Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/IEzI_VHEGu7k_CfnyvieueR7gJM.roa
File: IEzI_VHEGu7k_CfnyvieueR7gJM.roa (raw, json)
Hash identifier: E/Uej2h8qDYr6EVsft5fw6bZeg32e9pr2o5cnZnnJgQ=
Subject key identifier: 20:4C:C8:FD:51:C4:1A:EE:E4:FC:27:E7:CA:F8:9E:B9:E4:7B:80:93
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0194236A3867B474CE65E28C5BBBB9B924D0
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/IEzI_VHEGu7k_CfnyvieueR7gJM.roa
Signing time: Wed 01 Jan 2025 19:49:11 +0000
ROA not before: Wed 01 Jan 2025 19:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 23470
IP address blocks: 45.12.161.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 09:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:38:67:b4:74:ce:65:e2:8c:5b:bb:b9:b9:24:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 19:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=204cc8fd51c41aeee4fc27e7caf89eb9e47b8093
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:a9:1d:ab:f5:ec:e2:98:1a:3e:37:f0:3c:c5:
fe:60:15:f4:27:49:00:c7:c9:44:19:50:43:bd:84:
1f:d2:52:23:35:cf:9b:f7:53:b5:ec:f2:29:d6:f5:
34:6f:c5:bc:9b:7a:b0:c1:6b:db:ed:c4:86:a0:42:
5a:ac:ae:55:6e:1d:a9:a1:23:8f:a2:e7:dd:9e:a9:
7e:15:b3:52:aa:80:84:bf:85:2c:91:1b:4e:e3:b3:
7a:45:18:1e:d8:59:25:5c:ce:d2:85:de:44:73:e9:
c1:0e:c0:dc:8b:44:07:ca:e1:6d:ba:4a:3c:11:ea:
62:8d:e0:f8:07:39:5e:89:95:49:76:89:ac:8a:4d:
27:ea:92:68:71:6e:8d:cd:4f:91:fd:c1:bc:e1:f3:
76:86:c4:37:cc:a7:f1:f1:65:80:95:1f:bb:a2:1a:
51:92:9e:24:a2:71:96:92:33:1a:eb:a6:60:c2:6d:
97:e0:35:65:af:74:9b:65:b1:ab:a4:ab:81:45:a1:
07:de:79:a7:45:98:1b:5d:70:79:a6:4e:eb:a2:77:
a6:7c:48:1e:af:2c:5b:41:64:f4:59:85:84:a1:1e:
4b:eb:e1:c6:66:63:5d:c4:8a:1b:a2:c0:b5:e3:2b:
10:de:a1:a0:0a:c5:34:0d:eb:73:d7:5e:44:74:a3:
19:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:4C:C8:FD:51:C4:1A:EE:E4:FC:27:E7:CA:F8:9E:B9:E4:7B:80:93
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/IEzI_VHEGu7k_CfnyvieueR7gJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.161.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:69:db:e0:72:46:59:03:d5:79:6a:6f:a8:28:79:dd:c9:6f:
ae:e1:8c:77:53:39:df:a0:76:10:7c:a1:e2:9d:e1:00:5e:d9:
78:cd:fc:2d:db:0b:85:8e:02:dd:00:0d:e3:ed:6c:bf:b7:6a:
7d:4d:7e:b8:41:90:e5:b8:5e:14:5a:47:9c:02:87:cc:c6:bd:
17:2e:71:96:82:34:a4:08:de:13:9c:53:04:0a:5d:7e:ff:0f:
60:5a:5c:8f:c0:9c:95:d4:d7:cb:73:ba:8b:53:18:d9:bc:ec:
e1:d8:91:02:e8:54:d9:23:60:7e:b1:23:22:df:67:af:b9:5e:
5b:bf:52:91:7e:9f:57:2e:bf:13:ee:ff:ba:ec:7c:ef:87:17:
47:48:c7:9e:39:b4:c9:51:37:17:fc:a7:52:6e:53:4b:9b:55:
b6:22:c0:33:74:52:84:24:3c:cd:88:ff:39:f4:2a:db:5f:1d:
b7:2d:7a:02:b8:39:39:90:53:e2:f0:a8:ac:4b:07:63:5a:d5:
d8:50:9d:e8:33:d0:1d:44:4d:ae:65:fb:47:bb:b2:8a:8f:a4:
4a:b4:3e:a9:33:07:dc:69:31:11:be:2b:33:f4:7c:d8:5d:47:
7f:4d:fd:52:d1:63:17:01:1f:95:7d:89:bf:db:2f:4e:46:82:
54:87:13:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjajhntHTOZeKMW7u5uSTQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMTAxMTk0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDRjYzhmZDUxYzQxYWVlZTRmYzI3ZTdjYWY4OWViOWU0N2I4MDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Kkdq/Xs4pgaPjfwPMX+YBX0J0kA
x8lEGVBDvYQf0lIjNc+b91O17PIp1vU0b8W8m3qwwWvb7cSGoEJarK5Vbh2poSOP
oufdnql+FbNSqoCEv4UskRtO47N6RRge2FklXM7Shd5Ec+nBDsDci0QHyuFtuko8
EepijeD4BzleiZVJdomsik0n6pJocW6NzU+R/cG84fN2hsQ3zKfx8WWAlR+7ohpR
kp4konGWkjMa66Zgwm2X4DVlr3SbZbGrpKuBRaEH3nmnRZgbXXB5pk7ronemfEge
ryxbQWT0WYWEoR5L6+HGZmNdxIobosC14ysQ3qGgCsU0Detz115EdKMZ1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCBMyP1RxBru5Pwn58r4nrnke4CTMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvSUV6SV9WSEVHdTdrX0Nmbnl2aWV1ZVI3Z0pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQyhMA0G
CSqGSIb3DQEBCwUAA4IBAQC8advgckZZA9V5am+oKHndyW+u4Yx3UznfoHYQfKHi
neEAXtl4zfwt2wuFjgLdAA3j7Wy/t2p9TX64QZDluF4UWkecAofMxr0XLnGWgjSk
CN4TnFMECl1+/w9gWlyPwJyV1NfLc7qLUxjZvOzh2JEC6FTZI2B+sSMi32evuV5b
v1KRfp9XLr8T7v+67HzvhxdHSMeeObTJUTcX/KdSblNLm1W2IsAzdFKEJDzNiP85
9CrbXx23LXoCuDk5kFPi8KisSwdjWtXYUJ3oM9AdRE2uZftHu7KKj6RKtD6pMwfc
aTERvisz9HzYXUd/Tf1S0WMXAR+VfYm/2y9ORoJUhxNE
-----END CERTIFICATE-----
Generated at Thu Mar 13 17:02:08 2025 by rpki-client