Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bavqnDWJh-A5XJ05at-HqzUk9cw.roa
File: bavqnDWJh-A5XJ05at-HqzUk9cw.roa (raw, json)
Hash identifier: whkwqVJoskdAz94TlynsPOjezlnCvFjKCRkPRJwiUzI=
Subject key identifier: 6D:AB:EA:9C:35:89:87:E0:39:5C:9D:39:6A:DF:87:AB:35:24:F5:CC
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0194236A50793B6EDAE1F02D661673015F12
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bavqnDWJh-A5XJ05at-HqzUk9cw.roa
Signing time: Wed 01 Jan 2025 19:49:17 +0000
ROA not before: Wed 01 Jan 2025 19:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209060
IP address blocks: 45.12.161.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 06:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:50:79:3b:6e:da:e1:f0:2d:66:16:73:01:5f:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 19:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6dabea9c358987e0395c9d396adf87ab3524f5cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:4a:0c:b5:b6:eb:6e:be:43:5a:16:e6:a4:d0:
8f:ea:6a:02:ea:46:1c:fd:eb:b8:9b:b5:ae:1f:55:
7e:05:ee:37:da:77:6a:8e:be:a4:0c:1f:e7:d4:da:
8e:8a:1d:32:83:20:1b:f1:fb:27:a1:d6:08:85:26:
d9:00:2f:ed:68:2c:b8:f9:a5:33:02:6e:f5:85:39:
ee:2d:37:3f:db:a0:a3:d5:ba:5b:ad:86:f1:cb:82:
9d:e4:54:df:6d:15:b7:67:8d:9e:2b:0a:84:30:3a:
c5:f9:21:39:75:53:60:ed:f7:9f:61:38:52:20:1c:
29:98:9d:4b:72:3b:24:75:d1:99:f7:f5:a9:b5:e0:
39:6d:10:f8:27:68:e9:d4:c9:e3:1e:67:4e:a4:4a:
a4:6c:1c:20:70:c0:00:e3:66:e6:bd:f5:93:89:a2:
be:14:66:c3:d6:6d:29:65:83:c1:6e:c1:4b:54:e0:
1b:0b:a4:19:11:9a:a9:38:66:53:9c:b2:a8:1c:88:
27:66:13:7c:63:80:e5:c2:b5:1a:6f:2b:ec:7f:05:
95:2f:74:fa:22:14:7a:e8:da:59:48:7c:39:07:d3:
ec:48:c7:36:a6:73:6d:bf:22:e4:63:c2:3f:dd:09:
59:59:d9:1b:54:27:67:d1:54:2e:a1:51:97:61:10:
dc:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:AB:EA:9C:35:89:87:E0:39:5C:9D:39:6A:DF:87:AB:35:24:F5:CC
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bavqnDWJh-A5XJ05at-HqzUk9cw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.161.0/24
Signature Algorithm: sha256WithRSAEncryption
33:dd:3c:92:e8:79:e8:69:ab:54:a9:23:d0:ec:19:1c:41:77:
8d:b9:c2:2a:80:fa:84:1e:96:42:15:7d:db:66:d9:18:b3:af:
a8:ea:ee:d5:a5:08:c7:60:5e:0a:ac:d8:a2:a1:51:34:38:e8:
2d:a3:30:37:02:1c:61:a3:2b:6c:5e:aa:a5:27:8a:23:1f:d0:
53:f2:61:b3:89:67:12:6f:a0:89:73:95:7f:5d:55:5a:89:bb:
41:ab:1d:9e:ab:4f:14:3c:b2:79:a5:04:e2:0f:be:a6:0b:b6:
ec:f3:18:81:b5:42:ce:02:ba:79:6e:b3:94:2d:45:4f:34:3a:
fb:99:08:98:64:97:52:72:4f:e5:97:04:62:64:c0:a9:6a:85:
0d:c7:a7:7c:50:47:6c:b1:27:5c:78:81:f3:3c:a4:64:19:40:
fc:10:02:f8:4d:d7:a8:d6:2e:e0:f2:e2:df:c0:41:5d:d3:7e:
d0:3e:89:55:d5:1f:2a:52:67:f1:bf:08:cb:f4:f5:f1:fd:ee:
ec:de:53:49:9c:ae:d4:e5:1e:92:1d:f2:07:2d:4b:ae:f7:b3:
b6:0d:a8:ee:7c:df:69:fa:31:c3:c7:65:73:5e:3d:f5:4e:be:
ab:df:c6:8b:73:c1:1f:e9:46:3e:88:30:66:fc:c5:b9:07:56:
63:f3:5b:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjalB5O27a4fAtZhZzAV8SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMTAxMTk0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGFiZWE5YzM1ODk4N2UwMzk1YzlkMzk2YWRmODdhYjM1MjRmNWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkoMtbbrbr5DWhbmpNCP6moC6kYc
/eu4m7WuH1V+Be432ndqjr6kDB/n1NqOih0ygyAb8fsnodYIhSbZAC/taCy4+aUz
Am71hTnuLTc/26Cj1bpbrYbxy4Kd5FTfbRW3Z42eKwqEMDrF+SE5dVNg7fefYThS
IBwpmJ1LcjskddGZ9/WpteA5bRD4J2jp1MnjHmdOpEqkbBwgcMAA42bmvfWTiaK+
FGbD1m0pZYPBbsFLVOAbC6QZEZqpOGZTnLKoHIgnZhN8Y4DlwrUabyvsfwWVL3T6
IhR66NpZSHw5B9PsSMc2pnNtvyLkY8I/3QlZWdkbVCdn0VQuoVGXYRDctwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG2r6pw1iYfgOVydOWrfh6s1JPXMMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvYmF2cW5EV0poLUE1WEowNWF0LUhxelVrOWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQyhMA0G
CSqGSIb3DQEBCwUAA4IBAQAz3TyS6HnoaatUqSPQ7BkcQXeNucIqgPqEHpZCFX3b
ZtkYs6+o6u7VpQjHYF4KrNiioVE0OOgtozA3AhxhoytsXqqlJ4ojH9BT8mGziWcS
b6CJc5V/XVVaibtBqx2eq08UPLJ5pQTiD76mC7bs8xiBtULOArp5brOULUVPNDr7
mQiYZJdSck/llwRiZMCpaoUNx6d8UEdssSdceIHzPKRkGUD8EAL4Tdeo1i7g8uLf
wEFd037QPolV1R8qUmfxvwjL9PXx/e7s3lNJnK7U5R6SHfIHLUuu97O2DajufN9p
+jHDx2VzXj31Tr6r38aLc8Ef6UY+iDBm/MW5B1Zj81vG
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:51:14 2025 by rpki-client