Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/AvB8ANlawjDpzo5pEv-ozc274As.roa
File: AvB8ANlawjDpzo5pEv-ozc274As.roa (raw, json)
Hash identifier: JAMHGl8FA3FqoIkdY9hmqgyAMGPXFfGq49FOeMqcpDU=
Subject key identifier: 02:F0:7C:00:D9:5A:C2:30:E9:CE:8E:69:12:FF:A8:CD:CD:BB:E0:0B
Certificate issuer: /CN=de2e917315f0a878b21fc139d49a821aaddc3c97
Certificate serial: 0194228D5ACB03775BC406B50ECF2DD75362
Authority key identifier: DE:2E:91:73:15:F0:A8:78:B2:1F:C1:39:D4:9A:82:1A:AD:DC:3C:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3i6RcxXwqHiyH8E51JqCGq3cPJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/AvB8ANlawjDpzo5pEv-ozc274As.roa
Signing time: Wed 01 Jan 2025 15:47:56 +0000
ROA not before: Wed 01 Jan 2025 15:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204068
IP address blocks: 45.129.57.0/24 maxlen: 24
45.129.58.0/24 maxlen: 24
2a03:1b20:beed::/48 maxlen: 48
2a03:1b20:beee::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/3i6RcxXwqHiyH8E51JqCGq3cPJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/3i6RcxXwqHiyH8E51JqCGq3cPJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/3i6RcxXwqHiyH8E51JqCGq3cPJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:5a:cb:03:77:5b:c4:06:b5:0e:cf:2d:d7:53:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de2e917315f0a878b21fc139d49a821aaddc3c97
Validity
Not Before: Jan 1 15:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=02f07c00d95ac230e9ce8e6912ffa8cdcdbbe00b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d1:88:d5:ae:8c:7e:79:77:d0:0b:a6:f7:42:
0a:0f:74:ad:df:21:c5:84:5a:8e:b5:7b:0c:27:e7:
1e:1d:90:27:d6:ad:91:6d:72:4f:91:4c:1d:f2:5a:
0d:31:48:33:7f:73:74:67:38:ac:1d:a3:2c:55:33:
f5:6e:d2:98:81:9d:ca:f6:e4:c9:14:4c:a7:56:d0:
76:49:b8:89:44:bd:58:29:c0:10:d3:7c:6a:58:ac:
bb:78:12:28:84:4f:a4:80:b8:fb:52:68:e4:4d:8e:
fa:06:d8:b2:aa:fb:8c:bd:4d:36:4d:a6:64:90:f4:
a7:53:26:61:14:61:82:fd:56:05:28:8c:63:78:4d:
ba:51:fe:b6:91:3d:cc:8f:43:2e:cd:8d:a8:59:8a:
ec:23:cf:89:bf:95:24:de:cb:33:35:0c:58:ea:e8:
9a:f2:ca:de:71:ba:95:b3:32:94:73:f7:d6:6c:aa:
71:53:bc:03:c7:94:fb:34:78:d3:c0:75:d7:88:ff:
6b:ea:8e:c4:32:6d:66:bc:0c:ea:f8:6c:cb:64:a1:
76:5f:fb:22:7f:d4:24:42:3a:1a:ab:4f:dd:ec:95:
eb:39:2f:9d:19:ed:4a:4d:95:09:29:f0:82:26:83:
c2:2e:50:7b:23:42:bb:a9:88:aa:8e:83:ef:f3:23:
d2:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:F0:7C:00:D9:5A:C2:30:E9:CE:8E:69:12:FF:A8:CD:CD:BB:E0:0B
X509v3 Authority Key Identifier:
keyid:DE:2E:91:73:15:F0:A8:78:B2:1F:C1:39:D4:9A:82:1A:AD:DC:3C:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3i6RcxXwqHiyH8E51JqCGq3cPJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/AvB8ANlawjDpzo5pEv-ozc274As.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/3i6RcxXwqHiyH8E51JqCGq3cPJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.57.0-45.129.58.255
