Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/pG0mkjSpFcN6bJqBAZOYLrrCydg.roa
File: pG0mkjSpFcN6bJqBAZOYLrrCydg.roa (raw, json)
Hash identifier: d9LfFgKUYNmqqm0NXXgE2fV69QpfXlExSjmbZYXLteE=
Subject key identifier: A4:6D:26:92:34:A9:15:C3:7A:6C:9A:81:01:93:98:2E:BA:C2:C9:D8
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 019423D75EBAE2C863AC4AC5E7C4F7B33CE7
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/pG0mkjSpFcN6bJqBAZOYLrrCydg.roa
Signing time: Wed 01 Jan 2025 21:48:24 +0000
ROA not before: Wed 01 Jan 2025 21:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34924
IP address blocks: 45.86.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.mft
rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:5e:ba:e2:c8:63:ac:4a:c5:e7:c4:f7:b3:3c:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 21:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a46d269234a915c37a6c9a810193982ebac2c9d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:84:b1:1e:0a:5d:34:31:bf:e7:60:17:37:4b:
b2:00:bb:03:d0:3a:96:79:9d:df:3a:af:68:e2:a6:
ad:08:6c:96:60:7d:de:cd:d0:3a:73:1c:b0:b0:3c:
10:d0:d3:47:58:6b:31:3a:da:14:9c:41:9b:56:86:
a4:f0:46:eb:7e:75:a4:7a:d8:09:80:6d:fe:5d:aa:
c4:fb:3b:4f:22:d2:18:b0:cd:ab:85:fe:5c:9b:36:
81:a1:32:99:4e:c5:83:b9:48:64:44:05:dd:10:6f:
87:49:f5:8d:29:0c:aa:38:50:9b:37:3b:57:60:d8:
76:82:92:1b:04:e4:68:e1:45:12:c3:4b:a0:de:73:
24:13:bf:1f:eb:f1:83:41:f5:8e:45:ea:f2:b9:0e:
46:d3:ac:ba:94:58:c2:47:2f:8d:cf:4b:f0:9c:44:
73:2c:83:52:6a:54:6b:0d:72:63:d7:50:7f:b7:48:
bd:77:9e:b4:72:28:23:c5:0a:9f:84:f1:0c:96:79:
ac:ce:df:fd:ba:91:0e:56:40:70:10:4a:cf:61:38:
9b:9e:00:18:b2:2e:cc:4d:4d:bf:b7:a0:1c:a0:eb:
57:30:1f:ef:aa:22:17:b3:71:00:07:b5:70:7a:67:
39:8b:5d:ba:48:7e:2c:3e:13:05:bc:0e:e8:19:9d:
a7:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:6D:26:92:34:A9:15:C3:7A:6C:9A:81:01:93:98:2E:BA:C2:C9:D8
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/pG0mkjSpFcN6bJqBAZOYLrrCydg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.127.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:3c:cc:2b:58:4c:c9:89:16:47:82:0a:b6:99:90:49:b1:dc:
6e:ff:b7:db:f1:37:50:ec:d0:e6:b4:82:65:bc:26:0d:6b:da:
e9:c2:55:0a:a9:3d:0a:d2:92:28:74:0b:88:30:b7:4c:e1:cc:
b3:52:58:1a:eb:7f:d3:bc:36:31:fa:f3:1a:01:70:44:d3:ba:
c8:b7:2a:3f:15:20:3b:ac:99:76:cb:25:cb:c1:c8:92:9e:60:
34:46:74:7e:37:94:bb:97:df:6b:68:1c:e0:4e:49:d2:83:16:
13:aa:d8:14:24:0f:77:db:cb:e2:9a:6f:2a:8c:ae:70:b0:52:
16:81:5a:b7:b1:0c:e7:4e:16:a5:7d:ab:00:82:92:45:ed:c6:
1d:14:83:04:19:70:b5:44:83:6f:c3:35:45:80:1a:73:5a:89:
25:91:06:8c:46:18:0e:a8:04:e8:f6:8d:0a:a3:50:8a:cb:df:
a0:f7:8e:00:a1:df:70:a7:39:e1:b0:7a:13:2e:c6:a9:32:46:
e9:9d:77:3e:b6:e6:83:3a:e7:a1:ec:e7:cc:31:fc:aa:3c:f3:
86:79:3a:b0:ac:73:68:33:cb:1c:8f:fc:bd:40:8e:b3:9b:39:
0d:bd:97:7a:b8:24:66:bd:f7:62:1c:3b:6a:40:b2:ea:cf:0e:
ab:32:db:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj11664shjrErF58T3szznMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjUwMTAxMjE0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDZkMjY5MjM0YTkxNWMzN2E2YzlhODEwMTkzOTgyZWJhYzJjOWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4SxHgpdNDG/52AXN0uyALsD0DqW
eZ3fOq9o4qatCGyWYH3ezdA6cxywsDwQ0NNHWGsxOtoUnEGbVoak8EbrfnWketgJ
gG3+XarE+ztPItIYsM2rhf5cmzaBoTKZTsWDuUhkRAXdEG+HSfWNKQyqOFCbNztX
YNh2gpIbBORo4UUSw0ug3nMkE78f6/GDQfWOReryuQ5G06y6lFjCRy+Nz0vwnERz
LINSalRrDXJj11B/t0i9d560cigjxQqfhPEMlnmszt/9upEOVkBwEErPYTibngAY
si7MTU2/t6AcoOtXMB/vqiIXs3EAB7Vwemc5i126SH4sPhMFvA7oGZ2nswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKRtJpI0qRXDemyagQGTmC66wsnYMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvcEcwbWtqU3BGY042YkpxQkFaT1lMcnJDeWRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVZ/MA0G
CSqGSIb3DQEBCwUAA4IBAQBbPMwrWEzJiRZHggq2mZBJsdxu/7fb8TdQ7NDmtIJl
vCYNa9rpwlUKqT0K0pIodAuIMLdM4cyzUlga63/TvDYx+vMaAXBE07rItyo/FSA7
rJl2yyXLwciSnmA0RnR+N5S7l99raBzgTknSgxYTqtgUJA9328vimm8qjK5wsFIW
gVq3sQznThalfasAgpJF7cYdFIMEGXC1RINvwzVFgBpzWoklkQaMRhgOqATo9o0K
o1CKy9+g944Aod9wpznhsHoTLsapMkbpnXc+tuaDOueh7OfMMfyqPPOGeTqwrHNo
M8scj/y9QI6zmzkNvZd6uCRmvfdiHDtqQLLqzw6rMtuH
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:00:46 2025 by rpki-client