Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/45oKWJWNSoyMzWD0Kk8sRqagqHc.roa
File: 45oKWJWNSoyMzWD0Kk8sRqagqHc.roa (raw, json)
Hash identifier: ZRiap7KBK/6F7WwTwhZKaIQBo6dyCPRAgO2PzUDFBBs=
Subject key identifier: E3:9A:0A:58:95:8D:4A:8C:8C:CD:60:F4:2A:4F:2C:46:A6:A0:A8:77
Certificate issuer: /CN=a85310f503137ae8b35d4f329f46f069dd703815
Certificate serial: 0194221FA7C7ACF542672A026B1E2B46D66A
Authority key identifier: A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/45oKWJWNSoyMzWD0Kk8sRqagqHc.roa
Signing time: Wed 01 Jan 2025 13:48:07 +0000
ROA not before: Wed 01 Jan 2025 13:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206961
IP address blocks: 185.165.124.0/22 maxlen: 24
185.197.140.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.mft
rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 04:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:a7:c7:ac:f5:42:67:2a:02:6b:1e:2b:46:d6:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a85310f503137ae8b35d4f329f46f069dd703815
Validity
Not Before: Jan 1 13:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e39a0a58958d4a8c8ccd60f42a4f2c46a6a0a877
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:31:46:43:49:bc:20:ce:01:2f:16:a4:1d:c0:
a4:f8:c5:9e:5e:c4:d0:7c:6c:47:2c:95:dc:ae:61:
40:fb:1e:1a:2f:88:e6:16:da:1a:e0:b4:ea:82:a0:
6a:8f:f8:59:a0:92:da:ef:7e:7d:2f:d4:35:15:1a:
06:7e:5a:42:93:00:22:1c:2f:58:e3:d0:14:e3:1e:
ed:0c:c6:e9:d1:25:bc:9c:16:59:aa:de:98:52:d3:
68:d3:99:06:d6:f6:75:53:50:05:b6:ba:7d:0d:e5:
ca:cd:b5:d4:a3:51:42:66:b1:86:25:32:a3:23:6d:
36:c7:e0:8e:f7:3b:96:8d:65:60:db:59:44:5a:6c:
e8:fb:93:8f:f9:63:bb:5b:ef:b9:ad:be:64:39:7c:
45:61:fd:52:84:e4:fd:c9:73:1f:2d:1f:6f:ff:69:
5e:58:d3:c9:dc:c8:10:2e:80:2b:a6:a7:d6:aa:2e:
24:9d:57:36:0a:11:67:c9:e5:76:f2:55:ae:71:4c:
1a:de:b9:98:63:49:8d:f8:62:40:48:7a:5f:5e:21:
b5:16:55:10:61:6c:50:48:c8:16:d6:c7:9d:2d:d2:
52:87:67:db:b6:48:83:93:3b:fb:49:48:42:3c:b6:
d8:62:b6:b3:c5:18:bb:a0:03:98:47:8f:49:96:1c:
2f:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:9A:0A:58:95:8D:4A:8C:8C:CD:60:F4:2A:4F:2C:46:A6:A0:A8:77
X509v3 Authority Key Identifier:
keyid:A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/45oKWJWNSoyMzWD0Kk8sRqagqHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.124.0/22
185.197.140.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:cd:9e:94:de:a8:dd:e6:a6:1e:91:1c:c2:65:29:63:07:57:
7c:c8:dc:2e:32:49:1d:0b:7f:69:02:15:41:f5:ce:b8:7a:7a:
c0:c2:ff:58:d3:26:15:ec:39:6f:d7:8b:0d:da:3f:f9:a6:64:
9f:dc:dc:1e:7e:98:ef:6b:8c:db:3f:1d:ab:1e:0f:ce:0e:fc:
ec:ad:a3:2f:b4:63:7c:5a:0d:2a:af:af:f0:1b:19:8c:6c:70:
52:b8:9d:9a:70:30:80:03:97:93:46:ad:9b:24:db:1a:fa:cb:
64:d7:d2:59:a9:4b:67:35:c3:0b:1b:2c:c7:42:dd:7c:33:d4:
56:57:19:d3:c9:28:89:0e:1d:03:12:bf:b3:6f:db:9d:ce:bc:
f2:aa:d4:c9:50:8b:76:a5:7e:de:2c:ba:b8:46:6f:41:41:ba:
be:cb:83:39:fd:9f:24:0b:66:5e:d0:fe:7b:ff:b7:89:4a:24:
c0:d9:ba:61:3c:82:32:eb:8b:f3:5c:de:ef:00:c0:67:80:18:
78:aa:a2:b4:dc:d9:15:bf:25:4b:ee:c1:a5:18:86:ac:cb:75:
eb:9c:a1:9d:20:b7:38:e1:93:e2:8e:6b:57:cb:0d:50:52:13:
a7:92:ae:16:84:f4:d9:3c:d5:86:46:84:5c:f1:6e:13:ef:6b:
5c:94:36:4c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiH6fHrPVCZyoCax4rRtZqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NTMxMGY1MDMxMzdhZThiMzVkNGYzMjlmNDZmMDY5ZGQ3
MDM4MTUwHhcNMjUwMTAxMTM0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzlhMGE1ODk1OGQ0YThjOGNjZDYwZjQyYTRmMmM0NmE2YTBhODc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6DFGQ0m8IM4BLxakHcCk+MWeXsTQ
fGxHLJXcrmFA+x4aL4jmFtoa4LTqgqBqj/hZoJLa7359L9Q1FRoGflpCkwAiHC9Y
49AU4x7tDMbp0SW8nBZZqt6YUtNo05kG1vZ1U1AFtrp9DeXKzbXUo1FCZrGGJTKj
I202x+CO9zuWjWVg21lEWmzo+5OP+WO7W++5rb5kOXxFYf1ShOT9yXMfLR9v/2le
WNPJ3MgQLoArpqfWqi4knVc2ChFnyeV28lWucUwa3rmYY0mN+GJASHpfXiG1FlUQ
YWxQSMgW1sedLdJSh2fbtkiDkzv7SUhCPLbYYrazxRi7oAOYR49JlhwvCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOOaCliVjUqMjM1g9CpPLEamoKh3MB8GA1UdIwQY
MBaAFKhTEPUDE3ros11PMp9G8GndcDgVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYt
MzAxODlhNWE0ZWJhLzEvNDVvS1dKV05Tb3lNeldEMEtrOHNScWFncUhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYtMzAxODlhNWE0ZWJh
LzEvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuaV8AwQC
ucWMMA0GCSqGSIb3DQEBCwUAA4IBAQBfzZ6U3qjd5qYekRzCZSljB1d8yNwuMkkd
C39pAhVB9c64enrAwv9Y0yYV7Dlv14sN2j/5pmSf3Nwefpjva4zbPx2rHg/ODvzs
raMvtGN8Wg0qr6/wGxmMbHBSuJ2acDCAA5eTRq2bJNsa+stk19JZqUtnNcMLGyzH
Qt18M9RWVxnTySiJDh0DEr+zb9udzrzyqtTJUIt2pX7eLLq4Rm9BQbq+y4M5/Z8k
C2Ze0P57/7eJSiTA2bphPIIy64vzXN7vAMBngBh4qqK03NkVvyVL7sGlGIasy3Xr
nKGdILc44ZPijmtXyw1QUhOnkq4WhPTZPNWGRoRc8W4T72tclDZM
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:08:34 2025 by rpki-client