Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/8e8e82-5274-4d2f-8ca0-ab19fcb0ce64/1/myrzpFPZKEFrMiKvWzGEDQDrl_I.roa
File: myrzpFPZKEFrMiKvWzGEDQDrl_I.roa (raw, json)
Hash identifier: J9rVlZg9Lutrp3UmbnqdopvJazmPd6IwXd6xHibeysc=
Subject key identifier: 9B:2A:F3:A4:53:D9:28:41:6B:32:22:AF:5B:31:84:0D:00:EB:97:F2
Certificate issuer: /CN=e15808f3f921bc8c3eea87c7584c584c1000b051
Certificate serial: 0194266C0DDC2062B2923842DF115BEFC789
Authority key identifier: E1:58:08:F3:F9:21:BC:8C:3E:EA:87:C7:58:4C:58:4C:10:00:B0:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4VgI8_khvIw-6ofHWExYTBAAsFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/8e8e82-5274-4d2f-8ca0-ab19fcb0ce64/1/myrzpFPZKEFrMiKvWzGEDQDrl_I.roa
Signing time: Thu 02 Jan 2025 09:50:03 +0000
ROA not before: Thu 02 Jan 2025 09:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204860
IP address blocks: 45.156.44.0/22 maxlen: 22
45.158.88.0/22 maxlen: 22
194.180.110.0/24 maxlen: 24
194.180.115.0/24 maxlen: 24
194.180.150.0/24 maxlen: 24
194.180.154.0/24 maxlen: 24
2a0f:2a80::/29 maxlen: 48
2a0f:5880::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/8e8e82-5274-4d2f-8ca0-ab19fcb0ce64/1/4VgI8_khvIw-6ofHWExYTBAAsFE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/8e8e82-5274-4d2f-8ca0-ab19fcb0ce64/1/4VgI8_khvIw-6ofHWExYTBAAsFE.mft
rsync://rpki.ripe.net/repository/DEFAULT/4VgI8_khvIw-6ofHWExYTBAAsFE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:0d:dc:20:62:b2:92:38:42:df:11:5b:ef:c7:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e15808f3f921bc8c3eea87c7584c584c1000b051
Validity
Not Before: Jan 2 09:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b2af3a453d928416b3222af5b31840d00eb97f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ef:b4:11:fa:eb:31:fb:f5:97:dd:7b:d0:8f:
63:6a:b7:45:90:0a:8f:f7:d8:cd:ce:83:23:f2:39:
72:fb:9b:74:51:cb:65:fb:b1:35:a5:87:a7:e1:fb:
4c:2a:76:ad:ae:24:89:c0:f0:a6:4b:5b:23:ab:79:
5e:55:4e:0d:4f:0c:24:40:17:be:0b:89:28:e9:3d:
3f:1a:36:45:b4:4f:72:e6:d1:11:50:85:b5:fe:c0:
4e:1e:f0:df:08:d6:04:11:ff:27:b0:8f:b9:79:76:
d2:87:a0:55:a1:89:66:00:a5:98:6f:e4:2e:76:70:
ff:12:c8:22:24:01:8f:cf:ab:d8:9f:40:43:1e:0d:
20:dc:c3:9b:c4:34:e3:57:6d:58:38:de:25:93:4c:
80:7d:24:3f:9b:7c:4e:01:2f:e8:77:d9:24:72:33:
41:86:88:77:a4:c6:c6:e4:d3:4e:33:29:9a:63:e2:
ef:41:12:17:8c:90:a3:75:9b:64:30:4e:a4:65:1a:
74:74:1d:42:be:8e:b1:a2:f1:e7:16:72:e2:1d:04:
23:63:52:87:06:58:a0:94:41:bb:37:71:b7:06:cc:
96:7e:87:51:8f:45:e7:84:35:ab:de:a6:c6:ba:e5:
2d:a5:85:40:5b:44:7d:dc:16:15:df:fd:c2:82:1d:
99:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:2A:F3:A4:53:D9:28:41:6B:32:22:AF:5B:31:84:0D:00:EB:97:F2
X509v3 Authority Key Identifier:
keyid:E1:58:08:F3:F9:21:BC:8C:3E:EA:87:C7:58:4C:58:4C:10:00:B0:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VgI8_khvIw-6ofHWExYTBAAsFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/8e8e82-5274-4d2f-8ca0-ab19fcb0ce64/1/myrzpFPZKEFrMiKvWzGEDQDrl_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/8e8e82-5274-4d2f-8ca0-ab19fcb0ce64/1/4VgI8_khvIw-6ofHWExYTBAAsFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.44.0/22
