Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/c7afb1-f00f-49d7-9f11-6e6361bea989/1/SVWxJ2D9LYiMT8ED3t8Rtdt3qF0.roa
File: SVWxJ2D9LYiMT8ED3t8Rtdt3qF0.roa (raw, json)
Hash identifier: CkroRGpwN+yaYir/P5uXG8yRXWWta2US1fRZkwQ1RIg=
Subject key identifier: 49:55:B1:27:60:FD:2D:88:8C:4F:C1:03:DE:DF:11:B5:DB:77:A8:5D
Certificate issuer: /CN=487689024f16e7bc2e909706c06d91903c5c7dac
Certificate serial: 01942369D40E3CE86B602C340A44FCE36AC7
Authority key identifier: 48:76:89:02:4F:16:E7:BC:2E:90:97:06:C0:6D:91:90:3C:5C:7D:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SHaJAk8W57wukJcGwG2RkDxcfaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/c7afb1-f00f-49d7-9f11-6e6361bea989/1/SVWxJ2D9LYiMT8ED3t8Rtdt3qF0.roa
Signing time: Wed 01 Jan 2025 19:48:45 +0000
ROA not before: Wed 01 Jan 2025 19:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208015
IP address blocks: 45.92.112.0/22 maxlen: 22
2a0e:20c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/c7afb1-f00f-49d7-9f11-6e6361bea989/1/SHaJAk8W57wukJcGwG2RkDxcfaw.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/c7afb1-f00f-49d7-9f11-6e6361bea989/1/SHaJAk8W57wukJcGwG2RkDxcfaw.mft
rsync://rpki.ripe.net/repository/DEFAULT/SHaJAk8W57wukJcGwG2RkDxcfaw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:d4:0e:3c:e8:6b:60:2c:34:0a:44:fc:e3:6a:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=487689024f16e7bc2e909706c06d91903c5c7dac
Validity
Not Before: Jan 1 19:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4955b12760fd2d888c4fc103dedf11b5db77a85d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:64:66:79:df:ce:1e:e6:ca:62:46:f9:77:f1:
41:fa:68:b1:99:2d:07:c8:e4:d8:0a:27:cf:e4:d7:
03:41:68:e2:cc:3c:ca:13:e0:f8:16:ce:6b:95:c1:
57:78:4b:ba:e8:22:51:db:97:3d:5b:d3:37:fe:e5:
a3:ca:e6:b2:b6:7c:6e:23:b8:3a:7d:08:28:92:0f:
95:28:81:4d:24:4c:10:3b:89:39:8c:18:5a:ad:8f:
6a:11:b6:91:c3:df:64:d2:99:bb:b5:59:47:a0:92:
c8:17:6d:99:37:92:e0:c5:ae:04:3f:ee:d3:ce:d0:
da:7a:16:2e:d1:c3:9e:8a:24:63:db:80:62:83:a6:
df:66:aa:78:1a:63:a4:67:10:d7:b2:21:aa:84:c7:
8b:05:07:ce:89:5f:ff:d2:23:72:34:6f:14:4f:90:
37:7c:fd:77:ee:7d:fb:ae:f2:3f:aa:31:5c:c2:19:
46:72:58:09:08:08:03:21:8a:0c:a0:3a:4e:14:dd:
f1:dc:f3:8a:4e:a1:de:67:24:b4:56:65:fc:8b:7c:
c5:3c:56:19:dd:2b:63:41:c9:bc:32:93:90:c0:a4:
ff:07:5d:1b:e3:7c:9c:af:6c:6f:7b:d8:90:18:fa:
13:8d:97:d4:1e:d2:18:4e:e1:25:f5:4b:7a:d9:c4:
4e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:55:B1:27:60:FD:2D:88:8C:4F:C1:03:DE:DF:11:B5:DB:77:A8:5D
X509v3 Authority Key Identifier:
keyid:48:76:89:02:4F:16:E7:BC:2E:90:97:06:C0:6D:91:90:3C:5C:7D:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SHaJAk8W57wukJcGwG2RkDxcfaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/c7afb1-f00f-49d7-9f11-6e6361bea989/1/SVWxJ2D9LYiMT8ED3t8Rtdt3qF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/c7afb1-f00f-49d7-9f11-6e6361bea989/1/SHaJAk8W57wukJcGwG2RkDxcfaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.112.0/22
