Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/O4DnjMJxaB_pFWQmCkxEqVmtSEE.roa
File: O4DnjMJxaB_pFWQmCkxEqVmtSEE.roa (raw, json)
Hash identifier: Q4by4xiYnixZCX5hEAZAkvk6E0p484+oatGMnccjr6w=
Subject key identifier: 3B:80:E7:8C:C2:71:68:1F:E9:15:64:26:0A:4C:44:A9:59:AD:48:41
Certificate issuer: /CN=b2c0bdafadea78dce312f862ddf42b1bd4c4f645
Certificate serial: 0196476B357A0AD204592778EFD85CAA724D
Authority key identifier: B2:C0:BD:AF:AD:EA:78:DC:E3:12:F8:62:DD:F4:2B:1B:D4:C4:F6:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ssC9r63qeNzjEvhi3fQrG9TE9kU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/O4DnjMJxaB_pFWQmCkxEqVmtSEE.roa
Signing time: Fri 18 Apr 2025 05:42:10 +0000
ROA not before: Fri 18 Apr 2025 05:42:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212193
IP address blocks: 45.94.6.0/24 maxlen: 24
45.156.28.0/24 maxlen: 24
45.156.29.0/24 maxlen: 24
194.29.55.0/24 maxlen: 24
2a10:9f80::/29 maxlen: 48
2a11:4bc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/ssC9r63qeNzjEvhi3fQrG9TE9kU.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/ssC9r63qeNzjEvhi3fQrG9TE9kU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ssC9r63qeNzjEvhi3fQrG9TE9kU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 08:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:47:6b:35:7a:0a:d2:04:59:27:78:ef:d8:5c:aa:72:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2c0bdafadea78dce312f862ddf42b1bd4c4f645
Validity
Not Before: Apr 18 05:42:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b80e78cc271681fe91564260a4c44a959ad4841
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:a4:e0:40:f9:d4:29:a5:e9:ed:78:ce:02:54:
ac:10:db:6e:14:37:5e:47:44:ab:81:3b:5b:59:9c:
24:13:19:4b:1b:24:95:74:51:ed:10:05:ce:e9:de:
8a:4e:8c:ba:b4:e0:ce:17:a4:5f:ce:ce:72:1a:67:
69:ab:07:94:a1:08:0b:4c:ac:91:07:74:40:cc:eb:
3b:4e:ee:2d:0a:00:57:dd:25:2f:07:b1:7d:9c:34:
e3:6b:f0:94:1f:36:3e:d5:ff:04:d5:39:8f:b4:d4:
23:78:1a:11:94:42:3d:9d:23:3f:95:82:0f:c7:d5:
3b:2f:30:81:40:bb:65:e3:e2:37:b3:4a:84:5f:6d:
e0:0c:5b:e3:cd:9e:9b:7d:4a:ed:94:ed:cf:4c:42:
ce:37:6e:5c:e5:b0:ae:e9:3e:eb:fd:d1:26:1c:dc:
8f:50:fa:85:16:6f:3f:12:c1:63:97:0a:3a:d0:5b:
9d:07:92:a1:5a:07:27:3d:d5:d4:d0:6c:38:5c:b6:
83:1e:96:61:46:52:5e:b5:e9:2e:76:91:7a:12:6a:
9c:be:9b:6c:dc:90:06:df:ee:51:ec:27:61:cd:77:
79:50:5a:6e:9b:c5:bd:1e:25:cd:48:8f:d4:56:0f:
e0:e7:f0:23:1c:76:8e:c3:47:f3:37:da:e7:5d:c6:
73:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:80:E7:8C:C2:71:68:1F:E9:15:64:26:0A:4C:44:A9:59:AD:48:41
X509v3 Authority Key Identifier:
keyid:B2:C0:BD:AF:AD:EA:78:DC:E3:12:F8:62:DD:F4:2B:1B:D4:C4:F6:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ssC9r63qeNzjEvhi3fQrG9TE9kU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/O4DnjMJxaB_pFWQmCkxEqVmtSEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/1f3712-cf2c-486e-95b3-fcc336eed8d7/1/ssC9r63qeNzjEvhi3fQrG9TE9kU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.6.0/24
