Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/_DswbRpVkPXQzJnopc-2rpO7ck0.roa
File: _DswbRpVkPXQzJnopc-2rpO7ck0.roa (raw, json)
Hash identifier: sOdG0gaxCyeQh9EtJRGptli2IEmCGrHJQ/h1DmBq1IQ=
Subject key identifier: FC:3B:30:6D:1A:55:90:F5:D0:CC:99:E8:A5:CF:B6:AE:93:BB:72:4D
Certificate issuer: /CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Certificate serial: 01942747D1F1B8D4AC7FD8CD7BC4A40C0717
Authority key identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/_DswbRpVkPXQzJnopc-2rpO7ck0.roa
Signing time: Thu 02 Jan 2025 13:50:05 +0000
ROA not before: Thu 02 Jan 2025 13:50:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204646
IP address blocks: 45.82.222.0/24 maxlen: 24
2a0d:2080::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 14:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:d1:f1:b8:d4:ac:7f:d8:cd:7b:c4:a4:0c:07:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Validity
Not Before: Jan 2 13:50:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fc3b306d1a5590f5d0cc99e8a5cfb6ae93bb724d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:bb:2a:37:ad:3b:cd:ce:ba:06:3f:5d:57:e6:
ad:8b:e6:3a:35:55:03:dd:d5:0c:5e:48:72:8c:d2:
d5:e7:0b:23:b3:9d:13:7d:40:5f:f9:62:f5:c3:c5:
bd:c3:e9:cf:ab:98:cc:ff:fb:d3:62:6b:ac:0d:84:
ee:64:25:d6:fb:d7:b1:63:42:d2:04:af:53:c3:4a:
6c:81:e6:6f:e7:de:7f:c1:58:2a:01:99:8e:bc:b3:
43:4f:25:46:06:38:a1:f0:12:b4:6d:d7:d7:05:8e:
b0:ac:21:48:82:76:0e:0b:f1:a5:4d:70:e6:fc:74:
79:57:34:eb:02:a3:83:2d:4c:53:0b:83:3d:59:80:
59:46:36:74:a8:59:dc:f6:2c:03:88:0a:ca:d4:87:
b1:fc:fa:7f:bb:1c:64:f1:29:9d:6e:17:0a:16:39:
55:17:69:2e:03:af:1c:c3:48:a2:42:f0:eb:be:51:
e7:5b:a6:ab:0f:24:36:b9:c4:2e:f7:8f:26:87:19:
a5:2a:ba:86:1e:a7:28:67:56:37:ce:66:63:8e:a9:
41:61:6b:3e:be:aa:fa:a7:0d:53:6c:8a:66:1b:88:
90:64:d6:42:25:bc:d7:0f:b8:80:3d:e9:da:4e:8f:
96:cc:b9:31:49:e2:46:e8:d4:05:f3:58:a0:b7:39:
ac:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:3B:30:6D:1A:55:90:F5:D0:CC:99:E8:A5:CF:B6:AE:93:BB:72:4D
X509v3 Authority Key Identifier:
keyid:E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/_DswbRpVkPXQzJnopc-2rpO7ck0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.222.0/24
IPv6:
2a0d:2080::/29
Signature Algorithm: sha256WithRSAEncryption
50:30:1e:7e:a0:26:40:0c:a0:fa:d4:d2:58:ae:c5:66:b5:88:
19:cf:ea:49:39:62:53:c2:ca:87:c7:95:7e:cd:2d:a6:08:bf:
8f:43:a3:04:0c:34:2f:29:03:7e:38:a6:91:a5:f3:9e:43:4b:
11:41:bb:cc:87:59:d7:2e:b1:20:01:40:1d:7c:e1:a9:c5:4e:
43:8a:67:5d:89:d0:ee:54:02:88:c6:97:ca:2e:c1:d2:00:97:
e7:e0:42:47:c5:54:c0:a8:ee:e4:0e:d2:21:d2:c7:dd:30:6f:
0c:48:3a:21:40:aa:3d:cb:62:68:48:6e:c0:5b:0d:34:e2:11:
6f:ac:3a:39:55:d9:9d:f1:e3:90:13:a7:ef:80:ea:f5:66:f8:
de:eb:28:4c:3d:4b:25:b6:b2:d8:5a:9b:30:eb:28:89:1c:88:
33:90:7f:16:ab:03:23:fb:f2:92:02:e4:d6:95:91:46:e2:a4:
6a:f7:2a:a1:7a:c4:13:4f:e3:24:db:6a:e3:de:44:f3:dc:78:
9f:57:be:e6:1a:4e:1f:7d:ec:ae:2e:1f:a9:4c:5e:77:c0:ad:
b2:ad:9d:44:64:a4:8f:8f:81:a4:3c:2e:50:b9:1b:56:0e:dc:
00:fd:41:cd:94:d7:d8:da:44:b9:d9:05:e9:33:3a:26:41:c7:
bd:cb:f2:80
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnR9HxuNSsf9jNe8SkDAcXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDBjNDlhMGU5N2UwZDVmM2NlZDNiN2I2YjlmNzJjYTBj
YjUzZDYwHhcNMjUwMTAyMTM1MDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzNiMzA2ZDFhNTU5MGY1ZDBjYzk5ZThhNWNmYjZhZTkzYmI3MjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7sqN607zc66Bj9dV+ati+Y6NVUD
3dUMXkhyjNLV5wsjs50TfUBf+WL1w8W9w+nPq5jM//vTYmusDYTuZCXW+9exY0LS
BK9Tw0psgeZv595/wVgqAZmOvLNDTyVGBjih8BK0bdfXBY6wrCFIgnYOC/GlTXDm
/HR5VzTrAqODLUxTC4M9WYBZRjZ0qFnc9iwDiArK1Iex/Pp/uxxk8SmdbhcKFjlV
F2kuA68cw0iiQvDrvlHnW6arDyQ2ucQu948mhxmlKrqGHqcoZ1Y3zmZjjqlBYWs+
vqr6pw1TbIpmG4iQZNZCJbzXD7iAPenaTo+WzLkxSeJG6NQF81igtzmspwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPw7MG0aVZD10MyZ6KXPtq6Tu3JNMB8GA1UdIwQY
MBaAFOLQxJoOl+DV887Tt7a59yygy1PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEt
NDY5MGEwMDcxNDFmLzEvX0Rzd2JScFZrUFhRekpub3BjLTJycE83Y2swLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEtNDY5MGEwMDcxNDFm
LzEvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALVLeMA0E
AgACMAcDBQMqDSCAMA0GCSqGSIb3DQEBCwUAA4IBAQBQMB5+oCZADKD61NJYrsVm
tYgZz+pJOWJTwsqHx5V+zS2mCL+PQ6MEDDQvKQN+OKaRpfOeQ0sRQbvMh1nXLrEg
AUAdfOGpxU5DimddidDuVAKIxpfKLsHSAJfn4EJHxVTAqO7kDtIh0sfdMG8MSDoh
QKo9y2JoSG7AWw004hFvrDo5Vdmd8eOQE6fvgOr1Zvje6yhMPUsltrLYWpsw6yiJ
HIgzkH8WqwMj+/KSAuTWlZFG4qRq9yqhesQTT+Mk22rj3kTz3HifV77mGk4ffeyu
Lh+pTF53wK2yrZ1EZKSPj4GkPC5QuRtWDtwA/UHNlNfY2kS52QXpMzomQce9y/KA
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:57:37 2025 by rpki-client