Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/0e1607-8ef0-4ed5-a68b-8b12b1f1b5ae/1/gBjKKqKZuEY4WvRauB7caOw1S-0.roa
File: gBjKKqKZuEY4WvRauB7caOw1S-0.roa (raw, json)
Hash identifier: KcvP3QvpprIZ7nrbS5q17f/tcN31DqhQB7sqPQGvSG8=
Subject key identifier: 80:18:CA:2A:A2:99:B8:46:38:5A:F4:5A:B8:1E:DC:68:EC:35:4B:ED
Certificate issuer: /CN=df0f32e5f098b86a8794825c81122da953466284
Certificate serial: 0194228E3C275294D1BB84228E80F0F8E4CA
Authority key identifier: DF:0F:32:E5:F0:98:B8:6A:87:94:82:5C:81:12:2D:A9:53:46:62:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3w8y5fCYuGqHlIJcgRItqVNGYoQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/0e1607-8ef0-4ed5-a68b-8b12b1f1b5ae/1/gBjKKqKZuEY4WvRauB7caOw1S-0.roa
Signing time: Wed 01 Jan 2025 15:48:54 +0000
ROA not before: Wed 01 Jan 2025 15:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201902
IP address blocks: 45.141.164.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/0e1607-8ef0-4ed5-a68b-8b12b1f1b5ae/1/3w8y5fCYuGqHlIJcgRItqVNGYoQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/0e1607-8ef0-4ed5-a68b-8b12b1f1b5ae/1/3w8y5fCYuGqHlIJcgRItqVNGYoQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/3w8y5fCYuGqHlIJcgRItqVNGYoQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:3c:27:52:94:d1:bb:84:22:8e:80:f0:f8:e4:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df0f32e5f098b86a8794825c81122da953466284
Validity
Not Before: Jan 1 15:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8018ca2aa299b846385af45ab81edc68ec354bed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:5d:b4:21:9d:41:79:c3:52:80:20:6d:d6:fb:
95:ae:bc:41:e2:27:43:91:22:86:75:22:ce:15:6b:
60:29:c7:f7:8e:bb:db:01:a1:9f:ed:0b:6b:17:90:
c2:b7:49:2f:8e:93:ac:63:e2:d6:7c:a9:2b:bb:c6:
46:bc:23:b3:55:c1:71:65:5e:8c:5d:3f:a8:41:84:
3f:08:36:87:aa:85:4d:75:d6:e1:fb:a4:46:84:98:
2b:f7:b4:93:6a:cf:7f:62:c6:0a:c3:32:0a:28:e8:
d8:56:7f:3b:ef:63:37:b8:0b:3e:4e:61:e3:1d:29:
88:3b:e7:79:ea:b9:46:01:23:12:51:23:39:46:8f:
95:4e:39:e2:27:00:34:ad:37:91:6f:8b:73:46:b8:
48:b4:f8:d6:b2:f2:18:76:dd:1d:87:64:0f:6f:45:
df:2e:f3:eb:89:13:cd:2a:e5:17:91:39:af:d1:9c:
b5:19:62:c3:83:b8:65:f7:18:7e:c0:de:c7:4a:6e:
a8:f3:98:15:de:30:cc:28:71:a9:52:81:c6:0c:df:
3f:eb:a5:e8:f9:26:4f:9e:2e:1f:54:1f:bd:b5:bc:
3e:39:bd:b1:81:5c:fd:09:81:70:3b:cc:2d:1f:f7:
d6:f1:45:df:03:46:11:8a:f1:66:71:ca:53:45:07:
23:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:18:CA:2A:A2:99:B8:46:38:5A:F4:5A:B8:1E:DC:68:EC:35:4B:ED
X509v3 Authority Key Identifier:
keyid:DF:0F:32:E5:F0:98:B8:6A:87:94:82:5C:81:12:2D:A9:53:46:62:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3w8y5fCYuGqHlIJcgRItqVNGYoQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0e1607-8ef0-4ed5-a68b-8b12b1f1b5ae/1/gBjKKqKZuEY4WvRauB7caOw1S-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0e1607-8ef0-4ed5-a68b-8b12b1f1b5ae/1/3w8y5fCYuGqHlIJcgRItqVNGYoQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.164.0/22
