Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/e6DZbvh_L3W1UeddH35B67LJi9Q.roa
File: e6DZbvh_L3W1UeddH35B67LJi9Q.roa (raw, json)
Hash identifier: +0Dm3AWD3U6fAKnLyGuhhEgtHeQpyhFkn7EMeVE2k/Q=
Subject key identifier: 7B:A0:D9:6E:F8:7F:2F:75:B5:51:E7:5D:1F:7E:41:EB:B2:C9:8B:D4
Certificate issuer: /CN=3a00807698f0b097d69ab3926917d1dcc838a624
Certificate serial: 01942368D3F01A3150544E0182CEC48BC06C
Authority key identifier: 3A:00:80:76:98:F0:B0:97:D6:9A:B3:92:69:17:D1:DC:C8:38:A6:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/e6DZbvh_L3W1UeddH35B67LJi9Q.roa
Signing time: Wed 01 Jan 2025 19:47:40 +0000
ROA not before: Wed 01 Jan 2025 19:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 328543
IP address blocks: 45.81.34.0/23 maxlen: 24
45.150.236.0/22 maxlen: 24
2a0e:4c80::/29 maxlen: 29
2a0f:9a00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:d3:f0:1a:31:50:54:4e:01:82:ce:c4:8b:c0:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a00807698f0b097d69ab3926917d1dcc838a624
Validity
Not Before: Jan 1 19:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ba0d96ef87f2f75b551e75d1f7e41ebb2c98bd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:88:79:d0:92:54:c7:cc:74:00:2b:eb:f7:46:
45:96:28:9a:19:9b:f7:e1:47:5a:30:19:87:d4:12:
6e:32:37:eb:49:e3:a0:87:d4:70:6e:cc:44:5f:06:
7c:b7:3c:57:cf:a5:ec:f3:0f:5f:9b:88:28:97:c0:
fa:15:a9:12:af:8f:3f:a5:93:32:ce:c8:d1:dd:c8:
5b:8c:da:a1:1b:f6:13:df:11:d3:09:d5:0c:53:7f:
d0:d5:64:29:9f:b1:77:00:3b:d8:55:ee:0b:b4:63:
06:ed:19:d6:20:aa:19:99:7e:b3:a6:57:6e:a9:b5:
cc:12:cb:50:f3:52:d5:be:30:0a:4b:16:b7:24:c0:
d8:10:1c:97:64:27:13:6b:e8:ca:d3:98:4e:26:00:
3d:ad:18:7d:2d:46:3b:5c:24:64:4e:9e:c4:e7:73:
62:8f:60:92:c8:bc:f6:4f:85:bf:6a:69:f6:40:a2:
2f:a1:0b:25:73:ed:2b:db:e0:f3:2f:4c:1a:d7:1b:
12:39:3d:e5:57:49:5a:07:37:91:04:5a:a8:5e:ef:
ef:e2:9f:9a:6f:4e:50:5b:dd:6e:0e:83:cb:26:ad:
38:b6:99:8f:09:ca:75:8d:57:c0:13:da:28:21:f2:
44:ba:5e:ef:6c:1f:5a:70:17:14:74:b6:20:43:65:
cb:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:A0:D9:6E:F8:7F:2F:75:B5:51:E7:5D:1F:7E:41:EB:B2:C9:8B:D4
X509v3 Authority Key Identifier:
keyid:3A:00:80:76:98:F0:B0:97:D6:9A:B3:92:69:17:D1:DC:C8:38:A6:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/e6DZbvh_L3W1UeddH35B67LJi9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.34.0/23
45.150.236.0/22
IPv6:
2a0e:4c80::/29
2a0f:9a00::/29
Signature Algorithm: sha256WithRSAEncryption
99:b9:0c:e1:7a:42:7e:70:41:f5:30:fc:78:d6:b2:99:86:1a:
20:ef:cf:fc:39:39:14:88:d1:72:eb:45:1f:87:75:5e:3e:6b:
78:6a:a6:a1:a8:68:39:3d:c8:db:fa:09:b0:ff:a8:03:85:a7:
38:16:0e:c3:a6:b1:96:1f:c7:0b:9d:91:92:fc:12:95:24:a3:
14:c3:94:a8:da:a9:b1:ca:ce:21:24:50:01:de:05:1d:44:37:
a7:c8:ed:ad:a7:04:c7:6c:48:70:f4:4b:0e:39:d6:2c:94:72:
55:6d:e4:0d:7f:f5:25:1b:91:bb:4e:31:0f:ef:af:4b:de:be:
a5:1b:14:9c:73:e4:af:21:b7:74:ae:1f:66:6e:ce:87:83:07:
96:40:a1:62:cd:2e:59:a7:f3:44:96:d9:36:aa:5d:70:5c:e7:
0b:c4:6e:b3:3a:c3:34:9d:3d:d1:eb:91:a6:d0:79:50:25:bc:
2d:35:2f:c9:3d:a9:28:45:73:f0:47:de:76:a3:db:b8:ba:0e:
49:0a:4c:aa:5f:88:ef:fa:a4:b7:dc:5f:71:47:d0:ae:f7:52:
f3:4e:84:32:25:7b:95:b7:a6:69:9e:c6:aa:3d:fb:33:b7:a6:
f3:c6:b0:81:ef:cb:4d:69:ac:4f:11:dd:ec:94:4e:40:ee:a4:
bf:3b:6d:20
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQjaNPwGjFQVE4Bgs7Ei8BsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMDA4MDc2OThmMGIwOTdkNjlhYjM5MjY5MTdkMWRjYzgz
OGE2MjQwHhcNMjUwMTAxMTk0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmEwZDk2ZWY4N2YyZjc1YjU1MWU3NWQxZjdlNDFlYmIyYzk4YmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYh50JJUx8x0ACvr90ZFliiaGZv3
4UdaMBmH1BJuMjfrSeOgh9RwbsxEXwZ8tzxXz6Xs8w9fm4gol8D6FakSr48/pZMy
zsjR3chbjNqhG/YT3xHTCdUMU3/Q1WQpn7F3ADvYVe4LtGMG7RnWIKoZmX6zpldu
qbXMEstQ81LVvjAKSxa3JMDYEByXZCcTa+jK05hOJgA9rRh9LUY7XCRkTp7E53Ni
j2CSyLz2T4W/amn2QKIvoQslc+0r2+DzL0wa1xsSOT3lV0laBzeRBFqoXu/v4p+a
b05QW91uDoPLJq04tpmPCcp1jVfAE9ooIfJEul7vbB9acBcUdLYgQ2XLOwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFHug2W74fy91tVHnXR9+QeuyyYvUMB8GA1UdIwQY
MBaAFDoAgHaY8LCX1pqzkmkX0dzIOKYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2dDQWRwandzSmZXbXJPU2FSZlIzTWc0cGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xNDNkMjktY2Y3Mi00ZDAxLTkxOGMt
MTZhZmM0ZGZmZGQ0LzEvZTZEWmJ2aF9MM1cxVWVkZEgzNUI2N0xKaTlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8xNDNkMjktY2Y3Mi00ZDAxLTkxOGMtMTZhZmM0ZGZmZGQ0
LzEvT2dDQWRwandzSmZXbXJPU2FSZlIzTWc0cGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQBLVEiAwQC
LZbsMBQEAgACMA4DBQMqDkyAAwUDKg+aADANBgkqhkiG9w0BAQsFAAOCAQEAmbkM
4XpCfnBB9TD8eNaymYYaIO/P/Dk5FIjRcutFH4d1Xj5reGqmoahoOT3I2/oJsP+o
A4WnOBYOw6axlh/HC52RkvwSlSSjFMOUqNqpscrOISRQAd4FHUQ3p8jtracEx2xI
cPRLDjnWLJRyVW3kDX/1JRuRu04xD++vS96+pRsUnHPkryG3dK4fZm7Oh4MHlkCh
Ys0uWafzRJbZNqpdcFznC8RuszrDNJ090euRptB5UCW8LTUvyT2pKEVz8EfedqPb
uLoOSQpMql+I7/qkt9xfcUfQrvdS806EMiV7lbemaZ7Gqj37M7em88awge/LTWms
TxHd7JROQO6kvzttIA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:37:09 2025 by rpki-client