Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/0b8951-2699-44b3-9067-d9a40c4d3291/1/5Jz_YVrHUaJFP3SWK2dAceUCNAY.roa
File: 5Jz_YVrHUaJFP3SWK2dAceUCNAY.roa (raw, json)
Hash identifier: FxW6Fxg1CqiXEfh82Ml+2If3mdaDZD5mWZiJYMERn9A=
Subject key identifier: E4:9C:FF:61:5A:C7:51:A2:45:3F:74:96:2B:67:40:71:E5:02:34:06
Certificate issuer: /CN=cf89cb889f99212e8bf53d06e45d87abb9169506
Certificate serial: 019420D5C68307EE0A2EBD60DC12720733AC
Authority key identifier: CF:89:CB:88:9F:99:21:2E:8B:F5:3D:06:E4:5D:87:AB:B9:16:95:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z4nLiJ-ZIS6L9T0G5F2Hq7kWlQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/0b8951-2699-44b3-9067-d9a40c4d3291/1/5Jz_YVrHUaJFP3SWK2dAceUCNAY.roa
Signing time: Wed 01 Jan 2025 07:47:48 +0000
ROA not before: Wed 01 Jan 2025 07:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8779
IP address blocks: 46.252.208.0/20 maxlen: 20
78.152.160.0/19 maxlen: 19
94.230.192.0/20 maxlen: 20
185.15.4.0/23 maxlen: 23
2a00:6740::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/0b8951-2699-44b3-9067-d9a40c4d3291/1/z4nLiJ-ZIS6L9T0G5F2Hq7kWlQY.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/0b8951-2699-44b3-9067-d9a40c4d3291/1/z4nLiJ-ZIS6L9T0G5F2Hq7kWlQY.mft
rsync://rpki.ripe.net/repository/DEFAULT/z4nLiJ-ZIS6L9T0G5F2Hq7kWlQY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:c6:83:07:ee:0a:2e:bd:60:dc:12:72:07:33:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf89cb889f99212e8bf53d06e45d87abb9169506
Validity
Not Before: Jan 1 07:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e49cff615ac751a2453f74962b674071e5023406
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ec:a0:ba:6c:81:bc:21:b9:f0:ce:13:19:48:
ab:81:1e:08:e5:d6:51:4a:6e:13:f6:de:ca:df:7f:
55:8b:4c:c0:cb:89:c9:7c:67:a7:6b:1b:17:6a:cc:
34:9c:86:e6:0b:56:97:a5:81:18:e6:d8:ee:cc:0b:
69:96:3a:d1:40:f0:21:e6:2e:66:89:0c:ec:45:dc:
c0:a7:29:bd:13:11:56:2b:12:86:af:83:6f:18:94:
80:c9:d5:b8:35:07:a2:b9:2e:68:41:e0:65:d8:99:
4b:f0:60:38:71:15:e9:f2:f6:68:9f:34:42:86:71:
c7:72:c1:ca:96:6f:91:6c:f7:fe:d3:0a:d9:a1:da:
28:70:04:47:36:24:b3:19:0e:ae:87:b8:3c:41:ef:
d2:e3:de:7e:f5:91:d3:72:91:34:33:9c:f4:25:a1:
0f:17:18:98:ff:39:35:d2:ad:23:4e:85:1c:66:30:
c5:c0:f2:ac:46:27:e2:e7:d8:90:e6:05:6c:94:27:
82:00:f9:a8:57:b2:20:b6:91:25:b6:20:51:e7:a5:
bc:19:38:6b:f7:b3:8e:c1:c0:3e:4e:3c:8e:94:a1:
eb:67:01:07:34:e3:58:2a:0b:a0:1c:95:93:b6:fb:
33:e0:50:05:d5:d5:48:27:3b:f7:5c:8d:35:47:9e:
64:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:9C:FF:61:5A:C7:51:A2:45:3F:74:96:2B:67:40:71:E5:02:34:06
X509v3 Authority Key Identifier:
keyid:CF:89:CB:88:9F:99:21:2E:8B:F5:3D:06:E4:5D:87:AB:B9:16:95:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z4nLiJ-ZIS6L9T0G5F2Hq7kWlQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/0b8951-2699-44b3-9067-d9a40c4d3291/1/5Jz_YVrHUaJFP3SWK2dAceUCNAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/0b8951-2699-44b3-9067-d9a40c4d3291/1/z4nLiJ-ZIS6L9T0G5F2Hq7kWlQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.252.208.0/20
