Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/0Masll6bbXJowlWVdStYbs2tx6E.roa
File: 0Masll6bbXJowlWVdStYbs2tx6E.roa (raw, json)
Hash identifier: Rro7robf4OQi2SafD/+wvUIv6rGO8rIKSIcGQQxuDhQ=
Subject key identifier: D0:C6:AC:96:5E:9B:6D:72:68:C2:55:95:75:2B:58:6E:CD:AD:C7:A1
Certificate issuer: /CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Certificate serial: 0195F16D0A1BD519EA024B3142D529EC8EAE
Authority key identifier: B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/0Masll6bbXJowlWVdStYbs2tx6E.roa
Signing time: Tue 01 Apr 2025 12:56:49 +0000
ROA not before: Tue 01 Apr 2025 12:56:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200195
IP address blocks: 45.143.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f1:6d:0a:1b:d5:19:ea:02:4b:31:42:d5:29:ec:8e:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Validity
Not Before: Apr 1 12:56:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0c6ac965e9b6d7268c25595752b586ecdadc7a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:15:88:71:28:73:56:c1:75:61:9d:45:e4:cd:
24:08:1f:63:d2:5b:47:7a:e9:c0:ee:e8:fc:09:e4:
23:71:91:c3:8b:1f:15:ac:b3:01:68:1c:a3:c2:62:
7e:fa:32:94:7b:7c:0b:08:56:cd:ac:3a:8d:23:b5:
e0:49:49:c1:1b:20:39:df:bd:2b:ae:7e:a2:00:83:
ae:dc:7c:d5:d5:3b:8d:19:ee:f4:a5:18:2f:37:b9:
ed:5a:c4:15:77:f7:3a:f4:9e:49:a9:71:cf:54:99:
81:f4:ee:0a:b8:16:3c:49:0b:c0:6d:65:6c:e4:c0:
98:81:6d:da:2d:49:c9:a6:f8:3c:04:d4:2d:14:16:
0c:aa:c6:83:29:e3:47:3d:4b:60:ce:d4:57:25:3d:
f7:81:2c:21:4a:72:bb:9e:4c:7b:7d:6b:40:db:36:
e0:64:9f:93:f5:39:2d:5f:d3:ac:47:bf:ad:68:c5:
52:d6:96:6e:2c:09:e5:be:44:3b:cb:60:27:5a:24:
7f:ea:d9:52:2f:93:b1:cc:0d:56:4f:e1:84:8f:6e:
b1:60:29:df:6f:d5:72:ed:a3:7e:5a:0e:b6:e6:b5:
8e:15:d6:64:91:e3:66:b7:b4:a1:84:fb:1e:41:bb:
11:74:2b:56:f9:85:87:5d:48:10:fc:49:f5:81:fb:
3b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:C6:AC:96:5E:9B:6D:72:68:C2:55:95:75:2B:58:6E:CD:AD:C7:A1
X509v3 Authority Key Identifier:
keyid:B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/0Masll6bbXJowlWVdStYbs2tx6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.201.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:20:52:70:08:b3:e1:56:47:1d:60:eb:c0:ff:aa:27:d1:74:
52:d9:6b:29:1c:61:a5:7e:91:f2:98:4c:ea:f9:0e:1b:47:de:
0e:51:48:52:d8:20:f4:da:98:75:f5:b0:94:24:c5:7d:84:b6:
f7:bd:18:85:be:8d:fd:d5:62:f3:78:bb:87:36:e1:cc:ee:d3:
1c:f3:0f:bc:9c:d0:92:11:e9:f3:10:03:47:5e:d9:6c:7a:5a:
85:a9:40:db:a6:eb:41:fe:23:9d:c7:ca:58:07:c0:05:a8:a5:
f4:6b:fd:44:a3:9c:60:da:21:3a:e7:ab:ca:03:8c:41:ed:9d:
e4:19:de:4b:01:48:f2:22:52:bc:32:f9:96:ae:fe:30:fd:eb:
87:d4:70:3a:30:61:3e:62:bb:93:8d:04:9a:69:d4:9d:03:81:
19:ac:a7:38:f2:d6:54:70:48:4a:65:df:3a:9c:06:5b:eb:55:
48:fa:0f:64:46:8f:75:0a:22:a5:19:d2:2d:ce:2f:e0:6f:30:
d7:37:f3:87:60:28:63:ad:4f:57:cf:f9:de:cb:92:7e:94:74:
b9:aa:a6:58:5f:63:34:57:97:ee:de:41:28:d6:9c:bb:95:0f:
0a:5c:07:c6:45:5a:55:46:31:2c:73:52:5e:c1:28:3b:f5:ff:
73:7a:00:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXxbQob1RnqAksxQtUp7I6uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYWYxMmY1Y2E3NWM5MjJhNGFhNWRhY2I0OWMwNGE5MzIz
N2Y0ZWQwHhcNMjUwNDAxMTI1NjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGM2YWM5NjVlOWI2ZDcyNjhjMjU1OTU3NTJiNTg2ZWNkYWRjN2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRWIcShzVsF1YZ1F5M0kCB9j0ltH
eunA7uj8CeQjcZHDix8VrLMBaByjwmJ++jKUe3wLCFbNrDqNI7XgSUnBGyA5370r
rn6iAIOu3HzV1TuNGe70pRgvN7ntWsQVd/c69J5JqXHPVJmB9O4KuBY8SQvAbWVs
5MCYgW3aLUnJpvg8BNQtFBYMqsaDKeNHPUtgztRXJT33gSwhSnK7nkx7fWtA2zbg
ZJ+T9TktX9OsR7+taMVS1pZuLAnlvkQ7y2AnWiR/6tlSL5OxzA1WT+GEj26xYCnf
b9Vy7aN+Wg625rWOFdZkkeNmt7ShhPseQbsRdCtW+YWHXUgQ/En1gfs7SQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNDGrJZem21yaMJVlXUrWG7NrcehMB8GA1UdIwQY
MBaAFLGvEvXKdckipKpdrLScBKkyN/TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUt
NTc2MGVmYmNjNjU0LzEvME1hc2xsNmJiWEpvd2xXVmRTdFliczJ0eDZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUtNTc2MGVmYmNjNjU0
LzEvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY/JMA0G
CSqGSIb3DQEBCwUAA4IBAQArIFJwCLPhVkcdYOvA/6on0XRS2WspHGGlfpHymEzq
+Q4bR94OUUhS2CD02ph19bCUJMV9hLb3vRiFvo391WLzeLuHNuHM7tMc8w+8nNCS
EenzEANHXtlselqFqUDbputB/iOdx8pYB8AFqKX0a/1Eo5xg2iE656vKA4xB7Z3k
Gd5LAUjyIlK8MvmWrv4w/euH1HA6MGE+YruTjQSaadSdA4EZrKc48tZUcEhKZd86
nAZb61VI+g9kRo91CiKlGdItzi/gbzDXN/OHYChjrU9Xz/ney5J+lHS5qqZYX2M0
V5fu3kEo1py7lQ8KXAfGRVpVRjEsc1JewSg79f9zegAv
-----END CERTIFICATE-----
Generated at Sun Apr 13 05:48:22 2025 by rpki-client