Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/yzk3REVSGQxP3rEVAZsJQRpTPkM.roa
File: yzk3REVSGQxP3rEVAZsJQRpTPkM.roa (raw, json)
Hash identifier: dAn/JyxTOrxcNXrruPk6InrufFAxEVKtC99woebiErY=
Subject key identifier: CB:39:37:44:45:52:19:0C:4F:DE:B1:15:01:9B:09:41:1A:53:3E:43
Certificate issuer: /CN=7728052ae7d10fd2261a2248fc00d202b0f25574
Certificate serial: 0194266BB8123DC36D0295BD29B9A948651F
Authority key identifier: 77:28:05:2A:E7:D1:0F:D2:26:1A:22:48:FC:00:D2:02:B0:F2:55:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dygFKufRD9ImGiJI_ADSArDyVXQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/yzk3REVSGQxP3rEVAZsJQRpTPkM.roa
Signing time: Thu 02 Jan 2025 09:49:41 +0000
ROA not before: Thu 02 Jan 2025 09:49:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208981
IP address blocks: 45.12.124.0/24 maxlen: 24
45.12.125.0/24 maxlen: 24
45.12.126.0/24 maxlen: 24
45.12.127.0/24 maxlen: 24
91.243.190.0/24 maxlen: 24
91.243.191.0/24 maxlen: 24
2a0e:a900::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/dygFKufRD9ImGiJI_ADSArDyVXQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/dygFKufRD9ImGiJI_ADSArDyVXQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/dygFKufRD9ImGiJI_ADSArDyVXQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:b8:12:3d:c3:6d:02:95:bd:29:b9:a9:48:65:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7728052ae7d10fd2261a2248fc00d202b0f25574
Validity
Not Before: Jan 2 09:49:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb3937444552190c4fdeb115019b09411a533e43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:f2:4c:e7:b1:d6:1e:24:64:b7:6b:b1:51:ba:
63:b0:9f:32:5e:fd:27:13:e3:fa:83:ce:52:2a:33:
74:eb:cf:dd:f9:1d:ba:53:2a:50:5f:1b:db:2b:72:
41:5e:5a:85:5f:d2:35:de:cd:d2:5a:52:3a:30:98:
dd:9f:4e:17:ec:41:6b:06:ca:06:06:f7:84:20:fc:
8e:bf:44:00:37:04:b5:be:58:be:b6:1c:43:d6:55:
aa:c6:18:bd:ef:53:9e:85:16:a0:7e:98:6b:79:5f:
29:66:ca:1a:26:1f:c6:ac:29:7b:bc:ce:ba:a0:26:
be:fa:1b:40:15:97:08:41:93:01:a7:0b:64:9d:47:
df:34:f6:6d:19:56:b6:d8:60:70:d4:71:b0:08:e1:
6f:f1:f5:84:e2:3d:bb:cb:5e:aa:6c:2d:e2:64:9a:
6a:ad:0b:34:d8:30:62:9e:9d:c9:0d:5c:f0:47:44:
4a:ff:83:c2:c5:59:b2:d4:2e:c4:ed:79:5f:35:4d:
aa:c4:5a:8a:de:ba:1d:18:25:02:ca:a4:57:5a:fc:
ef:61:b6:19:a3:9c:03:69:5d:7e:ae:69:fe:dd:1c:
4a:60:97:d5:d0:b7:3e:63:8a:5b:1e:ef:eb:dd:14:
75:3f:ff:44:27:64:9f:41:f1:2f:92:2d:ee:2b:97:
a0:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:39:37:44:45:52:19:0C:4F:DE:B1:15:01:9B:09:41:1A:53:3E:43
X509v3 Authority Key Identifier:
keyid:77:28:05:2A:E7:D1:0F:D2:26:1A:22:48:FC:00:D2:02:B0:F2:55:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dygFKufRD9ImGiJI_ADSArDyVXQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/yzk3REVSGQxP3rEVAZsJQRpTPkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/dygFKufRD9ImGiJI_ADSArDyVXQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.124.0/22