IPv6:
2a03:1b20:beed::-2a03:1b20:beee:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7a:c3:b4:24:65:4b:56:64:60:bd:03:97:ca:9c:14:ae:4b:79:
34:73:a9:95:56:4f:6f:b1:14:ea:a7:33:3c:ae:ba:c0:be:fb:
48:4d:49:93:71:19:64:82:33:ce:9e:83:0e:cc:af:e8:3d:56:
c3:fb:93:0a:e4:c0:9e:cd:5c:02:bd:38:82:14:9b:29:74:50:
12:81:e5:7d:a4:16:19:36:43:c6:fe:89:20:64:81:ea:b3:17:
a3:f8:d1:ec:4d:da:9a:62:2e:6d:ea:98:5d:8b:3d:b9:d5:45:
af:66:3c:98:68:ed:20:d2:5c:fb:05:50:6a:17:5d:13:36:ee:
8e:bf:d9:cf:ca:52:79:4f:7a:87:60:ae:5a:a1:97:6e:f3:91:
5e:ca:c5:05:33:a8:fb:9c:8f:70:57:94:fd:b6:8a:44:2a:ba:
27:91:82:47:56:8c:98:df:5a:50:4b:34:1a:ed:75:37:f0:b1:
bb:68:02:ce:51:58:d3:46:5e:f3:5b:d0:6e:de:88:19:7d:fc:
e3:3d:37:24:5b:61:79:33:20:dd:0b:8f:f0:af:3a:95:ef:0c:
1a:b1:68:eb:6e:3c:b0:f7:0b:b2:15:ef:6a:0e:92:46:a4:b2:
82:9e:90:22:12:35:86:f0:2e:e5:02:7d:58:4d:55:3f:e3:e8:
ee:ab:db:9f
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQijVrLA3dbxAa1Ds8t11NiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMmU5MTczMTVmMGE4NzhiMjFmYzEzOWQ0OWE4MjFhYWRk
YzNjOTcwHhcNMjUwMTAxMTU0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmYwN2MwMGQ5NWFjMjMwZTljZThlNjkxMmZmYThjZGNkYmJlMDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9GI1a6Mfnl30Aum90IKD3St3yHF
hFqOtXsMJ+ceHZAn1q2RbXJPkUwd8loNMUgzf3N0ZzisHaMsVTP1btKYgZ3K9uTJ
FEynVtB2SbiJRL1YKcAQ03xqWKy7eBIohE+kgLj7UmjkTY76BtiyqvuMvU02TaZk
kPSnUyZhFGGC/VYFKIxjeE26Uf62kT3Mj0MuzY2oWYrsI8+Jv5Uk3sszNQxY6uia
8srecbqVszKUc/fWbKpxU7wDx5T7NHjTwHXXiP9r6o7EMm1mvAzq+GzLZKF2X/si
f9QkQjoaq0/d7JXrOS+dGe1KTZUJKfCCJoPCLlB7I0K7qYiqjoPv8yPSmQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFALwfADZWsIw6c6OaRL/qM3Nu+ALMB8GA1UdIwQY
MBaAFN4ukXMV8Kh4sh/BOdSaghqt3DyXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2k2UmN4WHdxSGl5SDhFNTFKcUNHcTNjUEpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yZDViYzgtNWQ5My00YjBhLWE4YjYt
ZjhkNjVjOTgzNzQ0LzEvQXZCOEFObGF3akRwem81cEV2LW96YzI3NEFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yZDViYzgtNWQ5My00YjBhLWE4YjYtZjhkNjVjOTgzNzQ0
LzEvM2k2UmN4WHdxSGl5SDhFNTFKcUNHcTNjUEpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAUBAIAATAOMAwDBAAtgTkD
BAAtgTowGgQCAAIwFDASAwcAKgMbIL7tAwcAKgMbIL7uMA0GCSqGSIb3DQEBCwUA
A4IBAQB6w7QkZUtWZGC9A5fKnBSuS3k0c6mVVk9vsRTqpzM8rrrAvvtITUmTcRlk
gjPOnoMOzK/oPVbD+5MK5MCezVwCvTiCFJspdFASgeV9pBYZNkPG/okgZIHqsxej
+NHsTdqaYi5t6phdiz251UWvZjyYaO0g0lz7BVBqF10TNu6Ov9nPylJ5T3qHYK5a
oZdu85FeysUFM6j7nI9wV5T9topEKronkYJHVoyY31pQSzQa7XU38LG7aALOUVjT
Rl7zW9Bu3ogZffzjPTckW2F5MyDdC4/wrzqV7wwasWjrbjyw9wuyFe9qDpJGpLKC
npAiEjWG8C7lAn1YTVU/4+juq9uf
-----END CERTIFICATE-----
Generated at Tue Apr 15 09:47:12 2025 by rpki-client