Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/42ef1b-10c7-4dac-9c13-6450f1841122/1/_l8jrf0myWSyZHEusIZ6cmnQafE.roa
File: _l8jrf0myWSyZHEusIZ6cmnQafE.roa (raw, json)
Hash identifier: gjseV+JPjv3tCrp8kMrsCJYjL6BjqLfcHlxvbKTgJog=
Subject key identifier: FE:5F:23:AD:FD:26:C9:64:B2:64:71:2E:B0:86:7A:72:69:D0:69:F1
Certificate issuer: /CN=d3624e908c7498fdb613542753ef56c75cd704bd
Certificate serial: 019422200D250DFFB41907649C36EA86E688
Authority key identifier: D3:62:4E:90:8C:74:98:FD:B6:13:54:27:53:EF:56:C7:5C:D7:04:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/02JOkIx0mP22E1QnU-9Wx1zXBL0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/42ef1b-10c7-4dac-9c13-6450f1841122/1/_l8jrf0myWSyZHEusIZ6cmnQafE.roa
Signing time: Wed 01 Jan 2025 13:48:33 +0000
ROA not before: Wed 01 Jan 2025 13:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8829
IP address blocks: 45.11.84.0/22 maxlen: 22
62.106.0.0/19 maxlen: 19
62.106.32.0/20 maxlen: 20
185.158.72.0/22 maxlen: 22
2a03:c80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/42ef1b-10c7-4dac-9c13-6450f1841122/1/02JOkIx0mP22E1QnU-9Wx1zXBL0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/42ef1b-10c7-4dac-9c13-6450f1841122/1/02JOkIx0mP22E1QnU-9Wx1zXBL0.mft
rsync://rpki.ripe.net/repository/DEFAULT/02JOkIx0mP22E1QnU-9Wx1zXBL0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:0d:25:0d:ff:b4:19:07:64:9c:36:ea:86:e6:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3624e908c7498fdb613542753ef56c75cd704bd
Validity
Not Before: Jan 1 13:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe5f23adfd26c964b264712eb0867a7269d069f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:3c:ab:a0:27:2f:ff:22:2b:e7:6f:4e:80:51:
7c:b4:dd:a8:0e:12:25:00:12:ae:c8:81:f9:3c:21:
20:a8:cb:67:55:0a:05:90:97:80:d2:01:75:a5:4c:
01:2d:e9:f6:62:a8:ea:64:dc:d3:d9:00:c2:8f:69:
a3:03:fc:a4:7d:5c:4a:af:1b:77:ea:31:0f:b8:73:
e7:06:d1:7c:9d:e1:1f:32:2c:12:ba:b4:45:fb:fc:
a7:b4:a9:3b:d6:2f:75:a0:32:1f:2d:a0:d3:26:f7:
86:19:1b:df:94:68:68:8b:78:a8:75:51:04:68:39:
59:c7:95:68:7c:de:46:73:54:bf:17:60:ea:48:6e:
6b:76:51:d4:52:e1:36:25:7a:1b:8b:9a:44:de:e2:
74:06:bf:dd:9b:95:38:37:39:99:b4:7f:12:1b:28:
ac:c7:9b:61:28:6c:e5:bb:a6:cf:40:af:6a:f0:93:
26:06:df:ba:1a:aa:16:07:8f:de:7a:47:59:61:06:
0f:1a:aa:83:95:35:29:43:f4:b7:84:47:81:7a:8e:
27:c6:5b:ef:95:4a:36:ca:46:7a:cd:11:20:22:44:
1a:38:ca:9c:4e:d4:c6:15:b3:a0:d0:0a:d9:80:b2:
83:79:63:6c:e1:a1:d8:20:e7:5f:e4:3b:95:00:0a:
03:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:5F:23:AD:FD:26:C9:64:B2:64:71:2E:B0:86:7A:72:69:D0:69:F1
X509v3 Authority Key Identifier:
keyid:D3:62:4E:90:8C:74:98:FD:B6:13:54:27:53:EF:56:C7:5C:D7:04:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02JOkIx0mP22E1QnU-9Wx1zXBL0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/42ef1b-10c7-4dac-9c13-6450f1841122/1/_l8jrf0myWSyZHEusIZ6cmnQafE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/42ef1b-10c7-4dac-9c13-6450f1841122/1/02JOkIx0mP22E1QnU-9Wx1zXBL0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.84.0/22
