Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/25e6d8-4e72-4ac2-b6e5-c8201b91aec3/1/_aLDkeMiUI-Lqjzdkv0G6nDIZPI.roa
File: _aLDkeMiUI-Lqjzdkv0G6nDIZPI.roa (raw, json)
Hash identifier: tmIepxlUbHTd8KHj3iQSk+aTVIsaYnnddWmvrPeDuVM=
Subject key identifier: FD:A2:C3:91:E3:22:50:8F:8B:AA:3C:DD:92:FD:06:EA:70:C8:64:F2
Certificate issuer: /CN=dac71030fe081e02bab4823d0568ffb2a33265e1
Certificate serial: 01945FA9322FFDAB53F47E0D7C48B83D2C17
Authority key identifier: DA:C7:10:30:FE:08:1E:02:BA:B4:82:3D:05:68:FF:B2:A3:32:65:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2scQMP4IHgK6tII9BWj_sqMyZeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/25e6d8-4e72-4ac2-b6e5-c8201b91aec3/1/_aLDkeMiUI-Lqjzdkv0G6nDIZPI.roa
Signing time: Mon 13 Jan 2025 12:35:11 +0000
ROA not before: Mon 13 Jan 2025 12:35:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205285
IP address blocks: 45.11.224.0/22 maxlen: 22
45.14.136.0/22 maxlen: 22
45.84.78.0/23 maxlen: 23
185.223.4.0/22 maxlen: 22
194.110.140.0/23 maxlen: 23
194.110.148.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/25e6d8-4e72-4ac2-b6e5-c8201b91aec3/1/2scQMP4IHgK6tII9BWj_sqMyZeE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/25e6d8-4e72-4ac2-b6e5-c8201b91aec3/1/2scQMP4IHgK6tII9BWj_sqMyZeE.mft
rsync://rpki.ripe.net/repository/DEFAULT/2scQMP4IHgK6tII9BWj_sqMyZeE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 21:01:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5f:a9:32:2f:fd:ab:53:f4:7e:0d:7c:48:b8:3d:2c:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dac71030fe081e02bab4823d0568ffb2a33265e1
Validity
Not Before: Jan 13 12:35:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fda2c391e322508f8baa3cdd92fd06ea70c864f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:37:ca:64:90:07:98:f2:fa:95:ce:96:55:31:
53:9c:7d:dc:65:ef:93:53:1d:c9:6e:0d:85:45:27:
11:58:87:2b:dd:83:87:ce:1e:4f:68:98:a0:58:df:
67:51:79:00:86:91:cf:37:67:e0:14:6e:39:84:c6:
25:30:06:8d:23:a0:54:57:b1:0f:eb:1f:16:dd:51:
cd:62:9b:6e:81:ad:23:66:aa:dd:81:54:3d:ab:97:
5a:0d:ea:4c:e7:c9:e1:10:05:26:80:7d:65:2a:6f:
f1:d3:db:92:2f:37:42:b6:f4:7c:4f:28:50:90:c5:
14:32:b7:66:0c:74:0c:aa:c1:7c:e6:04:14:8d:f2:
f5:87:2b:f9:8a:6f:63:11:ad:b2:7a:81:82:a4:b1:
77:5b:c0:a0:c7:ec:e8:55:b2:b7:0f:35:01:82:8d:
8e:3e:8e:4b:94:4f:cd:13:7c:51:45:85:dc:d6:30:
a7:36:42:e3:27:13:b8:53:f1:20:4f:af:17:98:c4:
51:15:65:e1:67:93:ba:e5:4c:17:77:e2:3e:a7:61:
65:75:88:85:e4:d0:03:6f:3b:bb:6a:e7:7c:25:bc:
12:b9:67:0d:1b:e8:15:ed:f8:56:32:1c:d0:04:87:
6a:a8:51:5a:14:87:3a:d4:0b:f1:3f:fb:78:80:08:
67:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:A2:C3:91:E3:22:50:8F:8B:AA:3C:DD:92:FD:06:EA:70:C8:64:F2
X509v3 Authority Key Identifier:
