Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/6a11f4-e57f-4117-93ab-0a2ec5a23b98/1/RRRoI352tPME83y_RWi6YuXJIxo.roa
File: RRRoI352tPME83y_RWi6YuXJIxo.roa (raw, json)
Hash identifier: k7Cx4JuzSdpqE84E3rc6FTyI73B5CT48LupLWUTqrZc=
Subject key identifier: 45:14:68:23:7E:76:B4:F3:04:F3:7C:BF:45:68:BA:62:E5:C9:23:1A
Certificate issuer: /CN=6c592536ce06fdaa5ac2ee48117cf57aa3b4c8d0
Certificate serial: 0194228D7FCF969CA52475996CB7A7F73BA3
Authority key identifier: 6C:59:25:36:CE:06:FD:AA:5A:C2:EE:48:11:7C:F5:7A:A3:B4:C8:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bFklNs4G_apawu5IEXz1eqO0yNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/6a11f4-e57f-4117-93ab-0a2ec5a23b98/1/RRRoI352tPME83y_RWi6YuXJIxo.roa
Signing time: Wed 01 Jan 2025 15:48:06 +0000
ROA not before: Wed 01 Jan 2025 15:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200245
IP address blocks: 45.85.44.0/22 maxlen: 22
45.85.44.0/24 maxlen: 24
45.85.45.0/24 maxlen: 24
45.85.46.0/24 maxlen: 24
45.85.47.0/24 maxlen: 24
185.169.104.0/24 maxlen: 24
2a13:2240::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/6a11f4-e57f-4117-93ab-0a2ec5a23b98/1/bFklNs4G_apawu5IEXz1eqO0yNA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/6a11f4-e57f-4117-93ab-0a2ec5a23b98/1/bFklNs4G_apawu5IEXz1eqO0yNA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bFklNs4G_apawu5IEXz1eqO0yNA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:7f:cf:96:9c:a5:24:75:99:6c:b7:a7:f7:3b:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c592536ce06fdaa5ac2ee48117cf57aa3b4c8d0
Validity
Not Before: Jan 1 15:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=451468237e76b4f304f37cbf4568ba62e5c9231a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:bb:48:f0:d3:3d:cf:0a:5e:87:1d:ea:88:3e:
97:05:b0:b4:76:7b:05:a7:13:d0:36:13:3b:eb:11:
a5:07:df:c8:d6:3c:07:7d:71:ef:83:5c:f6:34:3d:
f5:74:72:42:74:7d:9c:cd:ba:3d:e0:c6:0c:8f:8a:
11:b4:f1:97:65:be:8e:8c:72:53:29:bb:cb:f3:13:
8e:66:16:57:d8:75:f9:30:12:ba:31:84:20:6c:d0:
cf:17:78:27:df:52:a6:8e:38:8a:eb:13:07:96:fe:
fc:9d:3f:79:a7:70:a4:b2:b0:3b:4e:77:ee:44:77:
3d:c4:b4:32:0c:c7:69:81:c2:94:70:1d:fe:f0:b7:
a5:e6:7c:a8:f1:07:cb:93:e8:f4:8f:66:e1:3d:2b:
88:ac:50:37:ad:ce:14:a6:e1:ee:d9:bc:c2:7b:0b:
41:94:71:b5:2c:ad:36:f5:4b:a0:1f:87:59:62:5e:
76:af:f5:77:f5:07:3e:b0:0d:c1:f3:bb:08:4d:c2:
87:9e:bc:b5:fc:51:fd:28:c1:04:90:54:2d:73:ea:
2f:a2:84:79:30:9f:6c:4e:72:5e:28:54:cf:29:e0:
24:df:c2:1a:f9:d9:ef:b2:83:4d:c9:7b:6a:a9:f4:
36:e8:04:e6:56:de:3b:c2:d5:44:a9:33:90:88:5d:
2b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:14:68:23:7E:76:B4:F3:04:F3:7C:BF:45:68:BA:62:E5:C9:23:1A
X509v3 Authority Key Identifier:
