Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/RP5jpn-uKD4VZqtBiaKoc8atoPw.roa
File: RP5jpn-uKD4VZqtBiaKoc8atoPw.roa (raw, json)
Hash identifier: QDcnUril7uwVWWdbILh+cVbAEXM+2Qt6gMgTdP6yAQo=
Subject key identifier: 44:FE:63:A6:7F:AE:28:3E:15:66:AB:41:89:A2:A8:73:C6:AD:A0:FC
Certificate issuer: /CN=47d064fb3e541f23563065e48f300f2cfdfe009a
Certificate serial: 019420D6679A71A623219175709E49C28188
Authority key identifier: 47:D0:64:FB:3E:54:1F:23:56:30:65:E4:8F:30:0F:2C:FD:FE:00:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/RP5jpn-uKD4VZqtBiaKoc8atoPw.roa
Signing time: Wed 01 Jan 2025 07:48:29 +0000
ROA not before: Wed 01 Jan 2025 07:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 195.244.28.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.mft
rsync://rpki.ripe.net/repository/DEFAULT/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:67:9a:71:a6:23:21:91:75:70:9e:49:c2:81:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47d064fb3e541f23563065e48f300f2cfdfe009a
Validity
Not Before: Jan 1 07:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=44fe63a67fae283e1566ab4189a2a873c6ada0fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:5b:55:96:1e:51:e2:e1:21:6d:5c:b8:e3:d8:
3e:00:7c:b8:2c:bf:cf:b3:9a:f7:4f:b8:08:f2:d7:
a2:43:ff:4a:a7:c5:6b:7d:54:b2:52:ae:35:36:fb:
09:e9:b5:d4:e0:e1:1b:85:7c:68:07:17:01:8c:5f:
64:1c:88:fb:85:3e:87:27:b5:24:94:fd:21:2a:9e:
eb:49:4d:10:f0:70:f9:21:1b:39:09:a0:e9:3e:6c:
22:b7:46:e7:e4:0f:46:be:d0:36:3a:36:3c:5a:70:
37:09:f6:a5:c2:8c:41:9e:b6:ee:f9:5d:85:63:6b:
b7:c4:0f:e9:00:d2:ad:f3:14:1e:91:e3:e8:1c:3b:
68:64:a3:5e:15:2d:a6:21:ba:e2:7b:89:0c:09:45:
b0:30:73:c1:5e:62:c8:ba:be:37:73:7c:27:67:1c:
57:3c:83:60:52:7b:d4:42:aa:f9:ba:06:37:86:81:
ca:dc:3b:46:26:33:37:8a:ea:f3:9b:bc:92:18:50:
01:80:5f:55:3f:35:08:5f:0f:46:d7:9c:9a:5c:06:
09:77:a4:e8:ea:90:dd:53:f9:e8:e5:d5:40:36:b2:
00:a5:b7:7e:ae:30:94:68:06:12:18:06:06:5e:52:
d8:b0:e2:86:9e:8f:84:09:22:9e:c6:34:78:3b:b7:
bb:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:FE:63:A6:7F:AE:28:3E:15:66:AB:41:89:A2:A8:73:C6:AD:A0:FC
X509v3 Authority Key Identifier:
keyid:47:D0:64:FB:3E:54:1F:23:56:30:65:E4:8F:30:0F:2C:FD:FE:00:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/RP5jpn-uKD4VZqtBiaKoc8atoPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d56693-2254-4a3b-acbb-efaaff0a982f/1/R9Bk-z5UHyNWMGXkjzAPLP3-AJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.244.28.0/23
Signature Algorithm: sha256WithRSAEncryption
