Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/a5980d-65f4-4573-9759-33415967c213/1/MOYgH74CPuz3kq2_7g4GEYIEmJo.roa
File: MOYgH74CPuz3kq2_7g4GEYIEmJo.roa (raw, json)
Hash identifier: mV4mhA6ioj38dsiaxk1oztyyfy96UU4zdfkHT8G+pHs=
Subject key identifier: 30:E6:20:1F:BE:02:3E:EC:F7:92:AD:BF:EE:0E:06:11:82:04:98:9A
Certificate issuer: /CN=2326eeeadd4c0ee55b3594a596e67220819c18d5
Certificate serial: 0194214404CB360B701262CF1A594E9FD033
Authority key identifier: 23:26:EE:EA:DD:4C:0E:E5:5B:35:94:A5:96:E6:72:20:81:9C:18:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iybu6t1MDuVbNZSlluZyIIGcGNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/a5980d-65f4-4573-9759-33415967c213/1/MOYgH74CPuz3kq2_7g4GEYIEmJo.roa
Signing time: Wed 01 Jan 2025 09:48:13 +0000
ROA not before: Wed 01 Jan 2025 09:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51519
IP address blocks: 45.132.232.0/22 maxlen: 22
45.132.235.0/24 maxlen: 24
2a0e:73c0::/29 maxlen: 29
2a0e:73c2:64::/48 maxlen: 48
2a0e:73c2:65::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/a5980d-65f4-4573-9759-33415967c213/1/Iybu6t1MDuVbNZSlluZyIIGcGNU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/a5980d-65f4-4573-9759-33415967c213/1/Iybu6t1MDuVbNZSlluZyIIGcGNU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Iybu6t1MDuVbNZSlluZyIIGcGNU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:04:cb:36:0b:70:12:62:cf:1a:59:4e:9f:d0:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2326eeeadd4c0ee55b3594a596e67220819c18d5
Validity
Not Before: Jan 1 09:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30e6201fbe023eecf792adbfee0e06118204989a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:f0:eb:ec:d9:85:d0:4b:76:ed:68:2f:35:c1:
c7:24:65:73:0a:28:ab:bc:f5:32:c7:62:98:24:e9:
28:46:98:01:3f:a3:6c:0e:b7:93:50:04:cd:93:55:
a5:f9:0f:89:22:a9:61:9c:92:b1:a4:9a:d2:ad:b4:
b7:49:91:f2:d6:ff:93:fa:0b:e7:4d:ec:fd:8d:99:
60:c4:cc:6f:82:c2:9e:82:fb:d2:06:ff:1d:7a:23:
50:c5:0c:94:ec:cd:70:35:10:cb:8f:1f:d8:39:a6:
02:2a:91:99:bd:34:2e:82:df:d1:02:96:d6:5e:12:
91:4a:7f:1e:2c:f4:55:c4:31:84:9f:6e:d4:37:60:
c7:80:58:6b:0f:28:da:c9:fe:08:5f:d7:46:9d:86:
11:19:d4:7a:ac:14:90:ed:84:79:af:e5:d1:c4:78:
5c:d5:01:a4:b0:95:29:87:3b:a1:f6:5b:48:8a:4a:
cd:2c:7a:f8:10:df:72:07:3b:79:0b:ac:c7:31:90:
e9:ba:e9:45:be:9e:1d:fc:45:2f:7b:22:87:c0:10:
ee:34:8f:14:6f:28:ce:ac:48:fb:09:92:c9:46:5c:
5f:73:9d:6e:26:b8:fb:02:2d:28:e9:05:ec:76:06:
fb:dd:76:7d:c6:76:1a:14:68:7a:b6:22:ed:e9:9c:
90:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:E6:20:1F:BE:02:3E:EC:F7:92:AD:BF:EE:0E:06:11:82:04:98:9A
X509v3 Authority Key Identifier:
