Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/FK3n4h4D3Xxjl_5Atnspar3CwEM.roa
File: FK3n4h4D3Xxjl_5Atnspar3CwEM.roa (raw, json)
Hash identifier: zCMT92mlpOuLN/GnzJTmYTb2x9/6w91zkWMcYj2CN5Q=
Subject key identifier: 14:AD:E7:E2:1E:03:DD:7C:63:97:FE:40:B6:7B:29:6A:BD:C2:C0:43
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019427B3A4BF362ED5865E11874094CABF6B
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/FK3n4h4D3Xxjl_5Atnspar3CwEM.roa
Signing time: Thu 02 Jan 2025 15:47:52 +0000
ROA not before: Thu 02 Jan 2025 15:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62240
IP address blocks: 45.128.199.0/24 maxlen: 24
45.146.55.0/24 maxlen: 24
45.159.246.0/24 maxlen: 24
194.5.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:a4:bf:36:2e:d5:86:5e:11:87:40:94:ca:bf:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 15:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=14ade7e21e03dd7c6397fe40b67b296abdc2c043
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:fd:25:f8:65:76:3c:63:16:18:21:c6:c8:2e:
c0:81:b5:3b:fb:fd:8b:a6:36:d2:29:bf:60:37:f5:
03:36:2f:32:ac:30:ae:ec:d1:3d:a7:bc:40:00:8f:
8b:bc:5c:e9:d2:c5:71:56:a1:84:88:be:0f:99:29:
a2:84:38:0a:4f:02:47:f4:9a:79:f2:1d:57:fc:94:
3b:53:ce:0a:6b:f8:c9:69:49:f0:1f:af:42:3d:9f:
26:a7:d3:e3:d2:c9:64:08:a6:c4:a9:b6:3e:61:6f:
ac:66:b8:29:07:8a:95:a0:85:e1:7f:be:50:f6:45:
79:81:d1:7a:99:bd:36:7d:b3:a7:b4:7d:a1:e9:68:
95:9d:77:b4:e2:9b:09:74:d6:09:84:61:45:ca:f3:
c0:4d:8f:c5:e2:2f:d7:0c:e4:af:16:ee:3b:4f:85:
10:b7:ef:d8:ed:ae:c8:7b:aa:d1:85:f5:37:ea:70:
cc:bd:a5:b4:d1:70:ce:56:ed:44:d4:a0:bb:1c:84:
c7:01:e4:c9:ed:a5:cd:a2:13:bb:ff:ab:5b:23:9e:
9d:75:ff:e2:43:22:9c:a9:55:63:4b:a8:fb:10:13:
6d:3a:93:05:67:6c:ea:03:1f:79:90:e7:a0:51:4e:
42:03:3f:30:2e:ad:1a:eb:9c:f5:42:41:50:79:2d:
cb:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:AD:E7:E2:1E:03:DD:7C:63:97:FE:40:B6:7B:29:6A:BD:C2:C0:43
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/FK3n4h4D3Xxjl_5Atnspar3CwEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.199.0/24
45.146.55.0/24
45.159.246.0/24
194.5.52.0/24
Signature Algorithm: sha256WithRSAEncryption
04:c1:62:07:fb:00:b6:43:9d:35:cf:40:e2:50:9c:41:fd:b3:
bc:55:e2:99:95:65:e3:39:b4:11:7f:9e:8d:0c:84:c6:9c:61:
83:38:0a:5d:0c:28:0c:2e:20:e9:c2:11:ae:de:ad:9e:c6:de:
21:18:1a:84:b6:bb:ea:7d:ab:0a:53:09:fd:2a:c4:95:ae:27:
39:fb:84:ff:af:b7:ec:5c:66:a7:75:2a:0e:ac:67:e0:44:e2:
ae:8d:63:d4:4d:6d:0e:d4:d4:03:61:f1:db:24:01:6b:b8:2b:
3a:1a:b6:71:3e:e7:56:ac:07:a8:32:20:d9:6b:05:fb:e4:99:
a2:74:05:2e:c6:f6:16:3b:3a:bb:9f:88:85:ed:88:9b:6e:de:
7f:ca:50:1c:ad:e3:f1:62:02:61:79:15:67:52:8f:44:f8:e7:
e2:e2:fd:52:ea:ed:47:45:f6:2c:25:30:7d:35:8d:d4:67:b3:
24:d0:61:8c:e6:99:c3:f8:01:8f:54:b5:54:03:46:c5:50:60:
db:a5:bb:60:fd:a5:81:e6:44:6c:b0:93:79:5e:52:47:a5:24:
d5:43:41:b1:7c:7e:52:23:95:33:ac:6b:6c:b1:1a:b4:23:24:
c7:e3:ae:00:f8:b3:5e:1e:e3:6f:f5:10:84:06:2c:f6:32:f1:
ce:22:f2:4a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQns6S/Ni7Vhl4Rh0CUyr9rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTAyMTU0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGFkZTdlMjFlMDNkZDdjNjM5N2ZlNDBiNjdiMjk2YWJkYzJjMDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2v0l+GV2PGMWGCHGyC7AgbU7+/2L
pjbSKb9gN/UDNi8yrDCu7NE9p7xAAI+LvFzp0sVxVqGEiL4PmSmihDgKTwJH9Jp5
8h1X/JQ7U84Ka/jJaUnwH69CPZ8mp9Pj0slkCKbEqbY+YW+sZrgpB4qVoIXhf75Q
9kV5gdF6mb02fbOntH2h6WiVnXe04psJdNYJhGFFyvPATY/F4i/XDOSvFu47T4UQ
t+/Y7a7Ie6rRhfU36nDMvaW00XDOVu1E1KC7HITHAeTJ7aXNohO7/6tbI56ddf/i
QyKcqVVjS6j7EBNtOpMFZ2zqAx95kOegUU5CAz8wLq0a65z1QkFQeS3LaQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBSt5+IeA918Y5f+QLZ7KWq9wsBDMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvRkszbjRoNEQzWHhqbF81QXRuc3BhcjNDd0VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYDHAwQA
LZI3AwQALZ/2AwQAwgU0MA0GCSqGSIb3DQEBCwUAA4IBAQAEwWIH+wC2Q501z0Di
UJxB/bO8VeKZlWXjObQRf56NDITGnGGDOApdDCgMLiDpwhGu3q2ext4hGBqEtrvq
fasKUwn9KsSVric5+4T/r7fsXGandSoOrGfgROKujWPUTW0O1NQDYfHbJAFruCs6
GrZxPudWrAeoMiDZawX75JmidAUuxvYWOzq7n4iF7Yibbt5/ylAcrePxYgJheRVn
Uo9E+Ofi4v1S6u1HRfYsJTB9NY3UZ7Mk0GGM5pnD+AGPVLVUA0bFUGDbpbtg/aWB
5kRssJN5XlJHpSTVQ0GxfH5SI5UzrGtssRq0IyTH464A+LNeHuNv9RCEBiz2MvHO
IvJK
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:54:38 2025 by rpki-client