Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/YvEsta7UkUfJxn1JV9JHj6QzL1k.roa
File: YvEsta7UkUfJxn1JV9JHj6QzL1k.roa (raw, json)
Hash identifier: cVuuCBZsVwaCNI4FHR4twQLuwRlOFeF2gBPEHlJV5sI=
Subject key identifier: 62:F1:2C:B5:AE:D4:91:47:C9:C6:7D:49:57:D2:47:8F:A4:33:2F:59
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 0194266B0E8EE4D04127FEF4ED9B65B8D1DC
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/YvEsta7UkUfJxn1JV9JHj6QzL1k.roa
Signing time: Thu 02 Jan 2025 09:48:57 +0000
ROA not before: Thu 02 Jan 2025 09:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213360
IP address blocks: 45.86.157.0/24 maxlen: 24
193.38.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 12:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:0e:8e:e4:d0:41:27:fe:f4:ed:9b:65:b8:d1:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jan 2 09:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=62f12cb5aed49147c9c67d4957d2478fa4332f59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:71:ad:6f:4b:6e:01:1c:01:35:27:13:46:b8:
08:db:d2:97:62:49:bd:a7:1c:5c:60:73:ae:82:1c:
16:49:1f:5b:e2:aa:5a:37:f2:55:8b:bd:a0:2a:2a:
ec:9b:f5:83:e5:67:4c:77:66:f2:a8:b8:bc:54:64:
be:6e:94:00:3a:71:83:c4:c3:78:94:e5:5c:5c:6b:
27:28:41:43:06:45:82:86:18:2e:e6:b1:56:d0:3a:
28:23:1b:a4:87:de:f4:f9:4a:40:c1:85:0b:44:0a:
87:40:5b:d4:e0:57:92:3b:6e:3c:de:d3:ec:7a:89:
e6:22:d1:7d:7a:3c:1d:88:43:3a:dc:ea:fa:c2:c7:
b1:5a:b0:0e:ac:52:59:7c:5e:20:9d:94:63:91:7e:
9a:f0:93:39:bc:fd:a2:56:3a:fb:3e:c8:55:a2:62:
7c:43:10:b7:31:29:c0:d9:b1:91:76:e5:36:3b:08:
10:8e:79:0a:ca:19:17:c9:e0:ff:f5:0e:27:df:e4:
cc:1c:9b:f4:df:e2:99:33:53:05:0f:ff:80:ee:81:
ea:5c:70:03:eb:2d:8b:de:d8:4b:4b:ed:8b:8a:96:
aa:d2:d7:8e:1c:4c:69:4c:ba:2f:95:68:a8:30:df:
8f:67:64:81:39:fa:e1:4c:39:82:f1:e9:d8:87:28:
39:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:F1:2C:B5:AE:D4:91:47:C9:C6:7D:49:57:D2:47:8F:A4:33:2F:59
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/YvEsta7UkUfJxn1JV9JHj6QzL1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.157.0/24
193.38.251.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:ab:ff:80:04:1b:e1:1b:ea:87:9d:ff:4c:98:42:2e:24:02:
ec:7d:33:e2:90:70:38:5c:f3:df:ed:c7:96:27:d1:45:8d:28:
80:52:19:36:26:9d:e8:ca:05:c1:17:61:8e:10:42:6f:ad:34:
02:08:2e:92:ff:4e:ab:61:85:da:e0:c1:ab:13:3f:9f:8a:9a:
4d:9c:01:71:66:33:4e:2d:69:7c:2c:4b:f6:f5:3d:7b:58:08:
2c:c7:2f:0e:31:78:80:c0:a3:2e:5d:0b:17:ef:7c:a8:78:fe:
81:b6:f1:3c:f1:d9:2c:67:b8:de:ab:cf:09:e0:34:25:02:66:
7f:53:50:a5:a4:9d:f6:57:2c:e6:18:61:17:6a:54:13:f5:fa:
47:ef:08:d1:fe:df:05:e4:e2:7a:b9:3b:92:c7:fb:69:3c:dd:
e9:8d:30:a9:af:4e:d5:f8:7a:31:a9:c6:be:1a:80:f1:a5:ec:
3e:f7:f5:e4:83:c8:d7:98:b4:de:6c:1b:53:2e:07:14:d7:b2:
82:b9:e3:2a:34:c4:f9:bd:ef:40:da:18:ff:f0:49:0b:81:ff:
23:2b:8a:45:42:70:0b:ee:a8:fe:a7:92:bd:1c:76:7f:60:99:
21:99:39:f4:40:bb:d2:2c:b0:6e:a5:e7:41:51:df:f6:3a:58:
43:f8:45:65
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQmaw6O5NBBJ/707ZtluNHcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjUwMTAyMDk0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmYxMmNiNWFlZDQ5MTQ3YzljNjdkNDk1N2QyNDc4ZmE0MzMyZjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXGtb0tuARwBNScTRrgI29KXYkm9
pxxcYHOughwWSR9b4qpaN/JVi72gKirsm/WD5WdMd2byqLi8VGS+bpQAOnGDxMN4
lOVcXGsnKEFDBkWChhgu5rFW0DooIxukh970+UpAwYULRAqHQFvU4FeSO2483tPs
eonmItF9ejwdiEM63Or6wsexWrAOrFJZfF4gnZRjkX6a8JM5vP2iVjr7PshVomJ8
QxC3MSnA2bGRduU2OwgQjnkKyhkXyeD/9Q4n3+TMHJv03+KZM1MFD/+A7oHqXHAD
6y2L3thLS+2Lipaq0teOHExpTLovlWioMN+PZ2SBOfrhTDmC8enYhyg5xwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGLxLLWu1JFHycZ9SVfSR4+kMy9ZMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvWXZFc3RhN1VrVWZKeG4xSlY5SkhqNlF6TDFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVadAwQA
wSb7MA0GCSqGSIb3DQEBCwUAA4IBAQBfq/+ABBvhG+qHnf9MmEIuJALsfTPikHA4
XPPf7ceWJ9FFjSiAUhk2Jp3oygXBF2GOEEJvrTQCCC6S/06rYYXa4MGrEz+fippN
nAFxZjNOLWl8LEv29T17WAgsxy8OMXiAwKMuXQsX73yoeP6BtvE88dksZ7jeq88J
4DQlAmZ/U1ClpJ32VyzmGGEXalQT9fpH7wjR/t8F5OJ6uTuSx/tpPN3pjTCpr07V
+Hoxqca+GoDxpew+9/Xkg8jXmLTebBtTLgcU17KCueMqNMT5ve9A2hj/8EkLgf8j
K4pFQnAL7qj+p5K9HHZ/YJkhmTn0QLvSLLBupedBUd/2OlhD+EVl
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:42:21 2025 by rpki-client