Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/1-xvBLiVIr5eO0ojnuxuHIDpGNj0.roa
File: 1-xvBLiVIr5eO0ojnuxuHIDpGNj0.roa (raw, json)
Hash identifier: aK7ZmDyAzamzfU5scYPlW3gVBsMwISXT9xd5u5skngQ=
Subject key identifier: FB:1B:C1:2E:25:48:AF:97:8E:D2:88:E7:BB:1B:87:20:3A:46:36:3D
Certificate issuer: /CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Certificate serial: 01942747D1BC45E565812709CADE78CA8DDD
Authority key identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/1-xvBLiVIr5eO0ojnuxuHIDpGNj0.roa
Signing time: Thu 02 Jan 2025 13:50:05 +0000
ROA not before: Thu 02 Jan 2025 13:50:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203061
IP address blocks: 5.180.220.0/23 maxlen: 23
5.180.222.0/23 maxlen: 23
5.183.92.0/23 maxlen: 23
45.10.232.0/23 maxlen: 23
91.204.48.0/23 maxlen: 23
91.204.50.0/23 maxlen: 23
92.118.12.0/23 maxlen: 23
92.118.14.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 04:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:d1:bc:45:e5:65:81:27:09:ca:de:78:ca:8d:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Validity
Not Before: Jan 2 13:50:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fb1bc12e2548af978ed288e7bb1b87203a46363d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:12:84:1c:9a:61:dd:a4:82:cd:0d:74:f1:d7:
d1:5d:79:e1:4d:98:05:b7:f4:9a:08:3c:74:c2:4a:
33:8a:a3:d9:bd:b8:5e:22:b4:85:64:8a:2f:e4:3a:
d2:58:56:f8:5c:17:cc:7d:95:42:65:a5:5b:5d:cd:
a6:b3:eb:5b:6d:ad:f1:ff:16:aa:5c:80:96:85:f7:
4d:d9:94:3e:06:ae:91:ab:c6:62:af:63:24:35:08:
6b:a2:11:de:f6:f7:80:64:40:b0:f6:a3:46:42:55:
d2:fe:e8:b4:3a:da:04:35:2b:30:0c:b5:c4:92:67:
60:68:9c:cd:7a:cc:64:30:83:2e:0d:56:3a:bc:0c:
fa:de:b8:6c:76:e1:3c:3b:99:71:41:28:28:a0:24:
6f:3a:da:2c:4f:77:67:74:c4:ff:95:e6:2d:e5:22:
f6:5f:05:c1:11:fc:6e:19:2e:38:2b:49:c3:d2:13:
99:ca:eb:2d:e8:70:41:95:7f:7e:3d:f6:15:09:35:
80:8d:a1:2c:13:12:8c:a7:0e:12:32:a2:6c:80:d5:
81:89:5d:94:7d:a8:3b:14:3e:b3:bd:b5:00:9c:c3:
41:52:f6:81:b7:f6:95:8f:f9:22:2a:ad:b4:58:3d:
b7:c6:ef:82:fc:77:48:ba:ed:53:7c:48:e0:94:ea:
7d:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:1B:C1:2E:25:48:AF:97:8E:D2:88:E7:BB:1B:87:20:3A:46:36:3D
X509v3 Authority Key Identifier:
keyid:E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/1-xvBLiVIr5eO0ojnuxuHIDpGNj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.220.0/22
5.183.92.0/23
45.10.232.0/23
91.204.48.0/22
92.118.12.0/22
Signature Algorithm: sha256WithRSAEncryption
