Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/aW05ZSlfTB8ioD6Oil22uZMSK2g.roa
File: aW05ZSlfTB8ioD6Oil22uZMSK2g.roa (raw, json)
Hash identifier: iVb2/aNTW22Ew6+G7UumHgob5aDKdgpDjm9XiUoChKc=
Subject key identifier: 69:6D:39:65:29:5F:4C:1F:22:A0:3E:8E:8A:5D:B6:B9:93:12:2B:68
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 01966B59838FFA282125FA9DCA4244F80CC9
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/aW05ZSlfTB8ioD6Oil22uZMSK2g.roa
Signing time: Fri 25 Apr 2025 05:09:10 +0000
ROA not before: Fri 25 Apr 2025 05:09:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 45.138.12.0/22 maxlen: 22
91.132.160.0/22 maxlen: 22
193.135.151.0/24 maxlen: 24
193.135.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.mft
rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 09:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6b:59:83:8f:fa:28:21:25:fa:9d:ca:42:44:f8:0c:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Apr 25 05:09:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=696d3965295f4c1f22a03e8e8a5db6b993122b68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:5f:fe:4a:ce:3f:32:9f:83:40:fc:89:2b:72:
b5:52:73:53:37:d6:72:93:c5:bd:2a:a6:a5:73:88:
5d:22:0f:79:7d:08:8a:1b:5e:24:9e:c3:1a:af:1a:
54:75:db:21:42:2b:e0:f1:b1:36:f2:2a:9c:c7:a1:
65:73:c9:c9:a3:45:ba:d7:5b:56:e4:ce:9a:46:82:
d8:2d:12:69:3f:89:c2:5f:a5:ca:4b:01:3a:ae:68:
c0:4f:71:c4:57:dc:41:14:a8:c0:85:be:f0:f1:4b:
97:f4:ca:33:14:f9:1c:1f:90:97:63:ac:57:bd:f6:
ea:71:96:61:ca:13:c3:73:2a:91:0d:31:d7:fc:44:
26:67:30:eb:2b:a8:be:f1:43:d1:51:a6:ec:4f:26:
ae:70:23:25:2d:48:d8:17:fa:70:c2:a2:95:19:0f:
b1:92:53:c2:7a:5f:38:00:ab:aa:8c:9f:81:c2:c5:
56:66:6b:90:ae:c0:0c:7a:a8:0a:0b:2b:36:fc:2f:
94:a6:a3:65:92:fe:2b:1e:0c:13:a5:09:d2:a6:ea:
12:87:f1:ca:e6:03:a7:50:3b:80:46:9b:38:c2:98:
04:f3:1f:92:9a:c0:f6:ad:01:87:8e:3f:b9:4d:08:
95:c9:f0:c8:31:4d:36:0a:99:1e:f6:7c:c8:d3:31:
3c:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:6D:39:65:29:5F:4C:1F:22:A0:3E:8E:8A:5D:B6:B9:93:12:2B:68
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/aW05ZSlfTB8ioD6Oil22uZMSK2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.12.0/22
91.132.160.0/22
193.135.151.0/24
193.135.157.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:6c:f3:1a:93:cb:b0:a2:31:0a:42:0a:48:1a:d1:ea:76:56:
d6:76:68:1b:94:c4:e2:0e:b8:96:7c:d9:59:b1:c2:80:23:f2:
27:50:61:61:41:da:57:e1:8a:11:0b:9d:ba:dd:b0:de:4f:2a:
52:f3:03:01:9f:72:ff:82:1c:ea:5a:43:4e:ae:29:d1:20:f3:
1c:d5:b8:da:78:b3:3a:cf:ba:1c:74:83:64:3e:6f:86:08:10:
3f:c3:13:7b:62:4b:2a:f9:be:11:e7:02:69:24:12:9a:2d:c8:
79:b0:7c:58:54:d8:93:73:c2:d5:38:84:34:a9:0c:61:39:11:
6b:10:db:e8:7b:37:48:51:74:c7:fe:0d:7e:64:fa:9e:b2:f4:
ca:82:e8:16:ba:d6:28:4d:86:87:9b:21:a8:84:86:9d:cb:3b:
a1:dd:68:8d:cf:c3:af:99:f2:10:c8:46:38:fd:c1:19:15:88:
b2:de:85:17:07:53:b7:19:f5:77:ea:7e:df:d7:50:75:d7:a6:
9c:db:57:a3:41:bc:59:b1:20:95:75:14:a6:05:f9:3f:42:da:
aa:cf:83:ab:ab:c9:21:89:63:de:00:54:57:61:8a:9c:96:29:
e7:4d:db:c0:9a:b0:27:f3:8b:e9:df:c9:32:a9:0f:60:5a:97:
35:12:79:43
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZZrWYOP+ighJfqdykJE+AzJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjUwNDI1MDUwOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTZkMzk2NTI5NWY0YzFmMjJhMDNlOGU4YTVkYjZiOTkzMTIyYjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvV/+Ss4/Mp+DQPyJK3K1UnNTN9Zy
k8W9Kqalc4hdIg95fQiKG14knsMarxpUddshQivg8bE28iqcx6Flc8nJo0W611tW
5M6aRoLYLRJpP4nCX6XKSwE6rmjAT3HEV9xBFKjAhb7w8UuX9MozFPkcH5CXY6xX
vfbqcZZhyhPDcyqRDTHX/EQmZzDrK6i+8UPRUabsTyaucCMlLUjYF/pwwqKVGQ+x
klPCel84AKuqjJ+BwsVWZmuQrsAMeqgKCys2/C+UpqNlkv4rHgwTpQnSpuoSh/HK
5gOnUDuARps4wpgE8x+SmsD2rQGHjj+5TQiVyfDIMU02Cpke9nzI0zE8HwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGltOWUpX0wfIqA+jopdtrmTEitoMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvYVcwNVpTbGZUQjhpb0Q2T2lsMjJ1Wk1TSzJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLYoMAwQC
W4SgAwQAwYeXAwQAwYedMA0GCSqGSIb3DQEBCwUAA4IBAQA/bPMak8uwojEKQgpI
GtHqdlbWdmgblMTiDriWfNlZscKAI/InUGFhQdpX4YoRC5263bDeTypS8wMBn3L/
ghzqWkNOrinRIPMc1bjaeLM6z7ocdINkPm+GCBA/wxN7Yksq+b4R5wJpJBKaLch5
sHxYVNiTc8LVOIQ0qQxhORFrENvoezdIUXTH/g1+ZPqesvTKgugWutYoTYaHmyGo
hIadyzuh3WiNz8OvmfIQyEY4/cEZFYiy3oUXB1O3GfV36n7f11B116ac21ejQbxZ
sSCVdRSmBfk/Qtqqz4Orq8khiWPeAFRXYYqclinnTdvAmrAn84vp38kyqQ9gWpc1
EnlD
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:20:32 2025 by rpki-client