Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/9dfe1e-cd74-471e-91bf-0fc3fdcf59ae/1/unRbkKxOnR98ml1J5g6bUjmiKYg.roa
File: unRbkKxOnR98ml1J5g6bUjmiKYg.roa (raw, json)
Hash identifier: dSoLjUhYv2hRLBN1CZDtznSmSO++ZyOw/lIWfxfiQjA=
Subject key identifier: BA:74:5B:90:AC:4E:9D:1F:7C:9A:5D:49:E6:0E:9B:52:39:A2:29:88
Certificate issuer: /CN=2d7479f45643a2b82e10dabf73efef7703b1e2d2
Certificate serial: 01941FFA66438D3F0C38DE442CBC0221025D
Authority key identifier: 2D:74:79:F4:56:43:A2:B8:2E:10:DA:BF:73:EF:EF:77:03:B1:E2:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LXR59FZDorguENq_c-_vdwOx4tI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/9dfe1e-cd74-471e-91bf-0fc3fdcf59ae/1/unRbkKxOnR98ml1J5g6bUjmiKYg.roa
Signing time: Wed 01 Jan 2025 03:48:11 +0000
ROA not before: Wed 01 Jan 2025 03:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41405
IP address blocks: 45.146.212.0/22 maxlen: 22
91.223.159.0/24 maxlen: 24
185.123.84.0/22 maxlen: 22
195.200.217.0/24 maxlen: 24
2a06:ac00::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/9dfe1e-cd74-471e-91bf-0fc3fdcf59ae/1/LXR59FZDorguENq_c-_vdwOx4tI.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/9dfe1e-cd74-471e-91bf-0fc3fdcf59ae/1/LXR59FZDorguENq_c-_vdwOx4tI.mft
rsync://rpki.ripe.net/repository/DEFAULT/LXR59FZDorguENq_c-_vdwOx4tI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:66:43:8d:3f:0c:38:de:44:2c:bc:02:21:02:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d7479f45643a2b82e10dabf73efef7703b1e2d2
Validity
Not Before: Jan 1 03:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba745b90ac4e9d1f7c9a5d49e60e9b5239a22988
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:7f:50:7d:6f:ad:90:20:6a:3b:68:03:97:95:
c2:e5:64:48:62:7b:5d:49:08:70:8c:5d:1f:3c:ec:
c2:45:ab:9c:37:9e:3c:28:0e:8d:0e:24:2d:e5:08:
cd:39:2d:b0:dd:83:14:0f:b2:94:7f:2e:df:fa:44:
3f:58:e4:bc:30:d1:05:3b:9e:d8:90:52:54:01:1c:
d3:21:73:c6:f1:bf:67:84:26:d6:c8:5d:ce:2e:8f:
55:f6:7d:f5:f3:5c:ee:3f:9c:e4:9b:68:1f:92:92:
02:6c:c3:56:30:ea:0d:ce:15:7f:fb:c4:6d:5b:41:
5b:c2:7c:96:95:e0:81:2e:1c:f0:10:55:ed:35:5e:
e3:4c:c7:15:46:78:71:79:c4:8a:95:d3:6c:59:ff:
4a:f9:58:70:5f:5b:4a:38:59:f1:cd:fc:74:d0:f3:
ce:c3:92:80:8d:b3:64:2e:94:1e:83:38:35:96:6f:
1a:8c:65:e3:3a:57:8c:cf:b1:96:c4:cd:71:6b:e8:
5f:3d:07:3b:1e:d0:58:c6:be:a2:e2:30:cb:de:fa:
8a:32:7a:b8:19:21:23:50:0f:77:17:ca:3a:76:f4:
a5:4e:28:96:64:c5:18:27:8a:74:4a:8e:89:d4:5f:
ee:cd:04:20:8d:9e:68:ec:6f:be:19:e7:b0:d2:3b:
e7:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:74:5B:90:AC:4E:9D:1F:7C:9A:5D:49:E6:0E:9B:52:39:A2:29:88
X509v3 Authority Key Identifier:
keyid:2D:74:79:F4:56:43:A2:B8:2E:10:DA:BF:73:EF:EF:77:03:B1:E2:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LXR59FZDorguENq_c-_vdwOx4tI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9dfe1e-cd74-471e-91bf-0fc3fdcf59ae/1/unRbkKxOnR98ml1J5g6bUjmiKYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9dfe1e-cd74-471e-91bf-0fc3fdcf59ae/1/LXR59FZDorguENq_c-_vdwOx4tI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.212.0/22