keyid:23:26:EE:EA:DD:4C:0E:E5:5B:35:94:A5:96:E6:72:20:81:9C:18:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iybu6t1MDuVbNZSlluZyIIGcGNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/a5980d-65f4-4573-9759-33415967c213/1/MOYgH74CPuz3kq2_7g4GEYIEmJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/a5980d-65f4-4573-9759-33415967c213/1/Iybu6t1MDuVbNZSlluZyIIGcGNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.232.0/22
IPv6:
2a0e:73c0::/29
Signature Algorithm: sha256WithRSAEncryption
6b:68:90:50:8d:4b:22:f4:a9:ce:27:eb:d0:c0:a4:d0:32:7d:
e9:6e:16:06:05:08:82:b6:28:09:37:56:cd:4f:2e:33:3e:0b:
18:70:38:27:40:16:70:21:f2:e8:11:1e:03:0c:d9:5c:95:64:
97:fd:e4:28:f3:e0:16:9a:72:61:98:60:e6:d4:5a:3c:f8:f4:
86:e2:d2:72:41:6b:fb:42:71:36:a3:4f:fb:4e:2a:2d:81:50:
e1:1d:ba:38:5f:c3:ae:65:67:ab:e8:5b:bc:69:4d:d0:d3:63:
8e:20:40:ce:e6:dc:36:f8:77:eb:00:ae:94:3d:af:83:46:33:
97:70:80:ce:b2:0b:af:af:3b:bb:8c:7d:9b:ad:01:9b:70:a5:
cb:40:c4:cd:18:47:f5:21:d1:8f:37:22:33:7d:a7:61:21:8c:
6e:eb:73:88:cd:7c:52:e8:0c:d3:f9:1e:d7:96:72:de:7f:8d:
7a:17:e1:69:5a:82:d0:f4:0b:cd:ee:55:3b:99:3b:9a:d7:9e:
df:45:85:a6:89:67:9d:2b:35:91:06:e1:92:2c:e7:80:cc:a0:
e7:fa:89:6d:76:ff:b9:4e:db:ed:ef:bf:c6:61:40:08:9d:69:
d0:6d:15:fd:1c:5d:85:90:81:a3:a9:98:b0:7e:35:ec:01:6a:
7a:80:fd:36
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhRATLNgtwEmLPGllOn9AzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMjZlZWVhZGQ0YzBlZTU1YjM1OTRhNTk2ZTY3MjIwODE5
YzE4ZDUwHhcNMjUwMTAxMDk0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGU2MjAxZmJlMDIzZWVjZjc5MmFkYmZlZTBlMDYxMTgyMDQ5ODlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vDr7NmF0Et27WgvNcHHJGVzCiir
vPUyx2KYJOkoRpgBP6NsDreTUATNk1Wl+Q+JIqlhnJKxpJrSrbS3SZHy1v+T+gvn
Tez9jZlgxMxvgsKegvvSBv8deiNQxQyU7M1wNRDLjx/YOaYCKpGZvTQugt/RApbW
XhKRSn8eLPRVxDGEn27UN2DHgFhrDyjayf4IX9dGnYYRGdR6rBSQ7YR5r+XRxHhc
1QGksJUphzuh9ltIikrNLHr4EN9yBzt5C6zHMZDpuulFvp4d/EUveyKHwBDuNI8U
byjOrEj7CZLJRlxfc51uJrj7Ai0o6QXsdgb73XZ9xnYaFGh6tiLt6ZyQjQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDDmIB++Aj7s95Ktv+4OBhGCBJiaMB8GA1UdIwQY
MBaAFCMm7urdTA7lWzWUpZbmciCBnBjVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXlidTZ0MU1EdVZiTlpTbGx1WnlJSUdjR05VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9hNTk4MGQtNjVmNC00NTczLTk3NTkt
MzM0MTU5NjdjMjEzLzEvTU9ZZ0g3NENQdXoza3EyXzdnNEdFWUlFbUpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9hNTk4MGQtNjVmNC00NTczLTk3NTktMzM0MTU5NjdjMjEz
LzEvSXlidTZ0MU1EdVZiTlpTbGx1WnlJSUdjR05VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLYToMA0E
AgACMAcDBQMqDnPAMA0GCSqGSIb3DQEBCwUAA4IBAQBraJBQjUsi9KnOJ+vQwKTQ
Mn3pbhYGBQiCtigJN1bNTy4zPgsYcDgnQBZwIfLoER4DDNlclWSX/eQo8+AWmnJh
mGDm1Fo8+PSG4tJyQWv7QnE2o0/7TiotgVDhHbo4X8OuZWer6Fu8aU3Q02OOIEDO
5tw2+HfrAK6UPa+DRjOXcIDOsguvrzu7jH2brQGbcKXLQMTNGEf1IdGPNyIzfadh
IYxu63OIzXxS6AzT+R7XlnLef416F+FpWoLQ9AvN7lU7mTua157fRYWmiWedKzWR
BuGSLOeAzKDn+oltdv+5Ttvt77/GYUAInWnQbRX9HF2FkIGjqZiwfjXsAWp6gP02
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:13:53 2025 by rpki-client