Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/b45ba4-ab36-49ab-98e4-8b4793f90f15/1/RHzpUiuiNY0XEXcS875xUQAmg2o.roa
File: RHzpUiuiNY0XEXcS875xUQAmg2o.roa (raw, json)
Hash identifier: 6vPYA2Rs4cYHy6RhBB/Rp48XNVrguqaU80TWpEOz0XU=
Subject key identifier: 44:7C:E9:52:2B:A2:35:8D:17:11:77:12:F3:BE:71:51:00:26:83:6A
Certificate issuer: /CN=a982f3d0e66429b685b1850a9dff25c7aa37a0c6
Certificate serial: 019420D60587E9D831F69B2FFC7294D5E51A
Authority key identifier: A9:82:F3:D0:E6:64:29:B6:85:B1:85:0A:9D:FF:25:C7:AA:37:A0:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYLz0OZkKbaFsYUKnf8lx6o3oMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/b45ba4-ab36-49ab-98e4-8b4793f90f15/1/RHzpUiuiNY0XEXcS875xUQAmg2o.roa
Signing time: Wed 01 Jan 2025 07:48:04 +0000
ROA not before: Wed 01 Jan 2025 07:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 45.13.100.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/b45ba4-ab36-49ab-98e4-8b4793f90f15/1/qYLz0OZkKbaFsYUKnf8lx6o3oMY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/b45ba4-ab36-49ab-98e4-8b4793f90f15/1/qYLz0OZkKbaFsYUKnf8lx6o3oMY.mft
rsync://rpki.ripe.net/repository/DEFAULT/qYLz0OZkKbaFsYUKnf8lx6o3oMY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 10 Mar 2025 10:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:05:87:e9:d8:31:f6:9b:2f:fc:72:94:d5:e5:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a982f3d0e66429b685b1850a9dff25c7aa37a0c6
Validity
Not Before: Jan 1 07:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=447ce9522ba2358d17117712f3be71510026836a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b5:84:c2:bd:9b:63:f7:4e:0e:4a:16:6e:ba:
7d:b2:4a:78:ea:be:81:87:f1:23:3b:6e:80:59:63:
95:e2:cb:6e:4a:7b:4f:94:6f:d3:75:99:cb:7c:63:
0b:c6:6b:1d:c5:68:56:11:26:13:87:e4:14:e9:d8:
8f:9b:6b:87:62:80:70:0f:40:24:98:b0:59:df:d8:
eb:c9:0f:4e:ad:39:30:84:dd:d4:4f:89:29:b0:98:
57:e8:23:e2:2a:e4:ab:fc:6e:a0:5c:1e:75:1a:22:
76:b7:b5:ce:0e:ee:9e:6f:e7:64:db:ce:1a:87:a7:
fa:08:5f:b8:73:d6:6c:c2:4f:91:5f:90:d3:aa:78:
ea:54:31:47:5b:eb:11:01:9c:88:78:64:51:10:37:
09:31:18:f7:4f:d9:f1:11:16:ac:50:60:6b:0a:67:
c4:10:1c:60:52:57:2d:b1:bb:55:64:13:37:89:78:
ee:c6:bf:da:e0:09:ff:b0:d2:10:77:1e:6d:a6:64:
5b:c3:2d:2c:f6:69:5a:a8:38:b3:6e:40:96:1d:f9:
00:4c:07:51:f6:6c:86:99:19:59:70:2d:a5:da:05:
eb:b5:8d:30:07:e6:04:23:9d:82:e2:c6:49:ce:73:
0c:2d:c2:c5:ee:df:bd:3e:b2:3e:78:8c:43:2e:53:
61:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:7C:E9:52:2B:A2:35:8D:17:11:77:12:F3:BE:71:51:00:26:83:6A
X509v3 Authority Key Identifier:
