Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/b431ca-5275-42b5-8d54-d196f9291732/1/yLW-Wxb-WEK3SlgHfRgcFULgwtU.roa
File: yLW-Wxb-WEK3SlgHfRgcFULgwtU.roa (raw, json)
Hash identifier: 47c/8wbrDeeCgPSJoS7prqWBSvhn47quuwVKT8eb4AA=
Subject key identifier: C8:B5:BE:5B:16:FE:58:42:B7:4A:58:07:7D:18:1C:15:42:E0:C2:D5
Certificate issuer: /CN=b9b0d33432eca77c054e8fa8707248da4e47db0b
Certificate serial: 019420D654A803655CF1168CFA6A5F3D3464
Authority key identifier: B9:B0:D3:34:32:EC:A7:7C:05:4E:8F:A8:70:72:48:DA:4E:47:DB:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ubDTNDLsp3wFTo-ocHJI2k5H2ws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/b431ca-5275-42b5-8d54-d196f9291732/1/yLW-Wxb-WEK3SlgHfRgcFULgwtU.roa
Signing time: Wed 01 Jan 2025 07:48:24 +0000
ROA not before: Wed 01 Jan 2025 07:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211439
IP address blocks: 45.85.92.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/b431ca-5275-42b5-8d54-d196f9291732/1/ubDTNDLsp3wFTo-ocHJI2k5H2ws.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/b431ca-5275-42b5-8d54-d196f9291732/1/ubDTNDLsp3wFTo-ocHJI2k5H2ws.mft
rsync://rpki.ripe.net/repository/DEFAULT/ubDTNDLsp3wFTo-ocHJI2k5H2ws.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:54:a8:03:65:5c:f1:16:8c:fa:6a:5f:3d:34:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9b0d33432eca77c054e8fa8707248da4e47db0b
Validity
Not Before: Jan 1 07:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c8b5be5b16fe5842b74a58077d181c1542e0c2d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:38:30:78:f7:0d:6a:5a:eb:a9:63:8a:ad:41:
f8:2e:41:82:d1:df:fd:d9:77:b7:d3:32:b8:45:ba:
19:83:97:b0:b0:a8:0e:95:f7:de:32:50:55:ec:62:
b3:c7:29:d7:e5:0d:9c:02:ac:29:1c:61:ff:97:6b:
fd:94:53:47:22:fb:2d:44:29:23:09:38:a7:b2:b4:
23:d0:46:e9:79:e9:9f:c5:6f:f9:72:24:c1:6e:4c:
8f:64:d8:15:93:51:c9:2c:dc:e8:f0:59:a5:b7:5c:
a3:e7:8a:0f:de:43:ac:92:3c:83:b5:c3:70:96:5b:
ac:84:04:72:21:40:c6:a2:2c:c3:50:bf:73:dc:0a:
e2:e6:2f:6d:97:bf:4b:6f:b1:ef:cd:c4:4e:c8:5d:
49:2f:e3:a9:7a:ce:0b:1e:1c:01:fd:4e:0a:1a:c6:
dc:30:92:02:65:c1:4e:73:95:8e:30:93:86:e1:13:
f8:b9:91:09:a3:61:8e:ce:72:b4:a0:29:57:cc:d5:
2e:d5:47:15:f6:10:f9:41:9f:a2:c6:72:c6:99:35:
d6:d1:25:d3:5a:1b:a5:bd:a2:8f:45:9b:c8:d4:86:
d1:e0:48:e7:22:bf:9c:10:e8:28:4e:e3:de:34:6c:
e0:c1:5a:83:46:f2:c3:ab:0e:b0:1a:ca:81:eb:ac:
2a:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:B5:BE:5B:16:FE:58:42:B7:4A:58:07:7D:18:1C:15:42:E0:C2:D5
X509v3 Authority Key Identifier:
keyid:B9:B0:D3:34:32:EC:A7:7C:05:4E:8F:A8:70:72:48:DA:4E:47:DB:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ubDTNDLsp3wFTo-ocHJI2k5H2ws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b431ca-5275-42b5-8d54-d196f9291732/1/yLW-Wxb-WEK3SlgHfRgcFULgwtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b431ca-5275-42b5-8d54-d196f9291732/1/ubDTNDLsp3wFTo-ocHJI2k5H2ws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.92.0/24
