Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f7f6c0-09d0-492c-92e6-8a95e6377332/1/8SoxTRgx4yZX3pysrwfnU5abS_k.roa
File: 8SoxTRgx4yZX3pysrwfnU5abS_k.roa (raw, json)
Hash identifier: hAalayBLNiuoYY9mruU0p+ymjoKA5i5z6o4MgQeI6mw=
Subject key identifier: F1:2A:31:4D:18:31:E3:26:57:DE:9C:AC:AF:07:E7:53:96:9B:4B:F9
Certificate issuer: /CN=0b5f8c9447d614b86182763d9333250e2d9412e2
Certificate serial: 0196155DD045CE8DB4EE98558E374C2D4F5F
Authority key identifier: 0B:5F:8C:94:47:D6:14:B8:61:82:76:3D:93:33:25:0E:2D:94:12:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1-MlEfWFLhhgnY9kzMlDi2UEuI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f7f6c0-09d0-492c-92e6-8a95e6377332/1/8SoxTRgx4yZX3pysrwfnU5abS_k.roa
Signing time: Tue 08 Apr 2025 12:26:31 +0000
ROA not before: Tue 08 Apr 2025 12:26:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.149.153.0/24 maxlen: 24
45.149.154.0/24 maxlen: 24
89.150.49.0/24 maxlen: 24
185.162.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/f7f6c0-09d0-492c-92e6-8a95e6377332/1/C1-MlEfWFLhhgnY9kzMlDi2UEuI.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/f7f6c0-09d0-492c-92e6-8a95e6377332/1/C1-MlEfWFLhhgnY9kzMlDi2UEuI.mft
rsync://rpki.ripe.net/repository/DEFAULT/C1-MlEfWFLhhgnY9kzMlDi2UEuI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:15:5d:d0:45:ce:8d:b4:ee:98:55:8e:37:4c:2d:4f:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b5f8c9447d614b86182763d9333250e2d9412e2
Validity
Not Before: Apr 8 12:26:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f12a314d1831e32657de9cacaf07e753969b4bf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e9:6b:77:bf:dd:0d:93:fc:34:4d:22:01:69:
75:eb:d7:9c:bc:fa:c4:ca:24:5e:5b:62:32:30:b1:
96:5c:0a:66:c9:4b:25:01:ae:e8:5e:6a:98:ea:06:
20:ef:1b:9c:db:5f:bd:56:7e:8c:80:4b:ef:00:78:
de:72:41:9b:88:cb:cd:a1:ef:37:23:18:3b:15:58:
63:21:96:48:1e:8f:d6:55:e3:6b:9e:dc:ee:59:5f:
2b:dd:02:22:5a:b4:a5:8d:e3:77:d7:73:b0:84:c4:
28:6f:bb:be:a2:18:94:e3:59:f3:11:46:40:93:b3:
4b:b8:cb:67:58:69:ae:c7:8d:7f:85:b9:f7:39:b8:
68:7f:2c:1f:09:5d:38:82:40:fc:77:8f:c1:1d:b6:
43:9b:0a:51:c7:95:0a:61:e3:ba:51:87:af:3e:57:
7b:fa:39:3c:36:41:18:07:d7:64:e4:fc:96:a6:bb:
3a:28:a1:e9:db:c7:1b:1c:ee:f6:1c:03:d2:8f:41:
a2:48:ba:10:ef:71:a2:4f:f1:1a:c7:ef:29:ce:7e:
8b:91:6c:0b:c3:29:48:39:42:f5:09:40:2c:4a:47:
cc:00:37:cf:64:32:3e:4d:38:71:3b:f7:6d:f4:20:
d5:09:6d:fd:88:37:46:48:9a:23:09:5d:c9:67:ff:
30:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:2A:31:4D:18:31:E3:26:57:DE:9C:AC:AF:07:E7:53:96:9B:4B:F9
X509v3 Authority Key Identifier:
keyid:0B:5F:8C:94:47:D6:14:B8:61:82:76:3D:93:33:25:0E:2D:94:12:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1-MlEfWFLhhgnY9kzMlDi2UEuI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f7f6c0-09d0-492c-92e6-8a95e6377332/1/8SoxTRgx4yZX3pysrwfnU5abS_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f7f6c0-09d0-492c-92e6-8a95e6377332/1/C1-MlEfWFLhhgnY9kzMlDi2UEuI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.153.0-45.149.154.255
