Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/fHBm4TVwfCsxKTS34CD03QLAT0g.roa
File: fHBm4TVwfCsxKTS34CD03QLAT0g.roa (raw, json)
Hash identifier: jz10FsvQ6LTwl0F8dQ9NeUCQdC0VfH7swcNyvtJtDYc=
Subject key identifier: 7C:70:66:E1:35:70:7C:2B:31:29:34:B7:E0:20:F4:DD:02:C0:4F:48
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019427B3B43BA872AC2CEA6610F703E1C5F9
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/fHBm4TVwfCsxKTS34CD03QLAT0g.roa
Signing time: Thu 02 Jan 2025 15:47:56 +0000
ROA not before: Thu 02 Jan 2025 15:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216022
IP address blocks: 45.134.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:b4:3b:a8:72:ac:2c:ea:66:10:f7:03:e1:c5:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 15:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c7066e135707c2b312934b7e020f4dd02c04f48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d5:2a:d5:37:06:83:d5:0d:e0:d4:00:16:9d:
fd:ee:cc:50:03:a3:eb:d6:64:6a:77:7b:f5:f9:85:
64:91:a6:d7:64:28:b1:be:c0:b9:b1:42:20:1a:60:
c4:f7:e3:8b:e5:44:4c:b9:39:76:23:18:9a:47:98:
61:6f:c7:7d:0f:6d:1a:d7:7f:f2:b7:2b:8b:6a:15:
c9:17:fc:02:31:ce:b9:23:0d:f9:b4:2c:b6:c2:b4:
f5:48:74:04:09:1d:07:ac:48:8a:0b:98:0a:1f:3a:
9c:4d:b3:8f:cc:e8:f5:d9:0a:8b:b6:39:65:67:92:
40:c4:d8:67:ef:ed:9d:20:f2:99:dd:96:cb:61:62:
52:1e:0f:7c:1b:1c:33:2e:f0:a8:f1:72:7e:56:61:
7f:fa:4d:f2:6d:8c:1f:58:76:30:48:a7:36:2b:4d:
f8:e5:c1:77:92:cd:88:7c:07:48:07:ce:58:08:86:
21:34:e9:c9:36:46:b6:06:aa:52:e1:d7:af:a5:78:
54:ae:03:42:42:24:7e:9e:1a:75:f8:08:f4:6b:33:
8d:3a:5b:03:73:5b:59:c9:3a:b6:c3:68:92:55:8c:
e3:22:55:e2:c0:b0:d9:98:b2:83:17:d0:c8:9c:fe:
a3:61:e3:b8:2c:50:ed:56:73:a6:df:3a:79:be:e8:
3f:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:70:66:E1:35:70:7C:2B:31:29:34:B7:E0:20:F4:DD:02:C0:4F:48
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/fHBm4TVwfCsxKTS34CD03QLAT0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.222.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:8c:49:d4:19:03:88:72:a7:2c:bf:81:37:ef:35:17:19:db:
53:42:ba:b1:18:0e:c2:4c:3b:64:19:9f:e8:d1:ee:f5:92:0d:
3b:0e:f9:a3:e4:db:45:7f:cb:41:83:26:3b:7e:82:1e:aa:52:
9a:d7:ed:28:e2:21:91:9e:a3:11:ed:fd:6a:1d:68:e5:dd:2e:
fe:6b:e0:5a:74:c8:af:e7:23:bd:28:ab:95:90:93:a6:2d:19:
b0:ff:d6:80:d7:f0:84:e5:35:79:59:a5:d8:f3:ac:6f:69:0c:
11:ee:0a:fb:f9:e3:12:c2:d2:38:69:43:e4:0a:bc:7c:03:76:
7b:43:36:52:6d:71:6e:5b:d8:b9:e8:ce:c5:ac:8c:fa:4e:d6:
8c:3e:cc:af:52:38:7c:03:2b:f6:73:42:97:7e:d8:44:59:39:
f1:71:08:69:e2:55:6f:d6:2a:76:54:88:71:c1:6c:72:9e:df:
b8:76:8d:ec:06:51:95:72:18:b6:ca:3e:49:a8:9e:70:db:00:
cf:86:d0:75:f1:9d:fb:b3:8a:e2:d0:cc:a2:cc:7c:f0:88:0b:
e8:d8:25:58:a7:00:fd:8a:44:a2:12:1d:62:e1:ec:8f:da:6b:
f1:fb:80:2d:1c:f7:b5:8b:4d:f8:33:13:5d:c0:ce:ae:03:59:
eb:16:45:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQns7Q7qHKsLOpmEPcD4cX5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTAyMTU0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzcwNjZlMTM1NzA3YzJiMzEyOTM0YjdlMDIwZjRkZDAyYzA0ZjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9Uq1TcGg9UN4NQAFp397sxQA6Pr
1mRqd3v1+YVkkabXZCixvsC5sUIgGmDE9+OL5URMuTl2IxiaR5hhb8d9D20a13/y
tyuLahXJF/wCMc65Iw35tCy2wrT1SHQECR0HrEiKC5gKHzqcTbOPzOj12QqLtjll
Z5JAxNhn7+2dIPKZ3ZbLYWJSHg98GxwzLvCo8XJ+VmF/+k3ybYwfWHYwSKc2K034
5cF3ks2IfAdIB85YCIYhNOnJNka2BqpS4devpXhUrgNCQiR+nhp1+Aj0azONOlsD
c1tZyTq2w2iSVYzjIlXiwLDZmLKDF9DInP6jYeO4LFDtVnOm3zp5vug/6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHxwZuE1cHwrMSk0t+Ag9N0CwE9IMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvZkhCbTRUVndmQ3N4S1RTMzRDRDAzUUxBVDBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYbeMA0G
CSqGSIb3DQEBCwUAA4IBAQC1jEnUGQOIcqcsv4E37zUXGdtTQrqxGA7CTDtkGZ/o
0e71kg07Dvmj5NtFf8tBgyY7foIeqlKa1+0o4iGRnqMR7f1qHWjl3S7+a+BadMiv
5yO9KKuVkJOmLRmw/9aA1/CE5TV5WaXY86xvaQwR7gr7+eMSwtI4aUPkCrx8A3Z7
QzZSbXFuW9i56M7FrIz6TtaMPsyvUjh8Ayv2c0KXfthEWTnxcQhp4lVv1ip2VIhx
wWxynt+4do3sBlGVchi2yj5JqJ5w2wDPhtB18Z37s4ri0MyizHzwiAvo2CVYpwD9
ikSiEh1i4eyP2mvx+4AtHPe1i034MxNdwM6uA1nrFkX3
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:50:04 2025 by rpki-client