Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Wm8pSrEB6rOr1RO2TfJ2pq6iHQE.roa
File: Wm8pSrEB6rOr1RO2TfJ2pq6iHQE.roa (raw, json)
Hash identifier: 27Z9rPiaKd1w9cU/3UYjCX2/pl7ZpqX4nuQKVW7y/9Q=
Subject key identifier: 5A:6F:29:4A:B1:01:EA:B3:AB:D5:13:B6:4D:F2:76:A6:AE:A2:1D:01
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019427B39455D07C9A8B2607F2C2E6D97F88
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Wm8pSrEB6rOr1RO2TfJ2pq6iHQE.roa
Signing time: Thu 02 Jan 2025 15:47:47 +0000
ROA not before: Thu 02 Jan 2025 15:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 45.138.17.0/24 maxlen: 24
2a0f:e380::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:94:55:d0:7c:9a:8b:26:07:f2:c2:e6:d9:7f:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 15:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a6f294ab101eab3abd513b64df276a6aea21d01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ce:7b:d6:32:d0:c3:9b:6e:e6:38:b3:66:94:
ce:50:41:3a:ef:c5:9f:56:96:22:1a:5c:68:c6:85:
de:2f:64:fc:ef:c0:ef:eb:41:34:a8:95:e6:e8:fb:
f1:74:5e:af:cd:4e:03:80:5c:cb:50:15:3c:63:44:
41:b4:f3:c1:3c:1b:d5:f9:79:d6:b5:27:3d:6b:28:
b0:a8:5d:61:ef:a6:49:f0:28:0e:79:fa:79:20:72:
cc:50:9c:87:9c:4f:4b:97:d4:b6:f4:ff:76:03:75:
6a:d6:14:11:96:61:8b:f7:8f:c9:c1:fa:06:ad:a3:
1a:08:59:1c:08:ac:2c:cc:d5:47:ef:21:6b:b1:6f:
33:fe:b4:df:f9:af:b3:6f:a4:26:78:70:53:16:59:
22:f8:17:6d:85:5f:57:dc:d0:f5:45:0d:2d:24:bf:
71:c9:1f:6a:a5:3f:ab:ec:92:38:7c:e5:18:89:5a:
b6:a5:d1:1c:3c:76:ff:5d:42:2e:21:a2:74:99:c0:
8d:26:e8:33:c2:0d:68:2d:f2:e1:d3:ab:f7:dd:74:
5d:0e:64:f6:db:dd:a9:b0:ca:45:15:01:56:d5:6d:
fd:dc:91:d8:e6:8c:49:50:7d:d3:4f:e6:07:05:b2:
ed:a5:22:22:95:75:81:b0:b7:e3:93:94:1b:de:d2:
ce:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:6F:29:4A:B1:01:EA:B3:AB:D5:13:B6:4D:F2:76:A6:AE:A2:1D:01
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Wm8pSrEB6rOr1RO2TfJ2pq6iHQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.17.0/24
IPv6:
2a0f:e380::/32
Signature Algorithm: sha256WithRSAEncryption
3a:46:01:13:26:73:18:04:ee:88:bd:db:d5:0c:20:94:fd:23:
de:2d:46:a9:a5:eb:95:e5:56:7a:fc:6e:b0:d1:ef:10:6b:dd:
26:9e:c8:7a:f2:3e:46:d9:20:4f:bf:e0:e0:1e:06:ad:5e:20:
eb:78:50:9f:8b:d5:22:9e:bb:f1:21:ba:8e:89:66:b2:c0:00:
59:9c:d2:42:bf:57:d4:ed:ee:56:16:53:35:0a:8f:a6:9f:03:
e0:60:55:82:b0:71:aa:02:5e:62:18:71:4a:d8:aa:9b:a7:43:
33:a9:88:69:48:d6:45:cc:52:22:da:ac:40:58:2c:c3:1b:79:
22:e5:9c:3c:ff:b3:f7:a3:8d:aa:f0:f1:c2:af:cc:12:e4:60:
f5:b7:f2:4c:01:53:0f:83:f6:63:1d:d3:9a:99:d3:e4:7d:4a:
d3:3d:06:9b:ab:0d:d4:60:4d:40:36:26:ed:66:9b:12:57:fa:
b7:08:80:b4:af:a8:6f:9e:c6:2e:83:ad:26:6e:fc:d1:41:77:
33:89:96:bc:a3:bb:bf:2e:78:b3:26:82:62:81:74:f4:6c:10:
47:37:c1:05:ce:d4:85:48:39:9f:36:e0:72:e3:75:86:d5:a6:
e5:0d:05:f2:7b:3b:1a:63:41:46:10:79:12:9f:7e:11:4a:14:
6d:f1:ff:05
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQns5RV0HyaiyYH8sLm2X+IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTAyMTU0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTZmMjk0YWIxMDFlYWIzYWJkNTEzYjY0ZGYyNzZhNmFlYTIxZDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAss571jLQw5tu5jizZpTOUEE678Wf
VpYiGlxoxoXeL2T878Dv60E0qJXm6PvxdF6vzU4DgFzLUBU8Y0RBtPPBPBvV+XnW
tSc9ayiwqF1h76ZJ8CgOefp5IHLMUJyHnE9Ll9S29P92A3Vq1hQRlmGL94/JwfoG
raMaCFkcCKwszNVH7yFrsW8z/rTf+a+zb6QmeHBTFlki+BdthV9X3ND1RQ0tJL9x
yR9qpT+r7JI4fOUYiVq2pdEcPHb/XUIuIaJ0mcCNJugzwg1oLfLh06v33XRdDmT2
292psMpFFQFW1W393JHY5oxJUH3TT+YHBbLtpSIilXWBsLfjk5Qb3tLO4QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFpvKUqxAeqzq9UTtk3ydqauoh0BMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvV204cFNyRUI2ck9yMVJPMlRmSjJwcTZpSFFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALYoRMA0E
AgACMAcDBQAqD+OAMA0GCSqGSIb3DQEBCwUAA4IBAQA6RgETJnMYBO6IvdvVDCCU
/SPeLUappeuV5VZ6/G6w0e8Qa90mnsh68j5G2SBPv+DgHgatXiDreFCfi9Uinrvx
IbqOiWaywABZnNJCv1fU7e5WFlM1Co+mnwPgYFWCsHGqAl5iGHFK2Kqbp0MzqYhp
SNZFzFIi2qxAWCzDG3ki5Zw8/7P3o42q8PHCr8wS5GD1t/JMAVMPg/ZjHdOamdPk
fUrTPQabqw3UYE1ANibtZpsSV/q3CIC0r6hvnsYug60mbvzRQXcziZa8o7u/Lniz
JoJigXT0bBBHN8EFztSFSDmfNuBy43WG1ablDQXyezsaY0FGEHkSn34RShRt8f8F
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:57:11 2025 by rpki-client