Signature Algorithm: sha256WithRSAEncryption
50:2a:16:7c:b2:14:dc:a4:06:a8:d9:f1:e2:bf:c0:86:d0:e0:
8c:77:7d:3d:36:86:99:c6:cf:a6:c7:25:c2:dd:a5:c3:a0:f4:
45:5c:26:f7:62:00:d3:69:33:db:11:97:5e:06:f7:04:4e:40:
22:64:d6:fa:76:70:58:c1:82:e0:13:b2:ad:93:ff:be:f1:c9:
0d:0b:ec:9e:d1:88:d9:13:25:2b:e4:bc:a2:7d:d5:b3:e4:9f:
9f:87:f1:0c:00:4d:ea:fe:4a:51:a6:e3:7a:fd:0c:f2:f2:49:
d3:bd:2b:18:13:0d:38:47:ee:17:f2:82:62:87:a9:cb:ff:69:
70:8e:16:f6:fa:d0:ea:a4:ac:fc:cc:b1:32:92:12:42:6b:2e:
de:c4:9b:7d:0e:a9:6a:d0:a4:5e:da:3e:c8:7e:21:8c:90:56:
c5:db:d2:20:50:ab:df:9b:52:3d:e6:26:09:eb:2f:fb:4a:c6:
61:57:6b:01:ce:42:9c:20:ac:8a:d5:05:37:66:f5:fd:ba:1d:
f6:56:38:9f:78:fe:b3:f3:23:76:13:44:6e:e4:e5:27:2e:38:
6b:13:0a:52:f2:34:83:3e:56:ac:0c:db:d3:23:ad:cb:5e:35:
ab:ed:5e:3e:2f:b3:74:a5:fe:5a:ed:5a:4f:e0:ee:66:75:a3:
78:b0:06:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1lSoA2Vc8RaM+mpfPTRkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YjBkMzM0MzJlY2E3N2MwNTRlOGZhODcwNzI0OGRhNGU0
N2RiMGIwHhcNMjUwMTAxMDc0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGI1YmU1YjE2ZmU1ODQyYjc0YTU4MDc3ZDE4MWMxNTQyZTBjMmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzgwePcNalrrqWOKrUH4LkGC0d/9
2Xe30zK4RboZg5ewsKgOlffeMlBV7GKzxynX5Q2cAqwpHGH/l2v9lFNHIvstRCkj
CTinsrQj0EbpeemfxW/5ciTBbkyPZNgVk1HJLNzo8Fmlt1yj54oP3kOskjyDtcNw
llushARyIUDGoizDUL9z3Ari5i9tl79Lb7HvzcROyF1JL+Opes4LHhwB/U4KGsbc
MJICZcFOc5WOMJOG4RP4uZEJo2GOznK0oClXzNUu1UcV9hD5QZ+ixnLGmTXW0SXT
WhulvaKPRZvI1IbR4EjnIr+cEOgoTuPeNGzgwVqDRvLDqw6wGsqB66wq+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMi1vlsW/lhCt0pYB30YHBVC4MLVMB8GA1UdIwQY
MBaAFLmw0zQy7Kd8BU6PqHBySNpOR9sLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWJEVE5ETHNwM3dGVG8tb2NISkkyazVIMndzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9iNDMxY2EtNTI3NS00MmI1LThkNTQt
ZDE5NmY5MjkxNzMyLzEveUxXLVd4Yi1XRUszU2xnSGZSZ2NGVUxnd3RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9iNDMxY2EtNTI3NS00MmI1LThkNTQtZDE5NmY5MjkxNzMy
LzEvdWJEVE5ETHNwM3dGVG8tb2NISkkyazVIMndzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVVcMA0G
CSqGSIb3DQEBCwUAA4IBAQBQKhZ8shTcpAao2fHiv8CG0OCMd309NoaZxs+mxyXC
3aXDoPRFXCb3YgDTaTPbEZdeBvcETkAiZNb6dnBYwYLgE7Ktk/++8ckNC+ye0YjZ
EyUr5LyifdWz5J+fh/EMAE3q/kpRpuN6/Qzy8knTvSsYEw04R+4X8oJih6nL/2lw
jhb2+tDqpKz8zLEykhJCay7exJt9Dqlq0KRe2j7IfiGMkFbF29IgUKvfm1I95iYJ
6y/7SsZhV2sBzkKcIKyK1QU3ZvX9uh32VjifeP6z8yN2E0Ru5OUnLjhrEwpS8jSD
PlasDNvTI63LXjWr7V4+L7N0pf5a7VpP4O5mdaN4sAZp
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:00:07 2025 by rpki-client