Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/b45ba4-ab36-49ab-98e4-8b4793f90f15/1/F-LIYuBdyXdsWgfHqfWysJKiWXU.roa
File: F-LIYuBdyXdsWgfHqfWysJKiWXU.roa (raw, json)
Hash identifier: VqoafOC7jzXc0AkcNCpssMEPfK7J5Kse2STPQ5Iw9TU=
Subject key identifier: 17:E2:C8:62:E0:5D:C9:77:6C:5A:07:C7:A9:F5:B2:B0:92:A2:59:75
Certificate issuer: /CN=a982f3d0e66429b685b1850a9dff25c7aa37a0c6
Certificate serial: 019420D60531ED1FBB12E66EBC27CCB387E9
Authority key identifier: A9:82:F3:D0:E6:64:29:B6:85:B1:85:0A:9D:FF:25:C7:AA:37:A0:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYLz0OZkKbaFsYUKnf8lx6o3oMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/b45ba4-ab36-49ab-98e4-8b4793f90f15/1/F-LIYuBdyXdsWgfHqfWysJKiWXU.roa
Signing time: Wed 01 Jan 2025 07:48:04 +0000
ROA not before: Wed 01 Jan 2025 07:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 45.13.100.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/b45ba4-ab36-49ab-98e4-8b4793f90f15/1/qYLz0OZkKbaFsYUKnf8lx6o3oMY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/b45ba4-ab36-49ab-98e4-8b4793f90f15/1/qYLz0OZkKbaFsYUKnf8lx6o3oMY.mft
rsync://rpki.ripe.net/repository/DEFAULT/qYLz0OZkKbaFsYUKnf8lx6o3oMY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:05:31:ed:1f:bb:12:e6:6e:bc:27:cc:b3:87:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a982f3d0e66429b685b1850a9dff25c7aa37a0c6
Validity
Not Before: Jan 1 07:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17e2c862e05dc9776c5a07c7a9f5b2b092a25975
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c6:d7:96:15:27:ef:e6:0d:b3:46:c6:38:35:
49:17:e6:50:1c:b5:4e:41:71:94:fd:2e:9e:d7:1c:
79:9b:48:d2:8f:10:a7:47:59:e4:94:af:85:ff:13:
58:85:20:b1:c1:bb:10:96:e0:4e:b9:4b:f6:d2:7b:
9a:5f:17:c9:02:01:ca:e8:c5:c0:84:66:72:1f:15:
e5:78:60:5f:f7:1e:6c:1a:d2:fe:21:0c:af:a2:2e:
3a:9c:23:c2:31:6a:1d:94:41:b9:02:33:b8:4d:ac:
a5:09:91:88:c9:dc:78:e8:70:07:b9:a4:26:98:7b:
37:e9:bc:af:68:9f:16:03:17:b9:3f:5a:c1:fa:3f:
cf:c8:40:b7:0b:a2:5a:14:2e:08:f7:2c:3f:d5:e8:
2a:f7:10:1c:6e:98:f1:26:71:a3:6e:75:5b:16:ba:
0a:14:05:23:6e:31:ce:56:42:60:d7:12:1a:42:9e:
8f:cf:1b:af:30:b4:b8:0f:2e:d3:f7:d5:88:fb:dc:
cd:71:6f:42:f6:de:96:01:29:c7:a4:c0:3a:55:b3:
3a:b5:66:98:92:83:99:61:b2:ab:d5:c4:8e:b6:58:
f7:a0:23:61:a8:6b:52:05:05:66:85:be:1e:76:9a:
3f:40:f0:68:08:91:7f:97:6c:89:92:d7:c7:80:9e:
34:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:E2:C8:62:E0:5D:C9:77:6C:5A:07:C7:A9:F5:B2:B0:92:A2:59:75
X509v3 Authority Key Identifier:
keyid:A9:82:F3:D0:E6:64:29:B6:85:B1:85:0A:9D:FF:25:C7:AA:37:A0:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYLz0OZkKbaFsYUKnf8lx6o3oMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/b45ba4-ab36-49ab-98e4-8b4793f90f15/1/F-LIYuBdyXdsWgfHqfWysJKiWXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/b45ba4-ab36-49ab-98e4-8b4793f90f15/1/qYLz0OZkKbaFsYUKnf8lx6o3oMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.100.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:dd:88:6c:2e:77:d9:0a:c2:a7:ba:6f:df:de:f2:c6:03:f1:
27:a0:a0:ff:79:d0:9a:a5:90:5b:0b:07:39:92:c4:be:ce:ef:
a7:14:e6:46:e5:15:07:cd:da:26:50:0c:de:3d:ac:17:e8:7b:
af:0b:1a:87:84:47:9d:ae:1e:95:8a:64:b6:1a:1a:24:5c:af:
c0:e2:23:43:7c:30:b4:c2:58:10:0b:b1:90:27:2e:20:41:cf:
ca:f8:c7:84:49:c2:1d:ab:a4:c1:d8:c1:57:6c:24:12:83:0d:
10:85:23:b7:13:32:8a:56:57:72:ae:6d:1e:15:7e:35:c9:3e:
cf:16:ec:f0:57:a9:1e:95:6d:30:78:05:c9:5e:f9:59:4f:af:
02:d3:d3:7c:13:c6:fd:54:bc:64:7a:23:db:c6:44:b2:4e:df:
a9:ac:bb:f6:0b:61:7c:5c:dd:ba:6b:28:ce:96:2f:72:f0:6f:
98:b7:fd:3e:dc:a8:49:33:1b:e9:4e:4b:f3:bc:c1:b8:81:e3:
af:89:45:b8:0b:63:d7:9a:4b:89:73:be:d6:9e:11:cf:f8:6b:
57:4b:88:02:ca:91:2f:5e:a6:f9:b8:72:ad:bf:97:72:d5:8f:
25:50:56:5b:3d:c4:21:f0:af:ea:4a:d1:6a:b4:c0:84:70:b3:
c5:fb:a0:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1gUx7R+7EuZuvCfMs4fpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODJmM2QwZTY2NDI5YjY4NWIxODUwYTlkZmYyNWM3YWEz
N2EwYzYwHhcNMjUwMTAxMDc0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2UyYzg2MmUwNWRjOTc3NmM1YTA3YzdhOWY1YjJiMDkyYTI1OTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssbXlhUn7+YNs0bGODVJF+ZQHLVO
QXGU/S6e1xx5m0jSjxCnR1nklK+F/xNYhSCxwbsQluBOuUv20nuaXxfJAgHK6MXA
hGZyHxXleGBf9x5sGtL+IQyvoi46nCPCMWodlEG5AjO4TaylCZGIydx46HAHuaQm
mHs36byvaJ8WAxe5P1rB+j/PyEC3C6JaFC4I9yw/1egq9xAcbpjxJnGjbnVbFroK
FAUjbjHOVkJg1xIaQp6PzxuvMLS4Dy7T99WI+9zNcW9C9t6WASnHpMA6VbM6tWaY
koOZYbKr1cSOtlj3oCNhqGtSBQVmhb4edpo/QPBoCJF/l2yJktfHgJ40TwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBfiyGLgXcl3bFoHx6n1srCSoll1MB8GA1UdIwQY
MBaAFKmC89DmZCm2hbGFCp3/JceqN6DGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlMejBPWmtLYmFGc1lVS25mOGx4Nm8zb01ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9iNDViYTQtYWIzNi00OWFiLTk4ZTQt
OGI0NzkzZjkwZjE1LzEvRi1MSVl1QmR5WGRzV2dmSHFmV3lzSktpV1hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9iNDViYTQtYWIzNi00OWFiLTk4ZTQtOGI0NzkzZjkwZjE1
LzEvcVlMejBPWmtLYmFGc1lVS25mOGx4Nm8zb01ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQ1kMA0G
CSqGSIb3DQEBCwUAA4IBAQAf3YhsLnfZCsKnum/f3vLGA/EnoKD/edCapZBbCwc5
ksS+zu+nFOZG5RUHzdomUAzePawX6HuvCxqHhEedrh6VimS2GhokXK/A4iNDfDC0
wlgQC7GQJy4gQc/K+MeEScIdq6TB2MFXbCQSgw0QhSO3EzKKVldyrm0eFX41yT7P
FuzwV6kelW0weAXJXvlZT68C09N8E8b9VLxkeiPbxkSyTt+prLv2C2F8XN26ayjO
li9y8G+Yt/0+3KhJMxvpTkvzvMG4geOviUW4C2PXmkuJc77WnhHP+GtXS4gCypEv
Xqb5uHKtv5dy1Y8lUFZbPcQh8K/qStFqtMCEcLPF+6D7
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:57:07 2025 by rpki-client