IPv6:
2a0e:20c0::/29
Signature Algorithm: sha256WithRSAEncryption
98:fd:da:8f:b6:69:70:41:55:e2:c4:78:e4:6a:11:74:23:13:
42:8c:26:59:00:f9:c2:09:a4:07:0b:96:2c:fe:09:3d:0d:c7:
25:c7:62:7c:8e:1b:91:b4:28:fd:87:02:e2:ff:c5:50:2a:42:
8f:1f:13:37:50:c5:28:83:37:61:8e:94:a0:db:d4:b1:40:e9:
ef:f1:df:ea:d1:0b:d6:05:b4:18:e6:dc:31:2e:3c:8c:4d:b2:
e9:eb:87:01:fc:19:00:d3:03:39:89:6e:5c:91:49:99:39:fb:
c0:e3:4b:50:31:52:ec:30:4c:88:ae:80:d7:70:de:ff:dd:56:
f3:28:4a:ab:31:f7:22:f5:0a:4b:0b:11:70:1e:d7:80:8c:9a:
59:ae:84:8f:d6:8d:b8:75:d5:dc:b4:d8:ae:ea:d9:55:30:4b:
ef:3c:e7:a4:49:6e:c8:07:b1:68:fd:82:41:a6:12:b8:a1:80:
2a:52:84:f1:42:a5:8c:ad:0b:3a:ab:0d:ab:18:1b:49:6b:c5:
fb:c7:76:c3:2a:e9:83:f3:b3:a6:bd:4c:6f:50:46:64:ab:4b:
b0:ce:d1:9c:e4:ae:cc:1a:c8:9c:4e:f7:38:ef:73:46:d4:d7:
96:ae:51:02:77:50:03:bf:9b:2b:36:14:75:7c:b6:1a:cd:8a:
9f:03:2e:f5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQjadQOPOhrYCw0CkT842rHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NzY4OTAyNGYxNmU3YmMyZTkwOTcwNmMwNmQ5MTkwM2M1
YzdkYWMwHhcNMjUwMTAxMTk0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTU1YjEyNzYwZmQyZDg4OGM0ZmMxMDNkZWRmMTFiNWRiNzdhODVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2Rmed/OHubKYkb5d/FB+mixmS0H
yOTYCifP5NcDQWjizDzKE+D4Fs5rlcFXeEu66CJR25c9W9M3/uWjyuaytnxuI7g6
fQgokg+VKIFNJEwQO4k5jBharY9qEbaRw99k0pm7tVlHoJLIF22ZN5Lgxa4EP+7T
ztDaehYu0cOeiiRj24Big6bfZqp4GmOkZxDXsiGqhMeLBQfOiV//0iNyNG8UT5A3
fP137n37rvI/qjFcwhlGclgJCAgDIYoMoDpOFN3x3POKTqHeZyS0VmX8i3zFPFYZ
3StjQcm8MpOQwKT/B10b43ycr2xve9iQGPoTjZfUHtIYTuEl9Ut62cRORQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFElVsSdg/S2IjE/BA97fEbXbd6hdMB8GA1UdIwQY
MBaAFEh2iQJPFue8LpCXBsBtkZA8XH2sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0hhSkFrOFc1N3d1a0pjR3dHMlJrRHhjZmF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9jN2FmYjEtZjAwZi00OWQ3LTlmMTEt
NmU2MzYxYmVhOTg5LzEvU1ZXeEoyRDlMWWlNVDhFRDN0OFJ0ZHQzcUYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9jN2FmYjEtZjAwZi00OWQ3LTlmMTEtNmU2MzYxYmVhOTg5
LzEvU0hhSkFrOFc1N3d1a0pjR3dHMlJrRHhjZmF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVxwMA0E
AgACMAcDBQMqDiDAMA0GCSqGSIb3DQEBCwUAA4IBAQCY/dqPtmlwQVXixHjkahF0
IxNCjCZZAPnCCaQHC5Ys/gk9Dcclx2J8jhuRtCj9hwLi/8VQKkKPHxM3UMUogzdh
jpSg29SxQOnv8d/q0QvWBbQY5twxLjyMTbLp64cB/BkA0wM5iW5ckUmZOfvA40tQ
MVLsMEyIroDXcN7/3VbzKEqrMfci9QpLCxFwHteAjJpZroSP1o24ddXctNiu6tlV
MEvvPOekSW7IB7Fo/YJBphK4oYAqUoTxQqWMrQs6qw2rGBtJa8X7x3bDKumD87Om
vUxvUEZkq0uwztGc5K7MGsicTvc473NG1NeWrlECd1ADv5srNhR1fLYazYqfAy71
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:09:37 2025 by rpki-client