Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/IoE67Ac0pXcZcF9gBBC8VKka1vE.roa
File: IoE67Ac0pXcZcF9gBBC8VKka1vE.roa (raw, json)
Hash identifier: kt4XWZcgrYkLHsaAC2c2z5iyqyhmqC0zJwGvhSrnQ3E=
Subject key identifier: 22:81:3A:EC:07:34:A5:77:19:70:5F:60:04:10:BC:54:A9:1A:D6:F1
Certificate issuer: /CN=d60f45f7cc4b691fd4a31c1f1c0b4f605d77a6ef
Certificate serial: 019582608A889F44E7F2F7BBDEDE5F71473A
Authority key identifier: D6:0F:45:F7:CC:4B:69:1F:D4:A3:1C:1F:1C:0B:4F:60:5D:77:A6:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1g9F98xLaR_UoxwfHAtPYF13pu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/IoE67Ac0pXcZcF9gBBC8VKka1vE.roa
Signing time: Mon 10 Mar 2025 23:25:19 +0000
ROA not before: Mon 10 Mar 2025 23:25:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2027
IP address blocks: 45.13.104.0/22 maxlen: 22
62.204.43.0/24 maxlen: 24
193.58.42.0/23 maxlen: 24
195.20.209.0/24 maxlen: 24
2a0e:e700::/31 maxlen: 31
2a0f:ce00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/1g9F98xLaR_UoxwfHAtPYF13pu8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/1g9F98xLaR_UoxwfHAtPYF13pu8.mft
rsync://rpki.ripe.net/repository/DEFAULT/1g9F98xLaR_UoxwfHAtPYF13pu8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:82:60:8a:88:9f:44:e7:f2:f7:bb:de:de:5f:71:47:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60f45f7cc4b691fd4a31c1f1c0b4f605d77a6ef
Validity
Not Before: Mar 10 23:25:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22813aec0734a57719705f600410bc54a91ad6f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e5:ad:5c:c6:c8:81:0d:84:d3:b5:f7:6f:77:
6a:1b:2c:84:3d:f4:33:4f:68:c1:ec:8c:c5:18:16:
85:8d:83:fa:da:e4:4c:3a:be:a6:3e:be:95:92:a4:
a3:9a:03:40:8c:65:e0:c8:6f:56:0d:7a:47:9c:7a:
0a:41:7a:76:40:e7:7f:ed:cb:d3:9d:0a:ff:b8:b5:
ca:e5:3e:d6:1c:10:b3:b5:c0:be:ed:bb:fa:58:c3:
15:fd:95:57:3a:b4:1d:e9:08:95:16:cc:9a:fa:4b:
f5:b4:69:72:46:87:5d:03:fd:a5:4e:12:b7:d6:3b:
23:dc:43:69:cf:d2:03:a4:b3:4d:3b:de:52:79:f5:
da:f7:b1:c9:d7:57:9b:ee:79:15:0d:cf:6a:88:85:
9e:e8:53:6f:1d:eb:b8:81:01:0e:82:96:58:9b:70:
10:22:da:c6:73:3f:39:ab:1f:19:35:10:92:01:8b:
cf:53:12:77:93:a8:b7:c5:65:42:ad:fe:b6:c9:9d:
3d:5d:87:bd:c2:e2:65:be:94:71:a7:51:a1:6f:e7:
bf:92:48:c4:10:0e:32:94:95:b9:4a:36:f6:00:31:
a1:79:2f:55:41:67:a4:cc:20:8d:4f:9e:21:dc:df:
0f:00:4b:d3:67:4e:91:ff:77:61:f8:0d:84:89:e1:
0b:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:81:3A:EC:07:34:A5:77:19:70:5F:60:04:10:BC:54:A9:1A:D6:F1
X509v3 Authority Key Identifier:
keyid:D6:0F:45:F7:CC:4B:69:1F:D4:A3:1C:1F:1C:0B:4F:60:5D:77:A6:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1g9F98xLaR_UoxwfHAtPYF13pu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/IoE67Ac0pXcZcF9gBBC8VKka1vE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/1g9F98xLaR_UoxwfHAtPYF13pu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.104.0/22