keyid:DA:C7:10:30:FE:08:1E:02:BA:B4:82:3D:05:68:FF:B2:A3:32:65:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2scQMP4IHgK6tII9BWj_sqMyZeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/25e6d8-4e72-4ac2-b6e5-c8201b91aec3/1/_aLDkeMiUI-Lqjzdkv0G6nDIZPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/25e6d8-4e72-4ac2-b6e5-c8201b91aec3/1/2scQMP4IHgK6tII9BWj_sqMyZeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.224.0/22
45.14.136.0/22
45.84.78.0/23
185.223.4.0/22
194.110.140.0/23
194.110.148.0/23
Signature Algorithm: sha256WithRSAEncryption
30:ea:f7:db:d0:c9:ea:dc:af:9b:d7:4d:15:61:e1:6c:7b:d9:
d9:bb:a4:69:08:06:54:78:5f:c5:5b:24:70:f8:05:22:3f:4c:
77:b2:19:25:7b:3f:bb:80:00:cc:62:19:55:b7:6a:3d:a6:9e:
b0:9c:ae:8f:46:a7:6e:94:20:20:48:15:b3:8b:d4:49:5c:03:
02:a8:43:00:31:dc:b7:e7:36:b0:8a:20:60:da:17:13:c1:56:
9d:81:b8:91:d9:5f:6a:87:d0:1f:a1:7e:b6:d9:86:5d:86:0d:
a1:69:49:bb:5c:97:e8:d5:59:37:41:10:7a:3f:cd:40:a5:bc:
c3:b7:67:ce:1b:29:15:05:e3:7c:76:d8:dc:59:0f:04:ce:bb:
6e:e9:8e:f0:e3:7f:64:30:be:df:61:2b:da:e4:ba:21:db:15:
ca:a9:f8:a9:ef:12:b1:7b:79:5c:71:97:6c:32:f2:52:17:f4:
fc:d9:ed:88:7c:be:63:e6:d6:e0:62:14:34:b2:df:ae:3c:91:
ec:3c:ba:16:2a:fb:d6:e5:eb:94:9d:36:a3:22:94:18:2d:c6:
65:ba:d2:aa:32:c9:57:44:8a:43:cf:b0:c3:f0:00:20:99:ee:
3e:8f:64:08:40:93:fb:f9:9b:7c:a2:13:3b:84:7a:eb:c7:e4:
b3:97:a0:05
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZRfqTIv/atT9H4NfEi4PSwXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYzcxMDMwZmUwODFlMDJiYWI0ODIzZDA1NjhmZmIyYTMz
MjY1ZTEwHhcNMjUwMTEzMTIzNTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGEyYzM5MWUzMjI1MDhmOGJhYTNjZGQ5MmZkMDZlYTcwYzg2NGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzfKZJAHmPL6lc6WVTFTnH3cZe+T
Ux3Jbg2FRScRWIcr3YOHzh5PaJigWN9nUXkAhpHPN2fgFG45hMYlMAaNI6BUV7EP
6x8W3VHNYptuga0jZqrdgVQ9q5daDepM58nhEAUmgH1lKm/x09uSLzdCtvR8TyhQ
kMUUMrdmDHQMqsF85gQUjfL1hyv5im9jEa2yeoGCpLF3W8Cgx+zoVbK3DzUBgo2O
Po5LlE/NE3xRRYXc1jCnNkLjJxO4U/EgT68XmMRRFWXhZ5O65UwXd+I+p2FldYiF
5NADbzu7aud8JbwSuWcNG+gV7fhWMhzQBIdqqFFaFIc61AvxP/t4gAhndwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFP2iw5HjIlCPi6o83ZL9BupwyGTyMB8GA1UdIwQY
MBaAFNrHEDD+CB4CurSCPQVo/7KjMmXhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnNjUU1QNElIZ0s2dElJOUJXal9zcU15WmVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yNWU2ZDgtNGU3Mi00YWMyLWI2ZTUt
YzgyMDFiOTFhZWMzLzEvX2FMRGtlTWlVSS1McWp6ZGt2MEc2bkRJWlBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yNWU2ZDgtNGU3Mi00YWMyLWI2ZTUtYzgyMDFiOTFhZWMz
LzEvMnNjUU1QNElIZ0s2dElJOUJXal9zcU15WmVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLQvgAwQC
LQ6IAwQBLVROAwQCud8EAwQBwm6MAwQBwm6UMA0GCSqGSIb3DQEBCwUAA4IBAQAw
6vfb0Mnq3K+b100VYeFse9nZu6RpCAZUeF/FWyRw+AUiP0x3shklez+7gADMYhlV
t2o9pp6wnK6PRqdulCAgSBWzi9RJXAMCqEMAMdy35zawiiBg2hcTwVadgbiR2V9q
h9AfoX622YZdhg2haUm7XJfo1Vk3QRB6P81ApbzDt2fOGykVBeN8dtjcWQ8Ezrtu
6Y7w439kML7fYSva5Loh2xXKqfip7xKxe3lccZdsMvJSF/T82e2IfL5j5tbgYhQ0
st+uPJHsPLoWKvvW5euUnTajIpQYLcZlutKqMslXRIpDz7DD8AAgme4+j2QIQJP7
+Zt8ohM7hHrrx+Szl6AF
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:43:35 2025 by rpki-client