Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/SehLpw74SFOf8GToYJGtJbUVBmk.roa
File: SehLpw74SFOf8GToYJGtJbUVBmk.roa (raw, json)
Hash identifier: adVA81EUt7qt0QBr1zTq2grJDS9XwvlhZ6I/IOaBsmA=
Subject key identifier: 49:E8:4B:A7:0E:F8:48:53:9F:F0:64:E8:60:91:AD:25:B5:15:06:69
Certificate issuer: /CN=5e8d07b45f7d83124c9f8c0fac03bec02468b37e
Certificate serial: 019638B5A4A0B331B4622D2F5BDD04F7B8BA
Authority key identifier: 5E:8D:07:B4:5F:7D:83:12:4C:9F:8C:0F:AC:03:BE:C0:24:68:B3:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xo0HtF99gxJMn4wPrAO-wCRos34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/SehLpw74SFOf8GToYJGtJbUVBmk.roa
Signing time: Tue 15 Apr 2025 09:09:10 +0000
ROA not before: Tue 15 Apr 2025 09:09:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.15.106.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/Xo0HtF99gxJMn4wPrAO-wCRos34.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/Xo0HtF99gxJMn4wPrAO-wCRos34.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xo0HtF99gxJMn4wPrAO-wCRos34.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 06:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:38:b5:a4:a0:b3:31:b4:62:2d:2f:5b:dd:04:f7:b8:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e8d07b45f7d83124c9f8c0fac03bec02468b37e
Validity
Not Before: Apr 15 09:09:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=49e84ba70ef848539ff064e86091ad25b5150669
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:bf:59:58:0b:8f:08:1e:23:61:37:16:95:01:
db:15:d8:57:ae:dd:7c:63:7c:b7:2e:ca:74:6b:ba:
ed:d5:6e:e4:06:2c:23:57:4d:8c:a6:36:04:b9:8c:
d4:b4:11:ca:ad:2b:05:79:d7:48:1d:2f:f4:87:7e:
02:a8:4c:e9:de:18:e1:a8:4c:42:71:be:2b:e5:ce:
27:7d:fc:2d:89:94:1d:c5:b9:23:32:a1:d9:60:18:
45:c2:58:8c:8c:97:13:fe:31:88:b9:bd:9d:17:84:
7b:16:49:7a:e8:21:22:85:d4:29:54:fb:cd:2d:6e:
8c:24:24:15:aa:d7:e0:cb:3e:c1:e8:46:4d:6f:e5:
d8:36:51:d3:b5:60:75:65:15:fe:49:a7:18:50:9c:
69:ef:9e:fd:29:71:60:19:7b:bb:00:e3:2e:0f:38:
bd:21:56:a9:71:6e:a8:03:40:d2:05:eb:bf:7a:e1:
65:f5:fa:ce:cd:18:f8:66:f7:67:69:72:00:b2:0a:
ce:01:76:2a:d8:2b:bb:8d:ca:1d:ec:fb:7a:5d:c3:
3c:75:b3:91:91:05:ce:97:bf:b3:c7:a6:3b:25:e2:
dc:24:60:40:bc:5e:bb:14:11:ba:a8:60:c6:f0:a8:
35:4c:20:4b:34:25:60:a5:37:07:8e:63:4f:32:0f:
cf:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:E8:4B:A7:0E:F8:48:53:9F:F0:64:E8:60:91:AD:25:B5:15:06:69
X509v3 Authority Key Identifier:
keyid:5E:8D:07:B4:5F:7D:83:12:4C:9F:8C:0F:AC:03:BE:C0:24:68:B3:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xo0HtF99gxJMn4wPrAO-wCRos34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/SehLpw74SFOf8GToYJGtJbUVBmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/Xo0HtF99gxJMn4wPrAO-wCRos34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.106.0/23
