Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/221fd6-e4f6-43e3-946d-dd1ec57d7e74/1/C4xFnQXBLha89iTu6vCgScy1_Ek.roa
File: C4xFnQXBLha89iTu6vCgScy1_Ek.roa (raw, json)
Hash identifier: U9GDGB6vi3FhwCiUiSsSdl2XGy5PFlI2d2VyMnryxww=
Subject key identifier: 0B:8C:45:9D:05:C1:2E:16:BC:F6:24:EE:EA:F0:A0:49:CC:B5:FC:49
Certificate issuer: /CN=1372e0c2b83dd5109013c7f1c0bb9716d3618dd2
Certificate serial: 0196C5124250082B97FC5682778C6BCD3F45
Authority key identifier: 13:72:E0:C2:B8:3D:D5:10:90:13:C7:F1:C0:BB:97:16:D3:61:8D:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E3Lgwrg91RCQE8fxwLuXFtNhjdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/221fd6-e4f6-43e3-946d-dd1ec57d7e74/1/C4xFnQXBLha89iTu6vCgScy1_Ek.roa
Signing time: Mon 12 May 2025 15:17:10 +0000
ROA not before: Mon 12 May 2025 15:17:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 5.252.199.0/24 maxlen: 24
45.146.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/221fd6-e4f6-43e3-946d-dd1ec57d7e74/1/E3Lgwrg91RCQE8fxwLuXFtNhjdI.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/221fd6-e4f6-43e3-946d-dd1ec57d7e74/1/E3Lgwrg91RCQE8fxwLuXFtNhjdI.mft
rsync://rpki.ripe.net/repository/DEFAULT/E3Lgwrg91RCQE8fxwLuXFtNhjdI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 14 May 2025 09:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c5:12:42:50:08:2b:97:fc:56:82:77:8c:6b:cd:3f:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1372e0c2b83dd5109013c7f1c0bb9716d3618dd2
Validity
Not Before: May 12 15:17:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b8c459d05c12e16bcf624eeeaf0a049ccb5fc49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:64:1a:ae:f6:dd:1e:3c:14:e4:05:e2:c1:d6:
54:a3:6d:d3:10:ca:9e:9f:3d:79:94:e5:a2:36:33:
4d:1e:89:fd:bf:e2:e7:d1:4f:5e:47:c9:9a:5a:85:
63:f5:bb:82:c1:e7:d5:4f:7a:df:34:b4:4e:af:f6:
9a:fd:74:e0:6e:d6:40:3b:47:b7:fa:c8:7c:d8:21:
e8:1a:e6:25:52:50:3e:13:00:1e:8e:32:20:09:4a:
20:27:94:9b:48:1c:64:91:98:40:14:fc:09:33:47:
a5:f5:1a:e4:5f:e0:68:63:80:78:02:74:fb:ae:11:
4e:02:57:9a:10:43:b3:ab:96:e9:c8:ab:0d:e7:ed:
3d:27:db:0c:cd:a3:53:34:31:8b:b0:c7:0f:90:0d:
56:16:c4:96:08:26:00:1b:93:18:dc:1a:ec:ba:b0:
2e:18:47:90:2b:36:15:03:08:b4:99:25:c4:01:39:
77:2d:de:2f:64:35:a0:7e:bb:b6:66:9d:36:9b:b0:
3b:4b:ed:57:d9:2d:ec:c4:b1:4f:32:93:55:55:96:
5c:d6:6b:d9:4f:7c:2c:0a:34:e4:8c:3e:44:be:31:
75:9a:e1:f4:33:96:52:98:50:f4:11:36:ce:5b:92:
32:63:d9:e4:d2:02:fe:93:21:f7:aa:4f:57:13:46:
1e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:8C:45:9D:05:C1:2E:16:BC:F6:24:EE:EA:F0:A0:49:CC:B5:FC:49
X509v3 Authority Key Identifier:
keyid:13:72:E0:C2:B8:3D:D5:10:90:13:C7:F1:C0:BB:97:16:D3:61:8D:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E3Lgwrg91RCQE8fxwLuXFtNhjdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/221fd6-e4f6-43e3-946d-dd1ec57d7e74/1/C4xFnQXBLha89iTu6vCgScy1_Ek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/221fd6-e4f6-43e3-946d-dd1ec57d7e74/1/E3Lgwrg91RCQE8fxwLuXFtNhjdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.199.0/24
45.146.123.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:c8:2b:82:cc:8b:6e:22:75:79:95:07:41:57:32:53:4f:3f:
d8:1d:39:f1:e1:f3:24:65:f3:4f:9e:00:57:1b:b5:68:3b:b8:
e1:f8:6e:b6:9e:f2:96:2b:61:1f:4c:fc:bc:05:b3:be:a2:53:
f3:5b:39:cb:b9:0b:34:0c:0f:fc:ad:55:f8:9c:66:4d:44:82:
43:cb:c1:b5:47:75:9c:a1:0a:cc:81:a9:f2:6b:72:37:ed:c7:
63:5f:f3:36:44:82:4b:62:da:85:7f:3a:cc:fa:91:8c:37:47:
a7:9a:be:57:bc:b1:4c:56:49:9b:58:5e:6e:3f:28:e1:ab:81:
0e:f6:79:c2:00:4a:eb:fe:09:ac:3a:b7:d6:f0:32:ef:f4:56:
45:1a:6a:a1:7a:5d:8f:17:52:82:12:3c:e0:1b:31:fe:08:32:
82:d6:a0:ff:7c:30:d6:78:54:70:14:02:91:d9:89:07:6f:f7:
55:ad:8e:7e:29:18:8f:77:2f:8f:a0:88:bf:82:76:b8:49:87:
a9:79:1d:13:02:53:4e:ce:75:f2:0d:49:dc:db:49:fd:11:81:
b3:ae:e1:87:99:61:e4:9c:bb:72:0b:6a:83:17:7c:c2:cd:d1:
cc:b2:3d:db:49:ae:aa:39:40:62:75:a2:06:22:99:5e:cb:05:
10:95:eb:10
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZbFEkJQCCuX/FaCd4xrzT9FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNzJlMGMyYjgzZGQ1MTA5MDEzYzdmMWMwYmI5NzE2ZDM2
MThkZDIwHhcNMjUwNTEyMTUxNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjhjNDU5ZDA1YzEyZTE2YmNmNjI0ZWVlYWYwYTA0OWNjYjVmYzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmQarvbdHjwU5AXiwdZUo23TEMqe
nz15lOWiNjNNHon9v+Ln0U9eR8maWoVj9buCwefVT3rfNLROr/aa/XTgbtZAO0e3
+sh82CHoGuYlUlA+EwAejjIgCUogJ5SbSBxkkZhAFPwJM0el9RrkX+BoY4B4AnT7
rhFOAleaEEOzq5bpyKsN5+09J9sMzaNTNDGLsMcPkA1WFsSWCCYAG5MY3BrsurAu
GEeQKzYVAwi0mSXEATl3Ld4vZDWgfru2Zp02m7A7S+1X2S3sxLFPMpNVVZZc1mvZ
T3wsCjTkjD5EvjF1muH0M5ZSmFD0ETbOW5IyY9nk0gL+kyH3qk9XE0YePQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAuMRZ0FwS4WvPYk7urwoEnMtfxJMB8GA1UdIwQY
MBaAFBNy4MK4PdUQkBPH8cC7lxbTYY3SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTNMZ3dyZzkxUkNRRThmeHdMdVhGdE5oamRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS8yMjFmZDYtZTRmNi00M2UzLTk0NmQt
ZGQxZWM1N2Q3ZTc0LzEvQzR4Rm5RWEJMaGE4OWlUdTZ2Q2dTY3kxX0VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS8yMjFmZDYtZTRmNi00M2UzLTk0NmQtZGQxZWM1N2Q3ZTc0
LzEvRTNMZ3dyZzkxUkNRRThmeHdMdVhGdE5oamRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABfzHAwQA
LZJ7MA0GCSqGSIb3DQEBCwUAA4IBAQCdyCuCzItuInV5lQdBVzJTTz/YHTnx4fMk
ZfNPngBXG7VoO7jh+G62nvKWK2EfTPy8BbO+olPzWznLuQs0DA/8rVX4nGZNRIJD
y8G1R3WcoQrMganya3I37cdjX/M2RIJLYtqFfzrM+pGMN0enmr5XvLFMVkmbWF5u
Pyjhq4EO9nnCAErr/gmsOrfW8DLv9FZFGmqhel2PF1KCEjzgGzH+CDKC1qD/fDDW
eFRwFAKR2YkHb/dVrY5+KRiPdy+PoIi/gna4SYepeR0TAlNOznXyDUnc20n9EYGz
ruGHmWHknLtyC2qDF3zCzdHMsj3bSa6qOUBidaIGIpleywUQlesQ
-----END CERTIFICATE-----
Generated at Tue May 13 16:31:16 2025 by rpki-client