Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/q1mKS-1q1q7ycLKwVkRY5ZGMBrM.roa
File: q1mKS-1q1q7ycLKwVkRY5ZGMBrM.roa (raw, json)
Hash identifier: 7DFwYw838RCxUtgdamfOeC4WbDUXktMTNYJ0ZkTeSb8=
Subject key identifier: AB:59:8A:4B:ED:6A:D6:AE:F2:70:B2:B0:56:44:58:E5:91:8C:06:B3
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019427B3B4DF2959B31DA3F03CC5ABCA51EB
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/q1mKS-1q1q7ycLKwVkRY5ZGMBrM.roa
Signing time: Thu 02 Jan 2025 15:47:56 +0000
ROA not before: Thu 02 Jan 2025 15:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 262287
IP address blocks: 45.84.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:b4:df:29:59:b3:1d:a3:f0:3c:c5:ab:ca:51:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 15:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ab598a4bed6ad6aef270b2b0564458e5918c06b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ea:4b:ba:ed:d0:a0:b3:47:8b:51:e1:9f:cb:
1e:8a:5e:8d:4c:6f:94:3c:18:61:05:70:4f:41:61:
12:ae:8b:9d:39:a2:db:0c:8d:bf:f0:d1:12:aa:7e:
a5:76:da:ad:50:f1:93:bb:24:28:cb:33:52:ab:20:
20:e7:d0:b0:0c:a8:0c:2f:1d:2d:81:96:b9:36:b2:
f4:23:a5:b3:95:ba:a4:f6:17:78:00:e9:ad:9f:1e:
e3:28:c8:bb:36:1a:41:dd:ab:ef:15:c0:3b:5a:15:
98:b9:b2:20:f9:db:f2:d1:87:b9:50:98:5e:6b:2d:
13:93:5f:57:2e:ac:b9:f6:70:25:25:b8:0e:25:0a:
5e:dc:cc:f1:45:53:15:a1:dd:69:e3:35:ee:b9:52:
c2:43:10:9d:65:c5:cb:c9:c2:ce:36:d6:6d:6c:47:
e8:58:dd:1c:57:b6:00:ec:09:cd:d0:d5:24:51:08:
67:db:27:77:6a:01:f9:87:c5:cf:a7:7c:19:f9:06:
2f:9b:46:27:27:05:74:d9:6c:de:90:d4:df:03:68:
11:8b:a4:87:c6:48:d8:15:5c:de:c0:de:57:76:0a:
cb:32:0c:65:3d:6e:28:39:d7:79:d2:5c:38:42:ec:
86:8a:dd:1b:1c:78:b5:2c:85:27:41:26:a5:cf:09:
62:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:59:8A:4B:ED:6A:D6:AE:F2:70:B2:B0:56:44:58:E5:91:8C:06:B3
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/q1mKS-1q1q7ycLKwVkRY5ZGMBrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.213.0/24
Signature Algorithm: sha256WithRSAEncryption
58:27:15:98:4e:36:03:7c:ff:6c:4c:73:8b:b5:57:b2:08:b0:
48:54:8c:10:1c:d9:0a:2d:c7:37:39:ce:b6:9b:71:30:61:b8:
58:b7:32:fe:b9:1e:69:5d:36:b0:9c:5d:fb:e9:8a:a7:c3:d3:
6b:7b:61:1a:fc:8b:de:cc:ea:6f:55:c5:4b:aa:1e:3e:d0:ee:
f7:e0:3b:19:d6:b6:75:bc:95:6e:1c:cb:50:67:c5:8d:97:5a:
6e:88:ae:7d:19:ce:82:18:49:1d:bc:f2:ab:d7:45:47:d5:51:
ad:0e:9d:4b:81:4e:aa:f2:a5:4b:9b:41:64:2c:94:c0:f4:67:
8a:cb:4d:10:4a:88:24:cc:b4:c6:b9:45:27:51:83:0b:a5:e8:
57:39:a7:5a:e1:5a:fa:f0:1f:34:c6:4f:c7:02:da:e4:b9:15:
c2:53:08:79:90:eb:b4:82:a7:84:75:cb:2b:8e:f0:b5:86:9b:
22:de:8d:55:2c:f9:5f:88:2d:24:93:6b:1b:02:9b:05:6f:28:
04:fa:54:e3:8d:10:1f:68:7b:4a:3c:6b:95:ce:a5:40:1f:03:
67:41:e0:95:3a:9a:cc:8a:6c:77:77:a1:b7:23:6d:74:43:5a:
96:3a:56:95:5c:39:a3:ab:dc:fc:76:7e:3f:eb:76:e4:56:8e:
82:a9:ae:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQns7TfKVmzHaPwPMWrylHrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTAyMTU0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjU5OGE0YmVkNmFkNmFlZjI3MGIyYjA1NjQ0NThlNTkxOGMwNmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoupLuu3QoLNHi1Hhn8seil6NTG+U
PBhhBXBPQWESroudOaLbDI2/8NESqn6ldtqtUPGTuyQoyzNSqyAg59CwDKgMLx0t
gZa5NrL0I6Wzlbqk9hd4AOmtnx7jKMi7NhpB3avvFcA7WhWYubIg+dvy0Ye5UJhe
ay0Tk19XLqy59nAlJbgOJQpe3MzxRVMVod1p4zXuuVLCQxCdZcXLycLONtZtbEfo
WN0cV7YA7AnN0NUkUQhn2yd3agH5h8XPp3wZ+QYvm0YnJwV02WzekNTfA2gRi6SH
xkjYFVzewN5XdgrLMgxlPW4oOdd50lw4QuyGit0bHHi1LIUnQSalzwlixQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKtZikvtatau8nCysFZEWOWRjAazMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvcTFtS1MtMXExcTd5Y0xLd1ZrUlk1WkdNQnJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVTVMA0G
CSqGSIb3DQEBCwUAA4IBAQBYJxWYTjYDfP9sTHOLtVeyCLBIVIwQHNkKLcc3Oc62
m3EwYbhYtzL+uR5pXTawnF376Yqnw9Nre2Ea/IvezOpvVcVLqh4+0O734DsZ1rZ1
vJVuHMtQZ8WNl1puiK59Gc6CGEkdvPKr10VH1VGtDp1LgU6q8qVLm0FkLJTA9GeK
y00QSogkzLTGuUUnUYMLpehXOada4Vr68B80xk/HAtrkuRXCUwh5kOu0gqeEdcsr
jvC1hpsi3o1VLPlfiC0kk2sbApsFbygE+lTjjRAfaHtKPGuVzqVAHwNnQeCVOprM
imx3d6G3I210Q1qWOlaVXDmjq9z8dn4/63bkVo6Cqa7p
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:44:08 2025 by rpki-client