Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/DF0LylBO293Rh5P_Xm-081JdxGQ.roa
File: DF0LylBO293Rh5P_Xm-081JdxGQ.roa (raw, json)
Hash identifier: 405nlMqZVIUCURUtBGFImyyIgI7CPbrFiQZ6G44Cxus=
Subject key identifier: 0C:5D:0B:CA:50:4E:DB:DD:D1:87:93:FF:5E:6F:B4:F3:52:5D:C4:64
Certificate issuer: /CN=72e4baf99ab840129133285fe9ad7b83fd130c39
Certificate serial: 0196A7C72D7F73AFD06884CA1CADE08BE16D
Authority key identifier: 72:E4:BA:F9:9A:B8:40:12:91:33:28:5F:E9:AD:7B:83:FD:13:0C:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cuS6-Zq4QBKRMyhf6a17g_0TDDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/DF0LylBO293Rh5P_Xm-081JdxGQ.roa
Signing time: Tue 06 May 2025 22:46:10 +0000
ROA not before: Tue 06 May 2025 22:46:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30058
IP address blocks: 45.87.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/cuS6-Zq4QBKRMyhf6a17g_0TDDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/cuS6-Zq4QBKRMyhf6a17g_0TDDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/cuS6-Zq4QBKRMyhf6a17g_0TDDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a7:c7:2d:7f:73:af:d0:68:84:ca:1c:ad:e0:8b:e1:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72e4baf99ab840129133285fe9ad7b83fd130c39
Validity
Not Before: May 6 22:46:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c5d0bca504edbddd18793ff5e6fb4f3525dc464
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:8a:ca:40:a1:c8:81:b2:ba:75:1b:f4:8c:b9:
d1:dc:27:1d:4e:52:11:ad:f4:46:48:9c:c6:b4:89:
9a:09:1e:31:02:63:64:a6:dc:ad:4d:9b:9b:f5:61:
5e:33:dc:a5:38:6f:b2:92:18:34:bb:ee:c9:d4:99:
30:1e:87:bd:86:32:b9:50:b6:65:bf:5f:46:8a:4c:
b8:3a:4c:de:ed:02:46:fb:12:27:8c:d2:eb:4a:4b:
e2:10:e3:55:f6:ab:9d:b6:42:dc:4f:1f:b3:29:f9:
d1:d8:8a:76:41:73:d8:f3:00:bc:2d:52:40:46:c5:
02:9b:33:81:ea:3b:07:7c:37:5d:97:a5:55:70:e0:
11:a0:44:4a:ae:62:a5:d1:8e:57:e6:06:99:d2:20:
26:41:37:1a:f0:c6:5e:be:1e:08:50:f0:b5:c0:95:
5f:8a:31:da:02:1a:92:1c:29:64:7f:1b:2e:8c:7a:
54:09:ef:4f:a8:27:af:f5:a2:1f:ce:99:f1:99:43:
42:c7:44:d5:b1:b2:da:aa:0f:67:f9:15:40:d8:b4:
2a:d2:d7:65:9d:f5:7c:64:5f:20:e3:7c:53:5b:91:
62:fb:12:4f:2d:17:bb:40:04:87:2a:a6:0e:12:1a:
35:01:09:5e:ba:b2:8d:93:c1:ba:aa:79:f2:73:2f:
2e:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:5D:0B:CA:50:4E:DB:DD:D1:87:93:FF:5E:6F:B4:F3:52:5D:C4:64
X509v3 Authority Key Identifier:
keyid:72:E4:BA:F9:9A:B8:40:12:91:33:28:5F:E9:AD:7B:83:FD:13:0C:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cuS6-Zq4QBKRMyhf6a17g_0TDDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/DF0LylBO293Rh5P_Xm-081JdxGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/cuS6-Zq4QBKRMyhf6a17g_0TDDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.68.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:1e:8c:f6:24:3c:61:be:ab:b1:4c:f3:f9:ab:73:c4:0b:62:
58:04:27:ff:3e:58:eb:75:45:cb:5d:96:76:9f:82:52:f0:db:
81:69:b2:c3:60:fb:28:58:05:2b:dc:85:ce:12:f4:76:6f:b2:
46:ae:9f:89:21:95:ba:9b:02:6f:d1:ef:00:57:9a:fd:07:7e:
56:db:46:10:97:4e:bf:7c:26:48:53:bf:58:57:3a:df:77:28:
8d:9f:0c:fb:c2:b4:e6:54:89:50:36:a3:20:dd:ab:dd:b3:25:
31:38:9b:95:29:67:68:6a:48:bc:e0:ea:1f:a4:4c:53:7d:2c:
22:5a:68:87:99:32:62:e2:11:8f:93:09:ce:7c:da:70:64:c4:
e2:a2:1d:42:35:e5:5b:05:34:e6:6e:6a:b2:c2:ba:10:ae:28:
5a:11:70:4b:a7:5e:71:1b:c6:df:a5:f8:da:1d:67:d3:d8:4e:
20:1f:a0:ee:22:e0:ad:03:ab:c4:1f:ca:9b:9e:11:b6:94:a5:
03:cc:9e:a9:b2:9e:d2:6c:4c:19:da:a5:a9:a1:85:04:d1:a6:
ba:e1:2b:da:62:d7:6c:41:2e:25:de:2a:d1:8b:aa:a3:88:0b:
28:bc:ae:07:55:1d:d7:ae:45:9b:36:50:c3:e2:b0:30:13:ad:
0b:c7:ee:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZanxy1/c6/QaITKHK3gi+FtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZTRiYWY5OWFiODQwMTI5MTMzMjg1ZmU5YWQ3YjgzZmQx
MzBjMzkwHhcNMjUwNTA2MjI0NjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzVkMGJjYTUwNGVkYmRkZDE4NzkzZmY1ZTZmYjRmMzUyNWRjNDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzorKQKHIgbK6dRv0jLnR3CcdTlIR
rfRGSJzGtImaCR4xAmNkptytTZub9WFeM9ylOG+ykhg0u+7J1JkwHoe9hjK5ULZl
v19Giky4Okze7QJG+xInjNLrSkviEONV9qudtkLcTx+zKfnR2Ip2QXPY8wC8LVJA
RsUCmzOB6jsHfDddl6VVcOARoERKrmKl0Y5X5gaZ0iAmQTca8MZevh4IUPC1wJVf
ijHaAhqSHClkfxsujHpUCe9PqCev9aIfzpnxmUNCx0TVsbLaqg9n+RVA2LQq0tdl
nfV8ZF8g43xTW5Fi+xJPLRe7QASHKqYOEho1AQleurKNk8G6qnnycy8uVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAxdC8pQTtvd0YeT/15vtPNSXcRkMB8GA1UdIwQY
MBaAFHLkuvmauEASkTMoX+mte4P9Eww5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3VTNi1acTRRQktSTXloZjZhMTdnXzBURERrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi82NmI3NGMtODFjMS00MTBlLTk1N2Qt
YThkNjVkY2NiOTZiLzEvREYwTHlsQk8yOTNSaDVQX1htLTA4MUpkeEdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi82NmI3NGMtODFjMS00MTBlLTk1N2QtYThkNjVkY2NiOTZi
LzEvY3VTNi1acTRRQktSTXloZjZhMTdnXzBURERrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVdEMA0G
CSqGSIb3DQEBCwUAA4IBAQAMHoz2JDxhvquxTPP5q3PEC2JYBCf/PljrdUXLXZZ2
n4JS8NuBabLDYPsoWAUr3IXOEvR2b7JGrp+JIZW6mwJv0e8AV5r9B35W20YQl06/
fCZIU79YVzrfdyiNnwz7wrTmVIlQNqMg3avdsyUxOJuVKWdoaki84OofpExTfSwi
WmiHmTJi4hGPkwnOfNpwZMTioh1CNeVbBTTmbmqywroQrihaEXBLp15xG8bfpfja
HWfT2E4gH6DuIuCtA6vEH8qbnhG2lKUDzJ6psp7SbEwZ2qWpoYUE0aa64SvaYtds
QS4l3irRi6qjiAsovK4HVR3XrkWbNlDD4rAwE60Lx+6T
-----END CERTIFICATE-----
Generated at Sat May 10 11:23:42 2025 by rpki-client