Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/1693bf-6d40-469c-b056-5a8457121a0b/1/IFYqWjpdJxRaG3uyQLqw79JLTGo.roa
File: IFYqWjpdJxRaG3uyQLqw79JLTGo.roa (raw, json)
Hash identifier: alQatZzeYH3fzwBxC+QNB+5aLjO5V+OfKBsHgM/Tlv8=
Subject key identifier: 20:56:2A:5A:3A:5D:27:14:5A:1B:7B:B2:40:BA:B0:EF:D2:4B:4C:6A
Certificate issuer: /CN=3d12d11c9a203d5e7c8263edf54447e3b7358b7f
Certificate serial: 019425FCBA8D935785A8CAAE5DFC3C83DF91
Authority key identifier: 3D:12:D1:1C:9A:20:3D:5E:7C:82:63:ED:F5:44:47:E3:B7:35:8B:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PRLRHJogPV58gmPt9URH47c1i38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/1693bf-6d40-469c-b056-5a8457121a0b/1/IFYqWjpdJxRaG3uyQLqw79JLTGo.roa
Signing time: Thu 02 Jan 2025 07:48:27 +0000
ROA not before: Thu 02 Jan 2025 07:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25591
IP address blocks: 45.84.60.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/1693bf-6d40-469c-b056-5a8457121a0b/1/PRLRHJogPV58gmPt9URH47c1i38.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/1693bf-6d40-469c-b056-5a8457121a0b/1/PRLRHJogPV58gmPt9URH47c1i38.mft
rsync://rpki.ripe.net/repository/DEFAULT/PRLRHJogPV58gmPt9URH47c1i38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 04:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:ba:8d:93:57:85:a8:ca:ae:5d:fc:3c:83:df:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d12d11c9a203d5e7c8263edf54447e3b7358b7f
Validity
Not Before: Jan 2 07:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20562a5a3a5d27145a1b7bb240bab0efd24b4c6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:8d:b9:b2:27:79:2c:32:6f:fb:56:72:dc:9c:
a9:83:a3:44:08:fe:a7:a6:27:e2:bf:e6:5d:3c:c3:
e7:17:a6:3e:56:eb:79:f7:c9:e7:66:ae:ef:41:50:
df:e2:55:a1:1b:ef:47:ba:47:b6:b9:2f:0b:ed:70:
2a:a4:26:dc:05:ab:22:28:b7:26:17:ba:cd:83:86:
91:be:1b:33:43:eb:7b:db:92:4b:4c:06:bb:0f:6a:
2b:cb:9b:97:18:0b:34:8c:48:88:62:e7:05:8d:97:
8d:ba:ac:1e:fc:42:3d:3e:3b:20:f5:65:0c:5a:b9:
56:2c:f8:4c:24:61:b4:31:ca:b0:f0:00:02:8a:57:
78:9c:39:4c:0d:c7:af:24:b0:e6:68:67:83:bb:bc:
cb:6a:14:03:4e:5d:a8:b6:8a:45:62:51:b9:94:7b:
b9:4a:99:18:37:be:e5:a5:3f:09:b0:53:e0:d0:4f:
9c:db:75:97:84:1c:ab:4a:b8:ad:19:5e:8c:c2:70:
6c:8c:41:48:a1:4c:61:6b:d5:06:89:89:34:84:44:
ec:60:93:91:3b:da:58:1a:96:1f:4b:71:41:4f:f7:
c7:9f:2f:3d:9a:2f:1a:79:c9:5a:3c:bf:86:32:2b:
7f:2d:26:5e:31:b3:cb:84:41:09:f3:24:4e:33:af:
b5:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:56:2A:5A:3A:5D:27:14:5A:1B:7B:B2:40:BA:B0:EF:D2:4B:4C:6A
X509v3 Authority Key Identifier:
