Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/rv0HJGYG9SC_MlVo7JV_YCZ5T3k.roa
File: rv0HJGYG9SC_MlVo7JV_YCZ5T3k.roa (raw, json)
Hash identifier: 4MNj4x7Z8N+aXanzKMSyGgjOV1VeA27oDElfQnJ+Zco=
Subject key identifier: AE:FD:07:24:66:06:F5:20:BF:32:55:68:EC:95:7F:60:26:79:4F:79
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 01965B454D92320AB283328797523C454DD0
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/rv0HJGYG9SC_MlVo7JV_YCZ5T3k.roa
Signing time: Tue 22 Apr 2025 02:13:10 +0000
ROA not before: Tue 22 Apr 2025 02:13:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 141718
IP address blocks: 45.155.90.0/24 maxlen: 24
45.155.226.0/24 maxlen: 24
45.156.222.0/24 maxlen: 24
45.156.223.0/24 maxlen: 24
103.211.103.0/24 maxlen: 24
185.233.17.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.mft
rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5b:45:4d:92:32:0a:b2:83:32:87:97:52:3c:45:4d:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Apr 22 02:13:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aefd07246606f520bf325568ec957f6026794f79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b5:57:bc:0f:67:47:61:5f:07:28:0c:c0:e3:
3e:d8:cf:e2:d5:f3:d0:01:1b:0e:0a:b8:e0:81:07:
20:43:15:fd:db:1f:5e:36:b7:13:d5:1d:62:33:b1:
dd:37:f7:c5:b0:61:46:1a:fc:fb:0e:65:66:42:61:
dc:e3:a9:68:ae:83:7b:f0:82:37:15:5a:d5:16:4c:
b4:88:bc:42:fe:9d:d4:f2:de:91:91:d2:46:b4:22:
48:a0:05:8b:25:33:37:7e:77:df:22:67:0a:dd:d3:
aa:29:a9:15:71:82:8d:13:4c:80:0c:ef:a1:9d:94:
ba:f0:ee:fc:5e:f0:7d:5e:60:7e:c6:9c:81:7d:c8:
d4:23:cc:6d:92:60:d4:fb:5d:e5:fd:ce:50:ba:c0:
00:76:60:aa:84:a3:17:c1:3f:a7:48:f5:e4:97:4d:
a2:05:45:7f:42:1f:fd:7e:7f:00:ca:32:1f:20:b5:
02:4e:fa:1b:94:5d:71:9d:bf:c2:1b:2b:e9:5a:6a:
b9:49:a4:60:44:57:7f:58:dd:51:19:0a:4b:fb:fa:
2d:90:22:30:72:62:78:f8:27:96:93:46:f3:99:65:
53:e3:aa:21:97:99:70:b6:51:b4:6a:d7:1b:2f:d7:
0d:a3:70:9f:85:6a:d5:d9:38:09:15:cf:79:1f:4f:
51:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:FD:07:24:66:06:F5:20:BF:32:55:68:EC:95:7F:60:26:79:4F:79
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/rv0HJGYG9SC_MlVo7JV_YCZ5T3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.90.0/24
45.155.226.0/24
45.156.222.0/23
103.211.103.0/24
185.233.17.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:82:2a:51:54:95:f1:96:00:30:6f:8f:36:79:32:8d:df:fb:
8b:09:f4:ab:ad:0b:0e:56:67:3b:c7:53:8c:6d:49:8e:e9:cb:
67:fe:24:b3:cb:89:f6:22:0c:75:76:7d:55:2c:61:bb:38:09:
63:79:24:09:0f:74:f7:c3:3b:83:79:32:52:3c:82:df:5d:db:
fd:7d:c0:37:82:b2:85:a9:a3:39:ba:ff:c5:21:c6:2e:87:3c:
da:0f:46:54:91:2e:1e:2a:81:97:a1:d3:5b:17:d4:5d:cd:8a:
5a:7b:07:b6:80:0d:04:6a:48:22:03:7e:60:e3:41:bb:ac:d1:
da:b9:1a:1b:57:ec:52:ff:86:14:73:c7:5a:ff:63:01:0a:58:
a7:a3:d4:bb:10:9f:b0:54:cc:ae:5e:c6:2e:0d:51:7e:ee:48:
96:8f:ae:08:07:4a:68:d6:ef:32:a4:77:4e:08:12:54:96:c4:
81:a9:5f:04:30:14:0d:50:da:d6:8f:b9:f3:29:c9:18:63:aa:
88:26:66:74:75:c6:2f:b3:ba:b3:56:40:3c:fa:51:31:12:21:
9e:6b:7d:35:3a:b8:d3:c8:02:06:b0:65:31:7c:89:32:b2:4c:
e6:ee:8f:1c:9f:61:dc:ea:16:d8:f0:c2:ce:74:12:b0:e4:1f:
4b:ad:ac:ae
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZZbRU2SMgqygzKHl1I8RU3QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjUwNDIyMDIxMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWZkMDcyNDY2MDZmNTIwYmYzMjU1NjhlYzk1N2Y2MDI2Nzk0Zjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbVXvA9nR2FfBygMwOM+2M/i1fPQ
ARsOCrjggQcgQxX92x9eNrcT1R1iM7HdN/fFsGFGGvz7DmVmQmHc46loroN78II3
FVrVFky0iLxC/p3U8t6RkdJGtCJIoAWLJTM3fnffImcK3dOqKakVcYKNE0yADO+h
nZS68O78XvB9XmB+xpyBfcjUI8xtkmDU+13l/c5QusAAdmCqhKMXwT+nSPXkl02i
BUV/Qh/9fn8AyjIfILUCTvoblF1xnb/CGyvpWmq5SaRgRFd/WN1RGQpL+/otkCIw
cmJ4+CeWk0bzmWVT46ohl5lwtlG0atcbL9cNo3CfhWrV2TgJFc95H09R0wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFK79ByRmBvUgvzJVaOyVf2AmeU95MB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvcnYwSEpHWUc5U0NfTWxWbzdKVl9ZQ1o1VDNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALZtaAwQA
LZviAwQBLZzeAwQAZ9NnAwQAuekRMA0GCSqGSIb3DQEBCwUAA4IBAQCfgipRVJXx
lgAwb482eTKN3/uLCfSrrQsOVmc7x1OMbUmO6ctn/iSzy4n2Igx1dn1VLGG7OAlj
eSQJD3T3wzuDeTJSPILfXdv9fcA3grKFqaM5uv/FIcYuhzzaD0ZUkS4eKoGXodNb
F9RdzYpaewe2gA0EakgiA35g40G7rNHauRobV+xS/4YUc8da/2MBClino9S7EJ+w
VMyuXsYuDVF+7kiWj64IB0po1u8ypHdOCBJUlsSBqV8EMBQNUNrWj7nzKckYY6qI
JmZ0dcYvs7qzVkA8+lExEiGea301OrjTyAIGsGUxfIkyskzm7o8cn2Hc6hbY8MLO
dBKw5B9Lrayu
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:27:49 2025 by rpki-client