45.156.28.0/23
194.29.55.0/24
IPv6:
2a10:9f80::/29
2a11:4bc0::/29
Signature Algorithm: sha256WithRSAEncryption
44:38:a5:63:f9:4a:96:e7:47:b7:c9:73:c8:9a:5b:d2:02:80:
77:ba:e2:30:01:c4:d7:51:54:e7:6c:03:09:d6:76:2d:24:9f:
20:64:63:20:7a:f0:ac:17:35:bc:1b:be:80:ad:4a:79:a8:33:
65:59:14:c2:dd:07:e8:c0:3e:95:63:bd:2d:16:0d:09:2c:d0:
a9:87:d8:cd:ae:01:42:0a:86:58:ba:43:67:cb:4c:d2:dc:a5:
c3:01:1b:56:5e:d0:fd:dd:50:2c:9c:83:ca:eb:9e:9b:a6:8d:
e0:d8:99:34:4e:fc:8b:17:44:6b:30:87:3b:8d:8b:6d:9c:9e:
ba:e1:9d:80:ee:60:0b:d7:3e:56:1f:5b:0f:fa:e9:e5:c4:4c:
f8:bc:bd:73:b7:ba:6f:9b:2a:e0:e8:22:4e:fe:9a:3c:bb:93:
e9:94:1d:65:90:e5:a0:39:2a:a0:c7:c9:be:1d:27:21:06:ea:
df:0e:b2:db:7c:16:72:52:55:fd:84:02:4a:72:86:23:d0:37:
88:85:8b:f9:5a:c4:0e:1f:c9:b6:33:e6:10:ac:25:7d:b7:d9:
27:ab:cc:41:83:56:3b:43:2f:b4:99:db:7e:ab:75:31:a5:5f:
85:a4:5c:0b:f1:a7:80:29:56:01:56:8d:a3:1a:d6:24:cf:53:
39:12:f2:9d
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZZHazV6CtIEWSd479hcqnJNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYzBiZGFmYWRlYTc4ZGNlMzEyZjg2MmRkZjQyYjFiZDRj
NGY2NDUwHhcNMjUwNDE4MDU0MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjgwZTc4Y2MyNzE2ODFmZTkxNTY0MjYwYTRjNDRhOTU5YWQ0ODQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5KTgQPnUKaXp7XjOAlSsENtuFDde
R0SrgTtbWZwkExlLGySVdFHtEAXO6d6KToy6tODOF6Rfzs5yGmdpqweUoQgLTKyR
B3RAzOs7Tu4tCgBX3SUvB7F9nDTja/CUHzY+1f8E1TmPtNQjeBoRlEI9nSM/lYIP
x9U7LzCBQLtl4+I3s0qEX23gDFvjzZ6bfUrtlO3PTELON25c5bCu6T7r/dEmHNyP
UPqFFm8/EsFjlwo60FudB5KhWgcnPdXU0Gw4XLaDHpZhRlJetekudpF6Emqcvpts
3JAG3+5R7CdhzXd5UFpum8W9HiXNSI/UVg/g5/AjHHaOw0fzN9rnXcZztQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFDuA54zCcWgf6RVkJgpMRKlZrUhBMB8GA1UdIwQY
MBaAFLLAva+t6njc4xL4Yt30KxvUxPZFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3NDOXI2M3FlTnpqRXZoaTNmUXJHOVRFOWtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8xZjM3MTItY2YyYy00ODZlLTk1YjMt
ZmNjMzM2ZWVkOGQ3LzEvTzREbmpNSnhhQl9wRldRbUNreEVxVm10U0VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8xZjM3MTItY2YyYy00ODZlLTk1YjMtZmNjMzM2ZWVkOGQ3
LzEvc3NDOXI2M3FlTnpqRXZoaTNmUXJHOVRFOWtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQALV4GAwQB
LZwcAwQAwh03MBQEAgACMA4DBQMqEJ+AAwUDKhFLwDANBgkqhkiG9w0BAQsFAAOC
AQEARDilY/lKludHt8lzyJpb0gKAd7riMAHE11FU52wDCdZ2LSSfIGRjIHrwrBc1
vBu+gK1KeagzZVkUwt0H6MA+lWO9LRYNCSzQqYfYza4BQgqGWLpDZ8tM0tylwwEb
Vl7Q/d1QLJyDyuuem6aN4NiZNE78ixdEazCHO42LbZyeuuGdgO5gC9c+Vh9bD/rp
5cRM+Ly9c7e6b5sq4OgiTv6aPLuT6ZQdZZDloDkqoMfJvh0nIQbq3w6y23wWclJV
/YQCSnKGI9A3iIWL+VrEDh/JtjPmEKwlfbfZJ6vMQYNWO0MvtJnbfqt1MaVfhaRc
C/GngClWAVaNoxrWJM9TORLynQ==
-----END CERTIFICATE-----
Generated at Mon Apr 28 16:55:41 2025 by rpki-client