Signature Algorithm: sha256WithRSAEncryption
48:25:9b:6c:ee:44:56:0b:b4:d2:25:43:1f:b3:a4:4f:b1:30:
4d:bd:cc:ac:6a:94:96:cd:b7:db:11:a1:8d:43:5c:43:b9:ab:
0c:81:b1:8c:7a:b0:f4:09:81:fb:ed:ae:bc:c7:4d:18:1a:d2:
58:12:75:2f:e5:eb:14:ab:aa:72:80:e3:42:f3:5b:e2:42:7c:
9d:35:21:41:44:93:ab:e6:a5:5f:4a:92:88:49:d5:57:76:98:
11:81:7a:35:e7:34:c8:81:99:d4:ca:c5:a6:4a:6c:87:1d:e7:
24:ea:71:73:89:8b:40:01:13:40:5d:49:df:66:8d:65:4f:64:
e8:69:f9:49:e3:d3:2f:3f:5c:3e:35:ac:5f:eb:01:3c:e7:fc:
25:3f:f2:99:19:a8:a8:5b:7d:ae:e4:a4:19:dd:c2:ac:3e:ed:
8f:5c:0f:e3:a6:12:0d:93:aa:83:a6:62:82:29:b8:52:e8:a1:
6c:88:c2:49:3d:62:cb:38:3c:e3:b8:b0:ed:4a:77:95:8d:58:
c4:c4:7e:df:a5:25:b4:a4:c1:24:c5:f1:16:1e:ea:e5:b3:dd:
b9:28:a5:68:4c:b3:19:6c:b9:d6:de:8f:22:2e:d3:c8:db:7d:
cf:15:c5:ef:eb:50:73:f6:50:10:ea:6f:b4:cf:d4:d6:1a:c6:
84:ff:0b:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijjwnUpTRu4QijoDw+OTKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMGYzMmU1ZjA5OGI4NmE4Nzk0ODI1YzgxMTIyZGE5NTM0
NjYyODQwHhcNMjUwMTAxMTU0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDE4Y2EyYWEyOTliODQ2Mzg1YWY0NWFiODFlZGM2OGVjMzU0YmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2l20IZ1BecNSgCBt1vuVrrxB4idD
kSKGdSLOFWtgKcf3jrvbAaGf7QtrF5DCt0kvjpOsY+LWfKkru8ZGvCOzVcFxZV6M
XT+oQYQ/CDaHqoVNddbh+6RGhJgr97STas9/YsYKwzIKKOjYVn8772M3uAs+TmHj
HSmIO+d56rlGASMSUSM5Ro+VTjniJwA0rTeRb4tzRrhItPjWsvIYdt0dh2QPb0Xf
LvPriRPNKuUXkTmv0Zy1GWLDg7hl9xh+wN7HSm6o85gV3jDMKHGpUoHGDN8/66Xo
+SZPni4fVB+9tbw+Ob2xgVz9CYFwO8wtH/fW8UXfA0YRivFmccpTRQcj1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIAYyiqimbhGOFr0Wrge3GjsNUvtMB8GA1UdIwQY
MBaAFN8PMuXwmLhqh5SCXIESLalTRmKEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3c4eTVmQ1l1R3FIbElKY2dSSXRxVk5HWW9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8wZTE2MDctOGVmMC00ZWQ1LWE2OGIt
OGIxMmIxZjFiNWFlLzEvZ0JqS0txS1p1RVk0V3ZSYXVCN2NhT3cxUy0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8wZTE2MDctOGVmMC00ZWQ1LWE2OGItOGIxMmIxZjFiNWFl
LzEvM3c4eTVmQ1l1R3FIbElKY2dSSXRxVk5HWW9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLY2kMA0G
CSqGSIb3DQEBCwUAA4IBAQBIJZts7kRWC7TSJUMfs6RPsTBNvcysapSWzbfbEaGN
Q1xDuasMgbGMerD0CYH77a68x00YGtJYEnUv5esUq6pygONC81viQnydNSFBRJOr
5qVfSpKISdVXdpgRgXo15zTIgZnUysWmSmyHHeck6nFziYtAARNAXUnfZo1lT2To
aflJ49MvP1w+Naxf6wE85/wlP/KZGaioW32u5KQZ3cKsPu2PXA/jphINk6qDpmKC
KbhS6KFsiMJJPWLLODzjuLDtSneVjVjExH7fpSW0pMEkxfEWHurls925KKVoTLMZ
bLnW3o8iLtPI233PFcXv61Bz9lAQ6m+0z9TWGsaE/wt5
-----END CERTIFICATE-----
Generated at Sun Feb 2 14:57:52 2025 by rpki-client