91.243.190.0/23
IPv6:
2a0e:a900::/29
Signature Algorithm: sha256WithRSAEncryption
a1:bb:fd:c0:80:35:38:0d:5a:56:18:df:d3:7e:d6:78:2f:c5:
e1:be:20:76:a3:12:1d:45:49:99:b8:5b:0d:31:56:5f:e9:c0:
25:da:5e:2a:c1:b8:8e:a5:0a:d0:c8:c5:c5:7f:25:33:8a:53:
3e:01:17:4e:88:63:7e:fe:23:f7:2c:9e:ea:a6:f8:e8:f5:ea:
78:2f:99:30:ce:fb:ef:cd:ac:de:3f:4d:43:82:f4:0d:2f:72:
78:d9:c2:98:66:34:33:ff:ab:a3:fe:9f:4a:92:77:65:a2:fd:
44:b2:3d:78:6a:5f:19:50:3f:09:8a:f5:88:6c:52:28:32:0a:
d1:e3:4d:18:5a:67:36:c4:cd:53:00:16:0f:6b:20:1c:9a:0e:
5d:7a:85:83:f5:5d:73:5d:ae:ec:f6:96:7e:5e:0b:8e:ed:43:
e9:a8:89:3a:a4:5f:d1:52:f5:a3:71:0b:7b:45:63:dc:5e:27:
af:62:5c:7d:02:9f:1f:2d:60:23:02:2f:0d:27:ac:b2:d7:ba:
d5:0c:e9:42:80:db:e3:85:99:81:0c:00:8a:ae:31:eb:49:77:
c6:fe:ad:8a:af:4d:13:33:42:50:cd:b1:0f:f1:02:9a:7c:90:
df:25:16:20:4f:42:45:44:a7:00:fd:fd:00:e3:fe:32:4d:bc:
27:a7:ae:8f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQma7gSPcNtApW9KbmpSGUfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MjgwNTJhZTdkMTBmZDIyNjFhMjI0OGZjMDBkMjAyYjBm
MjU1NzQwHhcNMjUwMTAyMDk0OTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjM5Mzc0NDQ1NTIxOTBjNGZkZWIxMTUwMTliMDk0MTFhNTMzZTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3PJM57HWHiRkt2uxUbpjsJ8yXv0n
E+P6g85SKjN068/d+R26UypQXxvbK3JBXlqFX9I13s3SWlI6MJjdn04X7EFrBsoG
BveEIPyOv0QANwS1vli+thxD1lWqxhi971OehRagfphreV8pZsoaJh/GrCl7vM66
oCa++htAFZcIQZMBpwtknUffNPZtGVa22GBw1HGwCOFv8fWE4j27y16qbC3iZJpq
rQs02DBinp3JDVzwR0RK/4PCxVmy1C7E7XlfNU2qxFqK3rodGCUCyqRXWvzvYbYZ
o5wDaV1+rmn+3RxKYJfV0Lc+Y4pbHu/r3RR1P/9EJ2SfQfEvki3uK5egaQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMs5N0RFUhkMT96xFQGbCUEaUz5DMB8GA1UdIwQY
MBaAFHcoBSrn0Q/SJhoiSPwA0gKw8lV0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHlnRkt1ZlJEOUltR2lKSV9BRFNBckR5VlhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS80Y2IxYjEtNzAxYi00ZTQyLThiMDUt
MmNiYzQwZTVmZTYyLzEveXprM1JFVlNHUXhQM3JFVkFac0pRUnBUUGtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS80Y2IxYjEtNzAxYi00ZTQyLThiMDUtMmNiYzQwZTVmZTYy
LzEvZHlnRkt1ZlJEOUltR2lKSV9BRFNBckR5VlhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLQx8AwQB
W/O+MA0EAgACMAcDBQMqDqkAMA0GCSqGSIb3DQEBCwUAA4IBAQChu/3AgDU4DVpW
GN/TftZ4L8XhviB2oxIdRUmZuFsNMVZf6cAl2l4qwbiOpQrQyMXFfyUzilM+ARdO
iGN+/iP3LJ7qpvjo9ep4L5kwzvvvzazeP01DgvQNL3J42cKYZjQz/6uj/p9Kkndl
ov1Esj14al8ZUD8JivWIbFIoMgrR400YWmc2xM1TABYPayAcmg5deoWD9V1zXa7s
9pZ+XguO7UPpqIk6pF/RUvWjcQt7RWPcXievYlx9Ap8fLWAjAi8NJ6yy17rVDOlC
gNvjhZmBDACKrjHrSXfG/q2Kr00TM0JQzbEP8QKafJDfJRYgT0JFRKcA/f0A4/4y
Tbwnp66P
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:47:06 2025 by rpki-client