Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/aaadac-4809-4955-ac62-8f9ca0ebccab/1/G1Dy1jIdJhnPg1RR07SyKW4TRdA.roa
File: G1Dy1jIdJhnPg1RR07SyKW4TRdA.roa (raw, json)
Hash identifier: DeuawucuklWfQxVupMFlWsFVrFr6ThqGmaVCsW6hwCg=
Subject key identifier: 1B:50:F2:D6:32:1D:26:19:CF:83:54:51:D3:B4:B2:29:6E:13:45:D0
Certificate issuer: /CN=b1cdc26d44eaf85654481e9581043e14887765b4
Certificate serial: 0196B5AC004971D5CD97A383F96E32FCC3AC
Authority key identifier: B1:CD:C2:6D:44:EA:F8:56:54:48:1E:95:81:04:3E:14:88:77:65:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sc3CbUTq-FZUSB6VgQQ-FIh3ZbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/aaadac-4809-4955-ac62-8f9ca0ebccab/1/G1Dy1jIdJhnPg1RR07SyKW4TRdA.roa
Signing time: Fri 09 May 2025 15:31:10 +0000
ROA not before: Fri 09 May 2025 15:31:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208854
IP address blocks: 45.140.180.0/22 maxlen: 22
45.140.180.0/24 maxlen: 24
2a0e:c5c0::/32 maxlen: 32
2a0e:c5c1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/aaadac-4809-4955-ac62-8f9ca0ebccab/1/sc3CbUTq-FZUSB6VgQQ-FIh3ZbQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/aaadac-4809-4955-ac62-8f9ca0ebccab/1/sc3CbUTq-FZUSB6VgQQ-FIh3ZbQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/sc3CbUTq-FZUSB6VgQQ-FIh3ZbQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b5:ac:00:49:71:d5:cd:97:a3:83:f9:6e:32:fc:c3:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1cdc26d44eaf85654481e9581043e14887765b4
Validity
Not Before: May 9 15:31:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b50f2d6321d2619cf835451d3b4b2296e1345d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1e:ca:e9:96:98:6f:63:e9:ff:8c:7c:02:1b:
66:7c:22:8f:ea:fa:bb:01:36:09:ac:57:1a:d4:53:
9c:e0:96:74:bc:8a:90:73:7f:e7:aa:42:76:a3:b9:
cd:0b:53:7e:0a:97:48:50:55:e3:2d:f0:91:83:f9:
95:64:3c:39:22:0b:09:9e:0b:51:7b:02:80:6c:29:
3e:ce:fb:5f:7b:d9:ba:f1:16:83:7d:9a:2a:fb:a4:
b3:89:f5:05:db:6c:f3:9a:44:aa:87:e5:21:0f:24:
b3:22:38:57:f0:97:a0:31:20:00:7c:bb:71:c4:0f:
d3:1d:64:2b:13:66:42:be:de:9c:d6:23:12:87:62:
5c:3f:81:a8:42:b2:bd:7e:fc:d8:84:9d:30:2b:17:
f8:37:6c:2c:cb:ed:b9:ba:37:09:7e:b7:52:c0:41:
dd:2c:fb:66:6a:9a:a1:ec:af:6b:91:1a:f4:8e:ed:
82:98:02:63:91:fe:ca:ef:bb:30:88:a5:25:03:07:
e7:3f:ed:a5:1e:ba:bf:36:a2:7c:27:72:61:d9:18:
3c:8a:2c:e3:75:fa:e4:02:47:61:54:81:c7:9e:8f:
39:01:3c:2a:1e:e4:6c:ea:29:e9:d7:2e:5d:f2:41:
e8:72:b1:ad:0a:de:5f:8c:b6:18:41:87:1b:81:bf:
96:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:50:F2:D6:32:1D:26:19:CF:83:54:51:D3:B4:B2:29:6E:13:45:D0
X509v3 Authority Key Identifier:
keyid:B1:CD:C2:6D:44:EA:F8:56:54:48:1E:95:81:04:3E:14:88:77:65:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sc3CbUTq-FZUSB6VgQQ-FIh3ZbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/aaadac-4809-4955-ac62-8f9ca0ebccab/1/G1Dy1jIdJhnPg1RR07SyKW4TRdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/aaadac-4809-4955-ac62-8f9ca0ebccab/1/sc3CbUTq-FZUSB6VgQQ-FIh3ZbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.180.0/22
