Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/n2RHtL-CU9otjO1yQwBptv89dVs.roa
File: n2RHtL-CU9otjO1yQwBptv89dVs.roa (raw, json)
Hash identifier: cDXkL76j5pmJaZo4nD5IUqXbLLMgJaocy5vsopbqkYo=
Subject key identifier: 9F:64:47:B4:BF:82:53:DA:2D:8C:ED:72:43:00:69:B6:FF:3D:75:5B
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 01963DED660DDAAD13051E035BEC937E551F
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/n2RHtL-CU9otjO1yQwBptv89dVs.roa
Signing time: Wed 16 Apr 2025 09:28:10 +0000
ROA not before: Wed 16 Apr 2025 09:28:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48646
IP address blocks: 45.152.124.0/24 maxlen: 24
194.5.99.0/24 maxlen: 24
2a0f:5707:aac0::/44 maxlen: 44
2a0f:5707:ac80::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.mft
rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 05:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3d:ed:66:0d:da:ad:13:05:1e:03:5b:ec:93:7e:55:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Apr 16 09:28:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f6447b4bf8253da2d8ced72430069b6ff3d755b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:27:3c:5d:14:ff:63:5f:cd:66:d8:e5:e0:4c:
b5:ef:fc:3b:23:0d:f6:4c:a5:75:5c:93:3d:a7:db:
aa:78:e0:a9:db:0d:ba:cc:fc:79:f8:e9:a0:5d:1f:
c2:73:ba:95:aa:37:43:29:5e:1f:67:69:ee:e0:e1:
0c:1b:06:47:92:cc:cb:04:bc:7f:b0:a1:a2:03:89:
f2:21:96:18:38:1a:3f:ac:23:b5:34:df:8f:0a:f6:
69:c0:62:88:b1:df:f0:48:5d:e0:9a:6a:2e:54:7e:
ed:7c:db:bc:28:43:57:d9:e3:b3:14:8e:8a:a4:1f:
fc:8e:79:5a:d0:ab:b0:5c:cd:45:b7:49:fd:3e:e6:
c6:b4:88:14:c8:4a:9e:08:0c:0a:f1:ff:41:04:6d:
d8:77:ab:fb:03:92:cf:4d:34:3e:ae:f5:00:6f:6e:
04:fe:6a:3f:43:bf:9b:b7:8b:73:32:a2:c6:46:a8:
82:3d:8b:a3:18:56:f2:e7:49:f1:5b:b8:ab:9b:f4:
a2:ee:d8:26:d6:7f:9f:f4:68:87:f5:95:3f:5f:57:
c0:bf:a1:98:b7:b6:7f:22:0c:3b:9f:4b:4c:e9:c7:
6c:ec:c7:3e:8e:88:41:bd:11:9f:85:71:2d:09:84:
5a:b4:54:ab:8f:95:62:7b:0e:99:cc:2f:ff:68:fd:
15:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:64:47:B4:BF:82:53:DA:2D:8C:ED:72:43:00:69:B6:FF:3D:75:5B
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/n2RHtL-CU9otjO1yQwBptv89dVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.124.0/24
194.5.99.0/24
IPv6:
2a0f:5707:aac0::/44
2a0f:5707:ac80::/44
Signature Algorithm: sha256WithRSAEncryption
99:50:69:30:d4:25:26:af:9f:10:ea:5a:c7:f5:38:cd:8a:af:
3b:03:17:be:23:8b:33:70:2c:8b:2b:fd:64:06:dc:34:14:10:
a1:bc:cf:97:1e:a3:dc:d6:4d:4d:59:82:df:6b:44:e3:4f:05:
10:a6:03:a0:d5:0d:c7:e6:68:e9:e1:c6:4d:66:2c:8b:f6:86:
67:ea:18:d7:0e:53:95:56:94:a1:3d:0c:6a:6d:1e:02:47:4a:
8b:ab:0e:15:44:14:85:cb:4f:ce:50:5e:00:d9:57:4c:a1:47:
2a:cd:b1:0e:86:1e:e6:db:54:ce:11:8d:5b:6f:49:89:3c:37:
f4:54:aa:4c:56:a8:9d:49:76:27:74:b6:82:9d:c0:0e:1d:78:
bf:3a:7a:4e:47:08:b7:c4:c0:31:58:33:8e:fb:8c:2a:a5:80:
ae:49:bf:f2:18:09:42:10:25:9d:3f:e5:5c:aa:52:fe:01:90:
9e:7f:98:d6:b2:08:21:75:38:ae:07:48:14:28:fd:cd:45:36:
e1:95:82:0a:5b:de:41:3b:df:16:eb:48:6c:1f:8a:4d:ef:04:
c5:db:93:97:a0:40:17:c5:84:8a:83:d3:5a:ff:00:bf:44:b2:
87:ee:2b:c5:9d:84:a8:cc:44:22:2a:bf:3f:c3:f0:0e:d2:5c:
e2:6c:31:b0
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZY97WYN2q0TBR4DW+yTflUfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjUwNDE2MDkyODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjY0NDdiNGJmODI1M2RhMmQ4Y2VkNzI0MzAwNjliNmZmM2Q3NTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyc8XRT/Y1/NZtjl4Ey17/w7Iw32
TKV1XJM9p9uqeOCp2w26zPx5+OmgXR/Cc7qVqjdDKV4fZ2nu4OEMGwZHkszLBLx/
sKGiA4nyIZYYOBo/rCO1NN+PCvZpwGKIsd/wSF3gmmouVH7tfNu8KENX2eOzFI6K
pB/8jnla0KuwXM1Ft0n9PubGtIgUyEqeCAwK8f9BBG3Yd6v7A5LPTTQ+rvUAb24E
/mo/Q7+bt4tzMqLGRqiCPYujGFby50nxW7irm/Si7tgm1n+f9GiH9ZU/X1fAv6GY
t7Z/Igw7n0tM6cds7Mc+johBvRGfhXEtCYRatFSrj5View6ZzC//aP0VpwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJ9kR7S/glPaLYztckMAabb/PXVbMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvbjJSSHRMLUNVOW90ak8xeVF3QnB0djg5ZFZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQALZh8AwQA
wgVjMBgEAgACMBIDBwQqD1cHqsADBwQqD1cHrIAwDQYJKoZIhvcNAQELBQADggEB
AJlQaTDUJSavnxDqWsf1OM2KrzsDF74jizNwLIsr/WQG3DQUEKG8z5ceo9zWTU1Z
gt9rRONPBRCmA6DVDcfmaOnhxk1mLIv2hmfqGNcOU5VWlKE9DGptHgJHSourDhVE
FIXLT85QXgDZV0yhRyrNsQ6GHubbVM4RjVtvSYk8N/RUqkxWqJ1Jdid0toKdwA4d
eL86ek5HCLfEwDFYM477jCqlgK5Jv/IYCUIQJZ0/5VyqUv4BkJ5/mNayCCF1OK4H
SBQo/c1FNuGVggpb3kE73xbrSGwfik3vBMXbk5egQBfFhIqD01r/AL9EsofuK8Wd
hKjMRCIqvz/D8A7SXOJsMbA=
-----END CERTIFICATE-----
Generated at Sun Apr 27 15:36:21 2025 by rpki-client