Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/CXaycMVQIz4mD7AGkHky2lc1t_E.roa
File: CXaycMVQIz4mD7AGkHky2lc1t_E.roa (raw, json)
Hash identifier: XQ8QKr5tV5GANcYht5PHTQQD2/hz4d9yrWShPJMOBBM=
Subject key identifier: 09:76:B2:70:C5:50:23:3E:26:0F:B0:06:90:79:32:DA:57:35:B7:F1
Certificate issuer: /CN=ce676a30284e14b02cc6ddaa034e775406e461a6
Certificate serial: 019425FC2280005CAC664960A33AD88C48AF
Authority key identifier: CE:67:6A:30:28:4E:14:B0:2C:C6:DD:AA:03:4E:77:54:06:E4:61:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zmdqMChOFLAsxt2qA053VAbkYaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/CXaycMVQIz4mD7AGkHky2lc1t_E.roa
Signing time: Thu 02 Jan 2025 07:47:48 +0000
ROA not before: Thu 02 Jan 2025 07:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208905
IP address blocks: 45.80.88.0/22 maxlen: 22
45.80.88.0/23 maxlen: 23
45.80.88.0/24 maxlen: 24
45.80.89.0/24 maxlen: 24
45.80.90.0/23 maxlen: 23
45.80.90.0/24 maxlen: 24
45.80.91.0/24 maxlen: 24
78.138.56.0/23 maxlen: 23
78.138.56.0/24 maxlen: 24
78.138.57.0/24 maxlen: 24
78.138.59.0/24 maxlen: 24
78.138.60.0/24 maxlen: 24
2a0e:9cc0::/29 maxlen: 29
2a0e:9cc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft
rsync://rpki.ripe.net/repository/DEFAULT/zmdqMChOFLAsxt2qA053VAbkYaY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 13:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:22:80:00:5c:ac:66:49:60:a3:3a:d8:8c:48:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce676a30284e14b02cc6ddaa034e775406e461a6
Validity
Not Before: Jan 2 07:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0976b270c550233e260fb006907932da5735b7f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:fb:d0:2b:e8:40:1b:76:8b:b6:52:de:2c:2b:
a2:d4:2b:c4:25:2f:ce:2e:d9:c0:2e:d8:0b:37:90:
57:aa:25:a6:a3:b7:31:81:c6:83:be:04:51:99:b4:
fe:5f:a7:98:35:a4:41:5c:e2:1e:b2:86:2a:e9:dd:
d4:1f:5c:62:73:4b:fa:1a:12:46:b3:3d:80:0f:77:
38:3b:78:5e:db:ee:62:95:cf:2f:cf:c2:c5:3e:c2:
fc:4e:69:56:c6:7d:a3:cd:e6:ac:cb:35:4b:34:ee:
85:ee:eb:65:34:13:43:8c:95:63:54:be:fe:38:a4:
4d:71:36:9c:4f:6d:68:61:81:5a:3f:ec:3d:50:d8:
ed:24:d3:26:3c:51:59:8b:b9:81:8d:08:05:1e:9e:
a6:e9:f3:29:36:18:1c:bc:c7:f4:8e:7e:43:db:bb:
8b:a9:d8:20:63:70:0e:7d:33:a2:39:39:81:4d:70:
e7:7e:3f:76:70:f7:6e:5b:5a:95:0b:71:18:77:6e:
53:23:23:4f:ba:16:9b:94:34:8c:20:cf:60:57:1c:
f9:8f:3b:87:4c:87:8f:ce:a1:bc:3e:6e:c7:95:6a:
04:83:0b:fa:fb:05:4f:2c:0b:b6:22:c7:09:75:99:
74:3e:8a:6a:b1:99:c3:aa:af:c8:10:44:a3:8e:8e:
1b:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:76:B2:70:C5:50:23:3E:26:0F:B0:06:90:79:32:DA:57:35:B7:F1
X509v3 Authority Key Identifier:
keyid:CE:67:6A:30:28:4E:14:B0:2C:C6:DD:AA:03:4E:77:54:06:E4:61:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zmdqMChOFLAsxt2qA053VAbkYaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/CXaycMVQIz4mD7AGkHky2lc1t_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.88.0/22
