Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/7HaXNFSYGxOw3R9L6I0z6V-mXb4.roa
File: 7HaXNFSYGxOw3R9L6I0z6V-mXb4.roa (raw, json)
Hash identifier: iLQ9KNTQ4u3M1tfa+YEpVxilam6XMDqybBUGCnTqiss=
Subject key identifier: EC:76:97:34:54:98:1B:13:B0:DD:1F:4B:E8:8D:33:E9:5F:A6:5D:BE
Certificate issuer: /CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Certificate serial: 019422FBEC47F37FEEF2644F3702AF15099D
Authority key identifier: BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/7HaXNFSYGxOw3R9L6I0z6V-mXb4.roa
Signing time: Wed 01 Jan 2025 17:48:42 +0000
ROA not before: Wed 01 Jan 2025 17:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 395793
IP address blocks: 45.149.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.mft
rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:ec:47:f3:7f:ee:f2:64:4f:37:02:af:15:09:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Validity
Not Before: Jan 1 17:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec76973454981b13b0dd1f4be88d33e95fa65dbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b3:85:e7:df:51:95:fd:1d:47:c1:0c:8d:87:
5d:14:d7:5d:29:8c:5c:ba:40:aa:76:57:08:8d:ae:
b1:17:bd:1f:9f:f5:a4:ed:41:0e:3d:2d:64:83:7c:
23:9f:26:85:2f:ee:a9:0a:45:a3:18:01:36:97:33:
32:d7:3d:bd:26:b9:1e:e9:2a:70:07:a4:a8:6f:6e:
e1:1d:33:d4:f8:4d:84:e1:4d:78:dd:3b:88:db:7e:
d6:36:10:ca:86:ec:5e:72:db:81:97:56:e8:27:9a:
50:72:7b:da:c0:7c:52:2d:7f:42:e9:a9:cb:12:56:
71:10:84:6d:94:01:30:5e:cb:37:4b:22:3c:56:66:
2a:12:35:fc:6c:fc:8b:b3:60:d3:e6:33:49:2c:45:
bf:f6:9b:d4:dd:61:ba:dd:46:e7:89:12:d9:9e:6b:
26:f8:21:1e:81:2e:0e:c1:ca:76:7d:58:93:15:ac:
af:28:e1:3b:db:8d:bd:ea:34:22:07:7a:64:0c:03:
b0:10:a6:ef:28:6a:4b:a5:cd:47:a2:52:95:40:e6:
c3:5a:9b:4d:e8:c2:ff:9a:8f:4d:db:8a:d7:e0:8e:
c3:03:5f:d7:51:52:c1:7d:4e:d5:4f:97:11:37:65:
d7:a5:cc:ed:f6:34:55:4b:eb:06:25:a9:1b:6f:18:
53:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:76:97:34:54:98:1B:13:B0:DD:1F:4B:E8:8D:33:E9:5F:A6:5D:BE
X509v3 Authority Key Identifier:
keyid:BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/7HaXNFSYGxOw3R9L6I0z6V-mXb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.6.0/24
Signature Algorithm: sha256WithRSAEncryption
20:fc:1d:cb:17:77:39:93:4b:1b:c5:37:d3:86:4c:f8:e1:e6:
cb:99:62:30:09:e2:6d:8f:cc:26:00:56:fb:08:69:82:36:25:
c1:3c:b8:fe:a6:b7:79:30:24:1d:a2:01:6c:1d:fc:35:e7:23:
02:aa:8a:ac:df:53:69:3d:cd:e9:e9:9e:19:61:53:b6:7b:90:
64:fc:48:ac:67:ad:b2:c4:39:4d:fd:01:12:d0:48:ac:a8:fc:
8a:a2:00:72:ab:ce:29:2f:73:f3:fb:1a:2a:6e:6e:49:92:40:
ee:99:68:12:1d:b4:b2:a4:5e:8a:9b:2a:0f:c0:0e:73:46:01:
9f:69:10:40:14:e2:54:68:0a:d8:42:33:6a:8c:1a:8e:a8:8c:
1f:9b:8c:44:84:d3:af:a4:a0:7b:a0:d1:02:22:9e:b0:e9:40:
39:9a:d1:d4:b9:a6:44:e9:7a:08:f9:a6:25:68:0a:83:dc:22:
36:15:fb:ac:24:68:3b:f2:1d:2c:9d:de:06:5b:64:a1:b7:f7:
ce:f7:ff:65:c1:f4:18:e5:fb:fa:da:3f:e2:f6:c3:e7:4c:4e:
11:40:19:51:26:6d:07:db:92:e6:aa:9d:19:2c:f5:b4:d2:fc:
32:36:23:32:45:a6:27:40:4a:ad:03:00:ef:40:2b:22:d5:dd:
5b:8d:5a:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi++xH83/u8mRPNwKvFQmdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMzY2ODYyOGYwZGY3OWQwNDdlY2EwZDlhZGNmYzBiNjY5
M2UzMDkwHhcNMjUwMTAxMTc0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzc2OTczNDU0OTgxYjEzYjBkZDFmNGJlODhkMzNlOTVmYTY1ZGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7OF599Rlf0dR8EMjYddFNddKYxc
ukCqdlcIja6xF70fn/Wk7UEOPS1kg3wjnyaFL+6pCkWjGAE2lzMy1z29Jrke6Spw
B6Sob27hHTPU+E2E4U143TuI237WNhDKhuxectuBl1boJ5pQcnvawHxSLX9C6anL
ElZxEIRtlAEwXss3SyI8VmYqEjX8bPyLs2DT5jNJLEW/9pvU3WG63UbniRLZnmsm
+CEegS4Owcp2fViTFayvKOE724296jQiB3pkDAOwEKbvKGpLpc1HolKVQObDWptN
6ML/mo9N24rX4I7DA1/XUVLBfU7VT5cRN2XXpczt9jRVS+sGJakbbxhTsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOx2lzRUmBsTsN0fS+iNM+lfpl2+MB8GA1UdIwQY
MBaAFL02aGKPDfedBH7KDZrc/Atmk+MJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMt
ZTZiZjMxNmM5NGExLzEvN0hhWE5GU1lHeE93M1I5TDZJMHo2Vi1tWGI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMtZTZiZjMxNmM5NGEx
LzEvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZUGMA0G
CSqGSIb3DQEBCwUAA4IBAQAg/B3LF3c5k0sbxTfThkz44ebLmWIwCeJtj8wmAFb7
CGmCNiXBPLj+prd5MCQdogFsHfw15yMCqoqs31NpPc3p6Z4ZYVO2e5Bk/EisZ62y
xDlN/QES0EisqPyKogByq84pL3Pz+xoqbm5JkkDumWgSHbSypF6KmyoPwA5zRgGf
aRBAFOJUaArYQjNqjBqOqIwfm4xEhNOvpKB7oNECIp6w6UA5mtHUuaZE6XoI+aYl
aAqD3CI2FfusJGg78h0snd4GW2Sht/fO9/9lwfQY5fv62j/i9sPnTE4RQBlRJm0H
25Lmqp0ZLPW00vwyNiMyRaYnQEqtAwDvQCsi1d1bjVo0
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:41:28 2025 by rpki-client