keyid:6C:59:25:36:CE:06:FD:AA:5A:C2:EE:48:11:7C:F5:7A:A3:B4:C8:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bFklNs4G_apawu5IEXz1eqO0yNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/6a11f4-e57f-4117-93ab-0a2ec5a23b98/1/RRRoI352tPME83y_RWi6YuXJIxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/6a11f4-e57f-4117-93ab-0a2ec5a23b98/1/bFklNs4G_apawu5IEXz1eqO0yNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.44.0/22
185.169.104.0/24
IPv6:
2a13:2240::/29
Signature Algorithm: sha256WithRSAEncryption
7d:17:ba:a6:ca:b3:43:27:88:c5:73:c0:25:58:3d:8b:70:14:
72:13:fa:0f:42:b4:af:bd:06:b8:cf:88:73:b5:44:bb:64:21:
4a:fc:d9:55:cf:fe:62:68:97:87:49:78:c3:dd:0c:11:c9:db:
0a:55:b4:4d:b7:ac:04:ef:1e:16:28:82:f4:c1:d6:f9:b0:6d:
6b:44:6d:72:3e:75:90:c9:dc:a8:dd:d9:c2:19:22:85:35:4d:
78:a5:71:de:5b:9a:81:fb:ca:18:bb:3b:b9:8d:be:1c:88:23:
7f:cd:cf:83:99:58:77:f3:75:bd:fd:83:8b:9a:c1:26:91:a5:
5c:e4:57:6b:69:3c:45:5c:55:30:0f:7f:d7:ab:95:c0:ee:d8:
d6:56:bb:5a:a6:2e:2b:78:ab:bb:2c:fb:a4:ba:f3:20:b1:91:
ef:23:ea:68:c5:c0:e0:2a:3d:c2:c9:93:8d:51:bc:a1:9e:9e:
50:1a:43:cd:a8:f1:81:e6:fe:ed:86:68:c4:a0:a9:1a:93:fa:
dc:97:2b:4f:fe:64:e1:d1:b3:a4:c7:33:bf:84:52:32:15:0d:
b8:48:80:28:44:e6:c6:d4:96:4c:c4:7b:3b:d3:97:23:db:62:
4e:57:70:9b:58:85:e9:da:71:e9:97:9d:ea:0a:df:09:85:a6:
9f:e1:fb:9e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQijX/PlpylJHWZbLen9zujMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNTkyNTM2Y2UwNmZkYWE1YWMyZWU0ODExN2NmNTdhYTNi
NGM4ZDAwHhcNMjUwMTAxMTU0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTE0NjgyMzdlNzZiNGYzMDRmMzdjYmY0NTY4YmE2MmU1YzkyMzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLtI8NM9zwpehx3qiD6XBbC0dnsF
pxPQNhM76xGlB9/I1jwHfXHvg1z2ND31dHJCdH2czbo94MYMj4oRtPGXZb6OjHJT
KbvL8xOOZhZX2HX5MBK6MYQgbNDPF3gn31KmjjiK6xMHlv78nT95p3CksrA7Tnfu
RHc9xLQyDMdpgcKUcB3+8Lel5nyo8QfLk+j0j2bhPSuIrFA3rc4UpuHu2bzCewtB
lHG1LK029UugH4dZYl52r/V39Qc+sA3B87sITcKHnry1/FH9KMEEkFQtc+ovooR5
MJ9sTnJeKFTPKeAk38Ia+dnvsoNNyXtqqfQ26ATmVt47wtVEqTOQiF0r+wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEUUaCN+drTzBPN8v0VoumLlySMaMB8GA1UdIwQY
MBaAFGxZJTbOBv2qWsLuSBF89XqjtMjQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkZrbE5zNEdfYXBhd3U1SUVYejFlcU8weU5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy82YTExZjQtZTU3Zi00MTE3LTkzYWIt
MGEyZWM1YTIzYjk4LzEvUlJSb0kzNTJ0UE1FODN5X1JXaTZZdVhKSXhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy82YTExZjQtZTU3Zi00MTE3LTkzYWItMGEyZWM1YTIzYjk4
LzEvYkZrbE5zNEdfYXBhd3U1SUVYejFlcU8weU5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLVUsAwQA
ualoMA0EAgACMAcDBQMqEyJAMA0GCSqGSIb3DQEBCwUAA4IBAQB9F7qmyrNDJ4jF
c8AlWD2LcBRyE/oPQrSvvQa4z4hztUS7ZCFK/NlVz/5iaJeHSXjD3QwRydsKVbRN
t6wE7x4WKIL0wdb5sG1rRG1yPnWQydyo3dnCGSKFNU14pXHeW5qB+8oYuzu5jb4c
iCN/zc+DmVh383W9/YOLmsEmkaVc5FdraTxFXFUwD3/Xq5XA7tjWVrtapi4reKu7
LPukuvMgsZHvI+poxcDgKj3CyZONUbyhnp5QGkPNqPGB5v7thmjEoKkak/rclytP
/mTh0bOkxzO/hFIyFQ24SIAoRObG1JZMxHs705cj22JOV3CbWIXp2nHpl53qCt8J
haaf4fue
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:52:08 2025 by rpki-client