Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/1QXtEVYOgX4KmosuxgYNrxMhRtk.roa
File: 1QXtEVYOgX4KmosuxgYNrxMhRtk.roa (raw, json)
Hash identifier: 6AJNUXP8lluKywGFdnp3hMV8zrX6YH0rpjKy5eBBJ9w=
Subject key identifier: D5:05:ED:11:56:0E:81:7E:0A:9A:8B:2E:C6:06:0D:AF:13:21:46:D9
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 019422FC40B62E6DC63C9D2A98EA3DF7A80F
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/1QXtEVYOgX4KmosuxgYNrxMhRtk.roa
Signing time: Wed 01 Jan 2025 17:49:04 +0000
ROA not before: Wed 01 Jan 2025 17:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35913
IP address blocks: 5.181.0.0/24 maxlen: 24
5.181.1.0/24 maxlen: 24
2a09:fb86::/32 maxlen: 32
2a11:6e40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 01:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:40:b6:2e:6d:c6:3c:9d:2a:98:ea:3d:f7:a8:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Jan 1 17:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d505ed11560e817e0a9a8b2ec6060daf132146d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:3e:9e:36:a3:5d:f4:29:c5:a9:34:44:10:f4:
54:b0:07:dd:4a:9d:79:af:24:01:16:65:a8:02:50:
75:f3:87:12:08:82:cc:80:75:34:58:06:5e:2a:4a:
58:1e:87:97:09:4b:66:d6:f8:00:2a:a9:11:7a:8b:
f6:d6:16:ed:5b:d2:0f:4a:29:a1:f2:c4:83:62:36:
bd:c2:9c:5e:b5:25:f4:bf:70:93:31:26:24:53:96:
d6:4b:1c:c4:b5:dd:fe:9c:a4:31:94:b7:f6:7d:4b:
50:90:c8:d4:0d:01:41:9d:0d:d6:c1:5f:ba:62:8f:
8e:0c:06:12:5f:ef:51:4e:0a:d1:ab:66:17:21:a9:
f9:e0:2a:54:11:37:9c:7d:ad:6b:42:e8:dc:b2:f2:
1d:e8:48:88:a5:c2:3f:88:70:5f:ce:fc:51:c3:52:
42:81:bc:6e:f7:3f:58:62:7b:2e:a9:b8:74:5f:a4:
bc:8c:26:c3:83:3a:89:f0:35:62:db:88:64:2a:a5:
d9:6f:46:88:a1:b9:aa:57:cd:42:f9:c1:90:34:ad:
ca:a4:29:c0:f0:2c:08:d6:66:8b:6a:ee:a5:8b:5e:
ac:9b:c5:0c:40:7f:e8:60:d4:9f:d2:b7:28:8e:25:
94:d5:0e:29:ff:98:fb:ed:ff:e1:7d:92:b6:90:bb:
44:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:05:ED:11:56:0E:81:7E:0A:9A:8B:2E:C6:06:0D:AF:13:21:46:D9
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/1QXtEVYOgX4KmosuxgYNrxMhRtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.0.0/23
IPv6:
2a09:fb86::/32
2a11:6e40::/32
Signature Algorithm: sha256WithRSAEncryption
52:d5:12:26:b0:68:14:2c:a9:65:00:86:98:8b:54:53:cb:b6:
62:ef:a2:c7:0d:87:c9:ed:df:ec:26:44:bf:bd:a7:08:bc:15:
39:fc:b8:78:a6:46:5c:b1:b7:51:77:59:51:75:27:68:9a:5d:
f4:3f:50:f2:e9:c2:97:4d:ca:07:c7:ff:c0:f8:7a:ee:d2:e5:
17:de:98:ef:21:17:06:d4:b5:9e:35:7b:22:ca:b4:7d:23:53:
46:c0:53:b6:b0:e0:57:ba:b1:4e:4c:35:b3:3f:4c:70:17:21:
db:e3:c7:a9:75:1b:06:cd:2d:f0:33:93:30:65:c4:83:5e:36:
e3:d4:c3:71:5d:23:92:7e:4d:64:57:cd:d2:a8:54:a5:bc:b5:
96:23:37:9c:b7:75:95:4d:0a:66:c5:85:28:6d:3b:ff:02:a6:
ba:fa:57:c6:52:00:24:77:c7:c8:fd:27:72:43:bf:f2:e9:43:
97:78:32:4b:fd:08:e7:26:5a:6c:f6:30:87:d5:64:b9:14:06:
c3:ab:f7:0d:6a:97:ab:b0:39:c2:06:98:0b:92:7f:43:63:9c:
59:ab:37:e1:4a:26:f8:66:d3:bc:aa:5c:84:bb:0f:9d:c1:4e:
b8:8d:b8:89:c5:00:b6:39:ec:b4:44:81:b4:bd:07:40:d0:27:
6d:6c:19:ea
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQi/EC2Lm3GPJ0qmOo996gPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjUwMTAxMTc0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTA1ZWQxMTU2MGU4MTdlMGE5YThiMmVjNjA2MGRhZjEzMjE0NmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3z6eNqNd9CnFqTREEPRUsAfdSp15
ryQBFmWoAlB184cSCILMgHU0WAZeKkpYHoeXCUtm1vgAKqkReov21hbtW9IPSimh
8sSDYja9wpxetSX0v3CTMSYkU5bWSxzEtd3+nKQxlLf2fUtQkMjUDQFBnQ3WwV+6
Yo+ODAYSX+9RTgrRq2YXIan54CpUETecfa1rQujcsvId6EiIpcI/iHBfzvxRw1JC
gbxu9z9YYnsuqbh0X6S8jCbDgzqJ8DVi24hkKqXZb0aIobmqV81C+cGQNK3KpCnA
8CwI1maLau6li16sm8UMQH/oYNSf0rcojiWU1Q4p/5j77f/hfZK2kLtECwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFNUF7RFWDoF+CpqLLsYGDa8TIUbZMB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvMVFYdEVWWU9nWDRLbW9zdXhnWU5yeE1oUnRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQBBbUAMBQE
AgACMA4DBQAqCfuGAwUAKhFuQDANBgkqhkiG9w0BAQsFAAOCAQEAUtUSJrBoFCyp
ZQCGmItUU8u2Yu+ixw2Hye3f7CZEv72nCLwVOfy4eKZGXLG3UXdZUXUnaJpd9D9Q
8unCl03KB8f/wPh67tLlF96Y7yEXBtS1njV7Isq0fSNTRsBTtrDgV7qxTkw1sz9M
cBch2+PHqXUbBs0t8DOTMGXEg14249TDcV0jkn5NZFfN0qhUpby1liM3nLd1lU0K
ZsWFKG07/wKmuvpXxlIAJHfHyP0nckO/8ulDl3gyS/0I5yZabPYwh9VkuRQGw6v3
DWqXq7A5wgaYC5J/Q2OcWas34Uom+GbTvKpchLsPncFOuI24icUAtjnstESBtL0H
QNAnbWwZ6g==
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:43:55 2025 by rpki-client