62.204.43.0/24
193.58.42.0/23
195.20.209.0/24
IPv6:
2a0e:e700::/31
2a0f:ce00::/29
Signature Algorithm: sha256WithRSAEncryption
c3:26:2c:f9:3b:34:f3:8b:3a:5e:ab:19:2d:ce:80:ee:16:eb:
42:ba:2a:4f:99:eb:8d:0e:1d:57:af:4a:5c:06:45:cd:ce:83:
ae:17:6c:26:a4:f6:a1:8d:02:1f:6c:55:ed:a0:3a:74:ca:c3:
c9:26:b1:a1:a5:8d:b5:ab:48:f0:b6:20:f3:00:04:87:40:a5:
7a:2c:be:1b:1d:f4:84:b9:73:d1:f0:69:c7:7a:d6:76:02:90:
f3:b9:33:66:17:c3:52:a7:de:27:b7:c5:1c:4c:73:62:0d:1f:
00:a7:c8:56:db:9a:88:ce:47:89:21:6a:ea:1b:53:fa:cf:48:
82:3e:93:d6:20:db:d2:38:eb:36:95:b1:9b:f3:c0:72:dc:38:
21:9a:2a:33:0f:12:76:39:ea:ac:80:bf:59:ba:56:e5:5c:34:
9e:6a:d4:dc:13:9d:bf:98:80:a1:f7:43:ab:b2:bd:46:8c:51:
29:17:de:72:e3:c7:da:7a:e6:fe:0a:fe:78:eb:04:63:c8:8c:
f2:fa:09:04:8c:c2:80:c5:b1:f3:df:ed:40:3a:af:3e:76:5c:
fe:84:35:29:1c:c8:b7:9a:93:2c:3a:8f:ff:92:34:24:10:d0:
ca:21:d7:34:81:b7:21:77:2e:15:f5:a5:e3:80:49:64:89:b0:
41:97:20:b8
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZWCYIqIn0Tn8ve73t5fcUc6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MGY0NWY3Y2M0YjY5MWZkNGEzMWMxZjFjMGI0ZjYwNWQ3
N2E2ZWYwHhcNMjUwMzEwMjMyNTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjgxM2FlYzA3MzRhNTc3MTk3MDVmNjAwNDEwYmM1NGE5MWFkNmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOWtXMbIgQ2E07X3b3dqGyyEPfQz
T2jB7IzFGBaFjYP62uRMOr6mPr6VkqSjmgNAjGXgyG9WDXpHnHoKQXp2QOd/7cvT
nQr/uLXK5T7WHBCztcC+7bv6WMMV/ZVXOrQd6QiVFsya+kv1tGlyRoddA/2lThK3
1jsj3ENpz9IDpLNNO95SefXa97HJ11eb7nkVDc9qiIWe6FNvHeu4gQEOgpZYm3AQ
ItrGcz85qx8ZNRCSAYvPUxJ3k6i3xWVCrf62yZ09XYe9wuJlvpRxp1Ghb+e/kkjE
EA4ylJW5Sjb2ADGheS9VQWekzCCNT54h3N8PAEvTZ06R/3dh+A2EieEL+QIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFCKBOuwHNKV3GXBfYAQQvFSpGtbxMB8GA1UdIwQY
MBaAFNYPRffMS2kf1KMcHxwLT2Bdd6bvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWc5Rjk4eExhUl9Vb3h3ZkhBdFBZRjEzcHU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hZDMwNDQtY2RjZS00NmNmLTkyYzkt
YTk1NGQwNTM5OTRhLzEvSW9FNjdBYzBwWGNaY0Y5Z0JCQzhWS2thMXZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hZDMwNDQtY2RjZS00NmNmLTkyYzktYTk1NGQwNTM5OTRh
LzEvMWc5Rjk4eExhUl9Vb3h3ZkhBdFBZRjEzcHU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQCLQ1oAwQA
PswrAwQBwToqAwQAwxTRMBQEAgACMA4DBQEqDucAAwUDKg/OADANBgkqhkiG9w0B
AQsFAAOCAQEAwyYs+Ts084s6XqsZLc6A7hbrQroqT5nrjQ4dV69KXAZFzc6Drhds
JqT2oY0CH2xV7aA6dMrDySaxoaWNtatI8LYg8wAEh0Cleiy+Gx30hLlz0fBpx3rW
dgKQ87kzZhfDUqfeJ7fFHExzYg0fAKfIVtuaiM5HiSFq6htT+s9Igj6T1iDb0jjr
NpWxm/PActw4IZoqMw8SdjnqrIC/WbpW5Vw0nmrU3BOdv5iAofdDq7K9RoxRKRfe
cuPH2nrm/gr+eOsEY8iM8voJBIzCgMWx89/tQDqvPnZc/oQ1KRzIt5qTLDqP/5I0
JBDQyiHXNIG3IXcuFfWl44BJZImwQZcguA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:58:06 2025 by rpki-client