Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/XPCmvArgHR13v_k02Z1LW1lWJx8.roa
File: XPCmvArgHR13v_k02Z1LW1lWJx8.roa (raw, json)
Hash identifier: 9yrs8EgUGCgumASichQb2a43gXVQMGz8ZJNkpOkb3cg=
Subject key identifier: 5C:F0:A6:BC:0A:E0:1D:1D:77:BF:F9:34:D9:9D:4B:5B:59:56:27:1F
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 01942521FFF412A9E54BD77DD6463887528A
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/XPCmvArgHR13v_k02Z1LW1lWJx8.roa
Signing time: Thu 02 Jan 2025 03:49:32 +0000
ROA not before: Thu 02 Jan 2025 03:49:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47787
IP address blocks: 5.154.174.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.mft
rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 03:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:ff:f4:12:a9:e5:4b:d7:7d:d6:46:38:87:52:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Jan 2 03:49:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5cf0a6bc0ae01d1d77bff934d99d4b5b5956271f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:67:aa:49:2c:de:6d:23:3f:47:62:6d:e2:db:
64:74:68:2f:7f:a1:ae:35:e1:22:a8:bf:cc:88:89:
cb:5d:1f:ef:0c:d4:69:a0:1a:0a:d0:d7:e4:98:c1:
96:3d:d2:47:18:bd:e9:4b:b6:ee:77:99:a1:e5:4f:
17:94:9c:c1:1c:09:3e:6c:27:d8:82:23:1a:5c:62:
9b:0d:04:de:a8:d3:d5:b1:54:3d:70:07:e4:76:9b:
63:8f:1e:49:6b:37:70:4b:c4:d3:df:25:95:8a:c2:
71:01:ab:72:99:b6:fa:ed:f7:06:6a:64:ec:5e:ba:
9f:4d:64:2e:ea:78:63:71:18:aa:fe:37:68:23:af:
b3:11:88:42:f4:77:ac:88:a1:3a:b2:7d:3a:e2:ac:
e0:00:43:7a:08:22:2d:19:36:2e:23:22:4f:a9:5e:
80:29:92:33:1c:c1:69:fd:af:fb:03:a2:0d:ff:1d:
28:34:9e:af:45:55:ca:39:5c:4f:b9:5e:ae:14:0e:
44:70:f4:7c:ee:33:fd:a8:02:74:de:a3:02:8d:58:
f9:78:f1:2d:a2:fa:68:8e:3c:e1:ea:0a:ae:2d:b6:
33:8c:6b:ed:6e:dd:2c:54:e0:4d:bf:ea:10:7c:d2:
18:14:b4:d2:41:d7:fe:a9:26:d0:73:28:0e:98:c1:
a6:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:F0:A6:BC:0A:E0:1D:1D:77:BF:F9:34:D9:9D:4B:5B:59:56:27:1F
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/XPCmvArgHR13v_k02Z1LW1lWJx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.174.0/24
Signature Algorithm: sha256WithRSAEncryption
69:5f:22:44:97:83:ed:4a:59:8c:c9:ab:ca:52:df:93:5a:c8:
95:2e:e2:c8:24:8d:7d:95:f2:7d:15:dd:14:fc:34:98:1e:1e:
f5:dc:ac:8b:a4:db:a5:da:93:2e:dc:2f:4f:95:5c:85:a5:7e:
3a:3e:dd:2e:5d:4c:02:2f:6d:49:31:86:91:bb:6f:32:00:0a:
d5:bc:d3:a6:d8:35:38:ee:72:13:a2:37:7a:b4:2e:1f:ec:df:
4a:85:ad:34:63:1f:ae:41:d1:08:0a:f4:c6:fb:e7:f9:a1:89:
6c:60:8c:37:2f:8b:d0:15:79:3a:7a:36:dd:ef:8a:56:f2:70:
94:a5:d6:c6:b3:c2:18:5e:92:b3:20:79:6b:f1:2c:71:7c:f6:
01:63:73:52:09:2c:80:b5:fd:65:7a:03:ca:05:a9:a5:95:05:
4a:7e:91:f1:8e:aa:5c:9c:b0:5d:7f:b0:f8:f2:fb:ac:04:85:
93:94:a1:76:4c:6c:49:8f:bd:ee:13:82:97:23:a5:3a:9a:fe:
04:a6:a9:51:c0:59:cc:8c:7b:85:81:c6:65:45:76:57:86:91:
25:01:02:a0:96:30:57:be:a5:16:9c:e6:ac:e5:49:42:e5:60:
0f:df:67:4d:0a:72:b3:20:32:7b:b7:e7:78:ae:5b:be:05:94:
47:7d:c1:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIf/0EqnlS9d91kY4h1KKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjUwMTAyMDM0OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2YwYTZiYzBhZTAxZDFkNzdiZmY5MzRkOTlkNGI1YjU5NTYyNzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1WeqSSzebSM/R2Jt4ttkdGgvf6Gu
NeEiqL/MiInLXR/vDNRpoBoK0NfkmMGWPdJHGL3pS7bud5mh5U8XlJzBHAk+bCfY
giMaXGKbDQTeqNPVsVQ9cAfkdptjjx5JazdwS8TT3yWVisJxAatymbb67fcGamTs
XrqfTWQu6nhjcRiq/jdoI6+zEYhC9HesiKE6sn064qzgAEN6CCItGTYuIyJPqV6A
KZIzHMFp/a/7A6IN/x0oNJ6vRVXKOVxPuV6uFA5EcPR87jP9qAJ03qMCjVj5ePEt
ovpojjzh6gquLbYzjGvtbt0sVOBNv+oQfNIYFLTSQdf+qSbQcygOmMGmWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFzwprwK4B0dd7/5NNmdS1tZVicfMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvWFBDbXZBcmdIUjEzdl9rMDJaMUxXMWxXSng4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABZquMA0G
CSqGSIb3DQEBCwUAA4IBAQBpXyJEl4PtSlmMyavKUt+TWsiVLuLIJI19lfJ9Fd0U
/DSYHh713KyLpNul2pMu3C9PlVyFpX46Pt0uXUwCL21JMYaRu28yAArVvNOm2DU4
7nITojd6tC4f7N9Kha00Yx+uQdEICvTG++f5oYlsYIw3L4vQFXk6ejbd74pW8nCU
pdbGs8IYXpKzIHlr8SxxfPYBY3NSCSyAtf1legPKBamllQVKfpHxjqpcnLBdf7D4
8vusBIWTlKF2TGxJj73uE4KXI6U6mv4EpqlRwFnMjHuFgcZlRXZXhpElAQKgljBX
vqUWnOas5UlC5WAP32dNCnKzIDJ7t+d4rlu+BZRHfcE7
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:35:03 2025 by rpki-client