IPv6:
2a0e:c5c0::-2a0e:c5c1:0:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
60:e6:2a:0c:39:71:73:2d:a4:21:43:20:fc:3b:98:50:05:75:
63:15:36:f9:bb:ed:39:b1:3d:7f:e0:49:04:30:a6:8c:7a:55:
4b:d7:86:37:19:54:97:0a:a8:86:6f:d8:f4:50:34:8a:8c:d2:
3e:a4:ca:41:d0:62:4b:51:9d:50:d5:ef:cc:f9:70:27:1d:a6:
74:46:89:f2:9f:35:b9:50:05:5d:49:c6:78:4e:0d:83:7a:0b:
fe:31:e9:c6:cf:76:df:c2:96:5a:cf:eb:17:59:a1:10:e2:68:
46:cc:e3:5a:c5:b2:c8:65:ef:40:b1:75:a2:9b:66:98:9e:75:
7d:aa:2e:0d:b1:5f:1c:df:ab:22:9a:7f:07:8c:99:72:bd:aa:
13:93:9f:ab:94:80:7c:ef:cc:a7:b5:37:d2:7e:9b:93:96:ab:
ed:ff:cb:b1:b0:83:9c:24:f0:10:7d:e2:d2:3d:15:42:9c:a7:
0e:72:ed:85:ed:f2:96:4e:00:7e:81:f0:70:ac:1b:23:ab:f6:
44:b5:c8:6a:23:64:9d:d1:d5:d0:3d:df:bf:a4:d4:bb:23:fc:
0f:e0:2f:ce:97:ed:14:8c:47:cf:a0:65:2f:bd:94:be:4b:19:
8b:93:06:19:fa:12:9d:2e:a3:0c:74:24:a1:68:a2:03:20:89:
24:4b:d8:c4
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZa1rABJcdXNl6OD+W4y/MOsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxY2RjMjZkNDRlYWY4NTY1NDQ4MWU5NTgxMDQzZTE0ODg3
NzY1YjQwHhcNMjUwNTA5MTUzMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjUwZjJkNjMyMWQyNjE5Y2Y4MzU0NTFkM2I0YjIyOTZlMTM0NWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAth7K6ZaYb2Pp/4x8AhtmfCKP6vq7
ATYJrFca1FOc4JZ0vIqQc3/nqkJ2o7nNC1N+CpdIUFXjLfCRg/mVZDw5IgsJngtR
ewKAbCk+zvtfe9m68RaDfZoq+6SzifUF22zzmkSqh+UhDySzIjhX8JegMSAAfLtx
xA/THWQrE2ZCvt6c1iMSh2JcP4GoQrK9fvzYhJ0wKxf4N2wsy+25ujcJfrdSwEHd
LPtmapqh7K9rkRr0ju2CmAJjkf7K77swiKUlAwfnP+2lHrq/NqJ8J3Jh2Rg8iizj
dfrkAkdhVIHHno85ATwqHuRs6inp1y5d8kHocrGtCt5fjLYYQYcbgb+WJwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBtQ8tYyHSYZz4NUUdO0siluE0XQMB8GA1UdIwQY
MBaAFLHNwm1E6vhWVEgelYEEPhSId2W0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2MzQ2JVVHEtRlpVU0I2VmdRUS1GSWgzWmJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9hYWFkYWMtNDgwOS00OTU1LWFjNjIt
OGY5Y2EwZWJjY2FiLzEvRzFEeTFqSWRKaG5QZzFSUjA3U3lLVzRUUmRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9hYWFkYWMtNDgwOS00OTU1LWFjNjItOGY5Y2EwZWJjY2Fi
LzEvc2MzQ2JVVHEtRlpVU0I2VmdRUS1GSWgzWmJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCLYy0MBgE
AgACMBIwEAMFBioOxcADBwAqDsXBAAAwDQYJKoZIhvcNAQELBQADggEBAGDmKgw5
cXMtpCFDIPw7mFAFdWMVNvm77TmxPX/gSQQwpox6VUvXhjcZVJcKqIZv2PRQNIqM
0j6kykHQYktRnVDV78z5cCcdpnRGifKfNblQBV1JxnhODYN6C/4x6cbPdt/CllrP
6xdZoRDiaEbM41rFsshl70CxdaKbZpiedX2qLg2xXxzfqyKafweMmXK9qhOTn6uU
gHzvzKe1N9J+m5OWq+3/y7Gwg5wk8BB94tI9FUKcpw5y7YXt8pZOAH6B8HCsGyOr
9kS1yGojZJ3R1dA937+k1Lsj/A/gL86X7RSMR8+gZS+9lL5LGYuTBhn6Ep0uowx0
JKFoogMgiSRL2MQ=
-----END CERTIFICATE-----
Generated at Sat May 10 12:13:13 2025 by rpki-client