Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/uEa4VCZILMCQRsys6WvXG83b7YM.roa
File: uEa4VCZILMCQRsys6WvXG83b7YM.roa (raw, json)
Hash identifier: O5aMlB/YmCcBFoGT+J12Tptzaa4UmyfnNDq0vC5SG6c=
Subject key identifier: B8:46:B8:54:26:48:2C:C0:90:46:CC:AC:E9:6B:D7:1B:CD:DB:ED:83
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 0194D210D7CA8F3A73BF80F870FDB5B2E0AD
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/uEa4VCZILMCQRsys6WvXG83b7YM.roa
Signing time: Tue 04 Feb 2025 17:45:06 +0000
ROA not before: Tue 04 Feb 2025 17:45:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216246
IP address blocks: 45.134.12.0/24 maxlen: 24
45.134.13.0/24 maxlen: 24
45.134.14.0/24 maxlen: 24
45.134.15.0/24 maxlen: 24
103.71.22.0/24 maxlen: 24
103.71.23.0/24 maxlen: 24
103.249.132.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d2:10:d7:ca:8f:3a:73:bf:80:f8:70:fd:b5:b2:e0:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Feb 4 17:45:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b846b85426482cc09046ccace96bd71bcddbed83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:7f:ec:dd:e9:f6:1f:67:2c:0c:f6:f4:f1:6d:
5c:02:f4:a5:e6:2e:1e:10:f2:f3:50:5c:86:2a:e0:
0d:1f:e5:21:ea:a3:bd:4c:69:23:d1:91:8e:cc:6a:
9e:7d:cd:b9:8a:a9:b2:c3:a5:2d:d7:1b:15:d0:3c:
b8:a6:cb:a3:c7:77:76:0d:5f:26:a7:6e:cf:aa:dc:
1b:30:a6:3d:5b:6c:a7:f7:3f:f7:17:c6:e7:8a:91:
91:41:a1:4c:da:77:9d:7b:d5:dc:97:e2:89:01:5e:
87:36:80:c6:a0:2f:71:e9:75:07:90:ff:3d:f6:20:
22:03:21:51:c4:e5:ad:8d:5f:2c:41:5d:a1:ec:71:
f6:aa:a4:d7:4a:20:ce:e2:c2:b4:60:44:f1:4d:64:
26:ac:ff:42:01:e9:c2:99:61:19:8b:14:c0:69:e5:
e1:ea:ee:2e:e8:2e:7f:8c:74:e9:ad:b9:80:45:cc:
c8:08:92:36:58:59:9b:a0:2a:22:49:c9:87:67:52:
8a:99:c1:55:f6:e4:41:6e:fb:56:27:70:57:64:18:
d4:1c:b1:a7:b7:6f:b1:3e:cd:9f:3e:8c:3f:98:30:
23:2c:6f:23:34:67:34:d8:e9:90:db:ab:a4:bf:3d:
a7:e4:70:9d:7e:cf:66:0c:61:d5:fd:dc:e8:d0:8e:
cb:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:46:B8:54:26:48:2C:C0:90:46:CC:AC:E9:6B:D7:1B:CD:DB:ED:83
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/uEa4VCZILMCQRsys6WvXG83b7YM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.12.0/22
103.71.22.0/23
103.249.132.0/22
Signature Algorithm: sha256WithRSAEncryption
51:0d:f8:66:71:e9:a8:b3:59:a5:cb:a2:8a:a2:9e:be:8d:3b:
ee:98:92:96:ea:d7:b6:b6:eb:61:08:ca:c3:38:03:39:de:21:
8c:66:2a:01:70:3c:4d:2d:18:44:18:5d:f7:2a:ea:77:eb:dd:
02:1b:69:03:4d:23:e1:71:ff:82:c5:57:4e:d7:8f:46:22:18:
2e:13:36:27:c6:80:69:c9:a4:83:93:e1:cd:b8:fd:02:9d:f3:
5d:38:83:54:b1:6f:14:0b:ab:fa:12:a6:e7:63:32:51:bc:59:
f3:73:d1:34:9c:75:6f:64:7d:18:ea:f9:fa:4f:26:30:e8:a6:
45:da:f1:f3:7b:5c:d0:4c:58:46:fb:89:ac:ef:d4:f2:b1:57:
2f:2a:59:46:91:23:64:f6:90:56:ad:b9:7d:b0:a3:06:8b:28:
12:a7:b6:a3:6d:11:9f:f3:10:18:89:65:c9:db:c3:71:f0:3c:
c4:57:cd:dd:bb:c4:b9:3e:43:cf:16:48:73:a2:50:c3:dc:d7:
70:2e:a1:4d:c8:d1:d7:52:84:35:f9:66:2b:24:97:5a:c6:04:
17:70:e2:fa:0c:8c:26:61:ec:0a:b2:d1:95:36:41:75:e6:84:
ee:16:29:af:9e:07:f1:be:08:d9:24:7c:dc:3d:0e:af:bd:f6:
1e:3a:5b:0c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZTSENfKjzpzv4D4cP21suCtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjUwMjA0MTc0NTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODQ2Yjg1NDI2NDgyY2MwOTA0NmNjYWNlOTZiZDcxYmNkZGJlZDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3n/s3en2H2csDPb08W1cAvSl5i4e
EPLzUFyGKuANH+Uh6qO9TGkj0ZGOzGqefc25iqmyw6Ut1xsV0Dy4psujx3d2DV8m
p27PqtwbMKY9W2yn9z/3F8bnipGRQaFM2nede9Xcl+KJAV6HNoDGoC9x6XUHkP89
9iAiAyFRxOWtjV8sQV2h7HH2qqTXSiDO4sK0YETxTWQmrP9CAenCmWEZixTAaeXh
6u4u6C5/jHTprbmARczICJI2WFmboCoiScmHZ1KKmcFV9uRBbvtWJ3BXZBjUHLGn
t2+xPs2fPow/mDAjLG8jNGc02OmQ26ukvz2n5HCdfs9mDGHV/dzo0I7LHwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLhGuFQmSCzAkEbMrOlr1xvN2+2DMB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvdUVhNFZDWklMTUNRUnN5czZXdlhHODNiN1lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLYYMAwQB
Z0cWAwQCZ/mEMA0GCSqGSIb3DQEBCwUAA4IBAQBRDfhmcemos1mly6KKop6+jTvu
mJKW6te2tuthCMrDOAM53iGMZioBcDxNLRhEGF33Kup3690CG2kDTSPhcf+CxVdO
149GIhguEzYnxoBpyaSDk+HNuP0CnfNdOINUsW8UC6v6EqbnYzJRvFnzc9E0nHVv
ZH0Y6vn6TyYw6KZF2vHze1zQTFhG+4ms79TysVcvKllGkSNk9pBWrbl9sKMGiygS
p7ajbRGf8xAYiWXJ28Nx8DzEV83du8S5PkPPFkhzolDD3NdwLqFNyNHXUoQ1+WYr
JJdaxgQXcOL6DIwmYewKstGVNkF15oTuFimvngfxvgjZJHzcPQ6vvfYeOlsM
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:18:03 2025 by rpki-client