Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/600a37-f967-45b1-a1dd-07a315e9033d/1/2-EWeyDof1gs1UXEMD1lZZEw63s.roa
File: 2-EWeyDof1gs1UXEMD1lZZEw63s.roa (raw, json)
Hash identifier: z23ouPdaISiuPb4TFlEiuytYryYuZhpuF1K4d2C9fgs=
Subject key identifier: DB:E1:16:7B:20:E8:7F:58:2C:D5:45:C4:30:3D:65:65:91:30:EB:7B
Certificate issuer: /CN=9870bf4f95350d0377fa8938bf4f2dcb7e72ff12
Certificate serial: 01941FFAA0A69CC66EE2D5B4EADEE6B6CAB2
Authority key identifier: 98:70:BF:4F:95:35:0D:03:77:FA:89:38:BF:4F:2D:CB:7E:72:FF:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mHC_T5U1DQN3-ok4v08ty35y_xI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/600a37-f967-45b1-a1dd-07a315e9033d/1/2-EWeyDof1gs1UXEMD1lZZEw63s.roa
Signing time: Wed 01 Jan 2025 03:48:26 +0000
ROA not before: Wed 01 Jan 2025 03:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3194
IP address blocks: 5.10.224.0/24 maxlen: 24
5.10.225.0/24 maxlen: 24
5.10.226.0/24 maxlen: 24
5.10.227.0/24 maxlen: 24
5.10.228.0/24 maxlen: 24
5.10.229.0/24 maxlen: 24
5.10.230.0/24 maxlen: 24
5.10.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/600a37-f967-45b1-a1dd-07a315e9033d/1/mHC_T5U1DQN3-ok4v08ty35y_xI.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/600a37-f967-45b1-a1dd-07a315e9033d/1/mHC_T5U1DQN3-ok4v08ty35y_xI.mft
rsync://rpki.ripe.net/repository/DEFAULT/mHC_T5U1DQN3-ok4v08ty35y_xI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:a0:a6:9c:c6:6e:e2:d5:b4:ea:de:e6:b6:ca:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9870bf4f95350d0377fa8938bf4f2dcb7e72ff12
Validity
Not Before: Jan 1 03:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dbe1167b20e87f582cd545c4303d65659130eb7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:15:d6:0e:07:e6:dc:1d:ad:bf:50:78:d0:8d:
81:a1:65:85:85:b4:b1:1e:91:bb:f6:20:f4:2c:57:
6a:1e:8e:61:26:b6:72:61:2e:20:8e:ce:9b:c6:f3:
07:32:2a:0d:d1:7a:f7:96:1a:40:c2:59:de:cb:10:
d4:fc:47:a5:98:fd:65:46:56:39:56:3a:cd:07:0d:
55:1e:f1:ea:5e:8f:ca:0c:31:6a:1c:1e:68:68:bc:
fe:7b:98:dd:f4:95:e6:d0:c0:98:04:3f:40:4b:2f:
73:9e:d0:be:c5:06:b0:e2:91:55:0c:f6:59:e4:ac:
62:32:fb:d1:12:df:42:d6:f8:a3:3c:3f:be:52:2d:
b2:d3:c7:b9:07:0a:a6:f3:35:90:2a:2a:ec:cd:db:
d0:c2:ee:63:17:64:07:e6:29:c9:cd:ac:28:80:2c:
39:25:86:62:7a:be:67:7b:83:06:c5:6b:69:11:e2:
36:d7:80:12:b5:14:69:9c:73:7c:c5:ac:cb:e8:a0:
8e:39:a7:3b:ea:27:ac:0e:cd:13:1c:82:ab:68:0f:
ed:6b:93:e0:2f:b7:08:4d:6a:41:44:64:b7:fb:88:
56:25:05:3e:1f:ac:67:dc:e0:11:00:9b:22:1d:3c:
01:b3:83:2e:32:86:2a:08:7f:79:00:1e:a0:56:88:
5a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:E1:16:7B:20:E8:7F:58:2C:D5:45:C4:30:3D:65:65:91:30:EB:7B
X509v3 Authority Key Identifier:
keyid:98:70:BF:4F:95:35:0D:03:77:FA:89:38:BF:4F:2D:CB:7E:72:FF:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mHC_T5U1DQN3-ok4v08ty35y_xI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/600a37-f967-45b1-a1dd-07a315e9033d/1/2-EWeyDof1gs1UXEMD1lZZEw63s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/600a37-f967-45b1-a1dd-07a315e9033d/1/mHC_T5U1DQN3-ok4v08ty35y_xI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.224.0/21
Signature Algorithm: sha256WithRSAEncryption
44:64:2c:bc:f0:68:c4:c5:93:ce:08:39:f3:d8:10:a1:3d:e9:
18:16:98:e0:a8:15:c0:9d:fd:8b:5c:a4:38:df:16:91:27:a7:
46:2a:47:e4:41:88:83:60:76:25:77:27:0d:e4:46:31:d7:5c:
dd:66:e7:99:b1:c3:86:9b:2d:91:64:24:f2:75:05:a5:a5:08:
57:ac:a7:48:d0:19:fe:eb:e2:43:37:16:a6:89:19:2a:22:0c:
5c:f8:28:33:c7:9d:8f:e6:c9:8c:49:65:dd:22:3e:52:9a:94:
d3:df:6c:ab:f5:25:da:37:c7:c0:8e:df:de:70:e3:b5:78:99:
e2:42:b0:d5:a6:71:c7:91:36:4c:c6:ca:20:71:a4:dd:ca:87:
b6:5c:d1:35:a2:ae:b7:88:4c:59:c9:e7:3c:6f:81:e5:bb:3c:
e0:08:2f:f3:e0:bd:76:ab:2c:e9:b1:b1:14:e3:b2:21:4e:61:
5e:57:71:bf:86:a7:47:1d:a3:4d:96:85:6e:de:d0:78:1f:08:
54:64:11:aa:89:9b:d0:0e:fc:95:77:d0:46:e0:c9:85:e3:ad:
23:ba:f6:32:e7:05:58:a1:52:63:6a:5a:fc:00:d7:e0:e5:12:
63:8b:1a:ed:9b:67:b0:01:e7:f8:e8:8f:65:77:4e:0f:59:8b:
fa:e4:84:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+qCmnMZu4tW06t7mtsqyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NzBiZjRmOTUzNTBkMDM3N2ZhODkzOGJmNGYyZGNiN2U3
MmZmMTIwHhcNMjUwMTAxMDM0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmUxMTY3YjIwZTg3ZjU4MmNkNTQ1YzQzMDNkNjU2NTkxMzBlYjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1BXWDgfm3B2tv1B40I2BoWWFhbSx
HpG79iD0LFdqHo5hJrZyYS4gjs6bxvMHMioN0Xr3lhpAwlneyxDU/EelmP1lRlY5
VjrNBw1VHvHqXo/KDDFqHB5oaLz+e5jd9JXm0MCYBD9ASy9zntC+xQaw4pFVDPZZ
5KxiMvvREt9C1vijPD++Ui2y08e5Bwqm8zWQKirszdvQwu5jF2QH5inJzawogCw5
JYZier5ne4MGxWtpEeI214AStRRpnHN8xazL6KCOOac76iesDs0THIKraA/ta5Pg
L7cITWpBRGS3+4hWJQU+H6xn3OARAJsiHTwBs4MuMoYqCH95AB6gVohaXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNvhFnsg6H9YLNVFxDA9ZWWRMOt7MB8GA1UdIwQY
MBaAFJhwv0+VNQ0Dd/qJOL9PLct+cv8SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUhDX1Q1VTFEUU4zLW9rNHYwOHR5MzV5X3hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi82MDBhMzctZjk2Ny00NWIxLWExZGQt
MDdhMzE1ZTkwMzNkLzEvMi1FV2V5RG9mMWdzMVVYRU1EMWxaWkV3NjNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi82MDBhMzctZjk2Ny00NWIxLWExZGQtMDdhMzE1ZTkwMzNk
LzEvbUhDX1Q1VTFEUU4zLW9rNHYwOHR5MzV5X3hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDBQrgMA0G
CSqGSIb3DQEBCwUAA4IBAQBEZCy88GjExZPOCDnz2BChPekYFpjgqBXAnf2LXKQ4
3xaRJ6dGKkfkQYiDYHYldycN5EYx11zdZueZscOGmy2RZCTydQWlpQhXrKdI0Bn+
6+JDNxamiRkqIgxc+Cgzx52P5smMSWXdIj5SmpTT32yr9SXaN8fAjt/ecOO1eJni
QrDVpnHHkTZMxsogcaTdyoe2XNE1oq63iExZyec8b4HluzzgCC/z4L12qyzpsbEU
47IhTmFeV3G/hqdHHaNNloVu3tB4HwhUZBGqiZvQDvyVd9BG4MmF460juvYy5wVY
oVJjalr8ANfg5RJjixrtm2ewAef46I9ld04PWYv65IQb
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:35:11 2025 by rpki-client