Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/KWDLxTNDHjPEt5CNMlqQjrWRPxE.roa
File: KWDLxTNDHjPEt5CNMlqQjrWRPxE.roa (raw, json)
Hash identifier: I2bHLjCu9j6F0/Gw4gYWN/pmV4RKlVRfC1GimOI/0lk=
Subject key identifier: 29:60:CB:C5:33:43:1E:33:C4:B7:90:8D:32:5A:90:8E:B5:91:3F:11
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019427B3A7AB5AC7F8045083FD5D4C137FF7
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/KWDLxTNDHjPEt5CNMlqQjrWRPxE.roa
Signing time: Thu 02 Jan 2025 15:47:52 +0000
ROA not before: Thu 02 Jan 2025 15:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199524
IP address blocks: 45.130.137.0/24 maxlen: 24
45.130.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:a7:ab:5a:c7:f8:04:50:83:fd:5d:4c:13:7f:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 15:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2960cbc533431e33c4b7908d325a908eb5913f11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c1:ce:98:60:32:36:14:a3:3a:2b:6f:c0:a4:
c5:48:38:78:73:15:74:77:0e:d1:73:15:02:55:a0:
e5:6f:6a:63:52:c8:55:2c:8c:c1:84:00:11:87:11:
8b:9e:a3:54:bc:cf:4a:92:cf:16:bc:af:45:da:a6:
dc:95:8b:38:17:09:f0:95:97:66:29:cc:1d:18:99:
e1:46:42:8b:a1:1b:40:b9:c8:6b:c8:b1:c6:e9:1f:
9e:61:4c:b4:57:fe:ab:ef:61:2e:35:df:06:47:6b:
a3:bf:8d:4d:d5:d5:14:55:8a:0f:54:e2:7e:92:e3:
a7:ca:fe:10:59:ac:a7:9c:1c:1f:77:78:47:b2:15:
05:b5:28:a7:d8:2c:2b:c3:c3:ba:f0:8c:a8:f8:57:
94:71:ba:17:34:c5:81:7b:2a:00:98:21:1d:b5:8b:
6e:9e:af:09:c6:36:31:e9:bd:25:91:93:74:46:98:
c3:31:ea:cf:af:d0:1c:15:ed:db:03:65:bb:b9:36:
39:dc:0f:0b:f7:dc:04:df:4c:6d:19:f0:fa:02:8a:
e6:44:8c:71:1e:6e:94:d4:43:5e:42:7c:44:6e:4d:
28:a4:42:03:49:f8:c9:53:7d:64:bf:8c:d8:86:c7:
2d:ae:86:1e:5c:5f:96:95:3f:db:c2:2a:9a:a2:1a:
cc:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:60:CB:C5:33:43:1E:33:C4:B7:90:8D:32:5A:90:8E:B5:91:3F:11
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/KWDLxTNDHjPEt5CNMlqQjrWRPxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.137.0/24
45.130.139.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:e8:2e:c7:c9:23:7d:7e:20:35:bf:d6:16:6f:89:b3:e2:62:
d1:38:48:22:b7:3f:9a:b3:89:8c:66:e2:06:a0:7a:4d:be:cf:
86:a4:bd:82:dd:02:01:60:91:3e:52:ff:46:b1:0d:d6:bf:27:
fa:1c:03:a3:41:16:90:18:04:b1:ed:31:6b:29:6b:8d:54:37:
8f:ff:f0:a9:a5:69:70:90:c4:be:d7:1e:ee:99:30:79:98:bd:
83:bb:ad:ea:7f:f7:c0:f6:0e:74:cc:22:72:6b:36:55:11:0b:
05:67:58:c7:56:b6:3a:77:a7:3f:55:6d:fd:af:bb:76:01:e0:
59:72:52:78:f5:54:e3:2e:ca:e7:2e:b0:88:a4:10:c6:25:e8:
29:dc:0f:ae:15:fd:dc:9e:ae:a3:ae:38:65:1f:85:46:a0:45:
22:1b:79:44:e3:d8:5a:1b:58:72:9c:95:39:28:86:5a:f1:be:
ec:6f:87:ef:33:d9:93:c6:49:24:4b:42:aa:f9:a6:b5:1c:0a:
f8:53:47:bc:1a:84:0f:89:01:5c:0c:49:92:db:75:2b:1e:fd:
21:33:c5:73:67:a4:d5:bb:c5:6f:a0:02:b2:e5:8a:1d:da:21:
67:b0:12:cd:3c:bb:d6:70:54:5e:dd:e8:52:15:46:99:89:d9:
f4:2e:5e:25
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQns6erWsf4BFCD/V1ME3/3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTAyMTU0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTYwY2JjNTMzNDMxZTMzYzRiNzkwOGQzMjVhOTA4ZWI1OTEzZjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsHOmGAyNhSjOitvwKTFSDh4cxV0
dw7RcxUCVaDlb2pjUshVLIzBhAARhxGLnqNUvM9Kks8WvK9F2qbclYs4FwnwlZdm
KcwdGJnhRkKLoRtAuchryLHG6R+eYUy0V/6r72EuNd8GR2ujv41N1dUUVYoPVOJ+
kuOnyv4QWaynnBwfd3hHshUFtSin2Cwrw8O68Iyo+FeUcboXNMWBeyoAmCEdtYtu
nq8JxjYx6b0lkZN0RpjDMerPr9AcFe3bA2W7uTY53A8L99wE30xtGfD6AormRIxx
Hm6U1ENeQnxEbk0opEIDSfjJU31kv4zYhsctroYeXF+WlT/bwiqaohrMKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFClgy8UzQx4zxLeQjTJakI61kT8RMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvS1dETHhUTkRIalBFdDVDTk1scVFqcldSUHhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYKJAwQA
LYKLMA0GCSqGSIb3DQEBCwUAA4IBAQCp6C7HySN9fiA1v9YWb4mz4mLROEgitz+a
s4mMZuIGoHpNvs+GpL2C3QIBYJE+Uv9GsQ3Wvyf6HAOjQRaQGASx7TFrKWuNVDeP
//CppWlwkMS+1x7umTB5mL2Du63qf/fA9g50zCJyazZVEQsFZ1jHVrY6d6c/VW39
r7t2AeBZclJ49VTjLsrnLrCIpBDGJegp3A+uFf3cnq6jrjhlH4VGoEUiG3lE49ha
G1hynJU5KIZa8b7sb4fvM9mTxkkkS0Kq+aa1HAr4U0e8GoQPiQFcDEmS23UrHv0h
M8VzZ6TVu8VvoAKy5Yod2iFnsBLNPLvWcFRe3ehSFUaZidn0Ll4l
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:38:17 2025 by rpki-client