Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/15326f-c174-493a-999c-cf0099e072c3/1/g1OClMd_E4NQ7EkPx7bidts26wA.roa
File: g1OClMd_E4NQ7EkPx7bidts26wA.roa (raw, json)
Hash identifier: CeqCEmByjs4N40bd+Z4KEPz6ASh9HSswP/ltMk2hKeQ=
Subject key identifier: 83:53:82:94:C7:7F:13:83:50:EC:49:0F:C7:B6:E2:76:DB:36:EB:00
Certificate issuer: /CN=587f5478d1e94f240705722c3789076daf553757
Certificate serial: 019685EB345CD06952AF948995FC5FFF78B4
Authority key identifier: 58:7F:54:78:D1:E9:4F:24:07:05:72:2C:37:89:07:6D:AF:55:37:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WH9UeNHpTyQHBXIsN4kHba9VN1c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/15326f-c174-493a-999c-cf0099e072c3/1/g1OClMd_E4NQ7EkPx7bidts26wA.roa
Signing time: Wed 30 Apr 2025 08:58:26 +0000
ROA not before: Wed 30 Apr 2025 08:58:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9123
IP address blocks: 45.144.220.0/24 maxlen: 24
45.144.221.0/24 maxlen: 24
45.144.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/15326f-c174-493a-999c-cf0099e072c3/1/WH9UeNHpTyQHBXIsN4kHba9VN1c.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/15326f-c174-493a-999c-cf0099e072c3/1/WH9UeNHpTyQHBXIsN4kHba9VN1c.mft
rsync://rpki.ripe.net/repository/DEFAULT/WH9UeNHpTyQHBXIsN4kHba9VN1c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:85:eb:34:5c:d0:69:52:af:94:89:95:fc:5f:ff:78:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=587f5478d1e94f240705722c3789076daf553757
Validity
Not Before: Apr 30 08:58:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=83538294c77f138350ec490fc7b6e276db36eb00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:01:9a:23:78:2b:9b:27:ef:d8:99:de:9e:ae:
00:03:85:77:d0:b9:d9:3e:a7:18:b3:35:d2:b6:a1:
17:aa:76:c7:65:87:55:b9:26:b0:35:5f:3f:44:e0:
bb:f1:87:2c:5f:2f:ed:83:e0:e1:95:21:95:25:1a:
e0:63:41:12:bb:1a:1d:26:69:3a:2b:3f:c7:6e:50:
be:45:02:0a:b1:c3:b5:ff:ee:b7:07:39:ea:e9:d5:
c3:c1:73:df:5d:33:1c:99:a0:72:6c:eb:68:68:ab:
3a:1f:c9:66:80:e9:10:24:ba:1c:33:d9:ff:27:ca:
bf:12:9a:59:b4:94:e0:c0:d2:cc:7b:63:6c:60:33:
0a:c8:28:db:74:31:bd:61:7d:2b:67:60:59:f6:f8:
8d:f5:ce:7a:5a:12:ff:12:02:7c:4e:1d:8c:4d:d6:
59:93:7b:5c:da:49:f9:0a:a6:eb:05:0e:08:80:09:
d3:a3:e7:e8:79:cd:60:1b:95:a2:da:84:8a:a3:28:
bc:72:5f:ff:43:f7:a5:8a:be:78:d1:ff:6f:7a:8d:
42:d7:54:b3:60:9e:ca:3a:43:fd:94:d7:11:4a:b9:
6f:6a:c1:34:92:8f:f0:72:aa:21:cf:39:4e:d2:e8:
3f:ba:c0:fc:dd:a7:46:a4:3a:4c:8b:e2:c3:e0:23:
46:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:53:82:94:C7:7F:13:83:50:EC:49:0F:C7:B6:E2:76:DB:36:EB:00
X509v3 Authority Key Identifier:
keyid:58:7F:54:78:D1:E9:4F:24:07:05:72:2C:37:89:07:6D:AF:55:37:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WH9UeNHpTyQHBXIsN4kHba9VN1c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/15326f-c174-493a-999c-cf0099e072c3/1/g1OClMd_E4NQ7EkPx7bidts26wA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/15326f-c174-493a-999c-cf0099e072c3/1/WH9UeNHpTyQHBXIsN4kHba9VN1c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.220.0-45.144.222.255
Signature Algorithm: sha256WithRSAEncryption
23:19:58:b2:37:5c:60:60:76:a0:6e:3b:1d:8f:a4:17:d0:4e:
3b:17:03:27:e1:8c:1b:ae:91:0e:31:5a:4c:93:22:76:2d:2d:
28:13:07:58:24:57:22:66:82:40:ca:22:92:fb:52:40:1c:ad:
78:4f:1f:0d:e6:01:60:48:b1:a7:92:7f:eb:d2:40:c1:2a:9c:
c6:a0:8d:12:41:02:52:58:9a:33:43:73:05:75:d4:d2:fd:92:
4f:48:b2:b1:56:2b:69:cb:d1:9b:28:dd:3f:c3:7c:41:96:55:
7c:ca:5b:23:5b:c3:13:61:5c:3c:cd:eb:3c:72:6e:28:31:a5:
81:af:47:53:28:bb:9a:24:81:88:60:25:3c:5b:56:4e:7f:ed:
2f:64:c3:38:e9:2b:55:e3:f8:ff:2b:f6:13:12:29:c1:2e:08:
32:fa:41:5e:36:3f:60:5e:7f:4f:b0:e3:b0:73:ab:d8:8c:a8:
f0:b3:65:22:56:3c:64:47:e1:5d:ed:2a:89:78:05:8e:e2:54:
a6:48:a1:1c:d8:72:8a:03:e2:7f:49:f3:6c:26:3e:be:0d:12:
b7:72:ab:d5:45:3c:b5:be:7c:2d:af:8c:38:83:27:62:af:50:
86:d5:d3:7a:7c:a6:53:1f:5f:61:9a:6f:9e:4c:f3:92:d4:4c:
b5:14:cd:ab
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZaF6zRc0GlSr5SJlfxf/3i0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4N2Y1NDc4ZDFlOTRmMjQwNzA1NzIyYzM3ODkwNzZkYWY1
NTM3NTcwHhcNMjUwNDMwMDg1ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzUzODI5NGM3N2YxMzgzNTBlYzQ5MGZjN2I2ZTI3NmRiMzZlYjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwGaI3grmyfv2Jnenq4AA4V30LnZ
PqcYszXStqEXqnbHZYdVuSawNV8/ROC78YcsXy/tg+DhlSGVJRrgY0ESuxodJmk6
Kz/HblC+RQIKscO1/+63Bznq6dXDwXPfXTMcmaBybOtoaKs6H8lmgOkQJLocM9n/
J8q/EppZtJTgwNLMe2NsYDMKyCjbdDG9YX0rZ2BZ9viN9c56WhL/EgJ8Th2MTdZZ
k3tc2kn5CqbrBQ4IgAnTo+foec1gG5Wi2oSKoyi8cl//Q/elir540f9veo1C11Sz
YJ7KOkP9lNcRSrlvasE0ko/wcqohzzlO0ug/usD83adGpDpMi+LD4CNGiQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFINTgpTHfxODUOxJD8e24nbbNusAMB8GA1UdIwQY
MBaAFFh/VHjR6U8kBwVyLDeJB22vVTdXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0g5VWVOSHBUeVFIQlhJc040a0hiYTlWTjFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8xNTMyNmYtYzE3NC00OTNhLTk5OWMt
Y2YwMDk5ZTA3MmMzLzEvZzFPQ2xNZF9FNE5RN0VrUHg3YmlkdHMyNndBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8xNTMyNmYtYzE3NC00OTNhLTk5OWMtY2YwMDk5ZTA3MmMz
LzEvV0g5VWVOSHBUeVFIQlhJc040a0hiYTlWTjFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAItkNwD
BAAtkN4wDQYJKoZIhvcNAQELBQADggEBACMZWLI3XGBgdqBuOx2PpBfQTjsXAyfh
jBuukQ4xWkyTInYtLSgTB1gkVyJmgkDKIpL7UkAcrXhPHw3mAWBIsaeSf+vSQMEq
nMagjRJBAlJYmjNDcwV11NL9kk9IsrFWK2nL0Zso3T/DfEGWVXzKWyNbwxNhXDzN
6zxybigxpYGvR1Mou5okgYhgJTxbVk5/7S9kwzjpK1Xj+P8r9hMSKcEuCDL6QV42
P2Bef0+w47Bzq9iMqPCzZSJWPGRH4V3tKol4BY7iVKZIoRzYcooD4n9J82wmPr4N
Erdyq9VFPLW+fC2vjDiDJ2KvUIbV03p8plMfX2Gab55M85LUTLUUzas=
-----END CERTIFICATE-----
Generated at Sun May 11 01:19:17 2025 by rpki-client