78.138.56.0/23
78.138.59.0-78.138.60.255
IPv6:
2a0e:9cc0::/29
Signature Algorithm: sha256WithRSAEncryption
66:e3:d1:2d:20:b6:24:e3:e6:f1:d7:74:99:d5:bc:61:57:4c:
17:00:31:ec:c9:21:6d:78:8c:a3:b0:75:25:d4:ea:bc:f3:80:
6e:05:c2:a1:44:4f:c0:55:41:e8:63:72:4f:0e:fb:24:a9:4a:
b6:bd:13:05:68:d9:0d:44:01:62:5a:64:c6:d3:17:0a:f8:5d:
7f:2d:0a:43:d0:14:5f:1f:89:71:29:72:02:00:e0:d5:a7:57:
3d:06:79:d1:c3:b8:71:ca:30:3c:91:4c:c1:88:aa:52:4f:05:
03:2d:db:04:17:11:d3:e4:1c:28:1e:e4:99:71:7e:b6:95:a4:
6f:ee:cf:f0:07:68:db:5f:1f:d0:ee:5d:0a:d0:3a:15:b3:ac:
33:a7:8c:28:bb:97:f4:29:18:b2:81:be:95:da:ce:16:e9:6b:
1d:fc:62:c9:a4:3a:5a:71:97:48:58:e8:b3:b4:7e:17:70:ff:
9e:f4:7d:f3:d5:6f:b4:d8:ab:10:af:e7:6e:2d:12:b8:7a:ec:
36:97:c7:62:3f:7e:dd:b6:ed:30:31:48:f1:16:f1:c6:11:1d:
e9:8a:9e:cb:1a:0d:38:1b:74:2b:6b:32:38:35:e9:64:d8:57:
2d:77:6b:1a:a5:c2:58:63:5c:aa:6a:d7:af:c1:dd:58:d5:2d:
c1:72:4c:be
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQl/CKAAFysZklgozrYjEivMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNjc2YTMwMjg0ZTE0YjAyY2M2ZGRhYTAzNGU3NzU0MDZl
NDYxYTYwHhcNMjUwMTAyMDc0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTc2YjI3MGM1NTAyMzNlMjYwZmIwMDY5MDc5MzJkYTU3MzViN2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfvQK+hAG3aLtlLeLCui1CvEJS/O
LtnALtgLN5BXqiWmo7cxgcaDvgRRmbT+X6eYNaRBXOIesoYq6d3UH1xic0v6GhJG
sz2AD3c4O3he2+5ilc8vz8LFPsL8TmlWxn2jzeasyzVLNO6F7utlNBNDjJVjVL7+
OKRNcTacT21oYYFaP+w9UNjtJNMmPFFZi7mBjQgFHp6m6fMpNhgcvMf0jn5D27uL
qdggY3AOfTOiOTmBTXDnfj92cPduW1qVC3EYd25TIyNPuhablDSMIM9gVxz5jzuH
TIePzqG8Pm7HlWoEgwv6+wVPLAu2IscJdZl0PopqsZnDqq/IEESjjo4biQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFAl2snDFUCM+Jg+wBpB5MtpXNbfxMB8GA1UdIwQY
MBaAFM5najAoThSwLMbdqgNOd1QG5GGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem1kcU1DaE9GTEFzeHQycUEwNTNWQWJrWWFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9iODYwNWEtMjEzNi00Mzg5LWE0MDUt
ZWE2MDY1NzA5NDZhLzEvQ1hheWNNVlFJejRtRDdBR2tIa3kybGMxdF9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9iODYwNWEtMjEzNi00Mzg5LWE0MDUtZWE2MDY1NzA5NDZh
LzEvem1kcU1DaE9GTEFzeHQycUEwNTNWQWJrWWFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCLVBYAwQB
Too4MAwDBABOijsDBABOijwwDQQCAAIwBwMFAyoOnMAwDQYJKoZIhvcNAQELBQAD
ggEBAGbj0S0gtiTj5vHXdJnVvGFXTBcAMezJIW14jKOwdSXU6rzzgG4FwqFET8BV
Qehjck8O+ySpSra9EwVo2Q1EAWJaZMbTFwr4XX8tCkPQFF8fiXEpcgIA4NWnVz0G
edHDuHHKMDyRTMGIqlJPBQMt2wQXEdPkHCge5JlxfraVpG/uz/AHaNtfH9DuXQrQ
OhWzrDOnjCi7l/QpGLKBvpXazhbpax38YsmkOlpxl0hY6LO0fhdw/570ffPVb7TY
qxCv524tErh67DaXx2I/ft227TAxSPEW8cYRHemKnssaDTgbdCtrMjg16WTYVy13
axqlwlhjXKpq16/B3VjVLcFyTL4=
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:29:52 2025 by rpki-client