62.106.0.0-62.106.47.255
185.158.72.0/22
IPv6:
2a03:c80::/32
Signature Algorithm: sha256WithRSAEncryption
12:06:f7:56:a1:21:94:1e:b0:71:a5:99:11:f0:a8:94:4c:49:
00:29:21:c7:82:98:44:db:7b:11:15:6a:38:45:6d:3f:e0:e9:
4a:c7:03:11:16:9f:77:87:88:cb:17:a0:32:d9:05:ae:3f:30:
ff:37:81:bb:5b:5e:54:c4:2c:46:ab:e6:8e:2c:06:30:9f:ac:
31:ce:b4:9f:b1:95:d3:0d:b5:b5:a8:dd:73:c4:4e:9b:2f:b5:
6f:0c:9e:71:a7:79:de:d9:9b:74:15:2f:95:ca:c7:7a:8d:e4:
94:91:62:a9:e4:5f:1b:af:bf:4f:e7:eb:5c:b3:32:87:0d:f2:
4d:a6:0b:57:48:ba:90:2c:d6:1f:35:69:4b:2f:72:22:5d:cf:
a3:98:14:09:58:79:5f:be:85:72:26:fb:2c:38:54:94:c4:01:
0f:26:36:98:be:32:81:0b:02:d5:84:83:28:39:b1:a0:21:1a:
31:ba:36:5f:6d:7c:bd:69:03:9e:28:18:4b:fb:cd:d4:c9:23:
c8:19:fa:e4:3d:46:ec:50:55:d2:63:12:21:e0:68:e5:28:e5:
a8:aa:88:8f:f2:23:b5:b1:91:76:d9:17:ca:46:21:ab:c9:e6:
4f:5b:5d:fe:5c:4a:65:dc:cd:7b:a0:a6:7b:88:6a:a0:b3:c8:
94:3f:7d:67
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQiIA0lDf+0GQdknDbqhuaIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjI0ZTkwOGM3NDk4ZmRiNjEzNTQyNzUzZWY1NmM3NWNk
NzA0YmQwHhcNMjUwMTAxMTM0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTVmMjNhZGZkMjZjOTY0YjI2NDcxMmViMDg2N2E3MjY5ZDA2OWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTyroCcv/yIr529OgFF8tN2oDhIl
ABKuyIH5PCEgqMtnVQoFkJeA0gF1pUwBLen2YqjqZNzT2QDCj2mjA/ykfVxKrxt3
6jEPuHPnBtF8neEfMiwSurRF+/yntKk71i91oDIfLaDTJveGGRvflGhoi3iodVEE
aDlZx5VofN5Gc1S/F2DqSG5rdlHUUuE2JXobi5pE3uJ0Br/dm5U4NzmZtH8SGyis
x5thKGzlu6bPQK9q8JMmBt+6GqoWB4/eekdZYQYPGqqDlTUpQ/S3hEeBeo4nxlvv
lUo2ykZ6zREgIkQaOMqcTtTGFbOg0ArZgLKDeWNs4aHYIOdf5DuVAAoD9QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFP5fI639JslksmRxLrCGenJp0GnxMB8GA1UdIwQY
MBaAFNNiTpCMdJj9thNUJ1PvVsdc1wS9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJKT2tJeDBtUDIyRTFRblUtOVd4MXpYQkwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC80MmVmMWItMTBjNy00ZGFjLTljMTMt
NjQ1MGYxODQxMTIyLzEvX2w4anJmMG15V1N5WkhFdXNJWjZjbW5RYWZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC80MmVmMWItMTBjNy00ZGFjLTljMTMtNjQ1MGYxODQxMTIy
LzEvMDJKT2tJeDBtUDIyRTFRblUtOVd4MXpYQkwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAfBAIAATAZAwQCLQtUMAsD
AwE+agMEBD5qIAMEArmeSDANBAIAAjAHAwUAKgMMgDANBgkqhkiG9w0BAQsFAAOC
AQEAEgb3VqEhlB6wcaWZEfColExJACkhx4KYRNt7ERVqOEVtP+DpSscDERafd4eI
yxegMtkFrj8w/zeBu1teVMQsRqvmjiwGMJ+sMc60n7GV0w21tajdc8ROmy+1bwye
cad53tmbdBUvlcrHeo3klJFiqeRfG6+/T+frXLMyhw3yTaYLV0i6kCzWHzVpSy9y
Il3Po5gUCVh5X76Fcib7LDhUlMQBDyY2mL4ygQsC1YSDKDmxoCEaMbo2X218vWkD
nigYS/vN1MkjyBn65D1G7FBV0mMSIeBo5SjlqKqIj/IjtbGRdtkXykYhq8nmT1td
/lxKZdzNe6Cme4hqoLPIlD99Zw==
-----END CERTIFICATE-----
Generated at Tue Apr 15 15:01:41 2025 by rpki-client