Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/b69bba-7200-4f52-b631-fe0a658d9ded/1/DYGgwKgBr-X-UJNWrHRoiByEE0k.roa
File: DYGgwKgBr-X-UJNWrHRoiByEE0k.roa (raw, json)
Hash identifier: 0UcPzEKGR92DACoKDDn5wkyZ0r0HCl4oapCFAXQREB8=
Subject key identifier: 0D:81:A0:C0:A8:01:AF:E5:FE:50:93:56:AC:74:68:88:1C:84:13:49
Certificate issuer: /CN=f1bd02ea44a9bee35b63d1ab3e25b14f19a35a55
Certificate serial: 0194228D9C816EECC33540B35E11236B66FA
Authority key identifier: F1:BD:02:EA:44:A9:BE:E3:5B:63:D1:AB:3E:25:B1:4F:19:A3:5A:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8b0C6kSpvuNbY9GrPiWxTxmjWlU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/b69bba-7200-4f52-b631-fe0a658d9ded/1/DYGgwKgBr-X-UJNWrHRoiByEE0k.roa
Signing time: Wed 01 Jan 2025 15:48:13 +0000
ROA not before: Wed 01 Jan 2025 15:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36007
IP address blocks: 45.147.250.0/24 maxlen: 24
45.147.251.0/24 maxlen: 24
113.30.148.0/24 maxlen: 24
113.30.149.0/24 maxlen: 24
113.30.150.0/24 maxlen: 24
113.30.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/b69bba-7200-4f52-b631-fe0a658d9ded/1/8b0C6kSpvuNbY9GrPiWxTxmjWlU.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/b69bba-7200-4f52-b631-fe0a658d9ded/1/8b0C6kSpvuNbY9GrPiWxTxmjWlU.mft
rsync://rpki.ripe.net/repository/DEFAULT/8b0C6kSpvuNbY9GrPiWxTxmjWlU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 20:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:9c:81:6e:ec:c3:35:40:b3:5e:11:23:6b:66:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1bd02ea44a9bee35b63d1ab3e25b14f19a35a55
Validity
Not Before: Jan 1 15:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d81a0c0a801afe5fe509356ac7468881c841349
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:8e:34:21:2f:6b:c2:bf:b0:67:57:89:76:cf:
ff:9a:a4:b8:c7:b0:b3:cd:5c:af:5b:16:d0:a2:2d:
c2:62:5e:b1:55:ab:1c:f1:bb:2f:1d:4b:6c:34:69:
7f:c3:e1:e4:0c:db:ba:03:fb:c9:95:8b:59:84:ff:
dd:2c:9a:78:51:60:9e:9e:ea:45:27:ba:79:8c:1c:
7e:fe:5b:4f:8c:b7:d1:da:a2:54:b9:30:71:b2:19:
87:78:bb:e4:1e:a7:c5:78:d4:f0:9d:e3:c8:b6:1a:
9d:9a:5e:d4:31:04:f4:20:75:25:ed:b5:55:cb:21:
72:c7:65:e1:44:3d:cc:9e:6d:4a:c7:94:5a:60:03:
2c:96:98:2b:f6:ae:48:70:11:07:cb:10:f5:ca:d0:
ae:e1:2e:f1:8e:d9:f8:5d:51:86:7c:aa:00:b7:c9:
7c:00:bb:03:4b:a9:6c:5e:2f:30:e1:fd:4a:95:1b:
cb:a1:8a:46:0e:56:dd:89:77:4f:e8:c9:76:b9:45:
4b:af:4b:bc:bc:dd:77:68:39:e6:f7:f4:d7:35:cc:
76:30:e4:31:ca:9f:27:5f:76:1e:22:71:18:2c:ae:
2b:2b:34:78:4d:72:e2:9a:f5:5c:e7:ab:e8:76:14:
16:9a:77:79:27:f1:ce:06:58:75:90:e2:65:06:34:
43:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:81:A0:C0:A8:01:AF:E5:FE:50:93:56:AC:74:68:88:1C:84:13:49
X509v3 Authority Key Identifier:
