Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Xd0NxuFWE7SrjCz2XQTm-U1qFF4.roa
File: Xd0NxuFWE7SrjCz2XQTm-U1qFF4.roa (raw, json)
Hash identifier: KWb4JfeZyHfW6hW0TUPUkEkeyeCxBn40dOa4ZcgMqfE=
Subject key identifier: 5D:DD:0D:C6:E1:56:13:B4:AB:8C:2C:F6:5D:04:E6:F9:4D:6A:14:5E
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 019425FCE27B5A482D1A58D9144CB77EC4BE
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Xd0NxuFWE7SrjCz2XQTm-U1qFF4.roa
Signing time: Thu 02 Jan 2025 07:48:37 +0000
ROA not before: Thu 02 Jan 2025 07:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 46562
IP address blocks: 45.67.141.0/24 maxlen: 24
104.232.36.0/24 maxlen: 24
2a07:c6c0:35::/48 maxlen: 48
2a07:c6c0:36::/48 maxlen: 48
2a07:c6c0:37::/48 maxlen: 48
2a07:c6c0:38::/48 maxlen: 48
2a0c:3ac0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 11:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:e2:7b:5a:48:2d:1a:58:d9:14:4c:b7:7e:c4:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 2 07:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ddd0dc6e15613b4ab8c2cf65d04e6f94d6a145e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:0c:a3:fe:9e:b5:63:d2:b7:1e:44:46:dd:99:
07:46:e8:0c:4e:15:9b:ea:a6:79:94:8c:ed:8d:e2:
d2:ab:16:7a:5f:3d:f4:93:f1:22:e3:97:87:7c:57:
01:6d:7c:7b:8f:d2:ad:40:f7:78:f5:09:2f:f9:20:
cf:1a:bf:b9:44:1a:c3:78:e0:b2:83:f1:bb:37:59:
32:6b:4d:8f:10:29:6f:7b:9b:3e:4a:46:27:13:d9:
fa:68:0a:8a:4e:eb:5e:24:04:9e:c6:5b:b7:e0:bc:
a6:2d:de:85:dd:af:10:59:8d:11:f0:71:bb:a4:20:
6f:31:a7:3d:30:22:28:b4:2b:0f:02:3e:c4:df:90:
8b:8a:f8:e1:95:0e:75:af:15:a9:c1:d7:63:24:e2:
bf:ff:15:d1:19:17:05:2f:f5:7e:17:9b:3c:f7:55:
d1:94:14:c3:f9:ff:de:92:09:02:4e:34:99:92:3b:
6c:bb:f5:53:a7:d6:60:0b:11:1d:44:e1:15:1a:59:
77:69:bc:47:9a:3b:a6:78:83:7d:fc:4f:3f:7e:e3:
65:ea:3e:1c:14:fd:74:1b:9d:0d:d1:f2:d8:52:a6:
bc:ce:76:90:1d:33:41:cc:6f:57:aa:0c:55:24:e2:
3c:db:5f:59:6c:0d:e0:85:6a:5d:01:2d:d4:f5:b1:
1f:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:DD:0D:C6:E1:56:13:B4:AB:8C:2C:F6:5D:04:E6:F9:4D:6A:14:5E
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Xd0NxuFWE7SrjCz2XQTm-U1qFF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.141.0/24
104.232.36.0/24
IPv6:
2a07:c6c0:35::-2a07:c6c0:38:ffff:ffff:ffff:ffff:ffff
2a0c:3ac0::/48
Signature Algorithm: sha256WithRSAEncryption
36:09:2a:53:6a:1d:33:f5:0b:43:78:b9:e3:da:9d:91:03:00:
f8:0b:23:4a:aa:4b:20:51:19:5b:84:b0:42:1d:0d:68:64:fc:
a5:b3:f9:bd:03:db:e3:8f:9b:4f:b7:43:af:aa:2a:23:35:dd:
79:22:4d:27:da:b1:2b:ac:01:e0:98:93:f4:6e:7d:5e:35:46:
d4:34:d6:7e:59:60:99:af:a1:96:d5:a5:11:fe:2e:80:b2:8d:
fb:70:9c:88:e4:f9:06:25:fb:00:0e:15:11:56:6e:f3:b5:01:
f8:b1:e0:07:ae:af:24:32:47:83:7e:d0:b1:d4:41:32:00:64:
20:76:81:7d:0a:bd:cf:70:b5:18:6d:1e:66:88:d8:d4:78:53:
c2:9e:70:96:7d:98:9a:c1:09:d5:8c:49:bf:5b:df:8a:d5:a9:
0d:9d:92:a9:65:86:63:8e:77:0e:6d:ec:1d:f9:6a:cf:75:96:
4c:93:e3:1f:98:49:6d:5e:e7:0c:84:91:03:09:af:11:8d:82:
67:c5:88:22:ce:80:17:17:f6:71:4f:10:29:62:38:f1:33:f5:
7f:ee:5e:03:39:43:c2:42:60:c5:cf:67:d2:82:d1:11:3d:42:
50:ba:37:68:89:65:97:68:d8:85:49:e3:60:c6:4e:01:f3:fb:
01:3c:35:97
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZQl/OJ7WkgtGljZFEy3fsS+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUwMTAyMDc0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGRkMGRjNmUxNTYxM2I0YWI4YzJjZjY1ZDA0ZTZmOTRkNmExNDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1wyj/p61Y9K3HkRG3ZkHRugMThWb
6qZ5lIztjeLSqxZ6Xz30k/Ei45eHfFcBbXx7j9KtQPd49Qkv+SDPGr+5RBrDeOCy
g/G7N1kya02PEClve5s+SkYnE9n6aAqKTuteJASexlu34LymLd6F3a8QWY0R8HG7
pCBvMac9MCIotCsPAj7E35CLivjhlQ51rxWpwddjJOK//xXRGRcFL/V+F5s891XR
lBTD+f/ekgkCTjSZkjtsu/VTp9ZgCxEdROEVGll3abxHmjumeIN9/E8/fuNl6j4c
FP10G50N0fLYUqa8znaQHTNBzG9XqgxVJOI8219ZbA3ghWpdAS3U9bEf+QIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFF3dDcbhVhO0q4ws9l0E5vlNahReMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvWGQwTnh1RldFN1NyakN6MlhRVG0tVTFxRkY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTASBAIAATAMAwQALUONAwQA
aOgkMCMEAgACMB0wEgMHACoHxsAANQMHACoHxsAAOAMHACoMOsAAADANBgkqhkiG
9w0BAQsFAAOCAQEANgkqU2odM/ULQ3i549qdkQMA+AsjSqpLIFEZW4SwQh0NaGT8
pbP5vQPb44+bT7dDr6oqIzXdeSJNJ9qxK6wB4JiT9G59XjVG1DTWfllgma+hltWl
Ef4ugLKN+3CciOT5BiX7AA4VEVZu87UB+LHgB66vJDJHg37QsdRBMgBkIHaBfQq9
z3C1GG0eZojY1HhTwp5wln2YmsEJ1YxJv1vfitWpDZ2SqWWGY453Dm3sHflqz3WW
TJPjH5hJbV7nDISRAwmvEY2CZ8WIIs6AFxf2cU8QKWI48TP1f+5eAzlDwkJgxc9n
0oLRET1CULo3aIlll2jYhUnjYMZOAfP7ATw1lw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:42:15 2025 by rpki-client