Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-cZEWrc2s2uC7UFihrS9OXN3oNc.roa
File: 1-cZEWrc2s2uC7UFihrS9OXN3oNc.roa (raw, json)
Hash identifier: mHw+SDi/5KeTsPzdM6LShKXEHU3Hm0+8rQAJigp7pis=
Subject key identifier: F9:C6:44:5A:B7:36:B3:6B:82:ED:41:62:86:B4:BD:39:73:77:A0:D7
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194236A321B7488C80376C152DD1EA11848
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-cZEWrc2s2uC7UFihrS9OXN3oNc.roa
Signing time: Wed 01 Jan 2025 19:49:09 +0000
ROA not before: Wed 01 Jan 2025 19:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60542
IP address blocks: 163.5.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:32:1b:74:88:c8:03:76:c1:52:dd:1e:a1:18:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 19:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9c6445ab736b36b82ed416286b4bd397377a0d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:90:94:c1:df:55:c4:1f:62:f0:f8:f5:e6:3f:
7f:ba:5f:7f:19:e3:32:7a:f1:16:f8:c7:74:11:36:
6e:bc:56:9e:73:35:54:af:d1:18:38:c9:3a:fc:e1:
ab:84:f8:87:5e:02:0d:4d:50:cb:5d:57:3d:fc:15:
cd:3a:e2:6d:18:2f:1c:e2:72:65:1f:12:c0:df:b0:
59:fe:08:61:f6:e0:6c:f0:12:66:8d:b6:d5:57:08:
be:a3:f5:0b:84:b1:62:02:15:09:f3:53:93:17:41:
85:03:d0:87:1b:44:c8:45:e4:5e:0e:e1:53:2e:6a:
dd:1d:21:f4:2b:d3:e2:ee:87:6f:47:03:ab:95:6f:
98:b5:ec:31:f9:2e:39:77:81:39:11:88:6b:9a:cb:
fe:b6:f2:74:59:0f:ff:59:3c:38:e1:1b:83:41:4e:
bc:7d:10:0e:0f:54:20:86:88:3d:96:be:f5:a8:95:
cc:59:e4:76:5f:7c:09:71:f4:8f:6f:1c:ef:11:1a:
d3:ec:22:59:0b:a6:01:50:9c:32:9b:6e:15:5e:99:
57:de:07:63:16:cc:c4:fe:50:95:a7:91:15:34:07:
50:c5:ff:d7:d4:31:8f:c5:89:81:4d:65:1d:f4:df:
d1:af:5f:e3:da:e1:a1:0a:ca:72:18:76:37:27:3d:
57:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:C6:44:5A:B7:36:B3:6B:82:ED:41:62:86:B4:BD:39:73:77:A0:D7
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-cZEWrc2s2uC7UFihrS9OXN3oNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.232.0/24
Signature Algorithm: sha256WithRSAEncryption
20:c7:5a:1c:b8:02:2c:ca:7c:05:23:e3:91:aa:3a:ac:cf:fa:
88:46:93:cc:04:da:b6:82:13:e6:11:a1:2d:ff:17:37:8c:30:
9c:0d:89:2f:7c:d2:c5:93:16:9a:52:d1:fb:05:03:4e:a3:b0:
4b:c1:cf:cb:83:c8:87:36:38:e8:e2:70:8e:a0:4e:07:31:98:
7d:68:84:bf:ad:49:1c:ec:24:81:ac:55:0e:ce:17:be:56:ba:
b6:42:8f:ec:d7:d2:83:d5:a3:24:e4:ab:2a:be:d3:30:6b:d4:
e5:2e:24:e3:aa:fe:b7:06:81:14:1d:28:79:87:9e:3b:9c:68:
ff:7c:5a:5d:5f:16:81:c2:a2:31:4a:f9:67:bc:3f:7d:fe:c5:
69:67:bc:6b:52:e5:17:eb:49:23:d8:d5:99:87:10:5e:48:c1:
0b:ca:54:60:a5:3d:da:03:e0:0f:18:7f:b5:b5:c9:6b:96:69:
d7:52:5a:21:25:98:ca:61:57:8e:9f:db:50:bc:59:f0:5a:fb:
d8:23:6b:6b:c4:4e:dc:90:9c:81:ec:37:aa:7f:c9:d4:36:03:
a7:20:53:49:5a:b4:72:dd:c7:ac:a0:4d:65:2b:15:2b:15:6b:
80:02:10:a3:8d:3c:d2:10:74:d4:02:88:9a:1d:fe:aa:31:f8:
eb:bf:f0:72
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQjajIbdIjIA3bBUt0eoRhIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTAxMTk0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWM2NDQ1YWI3MzZiMzZiODJlZDQxNjI4NmI0YmQzOTczNzdhMGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpCUwd9VxB9i8Pj15j9/ul9/GeMy
evEW+Md0ETZuvFaeczVUr9EYOMk6/OGrhPiHXgINTVDLXVc9/BXNOuJtGC8c4nJl
HxLA37BZ/ghh9uBs8BJmjbbVVwi+o/ULhLFiAhUJ81OTF0GFA9CHG0TIReReDuFT
LmrdHSH0K9Pi7odvRwOrlW+Ytewx+S45d4E5EYhrmsv+tvJ0WQ//WTw44RuDQU68
fRAOD1Qghog9lr71qJXMWeR2X3wJcfSPbxzvERrT7CJZC6YBUJwym24VXplX3gdj
FszE/lCVp5EVNAdQxf/X1DGPxYmBTWUd9N/Rr1/j2uGhCspyGHY3Jz1X6QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPnGRFq3NrNrgu1BYoa0vTlzd6DXMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvMS1jWkVXcmMyczJ1QzdVRmloclM5T1hOM29OYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTMvZDAyZGZiLTk2NzMtNDlhOC05NzFjLTlmZTk0MTA4ZmYw
MS8xL0RPaFJ0dDFkTms3aG5nczRJQnMtamZKaVM4cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKMF6DAN
BgkqhkiG9w0BAQsFAAOCAQEAIMdaHLgCLMp8BSPjkao6rM/6iEaTzATatoIT5hGh
Lf8XN4wwnA2JL3zSxZMWmlLR+wUDTqOwS8HPy4PIhzY46OJwjqBOBzGYfWiEv61J
HOwkgaxVDs4Xvla6tkKP7NfSg9WjJOSrKr7TMGvU5S4k46r+twaBFB0oeYeeO5xo
/3xaXV8WgcKiMUr5Z7w/ff7FaWe8a1LlF+tJI9jVmYcQXkjBC8pUYKU92gPgDxh/
tbXJa5Zp11JaISWYymFXjp/bULxZ8Fr72CNra8RO3JCcgew3qn/J1DYDpyBTSVq0
ct3HrKBNZSsVKxVrgAIQo4080hB01AKImh3+qjH467/wcg==
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:54:02 2025 by rpki-client