Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/388522-5df8-4963-9c2c-cf305c54393e/1/c4kjA8MTt0i8tFRbRhRlOzDV6cI.roa
File: c4kjA8MTt0i8tFRbRhRlOzDV6cI.roa (raw, json)
Hash identifier: 5vn67gkiM8KNpr0V1Ryyhpyc/nB8e2W6KcWXCofzQ80=
Subject key identifier: 73:89:23:03:C3:13:B7:48:BC:B4:54:5B:46:14:65:3B:30:D5:E9:C2
Certificate issuer: /CN=c7ea08b69f7c30cd7a0813aeb9109f7e75d2aa38
Certificate serial: 01958A5D97EE2BFEB733ACB441CA9B1ED2D0
Authority key identifier: C7:EA:08:B6:9F:7C:30:CD:7A:08:13:AE:B9:10:9F:7E:75:D2:AA:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x-oItp98MM16CBOuuRCffnXSqjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/388522-5df8-4963-9c2c-cf305c54393e/1/c4kjA8MTt0i8tFRbRhRlOzDV6cI.roa
Signing time: Wed 12 Mar 2025 12:39:04 +0000
ROA not before: Wed 12 Mar 2025 12:39:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29657
IP address blocks: 45.132.100.0/22 maxlen: 22
45.132.101.0/24 maxlen: 24
2a14:4d80::/32 maxlen: 32
2a14:4d87::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/388522-5df8-4963-9c2c-cf305c54393e/1/x-oItp98MM16CBOuuRCffnXSqjg.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/388522-5df8-4963-9c2c-cf305c54393e/1/x-oItp98MM16CBOuuRCffnXSqjg.mft
rsync://rpki.ripe.net/repository/DEFAULT/x-oItp98MM16CBOuuRCffnXSqjg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 03:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8a:5d:97:ee:2b:fe:b7:33:ac:b4:41:ca:9b:1e:d2:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7ea08b69f7c30cd7a0813aeb9109f7e75d2aa38
Validity
Not Before: Mar 12 12:39:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=73892303c313b748bcb4545b4614653b30d5e9c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:54:e9:00:3e:3e:f0:66:f1:36:0b:a0:56:da:
d0:cb:cf:2b:46:9a:c1:a7:41:8c:c4:23:b0:04:1b:
ac:8b:88:3d:a3:3c:5f:45:f9:52:8a:d7:9e:6c:0e:
cd:dc:f2:d1:7c:91:f4:a1:82:ea:b8:33:47:12:e2:
46:8a:a0:2c:9a:85:ec:10:f9:89:b2:3d:28:d9:ec:
16:9d:70:56:66:c2:36:cc:89:90:49:d2:ed:9e:42:
93:05:4a:40:96:b2:ef:24:c8:99:ba:5a:0d:ee:bb:
af:9f:d4:44:20:4e:5e:8b:1d:35:1d:82:cc:02:6e:
10:c3:2e:88:48:b7:57:1d:cc:e0:46:b2:69:07:8d:
2f:a4:26:13:0b:31:bf:fe:07:ed:f4:1a:b8:8e:0f:
09:1f:34:b0:ea:da:98:ed:86:dc:90:cf:f4:42:77:
7d:87:22:7e:88:7c:9a:e3:81:cd:0b:fc:7e:6f:f0:
a6:64:b7:6d:90:b9:69:18:ec:aa:72:7d:ec:68:1d:
b7:92:e1:58:87:d6:c5:5c:9f:fc:38:83:9b:24:62:
59:77:58:0e:cb:f4:f8:45:53:50:57:2a:b6:ca:d4:
b4:9e:38:6c:0f:31:c4:db:1b:51:98:49:f3:be:07:
87:9a:17:b1:6a:64:1a:0a:96:0a:ad:1a:cd:58:a7:
dd:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:89:23:03:C3:13:B7:48:BC:B4:54:5B:46:14:65:3B:30:D5:E9:C2
X509v3 Authority Key Identifier:
keyid:C7:EA:08:B6:9F:7C:30:CD:7A:08:13:AE:B9:10:9F:7E:75:D2:AA:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x-oItp98MM16CBOuuRCffnXSqjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/388522-5df8-4963-9c2c-cf305c54393e/1/c4kjA8MTt0i8tFRbRhRlOzDV6cI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/388522-5df8-4963-9c2c-cf305c54393e/1/x-oItp98MM16CBOuuRCffnXSqjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.100.0/22
IPv6:
2a14:4d80::/32
2a14:4d87::/32
Signature Algorithm: sha256WithRSAEncryption
49:ee:36:6d:0f:97:2e:0b:e4:fd:d7:a2:75:d6:d7:ed:b1:08:
3b:55:cd:0e:21:cc:50:3e:05:f4:cc:82:7f:00:e2:c8:06:67:
57:50:c9:61:63:f5:5c:91:61:ae:7e:62:81:34:b7:fc:ee:c8:
0f:2b:a8:76:36:51:ec:b7:1a:ef:25:5e:d3:70:f2:4b:6f:0a:
c8:9e:7d:b8:fa:cd:19:80:5a:d5:eb:a7:4b:ae:81:81:e4:44:
e5:b3:c8:2c:d5:3d:0d:34:ed:19:64:39:75:08:17:75:eb:21:
70:1c:ae:c4:30:3e:42:de:b9:72:c2:d0:bd:00:9a:93:80:5a:
b5:1b:d2:65:9c:dc:08:72:a4:34:6a:7c:b5:d3:ff:f1:ce:4e:
57:7f:e7:cd:46:d6:24:1d:0b:14:5f:63:71:df:f5:e4:8a:84:
8d:81:20:47:4d:37:36:b3:89:4d:35:4f:45:0a:29:5f:2e:69:
b3:d1:ed:e4:2d:bd:9b:d7:27:0b:13:d8:39:ac:27:37:8b:b1:
6d:39:70:4d:d7:75:15:11:9a:15:7f:0f:f6:fd:a7:21:0b:cc:
ee:18:0b:85:6e:e6:5b:0f:21:74:b4:94:f5:02:fc:ba:b4:be:
b7:76:6d:46:07:59:08:3f:04:6f:63:5d:49:c1:a6:dd:8d:f0:
6a:86:64:3d
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZWKXZfuK/63M6y0QcqbHtLQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3ZWEwOGI2OWY3YzMwY2Q3YTA4MTNhZWI5MTA5ZjdlNzVk
MmFhMzgwHhcNMjUwMzEyMTIzOTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mzg5MjMwM2MzMTNiNzQ4YmNiNDU0NWI0NjE0NjUzYjMwZDVlOWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlTpAD4+8GbxNgugVtrQy88rRprB
p0GMxCOwBBusi4g9ozxfRflSiteebA7N3PLRfJH0oYLquDNHEuJGiqAsmoXsEPmJ
sj0o2ewWnXBWZsI2zImQSdLtnkKTBUpAlrLvJMiZuloN7ruvn9REIE5eix01HYLM
Am4Qwy6ISLdXHczgRrJpB40vpCYTCzG//gft9Bq4jg8JHzSw6tqY7YbckM/0Qnd9
hyJ+iHya44HNC/x+b/CmZLdtkLlpGOyqcn3saB23kuFYh9bFXJ/8OIObJGJZd1gO
y/T4RVNQVyq2ytS0njhsDzHE2xtRmEnzvgeHmhexamQaCpYKrRrNWKfdJQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFHOJIwPDE7dIvLRUW0YUZTsw1enCMB8GA1UdIwQY
MBaAFMfqCLaffDDNeggTrrkQn3510qo4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveC1vSXRwOThNTTE2Q0JPdXVSQ2ZmblhTcWpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zODg1MjItNWRmOC00OTYzLTljMmMt
Y2YzMDVjNTQzOTNlLzEvYzRrakE4TVR0MGk4dEZSYlJoUmxPekRWNmNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zODg1MjItNWRmOC00OTYzLTljMmMtY2YzMDVjNTQzOTNl
LzEveC1vSXRwOThNTTE2Q0JPdXVSQ2ZmblhTcWpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLYRkMBQE
AgACMA4DBQAqFE2AAwUAKhRNhzANBgkqhkiG9w0BAQsFAAOCAQEASe42bQ+XLgvk
/deiddbX7bEIO1XNDiHMUD4F9MyCfwDiyAZnV1DJYWP1XJFhrn5igTS3/O7IDyuo
djZR7Lca7yVe03DyS28KyJ59uPrNGYBa1eunS66BgeRE5bPILNU9DTTtGWQ5dQgX
deshcByuxDA+Qt65csLQvQCak4BatRvSZZzcCHKkNGp8tdP/8c5OV3/nzUbWJB0L
FF9jcd/15IqEjYEgR003NrOJTTVPRQopXy5ps9Ht5C29m9cnCxPYOawnN4uxbTlw
Tdd1FRGaFX8P9v2nIQvM7hgLhW7mWw8hdLSU9QL8urS+t3ZtRgdZCD8Eb2NdScGm
3Y3waoZkPQ==
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:57:59 2025 by rpki-client