keyid:A9:82:F3:D0:E6:64:29:B6:85:B1:85:0A:9D:FF:25:C7:AA:37:A0:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYLz0OZkKbaFsYUKnf8lx6o3oMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/b45ba4-ab36-49ab-98e4-8b4793f90f15/1/RHzpUiuiNY0XEXcS875xUQAmg2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/b45ba4-ab36-49ab-98e4-8b4793f90f15/1/qYLz0OZkKbaFsYUKnf8lx6o3oMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.100.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:bd:01:88:a5:d9:60:ef:4b:44:ad:7d:6d:16:25:f1:e8:eb:
38:ce:8a:5b:46:ca:df:11:43:54:c0:c7:d0:42:c4:d2:f8:bc:
2c:a7:e4:48:b8:ab:ba:6a:15:5b:78:6b:15:1a:35:85:09:c6:
e1:a3:57:20:c2:6e:40:28:13:28:22:92:16:42:54:6b:c7:aa:
fc:91:83:2a:42:52:f5:7c:bc:5a:9a:8d:fc:7f:1b:db:47:55:
c6:c6:ae:d6:31:c8:ad:b7:96:6b:5c:55:ef:78:50:8d:ad:be:
e4:29:34:67:5e:10:6d:d0:ae:7b:03:11:27:d4:93:8a:e5:07:
cd:d5:ce:5f:77:57:89:69:2b:40:4d:65:7c:b5:b0:56:a0:3c:
2d:e2:b9:80:c2:67:98:a9:40:e2:78:3f:f8:e2:db:b6:20:7c:
bc:6a:a1:79:66:1a:1f:cb:86:d5:5f:86:e2:39:b4:b1:66:dd:
e9:74:cf:9a:28:04:bd:9f:d7:e3:c5:4e:a8:67:08:4d:c0:1f:
57:f4:9c:e3:06:fb:f9:e2:c4:61:08:5a:63:33:68:0c:b0:de:
98:ca:2c:fb:d8:5b:a5:4d:6a:6b:ec:e8:56:33:31:29:9b:0d:
26:fe:0b:5c:7f:8b:8d:3f:17:93:fe:31:c8:f6:6e:e5:4b:6e:
ba:41:bc:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1gWH6dgx9psv/HKU1eUaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODJmM2QwZTY2NDI5YjY4NWIxODUwYTlkZmYyNWM3YWEz
N2EwYzYwHhcNMjUwMTAxMDc0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDdjZTk1MjJiYTIzNThkMTcxMTc3MTJmM2JlNzE1MTAwMjY4MzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0rWEwr2bY/dODkoWbrp9skp46r6B
h/EjO26AWWOV4stuSntPlG/TdZnLfGMLxmsdxWhWESYTh+QU6diPm2uHYoBwD0Ak
mLBZ39jryQ9OrTkwhN3UT4kpsJhX6CPiKuSr/G6gXB51GiJ2t7XODu6eb+dk284a
h6f6CF+4c9Zswk+RX5DTqnjqVDFHW+sRAZyIeGRREDcJMRj3T9nxERasUGBrCmfE
EBxgUlctsbtVZBM3iXjuxr/a4An/sNIQdx5tpmRbwy0s9mlaqDizbkCWHfkATAdR
9myGmRlZcC2l2gXrtY0wB+YEI52C4sZJznMMLcLF7t+9PrI+eIxDLlNhqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFER86VIrojWNFxF3EvO+cVEAJoNqMB8GA1UdIwQY
MBaAFKmC89DmZCm2hbGFCp3/JceqN6DGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlMejBPWmtLYmFGc1lVS25mOGx4Nm8zb01ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9iNDViYTQtYWIzNi00OWFiLTk4ZTQt
OGI0NzkzZjkwZjE1LzEvUkh6cFVpdWlOWTBYRVhjUzg3NXhVUUFtZzJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9iNDViYTQtYWIzNi00OWFiLTk4ZTQtOGI0NzkzZjkwZjE1
LzEvcVlMejBPWmtLYmFGc1lVS25mOGx4Nm8zb01ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQ1kMA0G
CSqGSIb3DQEBCwUAA4IBAQAbvQGIpdlg70tErX1tFiXx6Os4zopbRsrfEUNUwMfQ
QsTS+Lwsp+RIuKu6ahVbeGsVGjWFCcbho1cgwm5AKBMoIpIWQlRrx6r8kYMqQlL1
fLxamo38fxvbR1XGxq7WMcitt5ZrXFXveFCNrb7kKTRnXhBt0K57AxEn1JOK5QfN
1c5fd1eJaStATWV8tbBWoDwt4rmAwmeYqUDieD/44tu2IHy8aqF5Zhofy4bVX4bi
ObSxZt3pdM+aKAS9n9fjxU6oZwhNwB9X9JzjBvv54sRhCFpjM2gMsN6Yyiz72Ful
TWpr7OhWMzEpmw0m/gtcf4uNPxeT/jHI9m7lS266QbwK
-----END CERTIFICATE-----
Generated at Sun Mar 9 18:27:08 2025 by rpki-client