29:8f:fc:88:8e:82:f6:cd:b9:39:59:7d:0b:fe:23:e5:42:cf:
74:27:c4:65:44:3e:4c:c5:10:12:92:9f:e1:8b:5f:c0:00:4a:
a0:f0:55:ec:3b:35:d3:3a:4a:3d:89:de:a7:2b:76:6f:26:07:
25:25:66:70:62:37:06:21:ff:7a:11:9f:6a:97:41:99:5a:91:
aa:49:ed:b7:cb:c8:8c:d0:09:02:0f:e5:8e:a3:c3:78:f4:d2:
f0:7d:03:9c:32:74:a9:b0:e2:98:d5:f2:0c:a8:99:30:c9:87:
30:66:47:ca:f6:da:91:e1:82:77:19:73:c0:ed:bf:0a:7c:17:
ca:04:e3:db:bf:ae:53:dc:99:fd:c6:6f:94:f7:62:5f:a6:93:
7d:50:4e:bd:7d:c1:f2:ef:55:d4:51:30:42:a0:68:ef:63:d1:
71:1d:cd:78:25:c9:9c:60:4f:84:87:90:fe:60:35:38:a4:08:
be:ab:f6:a5:3a:32:29:a0:26:4b:ab:5b:3c:69:2f:0a:fc:3e:
8d:2c:e0:fd:8a:69:66:d1:9d:e0:6c:02:18:07:a7:26:2d:e4:
37:73:e6:88:87:61:a0:84:51:88:3c:63:3c:68:ca:cb:e2:d1:
bb:da:7c:8d:9a:0e:f8:58:37:18:2c:09:d5:d6:7d:82:bb:2e:
c6:38:2b:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1meacaYjIZF1cJ5JwoGIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3ZDA2NGZiM2U1NDFmMjM1NjMwNjVlNDhmMzAwZjJjZmRm
ZTAwOWEwHhcNMjUwMTAxMDc0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGZlNjNhNjdmYWUyODNlMTU2NmFiNDE4OWEyYTg3M2M2YWRhMGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVtVlh5R4uEhbVy449g+AHy4LL/P
s5r3T7gI8teiQ/9Kp8VrfVSyUq41NvsJ6bXU4OEbhXxoBxcBjF9kHIj7hT6HJ7Uk
lP0hKp7rSU0Q8HD5IRs5CaDpPmwit0bn5A9GvtA2OjY8WnA3CfalwoxBnrbu+V2F
Y2u3xA/pANKt8xQekePoHDtoZKNeFS2mIbrie4kMCUWwMHPBXmLIur43c3wnZxxX
PINgUnvUQqr5ugY3hoHK3DtGJjM3iurzm7ySGFABgF9VPzUIXw9G15yaXAYJd6To
6pDdU/no5dVANrIApbd+rjCUaAYSGAYGXlLYsOKGno+ECSKexjR4O7e7eQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFET+Y6Z/rig+FWarQYmiqHPGraD8MB8GA1UdIwQY
MBaAFEfQZPs+VB8jVjBl5I8wDyz9/gCaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjlCay16NVVIeU5XTUdYa2p6QVBMUDMtQUpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9kNTY2OTMtMjI1NC00YTNiLWFjYmIt
ZWZhYWZmMGE5ODJmLzEvUlA1anBuLXVLRDRWWnF0QmlhS29jOGF0b1B3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9kNTY2OTMtMjI1NC00YTNiLWFjYmItZWZhYWZmMGE5ODJm
LzEvUjlCay16NVVIeU5XTUdYa2p6QVBMUDMtQUpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw/QcMA0G
CSqGSIb3DQEBCwUAA4IBAQApj/yIjoL2zbk5WX0L/iPlQs90J8RlRD5MxRASkp/h
i1/AAEqg8FXsOzXTOko9id6nK3ZvJgclJWZwYjcGIf96EZ9ql0GZWpGqSe23y8iM
0AkCD+WOo8N49NLwfQOcMnSpsOKY1fIMqJkwyYcwZkfK9tqR4YJ3GXPA7b8KfBfK
BOPbv65T3Jn9xm+U92JfppN9UE69fcHy71XUUTBCoGjvY9FxHc14JcmcYE+Eh5D+
YDU4pAi+q/alOjIpoCZLq1s8aS8K/D6NLOD9imlm0Z3gbAIYB6cmLeQ3c+aIh2Gg
hFGIPGM8aMrL4tG72nyNmg74WDcYLAnV1n2Cuy7GOCth
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:06:18 2025 by rpki-client