Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/piqnuODF7lhN690__V-7lYt7O9g.roa
File: piqnuODF7lhN690__V-7lYt7O9g.roa (raw, json)
Hash identifier: bJ0by5gF5+d/INxTw0HKrWzPPNlfAOi7lGQ6bR/NpSU=
Subject key identifier: A6:2A:A7:B8:E0:C5:EE:58:4D:EB:DD:3F:FD:5F:BB:95:8B:7B:3B:D8
Certificate issuer: /CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Certificate serial: 01942368F9AB7FA913A8E6F6FBCCCEB15E85
Authority key identifier: B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/piqnuODF7lhN690__V-7lYt7O9g.roa
Signing time: Wed 01 Jan 2025 19:47:49 +0000
ROA not before: Wed 01 Jan 2025 19:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215540
IP address blocks: 45.143.200.0/24 maxlen: 24
185.193.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:f9:ab:7f:a9:13:a8:e6:f6:fb:cc:ce:b1:5e:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Validity
Not Before: Jan 1 19:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a62aa7b8e0c5ee584debdd3ffd5fbb958b7b3bd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e5:e1:51:67:c6:c8:64:71:38:f8:6e:9d:58:
a0:6d:94:2c:db:38:e5:4d:15:04:ae:49:3d:ec:af:
4c:0e:2e:48:92:02:2e:65:04:25:c0:e2:08:09:46:
7d:93:ed:eb:f0:1a:46:da:01:49:07:76:14:63:25:
4b:6a:f9:d6:41:d2:b0:36:d9:66:5f:bf:6a:1b:f7:
b6:df:2d:3c:d6:87:43:02:e0:ad:52:97:3f:a1:e5:
9e:b0:31:69:a7:be:7e:d6:e0:4f:d5:3c:9d:91:ef:
72:14:21:1f:1c:b8:a9:6f:f1:27:94:8c:3d:58:05:
11:96:eb:7f:9c:35:48:f5:44:ac:72:8f:97:4f:3b:
97:5a:62:db:8a:63:bd:ad:a9:38:14:fe:09:ca:ac:
7c:c7:ca:07:50:a2:16:09:fa:5c:85:9e:73:bc:4a:
40:43:23:d9:89:89:42:2d:3a:7e:c3:fa:f9:a5:19:
57:1a:ce:73:3a:c8:a7:03:b1:ad:c3:79:c8:09:ab:
4e:87:25:f9:0c:7f:92:3d:25:12:af:fb:b9:a4:89:
cc:f5:04:e7:15:59:1a:cc:87:44:1d:9f:0c:b4:cc:
2b:9c:68:77:71:32:ee:37:3a:d7:16:ae:0a:1c:b7:
e5:57:2f:57:e5:7f:b4:c6:50:84:66:25:71:80:11:
d0:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:2A:A7:B8:E0:C5:EE:58:4D:EB:DD:3F:FD:5F:BB:95:8B:7B:3B:D8
X509v3 Authority Key Identifier:
keyid:B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/piqnuODF7lhN690__V-7lYt7O9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.200.0/24
185.193.89.0/24
Signature Algorithm: sha256WithRSAEncryption
90:49:53:7f:f8:7e:65:9a:0c:91:3d:be:ab:a4:be:b4:28:00:
06:af:3f:68:8b:fd:4b:b9:2f:4a:ec:52:7c:72:99:c9:d8:33:
20:af:7e:e7:e4:f2:f2:47:a4:af:13:68:6b:7e:7a:e1:fd:a0:
0d:d8:f5:9c:79:cf:d0:b7:f8:71:1b:70:53:b3:4f:a4:79:b0:
9d:06:d9:5c:db:41:cc:c1:7c:b0:ad:8a:b9:73:45:e8:d2:37:
ed:3b:c5:17:8f:9d:b6:ee:34:64:2b:8c:7d:f8:a4:ae:ab:1a:
bd:06:c6:4c:5a:88:7f:45:ca:0d:d0:a2:1b:ca:51:01:d2:d7:
96:f4:9d:56:0f:5e:f9:53:11:17:a3:04:c1:23:50:d2:9e:19:
67:21:2f:ba:cd:b0:a4:0f:e9:f1:f5:10:2c:8f:03:da:de:54:
71:5d:6f:2e:9a:df:21:32:05:2a:83:a2:94:f3:8b:a1:ac:cc:
5b:25:4c:d6:b6:ad:a6:60:68:43:4c:be:da:c1:60:30:79:f6:
c7:cd:02:0c:04:f0:b5:eb:e6:6c:c6:e9:49:e8:2d:df:1c:6e:
6b:71:de:26:e0:f5:36:cd:2e:ed:fc:1c:5e:c4:6f:65:7d:2d:
a2:0f:e3:c1:7c:af:b0:fb:06:00:97:68:cd:cf:2c:26:8e:af:
3f:12:ba:4f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQjaPmrf6kTqOb2+8zOsV6FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYWYxMmY1Y2E3NWM5MjJhNGFhNWRhY2I0OWMwNGE5MzIz
N2Y0ZWQwHhcNMjUwMTAxMTk0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjJhYTdiOGUwYzVlZTU4NGRlYmRkM2ZmZDVmYmI5NThiN2IzYmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOXhUWfGyGRxOPhunVigbZQs2zjl
TRUErkk97K9MDi5IkgIuZQQlwOIICUZ9k+3r8BpG2gFJB3YUYyVLavnWQdKwNtlm
X79qG/e23y081odDAuCtUpc/oeWesDFpp75+1uBP1Tydke9yFCEfHLipb/EnlIw9
WAURlut/nDVI9USsco+XTzuXWmLbimO9rak4FP4Jyqx8x8oHUKIWCfpchZ5zvEpA
QyPZiYlCLTp+w/r5pRlXGs5zOsinA7Gtw3nICatOhyX5DH+SPSUSr/u5pInM9QTn
FVkazIdEHZ8MtMwrnGh3cTLuNzrXFq4KHLflVy9X5X+0xlCEZiVxgBHQ8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKYqp7jgxe5YTevdP/1fu5WLezvYMB8GA1UdIwQY
MBaAFLGvEvXKdckipKpdrLScBKkyN/TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUt
NTc2MGVmYmNjNjU0LzEvcGlxbnVPREY3bGhONjkwX19WLTdsWXQ3TzlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUtNTc2MGVmYmNjNjU0
LzEvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALY/IAwQA
ucFZMA0GCSqGSIb3DQEBCwUAA4IBAQCQSVN/+H5lmgyRPb6rpL60KAAGrz9oi/1L
uS9K7FJ8cpnJ2DMgr37n5PLyR6SvE2hrfnrh/aAN2PWcec/Qt/hxG3BTs0+kebCd
Btlc20HMwXywrYq5c0Xo0jftO8UXj5227jRkK4x9+KSuqxq9BsZMWoh/RcoN0KIb
ylEB0teW9J1WD175UxEXowTBI1DSnhlnIS+6zbCkD+nx9RAsjwPa3lRxXW8umt8h
MgUqg6KU84uhrMxbJUzWtq2mYGhDTL7awWAwefbHzQIMBPC16+ZsxulJ6C3fHG5r
cd4m4PU2zS7t/BxexG9lfS2iD+PBfK+w+wYAl2jNzywmjq8/ErpP
-----END CERTIFICATE-----
Generated at Sun Apr 6 23:35:25 2025 by rpki-client