Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dJg5j9rEPcDMMf2G4LW0L__1s6E.roa
File: dJg5j9rEPcDMMf2G4LW0L__1s6E.roa (raw, json)
Hash identifier: mkCrxPmgA/m8rejxiNHWFOAo88wli1cAey0wJa2i160=
Subject key identifier: 74:98:39:8F:DA:C4:3D:C0:CC:31:FD:86:E0:B5:B4:2F:FF:F5:B3:A1
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01965C7457AA4FFA7485236B3A001C7342F7
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dJg5j9rEPcDMMf2G4LW0L__1s6E.roa
Signing time: Tue 22 Apr 2025 07:44:10 +0000
ROA not before: Tue 22 Apr 2025 07:44:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 45.88.88.0/24 maxlen: 24
45.151.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 01 May 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5c:74:57:aa:4f:fa:74:85:23:6b:3a:00:1c:73:42:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 22 07:44:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7498398fdac43dc0cc31fd86e0b5b42ffff5b3a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4f:17:73:62:73:09:a8:67:52:41:59:57:9d:
a5:65:02:1a:a2:8b:08:04:9e:04:4c:f9:57:d5:90:
21:40:57:7e:d6:90:d4:b9:a4:b8:5d:52:d0:1a:b1:
c5:5d:78:90:64:ea:0c:fa:49:51:89:7d:8a:6e:d4:
7d:a8:01:c5:a0:eb:68:63:0d:0c:4e:fa:2e:4e:cf:
10:74:21:a8:1c:b3:be:4b:e0:f3:f8:80:f5:a9:0b:
21:6f:10:31:92:f5:66:83:ea:f5:4d:95:3d:68:d6:
38:e1:fc:23:1a:15:67:61:04:e2:53:b7:c4:15:a1:
5d:7a:4c:d8:0a:6b:7a:07:85:fe:9f:57:91:85:52:
22:d4:d9:a9:70:2f:24:93:4d:82:2e:a0:b9:ff:e5:
4c:a2:0c:99:45:09:a8:98:56:cf:e4:fd:d2:28:d2:
27:77:2c:57:92:81:fb:14:a5:0a:3b:d8:3e:fb:4f:
da:50:17:28:4f:b1:e9:af:9c:3a:e8:ff:19:ca:59:
7d:90:8f:57:8f:ff:57:08:d0:38:b3:0c:87:3e:6e:
58:c1:6b:28:2b:23:41:9f:dc:7d:53:0c:c8:6e:bd:
cc:0a:26:91:66:a3:dd:c0:e1:80:61:3e:3f:f6:51:
91:ce:2b:c2:2c:4f:68:35:09:35:6e:7a:b3:b8:8e:
07:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:98:39:8F:DA:C4:3D:C0:CC:31:FD:86:E0:B5:B4:2F:FF:F5:B3:A1
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dJg5j9rEPcDMMf2G4LW0L__1s6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.88.0/24
45.151.91.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:11:e7:df:5c:32:85:c1:31:8f:ef:93:98:34:a9:d2:70:75:
98:9b:c2:7b:17:03:f1:7b:03:e6:94:29:bb:78:96:19:b4:4c:
59:70:19:23:41:47:e2:ea:c5:4c:18:bb:39:7a:fb:78:18:74:
8d:2f:5b:20:59:22:50:33:46:d2:20:18:24:94:84:10:39:cb:
cb:95:55:0d:d9:8c:38:f4:b7:44:2a:54:5e:a0:3e:05:91:09:
ba:66:6b:05:99:52:23:4d:19:e2:63:ff:7a:ed:2a:46:24:d9:
8f:c8:04:22:15:da:2e:cc:dd:ab:dd:e2:f8:db:39:3e:6e:57:
ce:14:83:ab:a0:03:2b:b5:d4:0c:24:e4:f4:92:d4:fe:46:10:
d9:21:a5:7e:ae:1a:45:b2:89:d0:9a:6b:9d:9d:1d:36:2b:23:
91:02:1c:c2:ee:45:43:cb:be:18:a9:ac:89:5f:77:a0:b0:a7:
6e:fe:50:5a:5e:e8:f0:4e:e9:bf:21:4d:50:a8:0e:c9:ef:d6:
a2:1c:39:76:2f:51:3e:53:d8:83:72:ed:85:a0:11:93:a5:56:
5a:37:9d:65:5a:b0:00:cc:c6:52:6a:ea:f8:51:15:3f:73:99:
e7:a3:1c:fa:67:16:b3:3e:c7:a6:5f:2a:5b:d0:79:b2:87:87:
d4:9b:85:0f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZZcdFeqT/p0hSNrOgAcc0L3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNDIyMDc0NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDk4Mzk4ZmRhYzQzZGMwY2MzMWZkODZlMGI1YjQyZmZmZjViM2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtE8Xc2JzCahnUkFZV52lZQIaoosI
BJ4ETPlX1ZAhQFd+1pDUuaS4XVLQGrHFXXiQZOoM+klRiX2KbtR9qAHFoOtoYw0M
TvouTs8QdCGoHLO+S+Dz+ID1qQshbxAxkvVmg+r1TZU9aNY44fwjGhVnYQTiU7fE
FaFdekzYCmt6B4X+n1eRhVIi1NmpcC8kk02CLqC5/+VMogyZRQmomFbP5P3SKNIn
dyxXkoH7FKUKO9g++0/aUBcoT7Hpr5w66P8Zyll9kI9Xj/9XCNA4swyHPm5YwWso
KyNBn9x9UwzIbr3MCiaRZqPdwOGAYT4/9lGRzivCLE9oNQk1bnqzuI4HJQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHSYOY/axD3AzDH9huC1tC//9bOhMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZEpnNWo5ckVQY0RNTWYyRzRMVzBMX18xczZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVhYAwQA
LZdbMA0GCSqGSIb3DQEBCwUAA4IBAQA6EeffXDKFwTGP75OYNKnScHWYm8J7FwPx
ewPmlCm7eJYZtExZcBkjQUfi6sVMGLs5evt4GHSNL1sgWSJQM0bSIBgklIQQOcvL
lVUN2Yw49LdEKlReoD4FkQm6ZmsFmVIjTRniY/967SpGJNmPyAQiFdouzN2r3eL4
2zk+blfOFIOroAMrtdQMJOT0ktT+RhDZIaV+rhpFsonQmmudnR02KyORAhzC7kVD
y74YqayJX3egsKdu/lBaXujwTum/IU1QqA7J79aiHDl2L1E+U9iDcu2FoBGTpVZa
N51lWrAAzMZSaur4URU/c5nnoxz6ZxazPsemXypb0Hmyh4fUm4UP
-----END CERTIFICATE-----
Generated at Wed Apr 30 07:16:22 2025 by rpki-client