45.158.88.0/22
194.180.110.0/24
194.180.115.0/24
194.180.150.0/24
194.180.154.0/24
IPv6:
2a0f:2a80::/29
2a0f:5880::/29
Signature Algorithm: sha256WithRSAEncryption
2a:dc:4d:9c:d1:ee:48:31:9f:56:93:3c:90:11:18:df:56:ef:
9a:c4:b8:e0:9d:00:c1:bf:4d:5f:0e:f1:03:87:46:bc:6f:ff:
fc:24:98:23:7a:50:e9:93:82:10:3a:6f:92:8c:9c:59:aa:11:
5f:cc:3e:d8:0d:02:6c:3d:44:c1:ad:a3:84:b4:7f:07:e6:d9:
27:da:05:70:56:98:82:cd:26:86:7f:0b:d9:6e:d6:3c:cf:89:
54:a7:10:80:a5:f8:72:28:e8:2e:d6:37:48:a1:74:51:19:23:
7b:89:9d:01:53:8f:6f:83:48:3c:78:7a:24:00:4e:a5:71:3d:
ae:87:14:b9:30:be:d5:55:f6:05:b8:20:64:11:0a:81:e1:b2:
8b:cb:55:d0:2a:98:81:8d:fa:33:7c:d8:49:03:09:98:e6:cc:
4d:6f:d8:a4:7c:29:4b:0d:dd:0d:33:f8:03:d3:35:bd:dc:7d:
5e:a9:32:2c:a5:2c:4b:71:7d:fb:ca:10:a4:ca:d2:0f:0a:91:
35:53:1f:96:06:43:de:cd:99:fd:af:70:07:6a:81:02:88:c0:
9c:79:db:a1:a1:ab:d4:0e:c3:41:e5:eb:e9:d0:0f:d1:92:43:
d9:d6:c4:13:e7:01:de:d6:f4:07:b8:74:a0:d1:f4:a3:96:f9:
c2:0e:92:58
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZQmbA3cIGKykjhC3xFb78eJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTgwOGYzZjkyMWJjOGMzZWVhODdjNzU4NGM1ODRjMTAw
MGIwNTEwHhcNMjUwMTAyMDk1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjJhZjNhNDUzZDkyODQxNmIzMjIyYWY1YjMxODQwZDAwZWI5N2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj++0EfrrMfv1l9170I9jardFkAqP
99jNzoMj8jly+5t0Uctl+7E1pYen4ftMKnatriSJwPCmS1sjq3leVU4NTwwkQBe+
C4ko6T0/GjZFtE9y5tERUIW1/sBOHvDfCNYEEf8nsI+5eXbSh6BVoYlmAKWYb+Qu
dnD/EsgiJAGPz6vYn0BDHg0g3MObxDTjV21YON4lk0yAfSQ/m3xOAS/od9kkcjNB
hoh3pMbG5NNOMymaY+LvQRIXjJCjdZtkME6kZRp0dB1Cvo6xovHnFnLiHQQjY1KH
BliglEG7N3G3BsyWfodRj0XnhDWr3qbGuuUtpYVAW0R93BYV3/3Cgh2ZawIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFJsq86RT2ShBazIir1sxhA0A65fyMB8GA1UdIwQY
MBaAFOFYCPP5IbyMPuqHx1hMWEwQALBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZnSThfa2h2SXctNm9mSFdFeFlUQkFBc0ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC84ZThlODItNTI3NC00ZDJmLThjYTAt
YWIxOWZjYjBjZTY0LzEvbXlyenBGUFpLRUZyTWlLdld6R0VEUURybF9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC84ZThlODItNTI3NC00ZDJmLThjYTAtYWIxOWZjYjBjZTY0
LzEvNFZnSThfa2h2SXctNm9mSFdFeFlUQkFBc0ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCLZwsAwQC
LZ5YAwQAwrRuAwQAwrRzAwQAwrSWAwQAwrSaMBQEAgACMA4DBQMqDyqAAwUDKg9Y
gDANBgkqhkiG9w0BAQsFAAOCAQEAKtxNnNHuSDGfVpM8kBEY31bvmsS44J0Awb9N
Xw7xA4dGvG///CSYI3pQ6ZOCEDpvkoycWaoRX8w+2A0CbD1Ewa2jhLR/B+bZJ9oF
cFaYgs0mhn8L2W7WPM+JVKcQgKX4cijoLtY3SKF0URkje4mdAVOPb4NIPHh6JABO
pXE9rocUuTC+1VX2BbggZBEKgeGyi8tV0CqYgY36M3zYSQMJmObMTW/YpHwpSw3d
DTP4A9M1vdx9XqkyLKUsS3F9+8oQpMrSDwqRNVMflgZD3s2Z/a9wB2qBAojAnHnb
oaGr1A7DQeXr6dAP0ZJD2dbEE+cB3tb0B7h0oNH0o5b5wg6SWA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:05:42 2025 by rpki-client