Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/4t53igbekCux7oMSXkm2uGkDTRs.roa
File: 4t53igbekCux7oMSXkm2uGkDTRs.roa (raw, json)
Hash identifier: JcVC73jSzOeJEsOoBqkgwAslhBdXNKxkO116AmZF308=
Subject key identifier: E2:DE:77:8A:06:DE:90:2B:B1:EE:83:12:5E:49:B6:B8:69:03:4D:1B
Certificate issuer: /CN=3921b7f1eee90d99e294218a938753c1ea2dc267
Certificate serial: 019424B26FA62236F99E2570BA5FBCC55095
Authority key identifier: 39:21:B7:F1:EE:E9:0D:99:E2:94:21:8A:93:87:53:C1:EA:2D:C2:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/4t53igbekCux7oMSXkm2uGkDTRs.roa
Signing time: Thu 02 Jan 2025 01:47:41 +0000
ROA not before: Thu 02 Jan 2025 01:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201675
IP address blocks: 45.151.220.0/22 maxlen: 22
89.21.80.0/22 maxlen: 22
185.67.144.0/22 maxlen: 22
2a05:1000::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 19:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:6f:a6:22:36:f9:9e:25:70:ba:5f:bc:c5:50:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3921b7f1eee90d99e294218a938753c1ea2dc267
Validity
Not Before: Jan 2 01:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e2de778a06de902bb1ee83125e49b6b869034d1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c6:90:cb:39:39:06:82:5e:94:df:08:b6:3e:
5a:8a:2f:db:81:90:09:95:36:49:c8:a6:23:02:5e:
3b:a8:b8:fe:70:dd:a3:20:74:4c:80:dd:b0:b0:29:
cf:a3:51:38:ac:5d:c5:2b:83:65:e9:9a:f9:a7:62:
7d:55:fd:67:4c:ea:2e:bf:86:a6:2a:2f:e7:60:12:
72:d9:45:ca:26:db:76:10:12:70:25:07:ad:16:a9:
83:c9:13:39:bf:02:87:80:21:ae:ac:77:95:bd:79:
99:98:b9:19:8e:66:c4:1a:c2:d9:fd:33:15:7e:b3:
b1:85:cf:ad:74:39:5f:ad:0b:74:0e:d7:39:60:4b:
5b:98:ff:9b:7b:f5:60:19:0d:89:16:e0:b0:05:e4:
1a:e1:79:28:a3:06:93:e9:32:3d:a8:ac:0c:79:6a:
18:3a:23:c6:f3:f6:28:5d:fa:a5:d3:71:ec:41:fb:
f3:e4:39:da:cd:10:a3:2b:ba:4d:19:15:1a:77:05:
a5:e3:ba:aa:33:81:4c:b8:ff:9e:9b:95:c1:c8:78:
66:4a:ab:2e:3f:e3:31:1d:94:25:b1:5a:2e:80:fe:
20:10:4a:60:09:a1:36:e5:2c:d6:a0:31:4c:99:26:
dd:42:bc:22:fb:fe:c5:54:a9:fe:a1:d5:78:c3:77:
f9:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:DE:77:8A:06:DE:90:2B:B1:EE:83:12:5E:49:B6:B8:69:03:4D:1B
X509v3 Authority Key Identifier:
keyid:39:21:B7:F1:EE:E9:0D:99:E2:94:21:8A:93:87:53:C1:EA:2D:C2:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OSG38e7pDZnilCGKk4dTweotwmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/4t53igbekCux7oMSXkm2uGkDTRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/be1db1-4dc4-463c-baf8-2441e10f6f8f/1/OSG38e7pDZnilCGKk4dTweotwmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.220.0/22
89.21.80.0/22
185.67.144.0/22
