Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ouw4kNP7hTDfaqv-CfSAd8Hbwo4.roa
File: ouw4kNP7hTDfaqv-CfSAd8Hbwo4.roa (raw, json)
Hash identifier: bVxAA9pkxtnA5UNgD+kXqdovB1pgzbbIcgoJ4G8VSZI=
Subject key identifier: A2:EC:38:90:D3:FB:85:30:DF:6A:AB:FE:09:F4:80:77:C1:DB:C2:8E
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019427B3B142BC4980808988C27552559853
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ouw4kNP7hTDfaqv-CfSAd8Hbwo4.roa
Signing time: Thu 02 Jan 2025 15:47:55 +0000
ROA not before: Thu 02 Jan 2025 15:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212042
IP address blocks: 45.87.29.0/24 maxlen: 24
45.150.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:b1:42:bc:49:80:80:89:88:c2:75:52:55:98:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 15:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2ec3890d3fb8530df6aabfe09f48077c1dbc28e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:29:13:5b:38:4d:89:af:f7:4e:4c:02:93:4c:
e5:9c:c0:0d:95:7f:3b:c9:0b:7b:55:a2:90:85:5a:
6e:ab:e5:1d:d6:64:e9:50:39:f4:08:de:06:ea:e0:
04:7e:a2:43:3b:b2:43:35:04:ca:a1:b2:68:c7:61:
91:ce:3b:ac:72:44:47:6f:52:bb:f2:1d:e7:37:48:
99:b6:5e:76:37:6c:6a:b3:42:5a:80:fb:7e:9e:57:
c9:4d:f5:5f:74:ca:3d:3e:99:43:21:dc:f6:6a:a2:
d1:a5:55:bb:98:0b:4a:2e:b6:01:d4:e9:2c:87:b9:
d0:57:58:00:39:bb:7d:b7:88:92:fe:5b:d1:d2:fb:
f6:47:08:48:12:29:d8:ef:01:67:92:e8:26:45:91:
e2:43:cc:70:1e:da:17:c0:1e:b0:2d:57:ca:32:53:
a9:5a:c3:48:d3:c5:1d:97:0a:a3:44:3e:18:2d:ff:
1c:2a:75:8a:32:b7:b5:b3:d7:d9:3e:d9:0d:8e:5e:
ec:b8:06:82:8d:d2:de:fa:35:bb:da:d2:e5:af:48:
2b:c0:93:37:2f:f8:2a:f4:ee:5a:85:0d:57:f4:2a:
cc:bd:d8:d6:62:09:09:6d:91:5d:c5:8c:17:10:6e:
7a:93:bd:cb:96:21:a8:4b:22:d5:50:d7:78:8e:5c:
a3:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:EC:38:90:D3:FB:85:30:DF:6A:AB:FE:09:F4:80:77:C1:DB:C2:8E
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ouw4kNP7hTDfaqv-CfSAd8Hbwo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.29.0/24
45.150.95.0/24
Signature Algorithm: sha256WithRSAEncryption
29:25:58:77:90:a8:5d:1d:47:72:d7:a8:02:32:21:61:ab:1e:
c9:a9:c9:48:7d:91:a6:97:40:3a:30:00:dc:8e:0b:2d:4c:57:
b6:8a:d8:4e:94:4b:0c:5e:a4:39:e6:20:b7:4a:17:09:e1:66:
5b:6f:b5:8c:b8:91:94:6f:ef:d1:6d:9f:f5:5b:b4:1e:ef:ac:
9e:e2:7b:e3:59:79:ee:f3:64:26:1a:13:46:cd:f7:a4:c6:5d:
c1:b7:34:1d:bb:d9:6f:c4:7f:fe:29:ab:85:42:3d:80:a3:6c:
ea:97:5d:f0:55:37:86:b4:c2:b5:0a:a1:8a:48:86:99:88:9f:
f6:84:23:5d:89:5d:e0:b8:18:89:c5:de:c2:29:93:5b:ab:29:
f4:b3:b1:a1:fd:12:80:69:d7:40:96:00:51:30:f1:73:62:85:
78:14:81:29:0c:dd:17:97:ed:e1:e0:04:44:80:8c:e4:4e:2b:
fa:b1:41:db:cd:68:cd:3b:2a:c4:e3:87:5c:08:aa:10:f6:f6:
86:a6:ea:10:71:98:92:35:c3:41:d9:16:53:7c:00:83:6b:67:
1a:b5:18:13:d2:4b:aa:9b:98:42:68:14:08:fd:00:73:15:d9:
99:d6:4b:aa:f4:62:20:d2:28:9f:b8:89:1e:80:3f:4e:dd:03:
2f:e6:31:ef
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQns7FCvEmAgImIwnVSVZhTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTAyMTU0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmVjMzg5MGQzZmI4NTMwZGY2YWFiZmUwOWY0ODA3N2MxZGJjMjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxykTWzhNia/3TkwCk0zlnMANlX87
yQt7VaKQhVpuq+Ud1mTpUDn0CN4G6uAEfqJDO7JDNQTKobJox2GRzjusckRHb1K7
8h3nN0iZtl52N2xqs0JagPt+nlfJTfVfdMo9PplDIdz2aqLRpVW7mAtKLrYB1Oks
h7nQV1gAObt9t4iS/lvR0vv2RwhIEinY7wFnkugmRZHiQ8xwHtoXwB6wLVfKMlOp
WsNI08UdlwqjRD4YLf8cKnWKMre1s9fZPtkNjl7suAaCjdLe+jW72tLlr0grwJM3
L/gq9O5ahQ1X9CrMvdjWYgkJbZFdxYwXEG56k73LliGoSyLVUNd4jlyjJQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKLsOJDT+4Uw32qr/gn0gHfB28KOMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvb3V3NGtOUDdoVERmYXF2LUNmU0FkOEhid280LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVcdAwQA
LZZfMA0GCSqGSIb3DQEBCwUAA4IBAQApJVh3kKhdHUdy16gCMiFhqx7JqclIfZGm
l0A6MADcjgstTFe2ithOlEsMXqQ55iC3ShcJ4WZbb7WMuJGUb+/RbZ/1W7Qe76ye
4nvjWXnu82QmGhNGzfekxl3BtzQdu9lvxH/+KauFQj2Ao2zql13wVTeGtMK1CqGK
SIaZiJ/2hCNdiV3guBiJxd7CKZNbqyn0s7Gh/RKAaddAlgBRMPFzYoV4FIEpDN0X
l+3h4AREgIzkTiv6sUHbzWjNOyrE44dcCKoQ9vaGpuoQcZiSNcNB2RZTfACDa2ca
tRgT0kuqm5hCaBQI/QBzFdmZ1kuq9GIg0iifuIkegD9O3QMv5jHv
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:44:02 2025 by rpki-client