keyid:3D:12:D1:1C:9A:20:3D:5E:7C:82:63:ED:F5:44:47:E3:B7:35:8B:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PRLRHJogPV58gmPt9URH47c1i38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/1693bf-6d40-469c-b056-5a8457121a0b/1/IFYqWjpdJxRaG3uyQLqw79JLTGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/1693bf-6d40-469c-b056-5a8457121a0b/1/PRLRHJogPV58gmPt9URH47c1i38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.60.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:73:19:dc:12:55:7e:67:90:b2:da:dc:62:31:ae:a2:ae:9f:
a1:b8:b1:ba:c0:43:26:1e:9f:d7:7f:6b:16:d5:40:05:86:1b:
c7:c0:f4:92:b5:8e:12:83:1f:6b:f3:0c:fb:23:aa:a0:11:41:
3f:9b:3b:6c:25:e5:80:73:1e:04:b5:00:85:4d:9b:aa:e6:21:
e5:e7:8a:5c:a3:fa:d8:91:bc:02:e8:41:05:15:f5:ad:b6:55:
a2:b7:21:8a:e1:43:35:b0:5b:3a:f4:d2:58:62:be:29:10:f3:
dc:e8:d8:19:3c:59:7f:8e:7a:a6:a4:5e:23:3a:8d:17:9d:a8:
23:53:14:3c:38:cc:d8:6f:75:4c:de:99:60:a1:52:99:66:20:
f7:1c:14:09:e7:d0:08:46:9a:de:ce:12:83:a8:42:d4:e1:95:
c9:3b:48:22:a4:e2:ab:bd:48:94:12:b4:60:9d:52:ac:e8:6d:
8b:0a:6f:8d:6d:52:b5:38:32:17:18:c3:3f:d5:2b:12:78:57:
1c:f0:7c:72:a5:2b:f8:2d:74:d8:83:67:81:9c:ea:77:81:42:
f7:fe:b9:e2:81:a2:2c:a0:7c:de:88:8f:2e:94:cb:02:fc:3c:
89:6d:03:f4:3e:02:1f:e7:3c:75:76:a9:e8:2b:b6:15:62:09:
81:08:b8:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/LqNk1eFqMquXfw8g9+RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMTJkMTFjOWEyMDNkNWU3YzgyNjNlZGY1NDQ0N2UzYjcz
NThiN2YwHhcNMjUwMTAyMDc0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDU2MmE1YTNhNWQyNzE0NWExYjdiYjI0MGJhYjBlZmQyNGI0YzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Y25sid5LDJv+1Zy3Jypg6NECP6n
pifiv+ZdPMPnF6Y+Vut598nnZq7vQVDf4lWhG+9Huke2uS8L7XAqpCbcBasiKLcm
F7rNg4aRvhszQ+t725JLTAa7D2ory5uXGAs0jEiIYucFjZeNuqwe/EI9Pjsg9WUM
WrlWLPhMJGG0Mcqw8AACild4nDlMDcevJLDmaGeDu7zLahQDTl2otopFYlG5lHu5
SpkYN77lpT8JsFPg0E+c23WXhByrSritGV6MwnBsjEFIoUxha9UGiYk0hETsYJOR
O9pYGpYfS3FBT/fHny89mi8aeclaPL+GMit/LSZeMbPLhEEJ8yROM6+1nwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCBWKlo6XScUWht7skC6sO/SS0xqMB8GA1UdIwQY
MBaAFD0S0RyaID1efIJj7fVER+O3NYt/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFJMUkhKb2dQVjU4Z21QdDlVUkg0N2MxaTM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8xNjkzYmYtNmQ0MC00NjljLWIwNTYt
NWE4NDU3MTIxYTBiLzEvSUZZcVdqcGRKeFJhRzN1eVFMcXc3OUpMVEdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8xNjkzYmYtNmQ0MC00NjljLWIwNTYtNWE4NDU3MTIxYTBi
LzEvUFJMUkhKb2dQVjU4Z21QdDlVUkg0N2MxaTM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVQ8MA0G
CSqGSIb3DQEBCwUAA4IBAQBqcxncElV+Z5Cy2txiMa6irp+huLG6wEMmHp/Xf2sW
1UAFhhvHwPSStY4Sgx9r8wz7I6qgEUE/mztsJeWAcx4EtQCFTZuq5iHl54pco/rY
kbwC6EEFFfWttlWityGK4UM1sFs69NJYYr4pEPPc6NgZPFl/jnqmpF4jOo0Xnagj
UxQ8OMzYb3VM3plgoVKZZiD3HBQJ59AIRprezhKDqELU4ZXJO0gipOKrvUiUErRg
nVKs6G2LCm+NbVK1ODIXGMM/1SsSeFcc8HxypSv4LXTYg2eBnOp3gUL3/rnigaIs
oHzeiI8ulMsC/DyJbQP0PgIf5zx1dqnoK7YVYgmBCLjg
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:04:31 2025 by rpki-client