Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ef56d2-632e-4816-a9ca-ab45e60071e2/1/DlNfl6KgR_MUNI_dJxw9ErXDeIE.roa
File: DlNfl6KgR_MUNI_dJxw9ErXDeIE.roa (raw, json)
Hash identifier: eSCVIU9rH872alqy7/aU0fAeLMAeeiberdc7Lc5APRo=
Subject key identifier: 0E:53:5F:97:A2:A0:47:F3:14:34:8F:DD:27:1C:3D:12:B5:C3:78:81
Certificate issuer: /CN=48559018adff16eadf5551b2cb74d8f6860cd044
Certificate serial: 019422FC06444F2D35B46E8FCE6032ABB870
Authority key identifier: 48:55:90:18:AD:FF:16:EA:DF:55:51:B2:CB:74:D8:F6:86:0C:D0:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SFWQGK3_FurfVVGyy3TY9oYM0EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ef56d2-632e-4816-a9ca-ab45e60071e2/1/DlNfl6KgR_MUNI_dJxw9ErXDeIE.roa
Signing time: Wed 01 Jan 2025 17:48:49 +0000
ROA not before: Wed 01 Jan 2025 17:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200845
IP address blocks: 45.10.4.0/22 maxlen: 24
45.141.64.0/22 maxlen: 24
91.202.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/ef56d2-632e-4816-a9ca-ab45e60071e2/1/SFWQGK3_FurfVVGyy3TY9oYM0EQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/ef56d2-632e-4816-a9ca-ab45e60071e2/1/SFWQGK3_FurfVVGyy3TY9oYM0EQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/SFWQGK3_FurfVVGyy3TY9oYM0EQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:06:44:4f:2d:35:b4:6e:8f:ce:60:32:ab:b8:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48559018adff16eadf5551b2cb74d8f6860cd044
Validity
Not Before: Jan 1 17:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e535f97a2a047f314348fdd271c3d12b5c37881
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:ab:58:b8:69:a5:66:5f:28:53:96:fa:5d:b8:
92:3d:08:be:7d:63:74:68:1b:2d:b5:2b:dd:8c:6c:
7c:80:58:14:a6:40:5a:67:c8:54:90:3d:93:ee:4b:
3f:24:2c:31:29:f9:a7:41:f6:39:35:06:eb:06:e0:
72:7e:65:b6:c4:20:7f:7f:42:1c:20:27:b2:5e:45:
c8:6b:81:f6:32:c2:34:e2:bd:c6:a7:f0:4e:da:30:
51:64:08:23:aa:18:d5:94:7e:6e:ff:0d:0c:ab:fb:
a8:00:d0:48:d4:fd:e3:58:4a:d3:9c:88:97:14:c2:
54:92:16:b8:44:9c:82:0c:d3:47:ce:6e:03:04:3e:
25:3a:8f:f7:e6:22:90:dc:60:4f:9b:51:13:1f:fa:
a8:ca:2b:a6:c9:1b:d7:a1:d2:c9:2f:78:c4:d4:ac:
e9:7c:64:2e:92:45:02:68:0f:80:26:03:9f:23:78:
24:4a:bc:d8:58:8a:7f:0c:96:e0:a1:19:77:20:36:
64:e6:09:5e:ba:ae:1d:74:35:9b:f2:58:47:d9:f0:
0f:5f:8e:06:05:71:ab:3c:24:55:af:dc:0b:c1:00:
44:48:f0:d8:0e:74:82:e1:ae:40:27:7c:02:b4:80:
f6:be:78:fd:fc:85:59:d4:aa:25:d1:0a:b7:91:7c:
64:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:53:5F:97:A2:A0:47:F3:14:34:8F:DD:27:1C:3D:12:B5:C3:78:81
X509v3 Authority Key Identifier:
keyid:48:55:90:18:AD:FF:16:EA:DF:55:51:B2:CB:74:D8:F6:86:0C:D0:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SFWQGK3_FurfVVGyy3TY9oYM0EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ef56d2-632e-4816-a9ca-ab45e60071e2/1/DlNfl6KgR_MUNI_dJxw9ErXDeIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ef56d2-632e-4816-a9ca-ab45e60071e2/1/SFWQGK3_FurfVVGyy3TY9oYM0EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.4.0/22
