Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/0b9cbf-25ae-4327-98aa-a7dd9aea1d7a/1/AaiQ-SNQmt6l5xOeIk4PwVHWfh4.roa
File: AaiQ-SNQmt6l5xOeIk4PwVHWfh4.roa (raw, json)
Hash identifier: 6CQTrWnDAV45WpOAHO1NfVL9iDI/ELlZY8vizp+bA9s=
Subject key identifier: 01:A8:90:F9:23:50:9A:DE:A5:E7:13:9E:22:4E:0F:C1:51:D6:7E:1E
Certificate issuer: /CN=afc193ee11e54716169f94c8f931eae1fc854921
Certificate serial: 01941F8C3554286BFF0316C1A8498EE0B22F
Authority key identifier: AF:C1:93:EE:11:E5:47:16:16:9F:94:C8:F9:31:EA:E1:FC:85:49:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r8GT7hHlRxYWn5TI-THq4fyFSSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/0b9cbf-25ae-4327-98aa-a7dd9aea1d7a/1/AaiQ-SNQmt6l5xOeIk4PwVHWfh4.roa
Signing time: Wed 01 Jan 2025 01:47:49 +0000
ROA not before: Wed 01 Jan 2025 01:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208367
IP address blocks: 45.142.100.0/24 maxlen: 24
2a10:46c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/0b9cbf-25ae-4327-98aa-a7dd9aea1d7a/1/r8GT7hHlRxYWn5TI-THq4fyFSSE.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/0b9cbf-25ae-4327-98aa-a7dd9aea1d7a/1/r8GT7hHlRxYWn5TI-THq4fyFSSE.mft
rsync://rpki.ripe.net/repository/DEFAULT/r8GT7hHlRxYWn5TI-THq4fyFSSE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 10:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:35:54:28:6b:ff:03:16:c1:a8:49:8e:e0:b2:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afc193ee11e54716169f94c8f931eae1fc854921
Validity
Not Before: Jan 1 01:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=01a890f923509adea5e7139e224e0fc151d67e1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e0:da:83:c9:5c:c2:41:b4:92:6f:c3:66:fd:
6b:a6:ed:df:75:62:21:81:8f:f6:8c:d7:a0:6a:5e:
a2:c4:dc:74:45:63:6a:61:2d:8e:72:8d:9c:15:c8:
91:7c:63:da:de:f6:46:42:ac:ff:5c:b1:fe:bf:18:
38:ce:96:96:3c:45:64:39:07:bc:49:24:f0:dd:29:
4f:a9:c5:d5:e1:22:48:04:81:ac:45:ea:69:87:77:
43:70:f5:63:7c:72:61:c8:8c:75:af:bd:71:df:06:
34:6f:0e:ce:b8:0a:72:2d:eb:41:88:af:1f:69:52:
c2:b1:f1:34:0c:ae:1a:95:aa:28:79:e8:3a:b6:15:
a3:87:ba:be:54:8e:8f:55:e2:cd:c8:c3:80:0b:28:
44:64:a6:e2:53:5b:19:ec:70:1f:20:93:d5:1f:85:
8a:b1:6d:fa:7e:56:2c:eb:69:b5:b2:3c:8b:c8:ec:
ae:75:52:64:07:13:d9:53:4c:aa:47:51:bf:51:f2:
d9:6b:ad:eb:f5:a6:90:75:2a:9d:45:de:0a:c6:16:
f1:8c:8f:20:2d:1d:7a:8e:d9:44:c5:84:40:6c:b3:
a5:ce:87:0f:65:69:8c:21:bb:22:63:05:57:e6:27:
ad:f0:9f:a8:dd:1a:54:b3:36:50:2d:09:39:12:4c:
69:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:A8:90:F9:23:50:9A:DE:A5:E7:13:9E:22:4E:0F:C1:51:D6:7E:1E
X509v3 Authority Key Identifier:
keyid:AF:C1:93:EE:11:E5:47:16:16:9F:94:C8:F9:31:EA:E1:FC:85:49:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r8GT7hHlRxYWn5TI-THq4fyFSSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/0b9cbf-25ae-4327-98aa-a7dd9aea1d7a/1/AaiQ-SNQmt6l5xOeIk4PwVHWfh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/0b9cbf-25ae-4327-98aa-a7dd9aea1d7a/1/r8GT7hHlRxYWn5TI-THq4fyFSSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.100.0/24
IPv6:
2a10:46c0::/32
Signature Algorithm: sha256WithRSAEncryption
2b:66:13:ec:c8:f6:13:4b:68:af:72:e2:5f:85:03:d5:b7:9e:
ab:04:67:0d:60:fa:f3:2d:c0:82:ca:ff:e1:74:f8:85:ba:fe:
7e:a6:90:ba:e6:d2:5a:dc:01:84:78:49:25:9d:9a:4e:3b:78:
0a:ec:97:27:e9:a0:20:29:17:db:aa:6e:69:87:10:88:70:83:
de:d5:2f:c4:a2:2a:a6:bb:31:50:a6:5d:28:17:47:7e:a8:f5:
7c:78:fb:03:5a:ee:f7:4d:6d:c0:0b:2e:28:12:48:45:26:d4:
9f:25:13:1d:29:18:04:22:1a:a6:be:22:05:8f:ac:c9:c1:76:
75:45:a4:08:15:ec:2a:d0:e7:1b:4d:8e:64:d5:f5:93:a4:86:
40:10:18:3a:31:6b:90:9d:8a:a2:bd:b7:7d:9e:89:32:63:19:
c8:ce:4a:f4:3a:da:ad:ba:19:e9:7f:69:5f:2a:9f:37:5e:d6:
18:fa:3a:a9:41:4e:09:df:65:f9:83:96:60:42:fb:c4:29:28:
34:b9:ba:03:c7:91:ad:67:50:16:45:3c:55:9f:dc:be:ca:82:
86:52:fd:71:c6:f8:cb:8b:c5:4e:35:1c:cd:c9:94:a2:d5:61:
d3:4f:23:db:13:dc:ef:bc:73:a4:e3:41:42:7e:36:ac:ed:4e:
73:bf:96:bf
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQfjDVUKGv/AxbBqEmO4LIvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmYzE5M2VlMTFlNTQ3MTYxNjlmOTRjOGY5MzFlYWUxZmM4
NTQ5MjEwHhcNMjUwMTAxMDE0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWE4OTBmOTIzNTA5YWRlYTVlNzEzOWUyMjRlMGZjMTUxZDY3ZTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuDag8lcwkG0km/DZv1rpu3fdWIh
gY/2jNegal6ixNx0RWNqYS2Oco2cFciRfGPa3vZGQqz/XLH+vxg4zpaWPEVkOQe8
SSTw3SlPqcXV4SJIBIGsRepph3dDcPVjfHJhyIx1r71x3wY0bw7OuApyLetBiK8f
aVLCsfE0DK4alaooeeg6thWjh7q+VI6PVeLNyMOACyhEZKbiU1sZ7HAfIJPVH4WK
sW36flYs62m1sjyLyOyudVJkBxPZU0yqR1G/UfLZa63r9aaQdSqdRd4KxhbxjI8g
LR16jtlExYRAbLOlzocPZWmMIbsiYwVX5iet8J+o3RpUszZQLQk5Ekxp6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAGokPkjUJrepecTniJOD8FR1n4eMB8GA1UdIwQY
MBaAFK/Bk+4R5UcWFp+UyPkx6uH8hUkhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjhHVDdoSGxSeFlXbjVUSS1USHE0ZnlGU1NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8wYjljYmYtMjVhZS00MzI3LTk4YWEt
YTdkZDlhZWExZDdhLzEvQWFpUS1TTlFtdDZsNXhPZUlrNFB3VkhXZmg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8wYjljYmYtMjVhZS00MzI3LTk4YWEtYTdkZDlhZWExZDdh
LzEvcjhHVDdoSGxSeFlXbjVUSS1USHE0ZnlGU1NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALY5kMA0E
AgACMAcDBQAqEEbAMA0GCSqGSIb3DQEBCwUAA4IBAQArZhPsyPYTS2ivcuJfhQPV
t56rBGcNYPrzLcCCyv/hdPiFuv5+ppC65tJa3AGEeEklnZpOO3gK7Jcn6aAgKRfb
qm5phxCIcIPe1S/EoiqmuzFQpl0oF0d+qPV8ePsDWu73TW3ACy4oEkhFJtSfJRMd
KRgEIhqmviIFj6zJwXZ1RaQIFewq0OcbTY5k1fWTpIZAEBg6MWuQnYqivbd9noky
YxnIzkr0Otqtuhnpf2lfKp83XtYY+jqpQU4J32X5g5ZgQvvEKSg0uboDx5GtZ1AW
RTxVn9y+yoKGUv1xxvjLi8VONRzNyZSi1WHTTyPbE9zvvHOk40FCfjas7U5zv5a/
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:00:57 2025 by rpki-client