IPv6:
2a05:1000::/29
Signature Algorithm: sha256WithRSAEncryption
55:ff:f2:04:6c:ce:87:c3:60:ce:d9:4b:01:ba:a3:00:99:d0:
7c:da:55:d9:c8:fe:12:cf:ed:6b:6a:23:fd:8a:1c:a0:9b:af:
34:ff:2a:e7:3f:d2:0c:d2:f3:fc:22:d3:ae:16:e3:98:83:72:
8e:61:c1:8b:f2:fa:9f:16:14:58:7a:ed:b1:ce:51:4f:11:73:
85:08:aa:38:29:6e:9d:70:00:93:30:56:40:41:e3:54:64:4e:
f2:97:00:ff:0a:bc:98:1a:8f:bf:bf:d7:29:24:c8:4b:44:98:
9c:b1:a5:77:1a:24:ef:63:e3:7d:5a:f3:ce:d0:a7:57:fc:5a:
1b:c6:f1:a9:85:7a:dc:83:af:95:87:93:64:47:6d:ff:26:23:
1d:6a:f9:bd:88:81:0b:79:5c:6b:c1:42:5b:d1:a9:68:95:32:
c7:c2:95:d4:89:48:ad:85:b4:7d:75:56:d3:bd:35:f3:6a:90:
ee:7f:c5:df:c5:7f:86:5b:db:05:9f:92:9e:bf:96:26:e9:44:
51:04:9b:d5:71:2c:d3:b5:51:e5:94:49:41:cf:b9:17:0c:75:
56:ba:8a:02:12:9c:b5:67:a3:8c:77:3d:87:61:e9:57:98:6a:
36:13:b6:ca:91:87:ad:4c:f3:60:9c:67:b9:ea:77:d4:48:52:
f7:4b:0e:bd
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQksm+mIjb5niVwul+8xVCVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MjFiN2YxZWVlOTBkOTllMjk0MjE4YTkzODc1M2MxZWEy
ZGMyNjcwHhcNMjUwMTAyMDE0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmRlNzc4YTA2ZGU5MDJiYjFlZTgzMTI1ZTQ5YjZiODY5MDM0ZDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcaQyzk5BoJelN8Itj5aii/bgZAJ
lTZJyKYjAl47qLj+cN2jIHRMgN2wsCnPo1E4rF3FK4Nl6Zr5p2J9Vf1nTOouv4am
Ki/nYBJy2UXKJtt2EBJwJQetFqmDyRM5vwKHgCGurHeVvXmZmLkZjmbEGsLZ/TMV
frOxhc+tdDlfrQt0Dtc5YEtbmP+be/VgGQ2JFuCwBeQa4XkoowaT6TI9qKwMeWoY
OiPG8/YoXfql03HsQfvz5DnazRCjK7pNGRUadwWl47qqM4FMuP+em5XByHhmSqsu
P+MxHZQlsVougP4gEEpgCaE25SzWoDFMmSbdQrwi+/7FVKn+odV4w3f5wQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOLed4oG3pArse6DEl5JtrhpA00bMB8GA1UdIwQY
MBaAFDkht/Hu6Q2Z4pQhipOHU8HqLcJnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1NHMzhlN3BEWm5pbENHS2s0ZFR3ZW90d21jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9iZTFkYjEtNGRjNC00NjNjLWJhZjgt
MjQ0MWUxMGY2ZjhmLzEvNHQ1M2lnYmVrQ3V4N29NU1hrbTJ1R2tEVFJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9iZTFkYjEtNGRjNC00NjNjLWJhZjgtMjQ0MWUxMGY2Zjhm
LzEvT1NHMzhlN3BEWm5pbENHS2s0ZFR3ZW90d21jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLZfcAwQC
WRVQAwQCuUOQMA0EAgACMAcDBQMqBRAAMA0GCSqGSIb3DQEBCwUAA4IBAQBV//IE
bM6Hw2DO2UsBuqMAmdB82lXZyP4Sz+1raiP9ihygm680/yrnP9IM0vP8ItOuFuOY
g3KOYcGL8vqfFhRYeu2xzlFPEXOFCKo4KW6dcACTMFZAQeNUZE7ylwD/CryYGo+/
v9cpJMhLRJicsaV3GiTvY+N9WvPO0KdX/FobxvGphXrcg6+Vh5NkR23/JiMdavm9
iIELeVxrwUJb0alolTLHwpXUiUithbR9dVbTvTXzapDuf8XfxX+GW9sFn5Kev5Ym
6URRBJvVcSzTtVHllElBz7kXDHVWuooCEpy1Z6OMdz2HYelXmGo2E7bKkYetTPNg
nGe56nfUSFL3Sw69
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:38 2025 by rpki-client