Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/x2XVu0ALr02iGe6yyUDAD6F8NjI.roa
File: x2XVu0ALr02iGe6yyUDAD6F8NjI.roa (raw, json)
Hash identifier: 08nS9hEpSqpZaHf0s18vSYc5qS8WtwFKwLrU014TaPc=
Subject key identifier: C7:65:D5:BB:40:0B:AF:4D:A2:19:EE:B2:C9:40:C0:0F:A1:7C:36:32
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 01942143EB416A2E8FA036B909F73A2C7DBB
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/x2XVu0ALr02iGe6yyUDAD6F8NjI.roa
Signing time: Wed 01 Jan 2025 09:48:06 +0000
ROA not before: Wed 01 Jan 2025 09:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211421
IP address blocks: 45.159.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:eb:41:6a:2e:8f:a0:36:b9:09:f7:3a:2c:7d:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: Jan 1 09:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c765d5bb400baf4da219eeb2c940c00fa17c3632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ba:0e:3b:82:68:b6:88:b5:d8:a9:ff:d5:b0:
04:50:3f:61:7f:d4:e0:ef:2d:7c:9f:d6:0a:38:16:
59:32:d3:f1:e0:d5:3f:78:56:d3:82:b1:45:c1:9f:
7d:3a:8c:18:e0:8f:d8:98:a4:45:09:b7:2d:53:51:
c5:52:5e:54:cc:c5:1d:4e:17:16:b1:6e:01:af:db:
a8:bd:21:4b:73:73:24:80:a2:d4:6d:95:80:ec:70:
af:75:bf:36:f0:71:9f:7f:38:43:df:93:c2:d6:57:
c3:01:6f:9d:43:d8:aa:be:74:53:e5:34:8b:bc:dd:
d4:80:ee:37:aa:d2:aa:14:09:99:a2:53:bf:60:62:
82:60:a4:b3:e8:de:25:ff:1c:86:9d:6e:99:f8:28:
22:17:64:5a:ed:5d:fa:c4:6e:bb:d0:5d:bb:62:da:
4c:66:09:32:bf:42:f6:2e:59:e2:9f:30:33:fe:40:
58:91:f5:b2:13:5f:a0:f7:e0:d0:52:0b:ce:40:a8:
48:cb:ea:59:6f:6f:e9:24:9c:42:57:fa:60:5b:7a:
53:10:36:90:63:90:b6:be:35:67:2d:ef:4a:71:0e:
f4:c3:a4:42:53:00:04:f7:74:2c:d2:ee:f3:8f:77:
d7:97:22:dc:84:d8:3e:e8:6b:c5:23:86:b7:fb:d5:
64:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:65:D5:BB:40:0B:AF:4D:A2:19:EE:B2:C9:40:C0:0F:A1:7C:36:32
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/x2XVu0ALr02iGe6yyUDAD6F8NjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.148.0/24
Signature Algorithm: sha256WithRSAEncryption
07:df:64:63:39:4d:55:1e:56:8d:45:9f:e9:4d:b2:61:3e:51:
53:49:16:b1:c7:de:55:3d:71:9a:e0:b5:75:76:1f:34:9b:a1:
5b:bd:b0:c5:2e:ee:a5:f3:f6:fc:90:22:5d:ac:50:7c:73:be:
8c:40:f8:ef:4b:38:9e:05:47:21:d5:7e:68:d2:b6:28:ea:bc:
3c:44:20:f8:cc:9b:76:1d:d2:b5:dc:5c:59:12:62:83:64:71:
c2:1b:51:15:ab:bf:e4:d4:03:4b:3f:52:b0:dd:83:6d:aa:f0:
76:83:c3:b0:61:19:31:23:bf:51:0b:f9:f9:ef:a2:ef:01:bf:
92:47:87:5d:a1:e3:b8:19:85:1c:d6:bf:1d:e9:92:52:bd:65:
fe:6c:ef:b2:7b:b0:ee:33:58:ca:6c:e1:bd:ee:10:68:79:68:
af:9b:29:7e:e7:cc:fa:eb:b6:68:b7:aa:7d:ab:bf:c4:91:d7:
f1:b0:6b:14:03:9b:9f:17:72:41:49:50:6f:68:6e:a3:43:1e:
77:fc:fb:88:06:91:cd:6d:ea:6d:79:2f:6d:d3:2c:24:9a:c6:
2d:f4:35:ee:3a:94:3f:76:5e:fa:46:23:e4:96:f0:68:a9:ee:
2c:c7:1a:f5:85:96:3e:70:ee:d0:35:ab:80:24:5c:2b:61:7f:
5b:ed:e4:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ+tBai6PoDa5Cfc6LH27MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjUwMTAxMDk0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzY1ZDViYjQwMGJhZjRkYTIxOWVlYjJjOTQwYzAwZmExN2MzNjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvboOO4Jotoi12Kn/1bAEUD9hf9Tg
7y18n9YKOBZZMtPx4NU/eFbTgrFFwZ99OowY4I/YmKRFCbctU1HFUl5UzMUdThcW
sW4Br9uovSFLc3MkgKLUbZWA7HCvdb828HGffzhD35PC1lfDAW+dQ9iqvnRT5TSL
vN3UgO43qtKqFAmZolO/YGKCYKSz6N4l/xyGnW6Z+CgiF2Ra7V36xG670F27YtpM
Zgkyv0L2LlninzAz/kBYkfWyE1+g9+DQUgvOQKhIy+pZb2/pJJxCV/pgW3pTEDaQ
Y5C2vjVnLe9KcQ70w6RCUwAE93Qs0u7zj3fXlyLchNg+6GvFI4a3+9Vk8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMdl1btAC69NohnusslAwA+hfDYyMB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEveDJYVnUwQUxyMDJpR2U2eXlVREFENkY4TmpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1
LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ+UMA0G
CSqGSIb3DQEBCwUAA4IBAQAH32RjOU1VHlaNRZ/pTbJhPlFTSRaxx95VPXGa4LV1
dh80m6FbvbDFLu6l8/b8kCJdrFB8c76MQPjvSzieBUch1X5o0rYo6rw8RCD4zJt2
HdK13FxZEmKDZHHCG1EVq7/k1ANLP1Kw3YNtqvB2g8OwYRkxI79RC/n576LvAb+S
R4ddoeO4GYUc1r8d6ZJSvWX+bO+ye7DuM1jKbOG97hBoeWivmyl+58z667Zot6p9
q7/EkdfxsGsUA5ufF3JBSVBvaG6jQx53/PuIBpHNbepteS9t0ywkmsYt9DXuOpQ/
dl76RiPklvBoqe4sxxr1hZY+cO7QNauAJFwrYX9b7eQ1
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:54:57 2025 by rpki-client