Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/e91813-927e-47a5-b702-de5378461fee/1/cIwYeOItEbowyL16Fsd6dW6MTNw.roa
File: cIwYeOItEbowyL16Fsd6dW6MTNw.roa (raw, json)
Hash identifier: 51f1FdiiRo4Oc5gbYzr2w1gPQFtv0wp9QesOtcNGq5w=
Subject key identifier: 70:8C:18:78:E2:2D:11:BA:30:C8:BD:7A:16:C7:7A:75:6E:8C:4C:DC
Certificate issuer: /CN=b39c70f7ce3831b8f2cce89db14a27ddaa0e99c2
Certificate serial: 0194266A373C5ABB87A54DE1AE34415D1C20
Authority key identifier: B3:9C:70:F7:CE:38:31:B8:F2:CC:E8:9D:B1:4A:27:DD:AA:0E:99:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s5xw9844MbjyzOidsUon3aoOmcI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/e91813-927e-47a5-b702-de5378461fee/1/cIwYeOItEbowyL16Fsd6dW6MTNw.roa
Signing time: Thu 02 Jan 2025 09:48:02 +0000
ROA not before: Thu 02 Jan 2025 09:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47952
IP address blocks: 45.130.13.0/24 maxlen: 24
45.130.14.0/24 maxlen: 24
45.130.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/e91813-927e-47a5-b702-de5378461fee/1/s5xw9844MbjyzOidsUon3aoOmcI.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/e91813-927e-47a5-b702-de5378461fee/1/s5xw9844MbjyzOidsUon3aoOmcI.mft
rsync://rpki.ripe.net/repository/DEFAULT/s5xw9844MbjyzOidsUon3aoOmcI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6a:37:3c:5a:bb:87:a5:4d:e1:ae:34:41:5d:1c:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b39c70f7ce3831b8f2cce89db14a27ddaa0e99c2
Validity
Not Before: Jan 2 09:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=708c1878e22d11ba30c8bd7a16c77a756e8c4cdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:01:98:1b:4e:a9:29:af:ea:63:ab:29:bf:42:
04:b5:21:35:cc:fc:a7:bd:92:a6:de:17:0d:da:40:
f1:58:c2:25:33:e2:b7:f8:7a:74:5d:24:ba:7a:cb:
8e:48:6d:3d:24:62:33:15:cc:9f:e3:a8:4c:c4:b7:
b4:40:a9:21:63:7a:14:ee:01:c0:75:b2:6a:3e:57:
cd:b2:fd:67:f4:9e:5b:7a:fe:08:58:15:c8:ce:f7:
f4:ed:61:a8:b4:42:6b:81:cd:02:9c:05:93:65:9e:
e5:57:d1:56:e0:25:a7:1d:21:13:98:c4:57:bc:06:
dc:ea:32:40:6f:c0:66:04:a8:f5:55:44:67:f4:16:
20:69:a8:69:e9:55:8d:e7:ba:1a:94:4c:23:2b:0f:
bb:b8:3c:65:03:ca:aa:9b:58:00:be:2f:13:4a:5b:
1e:d2:73:8c:25:31:eb:da:60:b9:2f:9a:77:d4:9e:
e3:a3:ee:a5:12:99:1a:6e:2c:6b:17:cd:30:8b:9a:
80:5d:ff:b2:b9:56:1f:b4:b4:e9:c1:08:9a:21:6c:
01:bc:87:1d:c4:66:90:11:35:44:7a:5d:22:f8:7e:
f3:a0:70:bb:4c:1d:65:69:47:27:4b:ee:b5:47:76:
1e:b9:07:aa:b5:1f:69:f4:69:67:96:1c:e1:68:bf:
68:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:8C:18:78:E2:2D:11:BA:30:C8:BD:7A:16:C7:7A:75:6E:8C:4C:DC
X509v3 Authority Key Identifier:
keyid:B3:9C:70:F7:CE:38:31:B8:F2:CC:E8:9D:B1:4A:27:DD:AA:0E:99:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s5xw9844MbjyzOidsUon3aoOmcI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/e91813-927e-47a5-b702-de5378461fee/1/cIwYeOItEbowyL16Fsd6dW6MTNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/e91813-927e-47a5-b702-de5378461fee/1/s5xw9844MbjyzOidsUon3aoOmcI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.13.0-45.130.15.255
Signature Algorithm: sha256WithRSAEncryption
63:2e:e1:1b:66:87:66:23:61:88:9f:71:f5:75:83:86:0f:91:
cf:be:55:99:17:68:77:d1:0c:75:e7:9c:28:f2:1d:9b:aa:0d:
27:bb:e4:52:3f:1d:17:ad:7c:10:9a:47:13:79:cb:ec:0f:d1:
a0:27:27:0e:c2:90:96:7c:92:ec:50:a2:ce:cd:86:f4:96:40:
51:16:0f:60:c0:70:f3:8f:74:3d:2a:27:50:de:bd:5d:07:2d:
a4:5a:00:31:35:39:4d:ad:1b:ac:06:6f:24:71:fd:1c:49:86:
9f:01:40:21:cd:48:bd:58:28:99:46:9a:fd:bf:a8:57:20:8b:
32:dc:d4:35:48:39:91:ba:28:5f:04:c6:0d:d6:b5:85:21:eb:
d8:77:23:70:a3:64:a8:36:42:58:6b:e1:0d:c9:20:6b:88:39:
bf:ba:59:1e:50:81:a2:3f:28:df:2a:ad:fa:78:7a:c3:1f:fd:
ca:5a:98:7d:1d:da:27:45:fb:33:ef:eb:fa:8e:36:6a:8e:c0:
4f:e0:3e:a3:8a:1d:3e:e6:a1:db:1f:ec:c3:38:cb:80:f3:bc:
e2:44:32:4f:31:50:ef:c3:fb:49:d5:a1:53:05:a8:c9:15:e2:
47:e3:35:ac:fb:bb:e0:f2:52:86:43:5b:04:ea:8a:12:46:d4:
35:f5:b0:2b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQmajc8WruHpU3hrjRBXRwgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzOWM3MGY3Y2UzODMxYjhmMmNjZTg5ZGIxNGEyN2RkYWEw
ZTk5YzIwHhcNMjUwMTAyMDk0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDhjMTg3OGUyMmQxMWJhMzBjOGJkN2ExNmM3N2E3NTZlOGM0Y2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgGYG06pKa/qY6spv0IEtSE1zPyn
vZKm3hcN2kDxWMIlM+K3+Hp0XSS6esuOSG09JGIzFcyf46hMxLe0QKkhY3oU7gHA
dbJqPlfNsv1n9J5bev4IWBXIzvf07WGotEJrgc0CnAWTZZ7lV9FW4CWnHSETmMRX
vAbc6jJAb8BmBKj1VURn9BYgaahp6VWN57oalEwjKw+7uDxlA8qqm1gAvi8TSlse
0nOMJTHr2mC5L5p31J7jo+6lEpkabixrF80wi5qAXf+yuVYftLTpwQiaIWwBvIcd
xGaQETVEel0i+H7zoHC7TB1laUcnS+61R3YeuQeqtR9p9GlnlhzhaL9olwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHCMGHjiLRG6MMi9ehbHenVujEzcMB8GA1UdIwQY
MBaAFLOccPfOODG48szonbFKJ92qDpnCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczV4dzk4NDRNYmp5ek9pZHNVb24zYW9PbWNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lOTE4MTMtOTI3ZS00N2E1LWI3MDIt
ZGU1Mzc4NDYxZmVlLzEvY0l3WWVPSXRFYm93eUwxNkZzZDZkVzZNVE53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lOTE4MTMtOTI3ZS00N2E1LWI3MDItZGU1Mzc4NDYxZmVl
LzEvczV4dzk4NDRNYmp5ek9pZHNVb24zYW9PbWNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAtgg0D
BAQtggAwDQYJKoZIhvcNAQELBQADggEBAGMu4Rtmh2YjYYifcfV1g4YPkc++VZkX
aHfRDHXnnCjyHZuqDSe75FI/HRetfBCaRxN5y+wP0aAnJw7CkJZ8kuxQos7NhvSW
QFEWD2DAcPOPdD0qJ1DevV0HLaRaADE1OU2tG6wGbyRx/RxJhp8BQCHNSL1YKJlG
mv2/qFcgizLc1DVIOZG6KF8Exg3WtYUh69h3I3CjZKg2Qlhr4Q3JIGuIOb+6WR5Q
gaI/KN8qrfp4esMf/cpamH0d2idF+zPv6/qONmqOwE/gPqOKHT7modsf7MM4y4Dz
vOJEMk8xUO/D+0nVoVMFqMkV4kfjNaz7u+DyUoZDWwTqihJG1DX1sCs=
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:51:21 2025 by rpki-client