Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oKUsTLfBhG50vqk91e7Lkph0CQk.roa
File: oKUsTLfBhG50vqk91e7Lkph0CQk.roa (raw, json)
Hash identifier: /kz62rdaW3dJAX5s+CAH3V1tkKwzA3N5WbH/es3NH8o=
Subject key identifier: A0:A5:2C:4C:B7:C1:84:6E:74:BE:A9:3D:D5:EE:CB:92:98:74:09:09
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019428246BBCE0CE60160D4EC941F7CBB2D6
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oKUsTLfBhG50vqk91e7Lkph0CQk.roa
Signing time: Thu 02 Jan 2025 17:51:03 +0000
ROA not before: Thu 02 Jan 2025 17:51:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29066
IP address blocks: 5.253.66.0/23 maxlen: 23
88.218.76.0/22 maxlen: 24
92.119.124.0/22 maxlen: 24
93.123.100.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 00:57:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:6b:bc:e0:ce:60:16:0d:4e:c9:41:f7:cb:b2:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:51:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a0a52c4cb7c1846e74bea93dd5eecb9298740909
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:4d:60:7a:45:4f:a6:c1:ff:3b:e5:95:ef:d2:
42:10:e8:69:56:0b:03:07:1f:b5:76:8e:66:e6:5e:
74:66:79:ed:7f:7b:d6:ac:03:92:a3:ec:3a:93:eb:
7a:b0:e0:e2:53:57:88:d4:fc:83:50:68:c8:6a:9e:
e0:e4:42:ce:ca:1b:ca:f1:e7:d1:98:c6:2a:2d:1b:
9d:76:3c:53:22:c5:f2:80:87:49:16:72:53:2f:31:
7f:f6:c0:36:4b:b0:0a:5f:93:c9:70:d9:9a:45:22:
ea:44:24:a3:21:aa:bd:78:6c:77:0a:71:b6:b6:8c:
69:f8:2f:74:ae:f3:0a:82:50:f8:84:23:8d:f7:6b:
09:17:27:79:88:94:10:19:b2:34:31:9c:12:7e:ac:
e7:03:03:02:c3:11:e2:8f:f2:53:a7:e4:da:cb:8c:
d9:91:67:af:80:fd:21:b2:ee:9f:85:f7:d0:85:24:
e7:76:4f:8c:61:47:ec:b8:76:92:cd:22:b9:a4:60:
d4:77:64:74:03:01:ff:94:7e:a0:89:73:0d:91:7d:
c6:c9:f3:7d:50:19:5e:84:7e:7c:6d:e2:f4:a9:ec:
e2:98:29:f6:4f:33:e7:b4:a3:e4:b4:9e:e0:e0:99:
b1:d7:3e:54:5a:8d:76:41:b3:f0:59:f2:04:04:e7:
a1:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:A5:2C:4C:B7:C1:84:6E:74:BE:A9:3D:D5:EE:CB:92:98:74:09:09
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oKUsTLfBhG50vqk91e7Lkph0CQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.66.0/23
88.218.76.0/22
92.119.124.0/22
93.123.100.0/23
Signature Algorithm: sha256WithRSAEncryption
70:c1:cb:17:2b:d6:d6:ee:72:33:1e:fb:17:87:e9:6f:75:72:
8d:ea:0a:ca:fe:e6:87:2a:a2:3c:c2:6e:53:51:a2:35:9c:7f:
4e:6a:59:6f:31:ef:1b:14:c1:fa:70:bf:b0:63:68:35:2c:c8:
43:55:ee:e4:fe:2b:83:4b:b2:bc:64:78:b3:df:36:42:58:ea:
90:8e:75:1c:2e:c5:86:9b:54:06:6d:29:95:b3:8e:7a:3f:0d:
ed:08:39:2f:17:2c:93:9b:e9:1f:78:7d:a4:f2:8b:0a:f1:e8:
d1:55:73:ea:2b:06:a7:27:6b:c0:43:7c:f4:8d:3a:88:01:5e:
87:14:e4:03:b0:7e:f2:f5:fc:37:aa:9d:6c:61:88:d3:92:e0:
af:f0:b5:65:8b:55:17:61:11:d3:e2:c8:81:bb:ff:ad:c4:f4:
af:b1:2f:e6:2f:c3:ea:9f:7a:e4:09:84:a4:c3:85:ea:fb:00:
f3:d2:1e:0d:be:fe:fe:59:50:6c:19:96:b2:85:7f:63:3c:b5:
c6:73:a7:70:c3:aa:eb:4a:2c:95:ca:6a:31:b7:fe:20:47:87:
47:a2:ad:cb:e8:0a:cc:27:2a:f2:84:cb:c9:23:1c:c6:08:0a:
5d:ff:a7:fc:e6:d6:74:63:3f:8e:74:26:a5:37:cf:eb:95:44:
56:a2:8a:98
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQoJGu84M5gFg1OyUH3y7LWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGE1MmM0Y2I3YzE4NDZlNzRiZWE5M2RkNWVlY2I5Mjk4NzQwOTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr01gekVPpsH/O+WV79JCEOhpVgsD
Bx+1do5m5l50Znntf3vWrAOSo+w6k+t6sODiU1eI1PyDUGjIap7g5ELOyhvK8efR
mMYqLRuddjxTIsXygIdJFnJTLzF/9sA2S7AKX5PJcNmaRSLqRCSjIaq9eGx3CnG2
toxp+C90rvMKglD4hCON92sJFyd5iJQQGbI0MZwSfqznAwMCwxHij/JTp+Tay4zZ
kWevgP0hsu6fhffQhSTndk+MYUfsuHaSzSK5pGDUd2R0AwH/lH6giXMNkX3GyfN9
UBlehH58beL0qezimCn2TzPntKPktJ7g4Jmx1z5UWo12QbPwWfIEBOehcwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKClLEy3wYRudL6pPdXuy5KYdAkJMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvb0tVc1RMZkJoRzUwdnFrOTFlN0xrcGgwQ1FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBBf1CAwQC
WNpMAwQCXHd8AwQBXXtkMA0GCSqGSIb3DQEBCwUAA4IBAQBwwcsXK9bW7nIzHvsX
h+lvdXKN6grK/uaHKqI8wm5TUaI1nH9OallvMe8bFMH6cL+wY2g1LMhDVe7k/iuD
S7K8ZHiz3zZCWOqQjnUcLsWGm1QGbSmVs456Pw3tCDkvFyyTm+kfeH2k8osK8ejR
VXPqKwanJ2vAQ3z0jTqIAV6HFOQDsH7y9fw3qp1sYYjTkuCv8LVli1UXYRHT4siB
u/+txPSvsS/mL8Pqn3rkCYSkw4Xq+wDz0h4Nvv7+WVBsGZayhX9jPLXGc6dww6rr
SiyVymoxt/4gR4dHoq3L6ArMJyryhMvJIxzGCApd/6f85tZ0Yz+OdCalN8/rlURW
ooqY
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:34:35 2025 by rpki-client