Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/1rOZrsi2VH15nsMPM1hcZLORVXs.roa
File: 1rOZrsi2VH15nsMPM1hcZLORVXs.roa (raw, json)
Hash identifier: iSIJhNQhJCt3984hIwFcXBjIv6TT10z6x01UJ9CZjZw=
Subject key identifier: D6:B3:99:AE:C8:B6:54:7D:79:9E:C3:0F:33:58:5C:64:B3:91:55:7B
Certificate issuer: /CN=9b89b8cf47f7c485d628d0a359a16a815cd004ab
Certificate serial: 01942823850FB744D1F675CF4C42C8EE0710
Authority key identifier: 9B:89:B8:CF:47:F7:C4:85:D6:28:D0:A3:59:A1:6A:81:5C:D0:04:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m4m4z0f3xIXWKNCjWaFqgVzQBKs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/1rOZrsi2VH15nsMPM1hcZLORVXs.roa
Signing time: Thu 02 Jan 2025 17:50:04 +0000
ROA not before: Thu 02 Jan 2025 17:50:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 5.180.188.0/22 maxlen: 24
185.185.77.0/24 maxlen: 24
185.185.78.0/24 maxlen: 24
2a0f:a0c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/m4m4z0f3xIXWKNCjWaFqgVzQBKs.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/m4m4z0f3xIXWKNCjWaFqgVzQBKs.mft
rsync://rpki.ripe.net/repository/DEFAULT/m4m4z0f3xIXWKNCjWaFqgVzQBKs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 05:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:85:0f:b7:44:d1:f6:75:cf:4c:42:c8:ee:07:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b89b8cf47f7c485d628d0a359a16a815cd004ab
Validity
Not Before: Jan 2 17:50:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d6b399aec8b6547d799ec30f33585c64b391557b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:33:01:65:39:dd:28:77:62:b3:76:ce:46:19:
a7:b7:8a:5e:3c:e0:70:6c:35:67:91:f9:4b:55:77:
49:f4:45:da:95:66:21:56:a9:8f:9f:51:dd:0b:ac:
6b:a1:75:01:c9:1f:df:dd:28:55:b4:62:9c:e3:55:
53:1f:c7:75:ef:e4:5c:f0:35:1b:b5:3a:e5:6f:88:
71:b2:2a:da:1b:78:0e:ea:9d:1e:72:87:f6:95:8f:
47:65:6b:d7:53:74:68:c1:6d:90:1c:7d:81:f8:f6:
92:bc:e4:4f:36:a4:b4:ba:03:82:0c:8c:e9:91:68:
f3:00:e4:05:98:1a:03:55:7f:c1:d3:3b:80:1e:de:
52:d4:2d:af:ff:52:90:db:25:6d:a7:5c:02:71:a2:
ea:26:98:d8:7d:5e:28:e5:4e:14:8f:c4:90:6a:99:
aa:07:9d:ce:93:1d:37:51:58:21:08:f6:f6:aa:90:
b8:e8:ab:e9:8a:6b:48:f9:0f:c3:9e:35:cc:47:0b:
b7:91:b2:dc:7d:d5:f8:8c:af:03:27:ba:e9:b6:df:
e6:79:a5:73:68:f4:88:9e:dd:bd:13:f2:e0:49:f5:
1a:b6:43:7e:7c:a9:de:41:2e:ab:fa:64:43:69:bd:
c0:d9:73:25:c9:ed:e0:cd:ab:40:77:48:0b:3b:a5:
37:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:B3:99:AE:C8:B6:54:7D:79:9E:C3:0F:33:58:5C:64:B3:91:55:7B
X509v3 Authority Key Identifier:
keyid:9B:89:B8:CF:47:F7:C4:85:D6:28:D0:A3:59:A1:6A:81:5C:D0:04:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m4m4z0f3xIXWKNCjWaFqgVzQBKs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/1rOZrsi2VH15nsMPM1hcZLORVXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/m4m4z0f3xIXWKNCjWaFqgVzQBKs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.188.0/22
