Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/f6f5c3-6146-48ca-affa-3d8584cf53fe/1/dsWRyZzKIXE-_o05dhzwQLK-Lbk.roa
File: dsWRyZzKIXE-_o05dhzwQLK-Lbk.roa (raw, json)
Hash identifier: VWsGICYRCZ2YCd/cztWs6r3W91Apf8NSGDgQ7RjrOcc=
Subject key identifier: 76:C5:91:C9:9C:CA:21:71:3E:FE:8D:39:76:1C:F0:40:B2:BE:2D:B9
Certificate issuer: /CN=429c54be1da7e738e3c96ffb41f1ea3900a67be8
Certificate serial: 019423D6B5B9DF5025170B204F582CF6E67C
Authority key identifier: 42:9C:54:BE:1D:A7:E7:38:E3:C9:6F:FB:41:F1:EA:39:00:A6:7B:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpxUvh2n5zjjyW_7QfHqOQCme-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/f6f5c3-6146-48ca-affa-3d8584cf53fe/1/dsWRyZzKIXE-_o05dhzwQLK-Lbk.roa
Signing time: Wed 01 Jan 2025 21:47:41 +0000
ROA not before: Wed 01 Jan 2025 21:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 45.91.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/f6f5c3-6146-48ca-affa-3d8584cf53fe/1/QpxUvh2n5zjjyW_7QfHqOQCme-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/f6f5c3-6146-48ca-affa-3d8584cf53fe/1/QpxUvh2n5zjjyW_7QfHqOQCme-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/QpxUvh2n5zjjyW_7QfHqOQCme-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:b5:b9:df:50:25:17:0b:20:4f:58:2c:f6:e6:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=429c54be1da7e738e3c96ffb41f1ea3900a67be8
Validity
Not Before: Jan 1 21:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76c591c99cca21713efe8d39761cf040b2be2db9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a8:44:3b:39:88:dc:6b:96:c7:5e:79:b6:83:
53:45:02:5a:2d:32:3a:5c:6a:a7:5a:ae:15:0a:94:
d2:d7:2b:f8:99:9d:36:5e:d7:d4:e0:c4:3e:b3:85:
e6:80:23:ca:41:f9:c6:ba:b0:f3:d7:18:09:cd:9b:
7c:a8:b9:ac:e6:41:8a:bf:7d:9b:a6:0e:f4:03:86:
2a:13:a4:a6:f6:53:3d:9b:e9:2b:da:c8:1b:a6:9f:
58:ad:1e:51:7e:b0:7e:ae:41:68:1c:22:4d:e4:66:
6b:30:7a:32:5e:03:26:ab:a5:8c:c1:79:73:24:93:
7f:2e:a0:86:74:dd:08:ec:dc:3f:7c:6a:a6:e0:46:
fd:21:01:52:a9:56:87:fe:69:e1:8e:31:94:73:9a:
6f:06:56:15:82:99:0a:34:71:a4:bf:5e:44:be:fc:
c2:a5:8a:9d:cf:5d:39:bd:df:1a:33:6f:bd:7d:54:
69:ca:97:34:de:34:ae:60:ac:ff:79:9e:16:1c:f2:
25:11:39:04:8b:f0:ff:01:15:cb:47:87:64:77:47:
9d:e5:51:2c:ba:c2:07:1d:b4:af:c3:8d:59:55:ba:
db:22:01:43:b4:c1:60:db:ec:ad:e5:d7:fc:89:a1:
c7:a7:07:21:12:8b:f6:85:b8:5c:a7:47:f2:b9:c7:
28:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:C5:91:C9:9C:CA:21:71:3E:FE:8D:39:76:1C:F0:40:B2:BE:2D:B9
X509v3 Authority Key Identifier:
keyid:42:9C:54:BE:1D:A7:E7:38:E3:C9:6F:FB:41:F1:EA:39:00:A6:7B:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpxUvh2n5zjjyW_7QfHqOQCme-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/f6f5c3-6146-48ca-affa-3d8584cf53fe/1/dsWRyZzKIXE-_o05dhzwQLK-Lbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/f6f5c3-6146-48ca-affa-3d8584cf53fe/1/QpxUvh2n5zjjyW_7QfHqOQCme-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.78.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:b5:d4:27:dd:e6:06:09:2f:4e:1b:55:68:c9:bd:6b:97:fd:
75:07:f0:93:ed:fd:cd:a3:ae:60:5b:cf:f2:74:bb:a4:25:7e:
7e:84:f0:fa:f8:ab:50:03:37:7b:d4:32:56:5b:dc:6e:b2:57:
7a:01:a6:56:d3:8a:d2:de:56:e9:3c:a9:74:2e:b9:ba:41:ef:
2c:d0:ff:d5:51:61:92:80:55:78:6e:6f:49:94:a6:dc:99:7b:
86:cc:b7:ab:45:69:b4:6f:be:27:d8:f0:7f:ee:16:f1:6e:49:
bd:a9:b0:bd:61:c5:15:7c:df:e9:1b:78:d1:12:b9:29:6c:43:
da:74:f2:0e:0e:25:f5:a6:dd:2c:32:cc:5c:d4:98:9f:b2:e3:
81:fe:a1:68:30:38:32:b1:b5:fc:3e:db:e3:5f:71:88:f6:4a:
02:a7:c3:df:40:5e:5e:da:f3:a8:7b:68:d6:26:29:4b:6a:86:
07:09:d9:ff:74:7b:6d:51:82:8b:da:ff:de:16:5c:af:33:15:
c0:c5:43:01:b3:44:e5:7c:5d:9f:0e:05:f9:36:22:47:7e:eb:
d0:18:8a:89:d2:52:22:79:c0:66:03:6a:40:b0:5d:51:62:7b:
a7:0b:e2:5c:1c:11:71:94:13:44:32:8e:6c:e0:58:82:30:97:
19:74:8f:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1rW531AlFwsgT1gs9uZ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOWM1NGJlMWRhN2U3MzhlM2M5NmZmYjQxZjFlYTM5MDBh
NjdiZTgwHhcNMjUwMTAxMjE0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmM1OTFjOTljY2EyMTcxM2VmZThkMzk3NjFjZjA0MGIyYmUyZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6hEOzmI3GuWx155toNTRQJaLTI6
XGqnWq4VCpTS1yv4mZ02XtfU4MQ+s4XmgCPKQfnGurDz1xgJzZt8qLms5kGKv32b
pg70A4YqE6Sm9lM9m+kr2sgbpp9YrR5RfrB+rkFoHCJN5GZrMHoyXgMmq6WMwXlz
JJN/LqCGdN0I7Nw/fGqm4Eb9IQFSqVaH/mnhjjGUc5pvBlYVgpkKNHGkv15EvvzC
pYqdz105vd8aM2+9fVRpypc03jSuYKz/eZ4WHPIlETkEi/D/ARXLR4dkd0ed5VEs
usIHHbSvw41ZVbrbIgFDtMFg2+yt5df8iaHHpwchEov2hbhcp0fyucco5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHbFkcmcyiFxPv6NOXYc8ECyvi25MB8GA1UdIwQY
MBaAFEKcVL4dp+c448lv+0Hx6jkApnvoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXB4VXZoMm41empqeVdfN1FmSHFPUUNtZS1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9mNmY1YzMtNjE0Ni00OGNhLWFmZmEt
M2Q4NTg0Y2Y1M2ZlLzEvZHNXUnlaektJWEUtX28wNWRoendRTEstTGJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9mNmY1YzMtNjE0Ni00OGNhLWFmZmEtM2Q4NTg0Y2Y1M2Zl
LzEvUXB4VXZoMm41empqeVdfN1FmSHFPUUNtZS1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVtOMA0G
CSqGSIb3DQEBCwUAA4IBAQCwtdQn3eYGCS9OG1Voyb1rl/11B/CT7f3No65gW8/y
dLukJX5+hPD6+KtQAzd71DJWW9xusld6AaZW04rS3lbpPKl0Lrm6Qe8s0P/VUWGS
gFV4bm9JlKbcmXuGzLerRWm0b74n2PB/7hbxbkm9qbC9YcUVfN/pG3jRErkpbEPa
dPIODiX1pt0sMsxc1JifsuOB/qFoMDgysbX8PtvjX3GI9koCp8PfQF5e2vOoe2jW
JilLaoYHCdn/dHttUYKL2v/eFlyvMxXAxUMBs0TlfF2fDgX5NiJHfuvQGIqJ0lIi
ecBmA2pAsF1RYnunC+JcHBFxlBNEMo5s4FiCMJcZdI/p
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:36:54 2025 by rpki-client