78.152.160.0/19
94.230.192.0/20
185.15.4.0/23
IPv6:
2a00:6740::/32
Signature Algorithm: sha256WithRSAEncryption
56:04:33:f9:1c:27:5f:d0:09:b0:bb:3b:a0:a9:19:ba:cc:f9:
90:9b:36:84:52:f2:1c:45:f0:c2:32:e9:a4:6c:34:87:46:d6:
f9:ec:ca:b5:18:e7:40:6c:5c:3a:93:da:05:b5:2b:6c:cc:91:
e0:91:8d:b3:46:72:f8:a9:ed:a0:b0:a9:96:1d:f2:25:39:c8:
d4:be:a7:8f:29:05:59:4d:8e:c7:bd:91:d0:95:df:a6:63:e9:
0c:ed:6f:3f:8a:82:e9:22:df:12:39:2a:3c:8d:25:9d:3b:13:
d4:7f:67:40:b3:73:6c:6d:31:31:6d:8c:88:75:7e:7f:d3:0a:
ba:fe:3d:fc:00:34:c5:32:f1:7a:86:66:63:37:cb:3f:9d:d8:
cb:0d:49:6f:af:3d:39:5f:fa:44:fe:f4:db:00:ea:06:8c:83:
ea:11:1a:9e:30:6c:60:35:f6:1b:2b:0d:b0:1b:d1:70:e0:e4:
f8:a7:e3:f6:c3:be:53:d2:a3:9b:40:0b:50:22:6d:05:af:6d:
9d:39:9f:67:4b:e5:41:16:97:c5:f0:4d:02:1e:f4:28:e9:ad:
9c:ae:ec:ee:b6:97:38:2f:fe:b8:65:e1:c8:f1:d4:82:63:13:
aa:03:90:3f:c9:0c:be:03:61:fb:3a:c8:d3:30:ad:9c:44:40:
82:dd:60:30
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQg1caDB+4KLr1g3BJyBzOsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmODljYjg4OWY5OTIxMmU4YmY1M2QwNmU0NWQ4N2FiYjkx
Njk1MDYwHhcNMjUwMTAxMDc0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDljZmY2MTVhYzc1MWEyNDUzZjc0OTYyYjY3NDA3MWU1MDIzNDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+ygumyBvCG58M4TGUirgR4I5dZR
Sm4T9t7K339Vi0zAy4nJfGenaxsXasw0nIbmC1aXpYEY5tjuzAtpljrRQPAh5i5m
iQzsRdzApym9ExFWKxKGr4NvGJSAydW4NQeiuS5oQeBl2JlL8GA4cRXp8vZonzRC
hnHHcsHKlm+RbPf+0wrZodoocARHNiSzGQ6uh7g8Qe/S495+9ZHTcpE0M5z0JaEP
FxiY/zk10q0jToUcZjDFwPKsRifi59iQ5gVslCeCAPmoV7IgtpEltiBR56W8GThr
97OOwcA+TjyOlKHrZwEHNONYKgugHJWTtvsz4FAF1dVIJzv3XI01R55kIQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFOSc/2Fax1GiRT90litnQHHlAjQGMB8GA1UdIwQY
MBaAFM+Jy4ifmSEui/U9BuRdh6u5FpUGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejRuTGlKLVpJUzZMOVQwRzVGMkhxN2tXbFFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8wYjg5NTEtMjY5OS00NGIzLTkwNjct
ZDlhNDBjNGQzMjkxLzEvNUp6X1lWckhVYUpGUDNTV0syZEFjZVVDTkFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8wYjg5NTEtMjY5OS00NGIzLTkwNjctZDlhNDBjNGQzMjkx
LzEvejRuTGlKLVpJUzZMOVQwRzVGMkhxN2tXbFFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQELvzQAwQF
TpigAwQEXubAAwQBuQ8EMA0EAgACMAcDBQAqAGdAMA0GCSqGSIb3DQEBCwUAA4IB
AQBWBDP5HCdf0AmwuzugqRm6zPmQmzaEUvIcRfDCMumkbDSHRtb57Mq1GOdAbFw6
k9oFtStszJHgkY2zRnL4qe2gsKmWHfIlOcjUvqePKQVZTY7HvZHQld+mY+kM7W8/
ioLpIt8SOSo8jSWdOxPUf2dAs3NsbTExbYyIdX5/0wq6/j38ADTFMvF6hmZjN8s/
ndjLDUlvrz05X/pE/vTbAOoGjIPqERqeMGxgNfYbKw2wG9Fw4OT4p+P2w75T0qOb
QAtQIm0Fr22dOZ9nS+VBFpfF8E0CHvQo6a2cruzutpc4L/64ZeHI8dSCYxOqA5A/
yQy+A2H7OsjTMK2cRECC3WAw
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:50:21 2025 by rpki-client