18:2e:b0:58:b3:ac:e6:f2:33:4e:5b:30:92:1a:bc:41:3b:b9:
d4:ae:58:dc:49:30:94:69:96:9f:47:f2:4a:4d:95:84:a2:3a:
8f:29:6e:01:76:3d:55:6f:a8:08:67:26:0c:f5:38:16:23:da:
b0:48:25:12:58:5f:67:b5:91:ff:af:f5:7a:f3:45:13:c3:d1:
b8:2e:6a:59:1f:3f:3e:77:1d:58:07:14:a4:83:04:72:3c:51:
37:11:78:b8:a0:2a:0f:76:9c:0f:eb:09:ef:a2:75:a8:9a:c0:
ff:e9:17:d7:10:c5:d3:12:7a:f9:7c:c3:61:74:f1:cc:18:43:
29:fc:6f:9d:27:7d:a8:f6:5c:e8:1b:73:48:7a:55:82:82:17:
23:80:40:ba:8b:bd:49:e4:7f:02:e2:21:91:d9:5f:e3:e5:73:
db:42:04:a9:cf:63:0e:fb:0e:aa:99:ea:1b:c9:ab:3d:ba:c1:
3b:06:79:5f:9c:f4:a3:f7:b3:88:1a:ee:91:25:51:4a:3d:71:
8a:c1:02:a2:9d:45:f9:fc:eb:60:9d:e0:9b:58:7c:2f:af:63:
ce:6c:30:24:ea:9f:8a:aa:47:a0:be:ac:0d:5f:7c:22:4e:2a:
fe:19:99:98:d0:48:68:b7:68:69:43:d2:0d:18:a9:86:fd:ee:
24:51:d4:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQnR9G8ReVlgScJyt54yo3dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDBjNDlhMGU5N2UwZDVmM2NlZDNiN2I2YjlmNzJjYTBj
YjUzZDYwHhcNMjUwMTAyMTM1MDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjFiYzEyZTI1NDhhZjk3OGVkMjg4ZTdiYjFiODcyMDNhNDYzNjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBKEHJph3aSCzQ108dfRXXnhTZgF
t/SaCDx0wkoziqPZvbheIrSFZIov5DrSWFb4XBfMfZVCZaVbXc2ms+tbba3x/xaq
XICWhfdN2ZQ+Bq6Rq8Zir2MkNQhrohHe9veAZECw9qNGQlXS/ui0OtoENSswDLXE
kmdgaJzNesxkMIMuDVY6vAz63rhsduE8O5lxQSgooCRvOtosT3dndMT/leYt5SL2
XwXBEfxuGS44K0nD0hOZyust6HBBlX9+PfYVCTWAjaEsExKMpw4SMqJsgNWBiV2U
fag7FD6zvbUAnMNBUvaBt/aVj/kiKq20WD23xu+C/HdIuu1TfEjglOp9dQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPsbwS4lSK+XjtKI57sbhyA6RjY9MB8GA1UdIwQY
MBaAFOLQxJoOl+DV887Tt7a59yygy1PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEt
NDY5MGEwMDcxNDFmLzEvMS14dkJMaVZJcjVlTzBvam51eHVISURwR05qMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDAvOWYwZjdhLTExZWItNDM4My1iYzZhLTQ2OTBhMDA3MTQx
Zi8xLzR0REVtZzZYNE5Yenp0TzN0cm4zTEtETFU5WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAgW03AME
AQW3XAMEAS0K6AMEAlvMMAMEAlx2DDANBgkqhkiG9w0BAQsFAAOCAQEAGC6wWLOs
5vIzTlswkhq8QTu51K5Y3EkwlGmWn0fySk2VhKI6jyluAXY9VW+oCGcmDPU4FiPa
sEglElhfZ7WR/6/1evNFE8PRuC5qWR8/PncdWAcUpIMEcjxRNxF4uKAqD3acD+sJ
76J1qJrA/+kX1xDF0xJ6+XzDYXTxzBhDKfxvnSd9qPZc6BtzSHpVgoIXI4BAuou9
SeR/AuIhkdlf4+Vz20IEqc9jDvsOqpnqG8mrPbrBOwZ5X5z0o/eziBrukSVRSj1x
isECop1F+fzrYJ3gm1h8L69jzmwwJOqfiqpHoL6sDV98Ik4q/hmZmNBIaLdoaUPS
DRiphv3uJFHURQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:45:57 2025 by rpki-client