91.223.159.0/24
185.123.84.0/22
195.200.217.0/24
IPv6:
2a06:ac00::/29
Signature Algorithm: sha256WithRSAEncryption
10:ae:5c:fb:6b:d8:a0:df:44:6f:52:9b:4d:9d:0e:f7:0d:4c:
15:d9:81:6e:27:80:31:b8:cf:44:0f:1b:41:4f:c0:b5:f1:c4:
26:b6:47:a2:d0:53:4b:1c:7d:c4:3b:58:1a:04:ea:01:bc:4b:
80:e0:bb:d7:4f:1f:c4:a6:1e:b7:5c:fa:b6:ee:8e:ad:bc:c6:
4b:2d:ce:83:9c:20:e3:a1:b4:16:e2:ed:cd:23:ab:7c:4d:a5:
c2:0f:9a:da:31:60:85:22:d0:ab:9d:e4:9d:71:36:b6:1f:52:
77:9d:e8:c2:21:2b:a1:4c:e6:0d:93:9a:1e:40:2c:38:e6:e3:
d3:0b:1b:28:fc:60:15:29:10:dc:3f:1e:88:db:5c:d6:e6:50:
26:82:21:3a:99:13:21:9d:2f:88:49:98:d6:20:85:5e:32:45:
b3:3a:94:ee:d0:21:73:4f:46:00:0e:3e:44:3e:86:91:41:e2:
57:27:ad:52:85:6c:48:a1:41:25:0a:36:6b:0b:8e:aa:bf:b7:
f7:9c:c0:67:9c:d1:6f:29:ef:49:11:92:22:75:62:1d:19:d1:
b0:f7:11:17:ff:55:46:dd:5a:37:07:c9:f9:1f:0e:a7:6d:0b:
7c:4e:be:f3:8e:8f:2a:e8:ee:72:2b:af:b1:5f:62:58:89:49:
62:1c:bf:fb
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQf+mZDjT8MON5ELLwCIQJdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkNzQ3OWY0NTY0M2EyYjgyZTEwZGFiZjczZWZlZjc3MDNi
MWUyZDIwHhcNMjUwMTAxMDM0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTc0NWI5MGFjNGU5ZDFmN2M5YTVkNDllNjBlOWI1MjM5YTIyOTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoH9QfW+tkCBqO2gDl5XC5WRIYntd
SQhwjF0fPOzCRaucN548KA6NDiQt5QjNOS2w3YMUD7KUfy7f+kQ/WOS8MNEFO57Y
kFJUARzTIXPG8b9nhCbWyF3OLo9V9n3181zuP5zkm2gfkpICbMNWMOoNzhV/+8Rt
W0FbwnyWleCBLhzwEFXtNV7jTMcVRnhxecSKldNsWf9K+VhwX1tKOFnxzfx00PPO
w5KAjbNkLpQegzg1lm8ajGXjOleMz7GWxM1xa+hfPQc7HtBYxr6i4jDL3vqKMnq4
GSEjUA93F8o6dvSlTiiWZMUYJ4p0So6J1F/uzQQgjZ5o7G++Geew0jvnEQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLp0W5CsTp0ffJpdSeYOm1I5oimIMB8GA1UdIwQY
MBaAFC10efRWQ6K4LhDav3Pv73cDseLSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFhSNTlGWkRvcmd1RU5xX2MtX3Zkd094NHRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85ZGZlMWUtY2Q3NC00NzFlLTkxYmYt
MGZjM2ZkY2Y1OWFlLzEvdW5SYmtLeE9uUjk4bWwxSjVnNmJVam1pS1lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85ZGZlMWUtY2Q3NC00NzFlLTkxYmYtMGZjM2ZkY2Y1OWFl
LzEvTFhSNTlGWkRvcmd1RU5xX2MtX3Zkd094NHRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLZLUAwQA
W9+fAwQCuXtUAwQAw8jZMA0EAgACMAcDBQMqBqwAMA0GCSqGSIb3DQEBCwUAA4IB
AQAQrlz7a9ig30RvUptNnQ73DUwV2YFuJ4AxuM9EDxtBT8C18cQmtkei0FNLHH3E
O1gaBOoBvEuA4LvXTx/Eph63XPq27o6tvMZLLc6DnCDjobQW4u3NI6t8TaXCD5ra
MWCFItCrneSdcTa2H1J3nejCISuhTOYNk5oeQCw45uPTCxso/GAVKRDcPx6I21zW
5lAmgiE6mRMhnS+ISZjWIIVeMkWzOpTu0CFzT0YADj5EPoaRQeJXJ61ShWxIoUEl
CjZrC46qv7f3nMBnnNFvKe9JEZIidWIdGdGw9xEX/1VG3Vo3B8n5Hw6nbQt8Tr7z
jo8q6O5yK6+xX2JYiUliHL/7
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:59:38 2025 by rpki-client