Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/84750f-76c4-41ee-8517-e0adab7f1112/1/H09sImQpPd7oxswyyMfYCrHeDVg.roa
File: H09sImQpPd7oxswyyMfYCrHeDVg.roa (raw, json)
Hash identifier: F88ZTfKzhXNpAdlmJ7zmMSZP6dr7sViXeL2PLZiWpvA=
Subject key identifier: 1F:4F:6C:22:64:29:3D:DE:E8:C6:CC:32:C8:C7:D8:0A:B1:DE:0D:58
Certificate issuer: /CN=0e2283e6e6af991422743711f7a723137680e69e
Certificate serial: 01942444C97C30CCC6C2FC428D6D093F60A3
Authority key identifier: 0E:22:83:E6:E6:AF:99:14:22:74:37:11:F7:A7:23:13:76:80:E6:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DiKD5uavmRQidDcR96cjE3aA5p4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/84750f-76c4-41ee-8517-e0adab7f1112/1/H09sImQpPd7oxswyyMfYCrHeDVg.roa
Signing time: Wed 01 Jan 2025 23:47:55 +0000
ROA not before: Wed 01 Jan 2025 23:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204641
IP address blocks: 45.80.148.0/24 maxlen: 32
45.80.149.0/24 maxlen: 32
45.80.150.0/24 maxlen: 32
45.80.151.0/24 maxlen: 32
185.244.129.0/24 maxlen: 32
185.244.130.0/24 maxlen: 32
185.244.131.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/84750f-76c4-41ee-8517-e0adab7f1112/1/DiKD5uavmRQidDcR96cjE3aA5p4.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/84750f-76c4-41ee-8517-e0adab7f1112/1/DiKD5uavmRQidDcR96cjE3aA5p4.mft
rsync://rpki.ripe.net/repository/DEFAULT/DiKD5uavmRQidDcR96cjE3aA5p4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:c9:7c:30:cc:c6:c2:fc:42:8d:6d:09:3f:60:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e2283e6e6af991422743711f7a723137680e69e
Validity
Not Before: Jan 1 23:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f4f6c2264293ddee8c6cc32c8c7d80ab1de0d58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:d3:97:fc:bf:75:4d:88:f3:a5:2c:0f:09:48:
fc:bc:28:dd:63:e5:cb:08:75:c8:50:a7:d7:b5:8f:
f9:6c:38:a0:ea:20:bd:a7:00:f2:6e:83:8d:68:f3:
63:cc:8e:e2:ac:6a:c8:92:9f:5a:ec:e6:8a:7d:fc:
1c:d0:56:64:f4:7b:eb:52:0b:af:7d:55:bb:10:0c:
59:e4:59:89:db:9e:8c:14:f4:0f:c3:d0:8c:f2:7a:
8b:3e:53:8e:2e:63:6c:29:95:7f:b3:6e:aa:02:9e:
ff:60:a1:77:50:38:58:97:7c:50:c4:aa:c0:a0:45:
13:80:07:d7:37:c8:e0:e6:23:c5:f2:ba:f3:0f:af:
17:5d:eb:06:a6:66:25:22:80:38:f9:d5:8e:97:f4:
31:40:26:22:e6:a9:d9:7a:1c:05:83:7b:30:68:54:
e5:59:1d:db:4b:f6:26:9a:27:70:23:e0:42:b2:42:
d8:dc:2f:d3:2a:80:88:f2:fc:20:05:e2:df:48:be:
50:73:31:5e:8a:80:04:77:09:90:fe:4d:d9:c2:e9:
b9:72:f1:d7:e4:51:dc:0c:c9:5e:28:1b:eb:d9:15:
2f:7b:5a:b3:f8:8b:0d:5b:d0:a8:68:c3:6a:cb:ba:
6a:1a:5e:74:cf:98:c9:d6:d3:74:ba:43:93:4c:9b:
24:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:4F:6C:22:64:29:3D:DE:E8:C6:CC:32:C8:C7:D8:0A:B1:DE:0D:58
X509v3 Authority Key Identifier:
keyid:0E:22:83:E6:E6:AF:99:14:22:74:37:11:F7:A7:23:13:76:80:E6:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DiKD5uavmRQidDcR96cjE3aA5p4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/84750f-76c4-41ee-8517-e0adab7f1112/1/H09sImQpPd7oxswyyMfYCrHeDVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/84750f-76c4-41ee-8517-e0adab7f1112/1/DiKD5uavmRQidDcR96cjE3aA5p4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.148.0/22
185.244.129.0-185.244.131.255
Signature Algorithm: sha256WithRSAEncryption
23:62:45:eb:a9:d0:42:dc:00:ad:18:1b:30:f2:f9:89:92:cb:
1c:71:c8:35:fb:e8:4c:de:b9:3d:64:7e:c2:f9:25:80:fb:e4:
9f:50:89:23:f0:a7:a9:ca:51:94:14:2e:63:0b:6d:a8:dc:bc:
6a:eb:69:fc:dc:a8:7d:d0:74:a1:14:3b:e7:1a:d5:42:77:6e:
a1:48:7e:ef:cc:84:e4:a6:f3:a0:85:fb:7e:8a:5a:38:a9:66:
0f:7a:b5:b9:4c:1f:3a:4b:aa:3d:37:10:09:e8:f9:0f:64:eb:
6d:48:6b:22:9d:b6:e4:49:54:9f:52:ed:63:b8:4a:2d:a6:de:
a4:d5:fb:fe:d3:59:6d:28:b3:77:76:e9:ef:b9:9f:34:1b:e5:
b8:82:e7:4a:48:d0:19:61:b2:2f:28:ae:26:75:5f:5f:f2:c3:
ac:06:2b:af:e4:4b:63:72:37:0a:7a:2f:f6:56:ea:d1:f2:10:
ae:27:05:3d:31:0e:48:86:3f:e3:29:aa:60:75:9a:0d:f3:9a:
d8:ce:c6:35:41:71:25:a5:b9:a5:46:a0:c9:93:a4:a9:56:4d:
9f:83:43:9a:fc:a0:ad:e2:d2:23:23:44:74:c4:08:90:8a:9c:
d4:1d:15:31:0e:9c:32:6b:f4:c7:bb:b0:f3:06:9e:56:82:0d:
92:02:98:78
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQkRMl8MMzGwvxCjW0JP2CjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMjI4M2U2ZTZhZjk5MTQyMjc0MzcxMWY3YTcyMzEzNzY4
MGU2OWUwHhcNMjUwMTAxMjM0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjRmNmMyMjY0MjkzZGRlZThjNmNjMzJjOGM3ZDgwYWIxZGUwZDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19OX/L91TYjzpSwPCUj8vCjdY+XL
CHXIUKfXtY/5bDig6iC9pwDyboONaPNjzI7irGrIkp9a7OaKffwc0FZk9HvrUguv
fVW7EAxZ5FmJ256MFPQPw9CM8nqLPlOOLmNsKZV/s26qAp7/YKF3UDhYl3xQxKrA
oEUTgAfXN8jg5iPF8rrzD68XXesGpmYlIoA4+dWOl/QxQCYi5qnZehwFg3swaFTl
WR3bS/YmmidwI+BCskLY3C/TKoCI8vwgBeLfSL5QczFeioAEdwmQ/k3Zwum5cvHX
5FHcDMleKBvr2RUve1qz+IsNW9CoaMNqy7pqGl50z5jJ1tN0ukOTTJskIQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFB9PbCJkKT3e6MbMMsjH2Aqx3g1YMB8GA1UdIwQY
MBaAFA4ig+bmr5kUInQ3EfenIxN2gOaeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGlLRDV1YXZtUlFpZERjUjk2Y2pFM2FBNXA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi84NDc1MGYtNzZjNC00MWVlLTg1MTct
ZTBhZGFiN2YxMTEyLzEvSDA5c0ltUXBQZDdveHN3eXlNZllDckhlRFZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi84NDc1MGYtNzZjNC00MWVlLTg1MTctZTBhZGFiN2YxMTEy
LzEvRGlLRDV1YXZtUlFpZERjUjk2Y2pFM2FBNXA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCLVCUMAwD
BAC59IEDBAK59IAwDQYJKoZIhvcNAQELBQADggEBACNiReup0ELcAK0YGzDy+YmS
yxxxyDX76EzeuT1kfsL5JYD75J9QiSPwp6nKUZQULmMLbajcvGrrafzcqH3QdKEU
O+ca1UJ3bqFIfu/MhOSm86CF+36KWjipZg96tblMHzpLqj03EAno+Q9k621IayKd
tuRJVJ9S7WO4Si2m3qTV+/7TWW0os3d26e+5nzQb5biC50pI0Blhsi8oriZ1X1/y
w6wGK6/kS2NyNwp6L/ZW6tHyEK4nBT0xDkiGP+MpqmB1mg3zmtjOxjVBcSWluaVG
oMmTpKlWTZ+DQ5r8oK3i0iMjRHTECJCKnNQdFTEOnDJr9Me7sPMGnlaCDZICmHg=
-----END CERTIFICATE-----
Generated at Thu Apr 17 00:11:42 2025 by rpki-client