Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/b8a489-3157-401f-b157-bfffc91fde3c/1/AZwj0Iuykway_WQBa3ENsQ_JxtA.roa
File: AZwj0Iuykway_WQBa3ENsQ_JxtA.roa (raw, json)
Hash identifier: Q7rNa7RTxQcsrsOIx/wgjhqBI7OG9HoBnLFXa7zfZYE=
Subject key identifier: 01:9C:23:D0:8B:B2:93:06:B2:FD:64:01:6B:71:0D:B1:0F:C9:C6:D0
Certificate issuer: /CN=530b76ef0ab555bc8b0761f6068a44e10b2b31f7
Certificate serial: 01942823B6476A1537A32C394F12CEFDB13D
Authority key identifier: 53:0B:76:EF:0A:B5:55:BC:8B:07:61:F6:06:8A:44:E1:0B:2B:31:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uwt27wq1VbyLB2H2BopE4QsrMfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/b8a489-3157-401f-b157-bfffc91fde3c/1/AZwj0Iuykway_WQBa3ENsQ_JxtA.roa
Signing time: Thu 02 Jan 2025 17:50:16 +0000
ROA not before: Thu 02 Jan 2025 17:50:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56596
IP address blocks: 45.8.56.0/24 maxlen: 24
45.8.57.0/24 maxlen: 24
45.8.58.0/24 maxlen: 24
45.8.59.0/24 maxlen: 24
195.128.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/b8a489-3157-401f-b157-bfffc91fde3c/1/Uwt27wq1VbyLB2H2BopE4QsrMfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/b8a489-3157-401f-b157-bfffc91fde3c/1/Uwt27wq1VbyLB2H2BopE4QsrMfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uwt27wq1VbyLB2H2BopE4QsrMfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 03:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:b6:47:6a:15:37:a3:2c:39:4f:12:ce:fd:b1:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=530b76ef0ab555bc8b0761f6068a44e10b2b31f7
Validity
Not Before: Jan 2 17:50:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=019c23d08bb29306b2fd64016b710db10fc9c6d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ff:24:e7:b4:a2:9c:77:7f:1c:d2:1c:88:26:
1b:bc:ef:60:44:5f:59:6c:b8:74:bd:f9:fa:38:d1:
b1:2b:da:10:01:28:3e:14:23:a3:e0:39:21:99:7d:
58:50:9b:b8:18:e0:2c:4f:f3:29:e6:2b:47:a0:9a:
f5:07:29:ce:59:51:db:26:a1:c9:f3:2f:07:44:1f:
94:51:68:9b:2c:0c:99:8b:8b:8e:54:cb:f8:30:0b:
d4:eb:e5:34:f0:00:cc:ed:5f:3d:ce:95:ab:4a:0a:
2c:4c:90:df:51:d7:80:69:b5:6b:35:22:92:83:54:
75:6a:80:90:38:c2:e0:ff:2e:fa:82:e7:e6:df:a0:
a7:59:56:21:e1:77:a6:e7:37:dd:d7:5c:eb:1d:5a:
64:bd:82:94:f8:58:35:9c:35:17:1a:e9:6b:33:0c:
01:b5:d1:c5:72:2c:65:ee:f3:f3:59:0f:e8:01:33:
44:30:b8:2e:ff:ab:78:e8:5c:e9:a6:bd:46:2d:b6:
02:a2:f5:dc:b0:0b:33:35:cb:3d:7d:13:c6:1c:cf:
c4:44:be:62:96:12:46:50:78:2f:fe:f5:18:a7:a1:
7b:6e:b2:eb:73:7d:95:16:ef:e5:b9:d9:56:a7:08:
27:1a:25:7c:a8:84:43:12:ca:d8:fa:a5:42:7a:de:
11:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:9C:23:D0:8B:B2:93:06:B2:FD:64:01:6B:71:0D:B1:0F:C9:C6:D0
X509v3 Authority Key Identifier:
keyid:53:0B:76:EF:0A:B5:55:BC:8B:07:61:F6:06:8A:44:E1:0B:2B:31:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uwt27wq1VbyLB2H2BopE4QsrMfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/b8a489-3157-401f-b157-bfffc91fde3c/1/AZwj0Iuykway_WQBa3ENsQ_JxtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/b8a489-3157-401f-b157-bfffc91fde3c/1/Uwt27wq1VbyLB2H2BopE4QsrMfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.56.0/22
195.128.145.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:3b:6b:51:a5:72:55:91:38:af:6a:ee:7a:9e:8a:13:b5:d5:
a0:0c:69:dd:20:de:5d:5c:00:c7:4b:0b:a2:27:be:9d:db:1f:
c5:d1:b2:09:95:3d:25:9a:6e:1d:4c:3a:91:85:2e:7a:c3:61:
6c:a9:7f:45:04:45:37:3c:e4:5a:80:eb:41:27:be:02:8f:b3:
06:32:8b:15:12:1f:de:b0:85:29:fd:8d:cf:e4:8d:0f:cc:90:
6f:31:ac:94:28:04:22:cc:52:59:ab:98:63:c1:f0:d4:c1:97:
66:b5:95:a4:0b:3c:ca:6d:bd:2c:cb:3e:45:c8:bc:30:56:a9:
42:9d:50:ff:3a:2d:42:67:16:6d:e4:c9:c5:00:50:c8:08:ce:
b8:a3:8a:0e:c4:64:6f:69:e4:7f:52:9d:0e:46:d6:9d:3f:54:
45:e8:6f:58:d7:8e:f6:6d:1e:e3:87:a0:bd:9a:8b:d8:f4:e7:
2d:1d:92:7a:c8:fa:7a:1f:06:f0:d1:0e:64:b3:22:74:01:0f:
90:6f:4e:4e:a9:6a:ee:e7:1b:64:fc:f2:a9:88:54:2f:7b:84:
5e:77:78:97:7f:23:9a:34:d6:eb:db:d5:a6:cb:44:a1:40:ed:
9f:90:a6:f4:fb:4f:fe:15:ac:e9:21:97:cd:2b:94:08:c6:e4:
9a:b6:02:7a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoI7ZHahU3oyw5TxLO/bE9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMGI3NmVmMGFiNTU1YmM4YjA3NjFmNjA2OGE0NGUxMGIy
YjMxZjcwHhcNMjUwMTAyMTc1MDE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTljMjNkMDhiYjI5MzA2YjJmZDY0MDE2YjcxMGRiMTBmYzljNmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuP8k57SinHd/HNIciCYbvO9gRF9Z
bLh0vfn6ONGxK9oQASg+FCOj4DkhmX1YUJu4GOAsT/Mp5itHoJr1BynOWVHbJqHJ
8y8HRB+UUWibLAyZi4uOVMv4MAvU6+U08ADM7V89zpWrSgosTJDfUdeAabVrNSKS
g1R1aoCQOMLg/y76gufm36CnWVYh4Xem5zfd11zrHVpkvYKU+Fg1nDUXGulrMwwB
tdHFcixl7vPzWQ/oATNEMLgu/6t46Fzppr1GLbYCovXcsAszNcs9fRPGHM/ERL5i
lhJGUHgv/vUYp6F7brLrc32VFu/ludlWpwgnGiV8qIRDEsrY+qVCet4R7QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAGcI9CLspMGsv1kAWtxDbEPycbQMB8GA1UdIwQY
MBaAFFMLdu8KtVW8iwdh9gaKROELKzH3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXd0Mjd3cTFWYnlMQjJIMkJvcEU0UXNyTWZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9iOGE0ODktMzE1Ny00MDFmLWIxNTct
YmZmZmM5MWZkZTNjLzEvQVp3ajBJdXlrd2F5X1dRQmEzRU5zUV9KeHRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9iOGE0ODktMzE1Ny00MDFmLWIxNTctYmZmZmM5MWZkZTNj
LzEvVXd0Mjd3cTFWYnlMQjJIMkJvcEU0UXNyTWZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLQg4AwQA
w4CRMA0GCSqGSIb3DQEBCwUAA4IBAQA7O2tRpXJVkTivau56nooTtdWgDGndIN5d
XADHSwuiJ76d2x/F0bIJlT0lmm4dTDqRhS56w2FsqX9FBEU3PORagOtBJ74Cj7MG
MosVEh/esIUp/Y3P5I0PzJBvMayUKAQizFJZq5hjwfDUwZdmtZWkCzzKbb0syz5F
yLwwVqlCnVD/Oi1CZxZt5MnFAFDICM64o4oOxGRvaeR/Up0ORtadP1RF6G9Y1472
bR7jh6C9movY9OctHZJ6yPp6Hwbw0Q5ksyJ0AQ+Qb05OqWru5xtk/PKpiFQve4Re
d3iXfyOaNNbr29Wmy0ShQO2fkKb0+0/+FazpIZfNK5QIxuSatgJ6
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:12:54 2025 by rpki-client