Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/KG0ELDyPHSkIQS-mg9gLAsQapjw.roa
File: KG0ELDyPHSkIQS-mg9gLAsQapjw.roa (raw, json)
Hash identifier: e+EZSd1IAWr6lFOaOhHRn/7FSXywEXsdZ12xJvEd9no=
Subject key identifier: 28:6D:04:2C:3C:8F:1D:29:08:41:2F:A6:83:D8:0B:02:C4:1A:A6:3C
Certificate issuer: /CN=e84df52af460ca6fa8c923a49f5cb795ea6707f7
Certificate serial: 019425221E1BB356EA903938A4A8ABA4489C
Authority key identifier: E8:4D:F5:2A:F4:60:CA:6F:A8:C9:23:A4:9F:5C:B7:95:EA:67:07:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6E31KvRgym-oySOkn1y3lepnB_c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/KG0ELDyPHSkIQS-mg9gLAsQapjw.roa
Signing time: Thu 02 Jan 2025 03:49:40 +0000
ROA not before: Thu 02 Jan 2025 03:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208520
IP address blocks: 45.94.14.0/24 maxlen: 24
45.94.15.0/24 maxlen: 24
2001:1497:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/6E31KvRgym-oySOkn1y3lepnB_c.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/6E31KvRgym-oySOkn1y3lepnB_c.mft
rsync://rpki.ripe.net/repository/DEFAULT/6E31KvRgym-oySOkn1y3lepnB_c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 21:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:1e:1b:b3:56:ea:90:39:38:a4:a8:ab:a4:48:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e84df52af460ca6fa8c923a49f5cb795ea6707f7
Validity
Not Before: Jan 2 03:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=286d042c3c8f1d2908412fa683d80b02c41aa63c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:42:c2:46:b0:b2:8d:b4:c0:41:d9:28:b4:76:
73:07:dd:0f:ae:f9:bd:bd:02:3b:ea:3e:89:12:17:
c9:e4:99:4a:69:2d:59:73:a1:8b:7e:97:66:f4:90:
95:65:0b:af:ae:bc:6f:b3:7a:ff:3b:cb:3c:92:6b:
75:28:8e:98:4f:24:57:6e:f0:1a:49:10:89:2c:85:
60:ad:d2:0d:62:3a:61:23:b2:6f:05:7c:17:bc:91:
a1:51:67:03:39:9e:50:92:ee:ef:19:0b:60:2a:e0:
14:4a:4c:32:19:d2:43:f2:31:25:aa:41:b1:a1:45:
ef:f0:e8:9c:96:e1:ec:20:82:83:69:5a:b0:de:29:
8d:45:cf:a8:f1:73:b9:1f:cd:f1:2b:45:05:96:1d:
82:1d:db:2d:9d:de:e2:e3:d0:75:68:f4:11:b8:14:
16:34:e0:2b:4d:ba:8a:38:f5:2b:28:2a:c7:20:8a:
95:0f:0e:a0:30:df:f3:f2:11:88:ca:83:68:d3:bd:
97:dd:b0:5a:fd:5c:96:0f:63:00:3b:56:1b:f7:d4:
9c:11:5c:b6:25:27:d7:b8:80:74:34:0d:d0:2d:96:
87:44:90:00:17:ec:7d:61:22:1a:8e:c2:13:22:7b:
07:a0:20:ea:d7:e6:12:dd:f0:07:0c:80:7e:1c:a6:
4e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:6D:04:2C:3C:8F:1D:29:08:41:2F:A6:83:D8:0B:02:C4:1A:A6:3C
X509v3 Authority Key Identifier:
keyid:E8:4D:F5:2A:F4:60:CA:6F:A8:C9:23:A4:9F:5C:B7:95:EA:67:07:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6E31KvRgym-oySOkn1y3lepnB_c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/KG0ELDyPHSkIQS-mg9gLAsQapjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/6E31KvRgym-oySOkn1y3lepnB_c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.14.0/23