45.141.64.0/22
91.202.188.0/22
Signature Algorithm: sha256WithRSAEncryption
49:c8:4f:d0:fb:9e:5f:1d:d0:59:f1:bd:51:5b:f2:4e:e5:4d:
bb:19:7a:b0:5a:18:41:8e:ac:1d:5d:3f:29:71:8a:ff:52:2d:
e6:39:b1:aa:79:d3:62:c9:87:d3:03:49:68:f1:b3:f9:8e:be:
bd:97:a2:cf:26:07:83:69:56:f3:a3:cf:7d:c0:ff:63:69:3a:
27:3f:cb:3a:b9:5f:ae:c2:7e:71:e2:d6:72:39:40:1c:1c:b1:
ca:7f:bb:af:42:48:6d:ab:c0:ff:b7:1f:4a:20:28:5e:3b:50:
41:e5:05:be:39:34:39:3f:4a:91:70:f8:f9:9d:5e:53:c1:96:
68:71:62:9b:6d:5c:2e:13:56:fa:87:41:c0:83:85:5c:70:b7:
49:3a:71:b6:c8:ac:10:50:74:ee:ba:5a:cc:2a:af:a7:89:36:
7a:2f:e5:29:88:d3:53:7c:6e:7a:84:dd:ad:1c:a3:c3:04:fc:
93:9c:da:d3:65:69:6c:24:e5:c1:74:54:3e:03:10:5a:50:fb:
99:d4:a0:a8:75:7c:a0:0b:e2:a1:53:b7:1c:1a:8e:4b:a9:6e:
98:68:da:69:30:9e:41:b0:3f:50:a2:b2:51:19:61:c0:96:20:
f3:0f:2e:14:c7:79:40:0a:e2:50:d7:b0:36:b0:f8:39:81:11:
1f:10:da:f9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQi/AZETy01tG6PzmAyq7hwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NTU5MDE4YWRmZjE2ZWFkZjU1NTFiMmNiNzRkOGY2ODYw
Y2QwNDQwHhcNMjUwMTAxMTc0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTUzNWY5N2EyYTA0N2YzMTQzNDhmZGQyNzFjM2QxMmI1YzM3ODgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8atYuGmlZl8oU5b6XbiSPQi+fWN0
aBsttSvdjGx8gFgUpkBaZ8hUkD2T7ks/JCwxKfmnQfY5NQbrBuByfmW2xCB/f0Ic
ICeyXkXIa4H2MsI04r3Gp/BO2jBRZAgjqhjVlH5u/w0Mq/uoANBI1P3jWErTnIiX
FMJUkha4RJyCDNNHzm4DBD4lOo/35iKQ3GBPm1ETH/qoyiumyRvXodLJL3jE1Kzp
fGQukkUCaA+AJgOfI3gkSrzYWIp/DJbgoRl3IDZk5gleuq4ddDWb8lhH2fAPX44G
BXGrPCRVr9wLwQBESPDYDnSC4a5AJ3wCtID2vnj9/IVZ1Kol0Qq3kXxkhQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA5TX5eioEfzFDSP3SccPRK1w3iBMB8GA1UdIwQY
MBaAFEhVkBit/xbq31VRsst02PaGDNBEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0ZXUUdLM19GdXJmVlZHeXkzVFk5b1lNMEVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lZjU2ZDItNjMyZS00ODE2LWE5Y2Et
YWI0NWU2MDA3MWUyLzEvRGxOZmw2S2dSX01VTklfZEp4dzlFclhEZUlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lZjU2ZDItNjMyZS00ODE2LWE5Y2EtYWI0NWU2MDA3MWUy
LzEvU0ZXUUdLM19GdXJmVlZHeXkzVFk5b1lNMEVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLQoEAwQC
LY1AAwQCW8q8MA0GCSqGSIb3DQEBCwUAA4IBAQBJyE/Q+55fHdBZ8b1RW/JO5U27
GXqwWhhBjqwdXT8pcYr/Ui3mObGqedNiyYfTA0lo8bP5jr69l6LPJgeDaVbzo899
wP9jaTonP8s6uV+uwn5x4tZyOUAcHLHKf7uvQkhtq8D/tx9KICheO1BB5QW+OTQ5
P0qRcPj5nV5TwZZocWKbbVwuE1b6h0HAg4VccLdJOnG2yKwQUHTuulrMKq+niTZ6
L+UpiNNTfG56hN2tHKPDBPyTnNrTZWlsJOXBdFQ+AxBaUPuZ1KCodXygC+KhU7cc
Go5LqW6YaNppMJ5BsD9QorJRGWHAliDzDy4Ux3lACuJQ17A2sPg5gREfENr5
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:07:25 2025 by rpki-client