Signature Algorithm: sha256WithRSAEncryption
a9:fb:c6:eb:16:93:ab:b4:b0:49:0a:0d:74:4f:c6:41:62:36:
31:a3:b3:c3:ab:b5:6d:a2:f1:cd:58:d2:32:1b:f1:4b:eb:e9:
ca:d2:fb:88:55:ef:bb:28:1c:02:17:cd:97:a3:eb:9e:46:a1:
a9:3f:3e:e4:8e:0a:93:eb:7d:3c:2d:2c:80:b0:54:d0:0f:28:
65:9d:d4:23:2f:87:f1:0b:c5:bc:95:83:b4:a5:e0:f3:5f:f0:
5d:5c:38:ca:43:91:12:66:78:0f:4f:90:e4:a8:3e:7f:34:a9:
33:fd:39:54:10:33:e5:b2:35:7e:53:5d:a9:9e:96:2a:c3:25:
38:85:fd:69:e0:30:9f:8a:50:c8:5d:59:5f:1e:86:3f:37:e4:
c0:ed:c5:e6:ea:1f:df:99:71:2b:a4:23:32:79:3e:a9:e0:ea:
9f:26:89:c6:e0:ab:b4:9c:73:18:c0:a1:43:d8:a9:83:01:ea:
42:7e:c8:17:bc:5e:8c:6a:dd:12:ff:ae:e9:5f:36:e4:96:19:
82:0b:33:77:bd:ed:24:30:d6:1e:44:03:66:7d:1c:4f:ee:56:
7b:87:fe:ee:de:df:29:2f:79:b4:8d:30:76:15:71:2a:60:39:
49:d8:c4:35:2e:3b:bc:e7:98:2a:d6:7b:5d:ba:c0:30:9d:14:
c0:b5:8f:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZY4taSgszG0Yi0vW90E97i6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlOGQwN2I0NWY3ZDgzMTI0YzlmOGMwZmFjMDNiZWMwMjQ2
OGIzN2UwHhcNMjUwNDE1MDkwOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWU4NGJhNzBlZjg0ODUzOWZmMDY0ZTg2MDkxYWQyNWI1MTUwNjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAub9ZWAuPCB4jYTcWlQHbFdhXrt18
Y3y3Lsp0a7rt1W7kBiwjV02MpjYEuYzUtBHKrSsFeddIHS/0h34CqEzp3hjhqExC
cb4r5c4nffwtiZQdxbkjMqHZYBhFwliMjJcT/jGIub2dF4R7Fkl66CEihdQpVPvN
LW6MJCQVqtfgyz7B6EZNb+XYNlHTtWB1ZRX+SacYUJxp7579KXFgGXu7AOMuDzi9
IVapcW6oA0DSBeu/euFl9frOzRj4ZvdnaXIAsgrOAXYq2Cu7jcod7Pt6XcM8dbOR
kQXOl7+zx6Y7JeLcJGBAvF67FBG6qGDG8Kg1TCBLNCVgpTcHjmNPMg/PUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEnoS6cO+EhTn/Bk6GCRrSW1FQZpMB8GA1UdIwQY
MBaAFF6NB7RffYMSTJ+MD6wDvsAkaLN+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG8wSHRGOTlneEpNbjR3UHJBTy13Q1JvczM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9hMTY4ZTktZDA3MC00NGUwLTk0YTQt
NmM4ZmQ4NGJiNWY1LzEvU2VoTHB3NzRTRk9mOEdUb1lKR3RKYlVWQm1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9hMTY4ZTktZDA3MC00NGUwLTk0YTQtNmM4ZmQ4NGJiNWY1
LzEvWG8wSHRGOTlneEpNbjR3UHJBTy13Q1JvczM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLQ9qMA0G
CSqGSIb3DQEBCwUAA4IBAQCp+8brFpOrtLBJCg10T8ZBYjYxo7PDq7VtovHNWNIy
G/FL6+nK0vuIVe+7KBwCF82Xo+ueRqGpPz7kjgqT6308LSyAsFTQDyhlndQjL4fx
C8W8lYO0peDzX/BdXDjKQ5ESZngPT5DkqD5/NKkz/TlUEDPlsjV+U12pnpYqwyU4
hf1p4DCfilDIXVlfHoY/N+TA7cXm6h/fmXErpCMyeT6p4OqfJonG4Ku0nHMYwKFD
2KmDAepCfsgXvF6Mat0S/67pXzbklhmCCzN3ve0kMNYeRANmfRxP7lZ7h/7u3t8p
L3m0jTB2FXEqYDlJ2MQ1Lju855gq1ntdusAwnRTAtY88
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:03:02 2025 by rpki-client