmjdgmz0TCWZHrerDgDF63z33k.roa
File: ELmjdgmz0TCWZHrerDgDF63z33k.roa (raw, json)
Hash identifier: 6xYE48dYUH/DP/zLTzJY8oKn7xak0SIxnNrqcD52JrQ=
Subject key identifier: 10:B9:A3:76:09:B3:D1:30:96:64:7A:DE:AC:38:03:17:AD:F3:DF:79
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019427B3A5A344103E8A8D5E9B085A144E54
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ELmjdgmz0TCWZHrerDgDF63z33k.roa
Signing time: Thu 02 Jan 2025 15:47:52 +0000
ROA not before: Thu 02 Jan 2025 15:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 142299
IP address blocks: 45.83.207.0/24 maxlen: 24
89.251.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:a5:a3:44:10:3e:8a:8d:5e:9b:08:5a:14:4e:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 15:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=10b9a37609b3d13096647adeac380317adf3df79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:2e:09:b6:7a:88:4d:7d:73:06:ab:43:ab:cc:
8d:46:7c:59:d0:28:44:a4:4b:31:a5:c5:fe:15:c5:
9e:2e:f8:d0:06:1a:72:3d:f1:33:76:3d:43:bd:7e:
80:26:d9:b1:8a:ee:6a:65:7d:4a:9c:86:dd:7e:02:
a1:f6:4e:3f:02:ef:68:ad:0d:62:4b:7e:97:8c:bf:
4b:1d:68:48:ff:73:07:5b:4b:d3:b4:0d:98:bd:11:
da:3d:96:46:be:df:86:46:f3:ce:7c:23:8f:90:1a:
a9:62:36:3e:98:32:26:65:66:9d:a4:27:3f:d9:ae:
b0:54:64:bf:a8:59:e7:76:45:8a:66:3c:4b:07:09:
5c:ea:6e:67:62:52:3e:39:5d:9f:a0:b9:7c:7c:2f:
46:13:5b:2c:fd:f1:50:9d:ce:11:29:e4:01:b0:13:
07:4a:55:89:b2:35:24:14:20:1d:9b:c1:1e:a2:26:
1e:b2:bd:38:e6:28:1a:4d:df:f4:62:5d:d7:f9:6d:
bd:39:b1:9d:d1:63:d4:02:7e:45:49:11:c1:ea:0a:
dd:5e:7f:2c:9e:90:51:3b:d3:07:84:34:71:0a:9e:
ce:2e:f3:bd:29:3c:c9:bd:9f:e7:f8:96:18:62:c8:
d9:19:2e:c5:be:38:99:81:27:fc:e1:7d:de:e6:55:
20:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:B9:A3:76:09:B3:D1:30:96:64:7A:DE:AC:38:03:17:AD:F3:DF:79
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ELmjdgmz0TCWZHrerDgDF63z33k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.207.0/24
89.251.2.0/24
Signature Algorithm: sha256WithRSAEncryption
32:3a:2f:dd:c4:55:c4:bc:c5:ef:38:3c:04:f9:37:3d:f3:9d:
04:e0:9a:8f:7a:1e:1a:96:d8:c5:df:97:04:e6:ce:a0:3f:6c:
27:37:9c:66:05:17:66:3f:4c:c0:88:ec:44:20:89:cb:74:0b:
1b:77:e9:67:02:34:7b:35:1d:0e:80:aa:73:b1:5d:8d:85:94:
50:89:f4:1b:f5:79:e9:f2:81:10:85:be:b7:95:58:93:4a:ea:
d6:7b:cb:ce:c9:72:c3:b7:e8:80:f6:8a:37:58:39:15:b4:68:
99:36:3f:e5:fe:f6:6f:78:68:7e:3b:c1:c1:09:b8:f1:08:e4:
3a:a0:48:48:5b:33:70:1e:9b:a4:90:dd:4c:6e:f1:b7:e9:e3:
18:14:52:8d:8a:1f:f6:d7:c1:88:4c:4c:97:5d:23:8d:ed:68:
e9:d1:75:30:47:b0:a1:67:97:3a:9c:4a:46:ec:af:3d:f2:14:
a2:9b:96:14:bd:60:5f:f9:d3:4c:69:5b:4b:1b:61:87:3f:a8:
b5:97:fe:0c:cf:7c:22:c2:43:80:c5:4b:a6:a4:b9:5d:ae:c1:
77:92:db:b6:7b:30:12:9c:30:05:fd:35:8c:30:b9:1b:53:71:
3d:ab:ac:6d:3a:18:92:4a:d1:ed:dd:db:cf:b2:80:1e:05:50:
d8:b7:5a:e7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQns6WjRBA+io1emwhaFE5UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTAyMTU0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGI5YTM3NjA5YjNkMTMwOTY2NDdhZGVhYzM4MDMxN2FkZjNkZjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0S4JtnqITX1zBqtDq8yNRnxZ0ChE
pEsxpcX+FcWeLvjQBhpyPfEzdj1DvX6AJtmxiu5qZX1KnIbdfgKh9k4/Au9orQ1i
S36XjL9LHWhI/3MHW0vTtA2YvRHaPZZGvt+GRvPOfCOPkBqpYjY+mDImZWadpCc/
2a6wVGS/qFnndkWKZjxLBwlc6m5nYlI+OV2foLl8fC9GE1ss/fFQnc4RKeQBsBMH
SlWJsjUkFCAdm8EeoiYesr045igaTd/0Yl3X+W29ObGd0WPUAn5FSRHB6grdXn8s
npBRO9MHhDRxCp7OLvO9KTzJvZ/n+JYYYsjZGS7FvjiZgSf84X3e5lUgiwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBC5o3YJs9EwlmR63qw4Axet8995MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvRUxtamRnbXowVENXWkhyZXJEZ0RGNjN6MzNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVPPAwQA
WfsCMA0GCSqGSIb3DQEBCwUAA4IBAQAyOi/dxFXEvMXvODwE+Tc9850E4JqPeh4a
ltjF35cE5s6gP2wnN5xmBRdmP0zAiOxEIInLdAsbd+lnAjR7NR0OgKpzsV2NhZRQ
ifQb9Xnp8oEQhb63lViTSurWe8vOyXLDt+iA9oo3WDkVtGiZNj/l/vZveGh+O8HB
CbjxCOQ6oEhIWzNwHpukkN1MbvG36eMYFFKNih/218GITEyXXSON7Wjp0XUwR7Ch
Z5c6nEpG7K898hSim5YUvWBf+dNMaVtLG2GHP6i1l/4Mz3wiwkOAxUumpLldrsF3
ktu2ezASnDAF/TWMMLkbU3E9q6xtOhiSStHt3dvPsoAeBVDYt1rn
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:47:50 2025 by rpki-client