Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/0LO0qT2-0L6mWDwJ3dVrGvaEEOA.roa
File: 0LO0qT2-0L6mWDwJ3dVrGvaEEOA.roa (raw, json)
Hash identifier: m3gjbEV2ZPpf1SrIWWEpb/lM9m2SeM9EF+s0bK96n04=
Subject key identifier: D0:B3:B4:A9:3D:BE:D0:BE:A6:58:3C:09:DD:D5:6B:1A:F6:84:10:E0
Certificate issuer: /CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba
Certificate serial: 01955CD297AF6454F6E3AD44E46E54E1C0C1
Authority key identifier: 5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/0LO0qT2-0L6mWDwJ3dVrGvaEEOA.roa
Signing time: Mon 03 Mar 2025 16:24:20 +0000
ROA not before: Mon 03 Mar 2025 16:24:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212384
IP address blocks: 45.134.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 18:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5c:d2:97:af:64:54:f6:e3:ad:44:e4:6e:54:e1:c0:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba
Validity
Not Before: Mar 3 16:24:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0b3b4a93dbed0bea6583c09ddd56b1af68410e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e5:3f:fa:13:ac:fd:95:fd:78:c5:91:b6:b4:
7f:52:aa:d7:f8:0e:70:c4:43:b1:b6:96:40:c8:c1:
22:16:b8:76:2a:03:10:b4:d5:9f:75:d4:b4:0d:a9:
d4:c1:6e:ef:07:f0:17:42:10:4a:9c:eb:d2:4d:c2:
f9:18:7c:98:e8:83:2d:9a:5d:b1:42:f6:ad:f8:1c:
28:de:f4:7f:64:be:30:80:4b:9c:ce:96:e9:16:7d:
6c:26:13:bd:aa:03:8e:a0:4c:d6:62:6e:8d:26:74:
ab:a2:32:97:a0:6b:4a:1e:8f:32:7f:4b:a2:1d:04:
c2:f2:c6:e1:5f:97:cc:ef:47:c9:d6:f8:35:7a:dd:
78:42:52:46:5d:66:f2:1e:5e:e9:1c:3b:1c:22:ee:
8f:37:a3:74:59:8a:8f:3c:84:f5:bf:bc:fa:a5:46:
97:e8:1c:e7:7c:dd:4f:0e:2b:68:d9:85:2d:80:de:
e1:7a:98:fe:1e:f9:11:24:cf:6d:10:ef:84:cc:0a:
d5:53:42:3a:78:89:78:8f:3c:95:ed:72:4e:a8:6d:
c4:85:a0:b5:74:e1:ac:f8:2a:fa:3c:17:00:2f:d6:
fd:5a:21:79:5f:0c:bd:40:8f:dd:bb:7b:49:ab:ca:
5b:f5:ac:62:f5:f1:52:1d:06:e0:ac:f6:59:02:4c:
2e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:B3:B4:A9:3D:BE:D0:BE:A6:58:3C:09:DD:D5:6B:1A:F6:84:10:E0
X509v3 Authority Key Identifier:
keyid:5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/0LO0qT2-0L6mWDwJ3dVrGvaEEOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.74.0/24
Signature Algorithm: sha256WithRSAEncryption
29:02:4b:c3:e1:f9:29:ce:f1:61:15:a2:b3:cc:90:49:80:36:
98:58:d9:1a:7a:a2:b0:0f:84:cf:19:a9:9d:a3:d6:03:60:27:
3d:4b:77:17:8a:ee:6b:7e:9e:6b:64:5b:26:5f:e5:1d:e8:4b:
3e:1a:be:9c:5b:26:c3:09:eb:07:df:a7:39:a4:52:d1:fb:e3:
9e:b2:7c:06:bf:97:ee:45:c9:f5:dd:cc:98:44:93:c8:4f:cc:
87:07:16:4f:69:4e:08:e7:6f:e5:f6:51:e3:08:38:66:ce:c2:
35:ab:b6:a2:3f:a2:a5:fd:57:57:79:db:32:bb:aa:bc:ff:e2:
1b:66:ff:22:70:e1:9c:34:81:24:c2:36:fe:b7:eb:d8:d2:d0:
6d:37:c4:d8:d2:ec:8c:5d:a0:34:b6:4c:b8:7d:c0:42:b3:73:
c3:e9:3a:08:45:ff:82:84:d6:7e:75:76:88:fa:8d:d9:d8:63:
e7:24:f5:12:5e:25:f8:6c:7b:46:a1:21:6d:9e:01:31:23:11:
0c:4a:8f:df:41:db:9a:c5:20:2a:b9:5a:6b:72:87:83:c5:82:
14:31:f7:fa:cc:b2:b6:bb:14:72:ee:d4:4f:fa:72:7f:70:07:
d5:56:b4:24:27:f9:fc:0a:e6:de:9e:c5:f3:1b:5d:60:7b:52:
27:8c:88:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVc0pevZFT2461E5G5U4cDBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZjMxYWZjMzZjYjY5NTUwMDdmZTk3ZWQ0YTVlMzE4NWQy
MjcxYmEwHhcNMjUwMzAzMTYyNDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGIzYjRhOTNkYmVkMGJlYTY1ODNjMDlkZGQ1NmIxYWY2ODQxMGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruU/+hOs/ZX9eMWRtrR/UqrX+A5w
xEOxtpZAyMEiFrh2KgMQtNWfddS0DanUwW7vB/AXQhBKnOvSTcL5GHyY6IMtml2x
Qvat+Bwo3vR/ZL4wgEuczpbpFn1sJhO9qgOOoEzWYm6NJnSrojKXoGtKHo8yf0ui
HQTC8sbhX5fM70fJ1vg1et14QlJGXWbyHl7pHDscIu6PN6N0WYqPPIT1v7z6pUaX
6BznfN1PDito2YUtgN7hepj+HvkRJM9tEO+EzArVU0I6eIl4jzyV7XJOqG3EhaC1
dOGs+Cr6PBcAL9b9WiF5Xwy9QI/du3tJq8pb9axi9fFSHQbgrPZZAkwu6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNCztKk9vtC+plg8Cd3Vaxr2hBDgMB8GA1UdIwQY
MBaAFFzzGvw2y2lVAH/pftSl4xhdInG6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQt
NzM2ZDEyODg4Y2E4LzEvMExPMHFUMi0wTDZtV0R3SjNkVnJHdmFFRU9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQtNzM2ZDEyODg4Y2E4
LzEvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYZKMA0G
CSqGSIb3DQEBCwUAA4IBAQApAkvD4fkpzvFhFaKzzJBJgDaYWNkaeqKwD4TPGamd
o9YDYCc9S3cXiu5rfp5rZFsmX+Ud6Es+Gr6cWybDCesH36c5pFLR++OesnwGv5fu
Rcn13cyYRJPIT8yHBxZPaU4I52/l9lHjCDhmzsI1q7aiP6Kl/VdXedsyu6q8/+Ib
Zv8icOGcNIEkwjb+t+vY0tBtN8TY0uyMXaA0tky4fcBCs3PD6ToIRf+ChNZ+dXaI
+o3Z2GPnJPUSXiX4bHtGoSFtngExIxEMSo/fQduaxSAquVprcoeDxYIUMff6zLK2
uxRy7tRP+nJ/cAfVVrQkJ/n8CubensXzG11ge1InjIjS
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:07:41 2025 by rpki-client