keyid:F1:BD:02:EA:44:A9:BE:E3:5B:63:D1:AB:3E:25:B1:4F:19:A3:5A:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b0C6kSpvuNbY9GrPiWxTxmjWlU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/b69bba-7200-4f52-b631-fe0a658d9ded/1/DYGgwKgBr-X-UJNWrHRoiByEE0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/b69bba-7200-4f52-b631-fe0a658d9ded/1/8b0C6kSpvuNbY9GrPiWxTxmjWlU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.250.0/23
113.30.148.0/22
Signature Algorithm: sha256WithRSAEncryption
43:19:72:15:50:46:75:4d:19:00:28:e7:05:35:0f:10:a0:9d:
63:09:ce:58:a9:c4:bf:08:f0:db:01:03:45:90:bd:4a:73:61:
75:07:f1:4a:cd:e4:52:88:fb:cc:a0:5c:8a:0b:e4:d7:0a:1a:
de:c9:f7:a7:c1:88:60:40:ea:98:2e:86:d2:c3:4b:91:c2:94:
6b:ae:45:1e:78:5d:1f:23:b9:c6:de:68:13:17:2d:91:a2:4f:
19:a9:07:60:99:bc:24:2d:e5:92:9e:fd:6d:96:9c:9c:be:9d:
06:66:24:e2:bb:c5:44:50:9c:4c:de:23:ff:b2:6e:4c:a5:8d:
5c:a3:1e:c7:88:a7:63:a9:bb:b5:09:ae:88:92:b5:ec:4f:8a:
44:fd:a6:bd:e2:c9:e7:20:06:0f:77:85:57:65:2a:b4:ca:90:
82:6d:9b:5f:f1:3f:c8:77:37:43:57:49:ce:bb:1c:8d:9b:c9:
f3:3d:fb:9d:75:86:94:83:28:3e:82:aa:24:47:af:57:7b:83:
da:9c:1b:b3:58:e8:d0:e5:b8:40:45:90:2f:7b:07:ec:79:f0:
b0:ad:c8:8c:43:0e:ae:a6:23:eb:62:2f:5f:61:a6:99:f2:02:
e3:17:34:b9:71:8f:d0:3c:ae:fa:bd:05:99:32:49:53:1b:aa:
ff:fb:5c:00
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQijZyBbuzDNUCzXhEja2b6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxYmQwMmVhNDRhOWJlZTM1YjYzZDFhYjNlMjViMTRmMTlh
MzVhNTUwHhcNMjUwMTAxMTU0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDgxYTBjMGE4MDFhZmU1ZmU1MDkzNTZhYzc0Njg4ODFjODQxMzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkI40IS9rwr+wZ1eJds//mqS4x7Cz
zVyvWxbQoi3CYl6xVasc8bsvHUtsNGl/w+HkDNu6A/vJlYtZhP/dLJp4UWCenupF
J7p5jBx+/ltPjLfR2qJUuTBxshmHeLvkHqfFeNTwnePIthqdml7UMQT0IHUl7bVV
yyFyx2XhRD3Mnm1Kx5RaYAMslpgr9q5IcBEHyxD1ytCu4S7xjtn4XVGGfKoAt8l8
ALsDS6lsXi8w4f1KlRvLoYpGDlbdiXdP6Ml2uUVLr0u8vN13aDnm9/TXNcx2MOQx
yp8nX3YeInEYLK4rKzR4TXLimvVc56vodhQWmnd5J/HOBlh1kOJlBjRDDQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA2BoMCoAa/l/lCTVqx0aIgchBNJMB8GA1UdIwQY
MBaAFPG9AupEqb7jW2PRqz4lsU8Zo1pVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGIwQzZrU3B2dU5iWTlHclBpV3hUeG1qV2xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9iNjliYmEtNzIwMC00ZjUyLWI2MzEt
ZmUwYTY1OGQ5ZGVkLzEvRFlHZ3dLZ0JyLVgtVUpOV3JIUm9pQnlFRTBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9iNjliYmEtNzIwMC00ZjUyLWI2MzEtZmUwYTY1OGQ5ZGVk
LzEvOGIwQzZrU3B2dU5iWTlHclBpV3hUeG1qV2xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLZP6AwQC
cR6UMA0GCSqGSIb3DQEBCwUAA4IBAQBDGXIVUEZ1TRkAKOcFNQ8QoJ1jCc5YqcS/
CPDbAQNFkL1Kc2F1B/FKzeRSiPvMoFyKC+TXChreyfenwYhgQOqYLobSw0uRwpRr
rkUeeF0fI7nG3mgTFy2Rok8ZqQdgmbwkLeWSnv1tlpycvp0GZiTiu8VEUJxM3iP/
sm5MpY1cox7HiKdjqbu1Ca6IkrXsT4pE/aa94snnIAYPd4VXZSq0ypCCbZtf8T/I
dzdDV0nOuxyNm8nzPfuddYaUgyg+gqokR69Xe4PanBuzWOjQ5bhARZAvewfsefCw
rciMQw6upiPrYi9fYaaZ8gLjFzS5cY/QPK76vQWZMklTG6r/+1wA
-----END CERTIFICATE-----
Generated at Sun Apr 27 05:13:54 2025 by rpki-client