89.150.49.0/24
185.162.176.0/24
Signature Algorithm: sha256WithRSAEncryption
71:5c:7a:8e:25:7b:b5:fa:22:23:94:61:75:bc:f8:2a:6a:7c:
35:c9:e7:bd:1e:ba:73:d1:d1:46:3c:82:71:bd:3a:5e:f7:2d:
2b:31:e3:da:33:a3:c8:c8:ea:c5:d8:1f:fa:87:8a:6c:8a:84:
39:62:dc:cf:12:ad:00:c2:40:ff:d4:90:0e:37:b9:2f:d7:b8:
73:98:e2:1a:32:18:80:ac:3f:98:2f:d5:38:da:d3:6d:ba:5a:
e7:da:f6:40:7c:f7:34:c9:fe:bf:c0:c8:e6:a2:b3:9f:45:9e:
e8:4a:a1:87:fe:69:b1:a9:d0:17:1a:dd:46:49:9d:67:b0:88:
fc:53:93:f9:0d:6e:2e:1d:c3:97:38:c5:50:a7:c9:e6:10:65:
95:d4:8f:99:19:90:8f:2b:41:3b:d0:fb:d4:e4:f9:b0:06:12:
17:7c:e8:1a:75:d7:b7:38:8b:8a:ab:b3:7c:fd:b1:af:65:8d:
fc:40:d3:42:b6:9e:14:64:31:a0:44:ce:17:14:dc:10:e0:7b:
4e:1d:8c:d2:30:dc:a8:db:5d:ac:b8:2e:53:bd:3e:e1:9d:9b:
d8:6c:bf:38:fb:3f:73:28:ab:7e:bc:75:51:21:45:ec:f6:c4:
22:a0:c8:5a:3a:a7:6b:66:c3:fe:5e:b9:70:2b:b9:fe:32:ab:
89:d9:02:78
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZYVXdBFzo207phVjjdMLU9fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNWY4Yzk0NDdkNjE0Yjg2MTgyNzYzZDkzMzMyNTBlMmQ5
NDEyZTIwHhcNMjUwNDA4MTIyNjMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTJhMzE0ZDE4MzFlMzI2NTdkZTljYWNhZjA3ZTc1Mzk2OWI0YmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+lrd7/dDZP8NE0iAWl169ecvPrE
yiReW2IyMLGWXApmyUslAa7oXmqY6gYg7xuc21+9Vn6MgEvvAHjeckGbiMvNoe83
Ixg7FVhjIZZIHo/WVeNrntzuWV8r3QIiWrSljeN313OwhMQob7u+ohiU41nzEUZA
k7NLuMtnWGmux41/hbn3ObhofywfCV04gkD8d4/BHbZDmwpRx5UKYeO6UYevPld7
+jk8NkEYB9dk5PyWprs6KKHp28cbHO72HAPSj0GiSLoQ73GiT/Eax+8pzn6LkWwL
wylIOUL1CUAsSkfMADfPZDI+TThxO/dt9CDVCW39iDdGSJojCV3JZ/8wZwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFPEqMU0YMeMmV96crK8H51OWm0v5MB8GA1UdIwQY
MBaAFAtfjJRH1hS4YYJ2PZMzJQ4tlBLiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzEtTWxFZldGTGhoZ25ZOWt6TWxEaTJVRXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mN2Y2YzAtMDlkMC00OTJjLTkyZTYt
OGE5NWU2Mzc3MzMyLzEvOFNveFRSZ3g0eVpYM3B5c3J3Zm5VNWFiU19rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mN2Y2YzAtMDlkMC00OTJjLTkyZTYtOGE5NWU2Mzc3MzMy
LzEvQzEtTWxFZldGTGhoZ25ZOWt6TWxEaTJVRXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAtlZkD
BAAtlZoDBABZljEDBAC5orAwDQYJKoZIhvcNAQELBQADggEBAHFceo4le7X6IiOU
YXW8+CpqfDXJ570eunPR0UY8gnG9Ol73LSsx49ozo8jI6sXYH/qHimyKhDli3M8S
rQDCQP/UkA43uS/XuHOY4hoyGICsP5gv1Tja0226Wufa9kB89zTJ/r/AyOais59F
nuhKoYf+abGp0Bca3UZJnWewiPxTk/kNbi4dw5c4xVCnyeYQZZXUj5kZkI8rQTvQ
+9Tk+bAGEhd86Bp117c4i4qrs3z9sa9ljfxA00K2nhRkMaBEzhcU3BDge04djNIw
3KjbXay4LlO9PuGdm9hsvzj7P3Moq368dVEhRez2xCKgyFo6p2tmw/5euXAruf4y
q4nZAng=
-----END CERTIFICATE-----
Generated at Wed Apr 16 00:25:20 2025 by rpki-client