185.185.77.0-185.185.78.255
IPv6:
2a0f:a0c0::/29
Signature Algorithm: sha256WithRSAEncryption
ae:d7:2e:e3:13:11:81:43:33:64:3b:a0:3e:60:2c:ea:42:4a:
ac:9f:c1:25:da:1f:9d:f1:7c:d2:3b:c7:02:88:8f:5f:eb:49:
fe:b3:68:21:44:49:02:d4:98:6c:ad:97:23:88:c0:03:f9:83:
54:8a:fa:58:1b:7c:4a:0c:4f:f3:ea:2b:c1:f2:ce:80:b3:3e:
63:95:ab:62:7d:c7:8b:87:bb:82:dc:32:fd:e9:11:6a:08:47:
b9:71:6b:d9:7d:74:30:ec:ab:69:38:e0:98:bc:28:35:62:e7:
0d:98:1e:9a:2b:09:4e:3a:c2:a4:0c:44:c0:ab:09:fc:7f:6d:
6c:e6:cb:2e:64:a6:3b:8c:01:e4:dc:76:22:2c:7d:68:11:1a:
a9:5a:33:51:e0:29:45:1a:fe:03:95:75:8f:52:7e:72:b3:51:
bd:9b:c2:ac:51:e0:f8:05:a1:bf:ff:65:c9:98:7e:51:bb:f8:
e1:ef:ec:31:4e:c5:f8:be:55:0c:45:91:7c:41:a6:f2:dc:f5:
0f:92:40:5b:53:db:1c:6e:51:c1:df:fb:14:5e:1b:69:b0:d3:
c3:6c:7e:12:76:7e:a9:68:e3:27:d8:39:08:39:6e:b8:b4:0e:
13:13:66:d2:b6:f8:5c:8a:29:d0:a9:47:34:5a:32:bf:cb:7d:
0d:e2:04:8c
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQoI4UPt0TR9nXPTELI7gcQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliODliOGNmNDdmN2M0ODVkNjI4ZDBhMzU5YTE2YTgxNWNk
MDA0YWIwHhcNMjUwMTAyMTc1MDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmIzOTlhZWM4YjY1NDdkNzk5ZWMzMGYzMzU4NWM2NGIzOTE1NTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTMBZTndKHdis3bORhmnt4pePOBw
bDVnkflLVXdJ9EXalWYhVqmPn1HdC6xroXUByR/f3ShVtGKc41VTH8d17+Rc8DUb
tTrlb4hxsiraG3gO6p0ecof2lY9HZWvXU3RowW2QHH2B+PaSvORPNqS0ugOCDIzp
kWjzAOQFmBoDVX/B0zuAHt5S1C2v/1KQ2yVtp1wCcaLqJpjYfV4o5U4Uj8SQapmq
B53Okx03UVghCPb2qpC46KvpimtI+Q/DnjXMRwu3kbLcfdX4jK8DJ7rptt/meaVz
aPSInt29E/LgSfUatkN+fKneQS6r+mRDab3A2XMlye3gzatAd0gLO6U3QwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFNazma7ItlR9eZ7DDzNYXGSzkVV7MB8GA1UdIwQY
MBaAFJuJuM9H98SF1ijQo1mhaoFc0ASrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTRtNHowZjN4SVhXS05DaldhRnFnVnpRQktzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS83NTdmYzUtODAyOS00ODI4LTg1NDct
NjJlMjYwMzEzZTRjLzEvMXJPWnJzaTJWSDE1bnNNUE0xaGNaTE9SVlhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS83NTdmYzUtODAyOS00ODI4LTg1NDctNjJlMjYwMzEzZTRj
LzEvbTRtNHowZjN4SVhXS05DaldhRnFnVnpRQktzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCBbS8MAwD
BAC5uU0DBAC5uU4wDQQCAAIwBwMFAyoPoMAwDQYJKoZIhvcNAQELBQADggEBAK7X
LuMTEYFDM2Q7oD5gLOpCSqyfwSXaH53xfNI7xwKIj1/rSf6zaCFESQLUmGytlyOI
wAP5g1SK+lgbfEoMT/PqK8HyzoCzPmOVq2J9x4uHu4LcMv3pEWoIR7lxa9l9dDDs
q2k44Ji8KDVi5w2YHporCU46wqQMRMCrCfx/bWzmyy5kpjuMAeTcdiIsfWgRGqla
M1HgKUUa/gOVdY9SfnKzUb2bwqxR4PgFob//ZcmYflG7+OHv7DFOxfi+VQxFkXxB
pvLc9Q+SQFtT2xxuUcHf+xReG2mw08NsfhJ2fqlo4yfYOQg5bri0DhMTZtK2+FyK
KdCpRzRaMr/LfQ3iBIw=
-----END CERTIFICATE-----
Generated at Thu Apr 10 10:37:15 2025 by rpki-client