IPv6:
2001:1497:2::/48
Signature Algorithm: sha256WithRSAEncryption
0b:2a:fb:15:79:36:f6:32:8f:98:a6:d2:27:56:55:a0:92:fe:
bc:59:80:7c:19:94:b8:15:c6:2e:cf:91:c6:7e:a7:81:49:55:
60:ce:f1:16:fb:ce:7c:71:a3:18:18:3f:9e:0a:1a:1b:40:99:
a0:3e:ab:38:e6:58:91:75:a7:4b:77:b0:66:2c:4b:c9:2e:2d:
32:15:99:12:79:3d:2e:2f:25:c1:b3:9e:a1:5a:bd:8b:b8:e0:
aa:c3:75:bf:b5:41:42:8c:b9:0a:1d:f2:4f:4b:0a:39:a2:f4:
49:5d:cc:bd:f0:de:03:2d:d6:34:18:ad:73:7d:b5:97:0a:9f:
29:25:a1:8f:9b:55:5b:ba:97:31:11:ec:b4:aa:0c:f1:39:5c:
8f:f3:03:ab:35:8b:6f:60:da:41:cf:cb:92:06:b6:1c:a8:3e:
a3:8f:3a:85:6f:9f:d2:b2:2b:9f:86:21:da:15:68:8c:9e:8a:
14:b9:28:b7:17:34:55:86:cd:b4:db:52:0c:b0:45:ea:38:8c:
5f:74:69:70:72:8c:87:e9:5e:28:61:92:f2:2b:11:6a:70:79:
50:19:43:70:f6:2b:4b:10:5a:c4:d3:f5:40:a5:d1:0a:8f:1f:
f1:6a:a9:9e:ce:fd:da:70:d8:4c:6a:53:6e:07:f1:20:b0:67:
04:fd:a1:26
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQlIh4bs1bqkDk4pKirpEicMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NGRmNTJhZjQ2MGNhNmZhOGM5MjNhNDlmNWNiNzk1ZWE2
NzA3ZjcwHhcNMjUwMTAyMDM0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODZkMDQyYzNjOGYxZDI5MDg0MTJmYTY4M2Q4MGIwMmM0MWFhNjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuULCRrCyjbTAQdkotHZzB90Prvm9
vQI76j6JEhfJ5JlKaS1Zc6GLfpdm9JCVZQuvrrxvs3r/O8s8kmt1KI6YTyRXbvAa
SRCJLIVgrdINYjphI7JvBXwXvJGhUWcDOZ5Qku7vGQtgKuAUSkwyGdJD8jElqkGx
oUXv8OicluHsIIKDaVqw3imNRc+o8XO5H83xK0UFlh2CHdstnd7i49B1aPQRuBQW
NOArTbqKOPUrKCrHIIqVDw6gMN/z8hGIyoNo072X3bBa/VyWD2MAO1Yb99ScEVy2
JSfXuIB0NA3QLZaHRJAAF+x9YSIajsITInsHoCDq1+YS3fAHDIB+HKZOWQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFChtBCw8jx0pCEEvpoPYCwLEGqY8MB8GA1UdIwQY
MBaAFOhN9Sr0YMpvqMkjpJ9ct5XqZwf3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkUzMUt2Umd5bS1veVNPa24xeTNsZXBuQl9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iZTY5MmItNzkzMi00NTU0LThjMTUt
OTRjMmZkYTM5ZWFkLzEvS0cwRUxEeVBIU2tJUVMtbWc5Z0xBc1FhcGp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iZTY5MmItNzkzMi00NTU0LThjMTUtOTRjMmZkYTM5ZWFk
LzEvNkUzMUt2Umd5bS1veVNPa24xeTNsZXBuQl9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBLV4OMA8E
AgACMAkDBwAgARSXAAIwDQYJKoZIhvcNAQELBQADggEBAAsq+xV5NvYyj5im0idW
VaCS/rxZgHwZlLgVxi7PkcZ+p4FJVWDO8Rb7znxxoxgYP54KGhtAmaA+qzjmWJF1
p0t3sGYsS8kuLTIVmRJ5PS4vJcGznqFavYu44KrDdb+1QUKMuQod8k9LCjmi9Eld
zL3w3gMt1jQYrXN9tZcKnykloY+bVVu6lzER7LSqDPE5XI/zA6s1i29g2kHPy5IG
thyoPqOPOoVvn9KyK5+GIdoVaIyeihS5KLcXNFWGzbTbUgywReo4jF90aXByjIfp
XihhkvIrEWpweVAZQ3D2K0sQWsTT9UCl0QqPH/FqqZ7O/dpw2ExqU24H8SCwZwT9
oSY=
-----END CERTIFICATE-----
Generated at Wed Apr 9 05:48:14 2025 by rpki-client