Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/U3GEel-_AheBYgIYIVYL9mt_5dg.roa
File: U3GEel-_AheBYgIYIVYL9mt_5dg.roa (raw, json)
Hash identifier: qjeuuOD21NigMG6GkIxT7OwP2vU0izG4cg6tV2NDSPY=
Subject key identifier: 53:71:84:7A:5F:BF:02:17:81:62:02:18:21:56:0B:F6:6B:7F:E5:D8
Certificate issuer: /CN=5e8d07b45f7d83124c9f8c0fac03bec02468b37e
Certificate serial: 019423D7B8B7C9361A42FE32AD80E1CD0866
Authority key identifier: 5E:8D:07:B4:5F:7D:83:12:4C:9F:8C:0F:AC:03:BE:C0:24:68:B3:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xo0HtF99gxJMn4wPrAO-wCRos34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/U3GEel-_AheBYgIYIVYL9mt_5dg.roa
Signing time: Wed 01 Jan 2025 21:48:47 +0000
ROA not before: Wed 01 Jan 2025 21:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5065
IP address blocks: 195.35.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/Xo0HtF99gxJMn4wPrAO-wCRos34.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/Xo0HtF99gxJMn4wPrAO-wCRos34.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xo0HtF99gxJMn4wPrAO-wCRos34.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:b8:b7:c9:36:1a:42:fe:32:ad:80:e1:cd:08:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e8d07b45f7d83124c9f8c0fac03bec02468b37e
Validity
Not Before: Jan 1 21:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5371847a5fbf02178162021821560bf66b7fe5d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:63:44:1b:cb:f3:75:35:aa:04:62:16:aa:b3:
cd:3c:15:e5:5d:40:68:6b:19:78:92:56:ba:d8:35:
2e:a5:7c:2c:e3:a2:c2:81:20:b7:1a:4d:99:4f:45:
bd:d8:ce:98:ae:d7:e3:e2:e4:2a:a6:22:e5:3c:fc:
cc:e7:d3:49:6e:c5:80:67:49:b3:73:9e:b9:5a:b0:
97:db:ef:4b:d5:ac:8b:2d:6c:aa:ac:83:75:9f:7b:
29:55:47:2b:04:10:10:7c:9a:b5:ff:3e:d2:fb:a7:
40:80:f5:0a:0f:97:cd:ca:3f:17:70:14:a2:a9:22:
a0:10:c3:b9:81:6e:d2:4b:ac:0e:78:e7:1f:d5:36:
49:fc:b8:6a:23:b9:af:73:eb:e4:f2:6c:fd:b4:d6:
81:fb:9e:0b:76:c6:fe:b7:bb:94:15:25:d6:6e:cc:
d9:5d:f3:7a:71:6a:aa:0d:bb:dc:49:9c:a7:6d:a4:
5a:9a:e5:1c:45:59:8b:5d:2b:1a:1a:f2:7d:29:79:
6a:1e:a3:ad:ad:b1:23:8e:45:35:6c:12:c1:dc:c3:
7e:68:c1:6c:6e:f7:a3:91:f7:4c:bc:20:8a:1e:c5:
89:50:72:79:fd:5e:f7:ec:eb:9e:1f:77:d3:f7:a0:
da:35:ee:e7:05:7c:95:96:94:1a:f0:11:ae:22:f6:
cb:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:71:84:7A:5F:BF:02:17:81:62:02:18:21:56:0B:F6:6B:7F:E5:D8
X509v3 Authority Key Identifier:
keyid:5E:8D:07:B4:5F:7D:83:12:4C:9F:8C:0F:AC:03:BE:C0:24:68:B3:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xo0HtF99gxJMn4wPrAO-wCRos34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/U3GEel-_AheBYgIYIVYL9mt_5dg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/Xo0HtF99gxJMn4wPrAO-wCRos34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.35.120.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:31:20:77:90:50:7c:a0:42:ce:21:3d:85:7b:7d:4b:45:83:
31:47:7a:10:21:a8:bf:aa:55:9b:a5:d4:e3:0c:d0:ea:03:38:
61:a0:42:dc:24:30:6b:5f:08:3f:32:c2:af:76:f1:04:42:a6:
be:33:4c:da:a9:ab:16:f4:19:ea:1b:4d:b2:f7:31:0a:d5:4f:
29:1f:0b:17:22:6b:9f:37:a2:f7:95:31:f8:b8:df:e7:7c:04:
74:53:c8:25:fe:7a:10:fb:79:e3:c3:c0:8a:e1:94:fa:0d:fa:
92:ee:a6:dd:e5:ac:40:f9:64:68:2c:81:04:3e:5b:71:02:d4:
dd:4a:88:b6:73:85:46:84:1d:16:f9:cc:95:66:a9:4d:62:6e:
24:a3:cc:6f:18:7b:1d:ee:4a:c7:46:88:e2:ef:cc:1d:57:2f:
51:f0:d0:e1:fc:d2:51:79:c4:1b:4e:fd:40:72:4e:dd:b5:5b:
b9:c6:32:c9:a5:df:f0:70:40:40:58:38:9d:93:3a:2c:f4:4a:
71:9d:57:ad:2e:dc:e8:ea:fc:74:92:27:03:35:fa:89:23:64:
e1:48:cd:96:1c:30:f6:ed:26:15:49:6c:15:8a:c8:d9:2a:40:
e2:32:e5:2d:76:e4:9e:0f:b9:70:d4:c0:c9:d0:c1:eb:0b:47:
39:3d:69:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj17i3yTYaQv4yrYDhzQhmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlOGQwN2I0NWY3ZDgzMTI0YzlmOGMwZmFjMDNiZWMwMjQ2
OGIzN2UwHhcNMjUwMTAxMjE0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzcxODQ3YTVmYmYwMjE3ODE2MjAyMTgyMTU2MGJmNjZiN2ZlNWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGNEG8vzdTWqBGIWqrPNPBXlXUBo
axl4kla62DUupXws46LCgSC3Gk2ZT0W92M6Yrtfj4uQqpiLlPPzM59NJbsWAZ0mz
c565WrCX2+9L1ayLLWyqrIN1n3spVUcrBBAQfJq1/z7S+6dAgPUKD5fNyj8XcBSi
qSKgEMO5gW7SS6wOeOcf1TZJ/LhqI7mvc+vk8mz9tNaB+54Ldsb+t7uUFSXWbszZ
XfN6cWqqDbvcSZynbaRamuUcRVmLXSsaGvJ9KXlqHqOtrbEjjkU1bBLB3MN+aMFs
bvejkfdMvCCKHsWJUHJ5/V737OueH3fT96DaNe7nBXyVlpQa8BGuIvbLiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFNxhHpfvwIXgWICGCFWC/Zrf+XYMB8GA1UdIwQY
MBaAFF6NB7RffYMSTJ+MD6wDvsAkaLN+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG8wSHRGOTlneEpNbjR3UHJBTy13Q1JvczM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9hMTY4ZTktZDA3MC00NGUwLTk0YTQt
NmM4ZmQ4NGJiNWY1LzEvVTNHRWVsLV9BaGVCWWdJWUlWWUw5bXRfNWRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9hMTY4ZTktZDA3MC00NGUwLTk0YTQtNmM4ZmQ4NGJiNWY1
LzEvWG8wSHRGOTlneEpNbjR3UHJBTy13Q1JvczM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwyN4MA0G
CSqGSIb3DQEBCwUAA4IBAQA+MSB3kFB8oELOIT2Fe31LRYMxR3oQIai/qlWbpdTj
DNDqAzhhoELcJDBrXwg/MsKvdvEEQqa+M0zaqasW9BnqG02y9zEK1U8pHwsXImuf
N6L3lTH4uN/nfAR0U8gl/noQ+3njw8CK4ZT6DfqS7qbd5axA+WRoLIEEPltxAtTd
Soi2c4VGhB0W+cyVZqlNYm4ko8xvGHsd7krHRoji78wdVy9R8NDh/NJRecQbTv1A
ck7dtVu5xjLJpd/wcEBAWDidkzos9EpxnVetLtzo6vx0kicDNfqJI2ThSM2WHDD2
7SYVSWwVisjZKkDiMuUtduSeD7lw1MDJ0MHrC0c5PWn7
-----END CERTIFICATE-----
Generated at Wed Feb 5 15:47:17 2025 by rpki-client