Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/3RGq4pJcZKQpZERAHIl7y4drX6Q.roa
File: 3RGq4pJcZKQpZERAHIl7y4drX6Q.roa (raw, json)
Hash identifier: drObNq6cp9nm2gVew6JQyiSc37wJ0wKjLioEVoK75Ss=
Subject key identifier: DD:11:AA:E2:92:5C:64:A4:29:64:44:40:1C:89:7B:CB:87:6B:5F:A4
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194236A504649EE7C036CF5B5C72A150912
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/3RGq4pJcZKQpZERAHIl7y4drX6Q.roa
Signing time: Wed 01 Jan 2025 19:49:17 +0000
ROA not before: Wed 01 Jan 2025 19:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 395517
IP address blocks: 163.5.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:50:46:49:ee:7c:03:6c:f5:b5:c7:2a:15:09:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 19:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd11aae2925c64a4296444401c897bcb876b5fa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6e:0a:16:6f:e1:58:11:06:b2:ff:19:65:20:
82:6f:49:4f:58:eb:ac:39:d6:42:6a:3d:20:23:8e:
43:cc:5f:6e:14:ee:33:9a:21:b9:b5:35:93:9f:40:
03:c5:6a:86:46:93:01:2d:f0:46:ef:ce:c9:3b:9a:
30:f5:46:37:11:19:8d:f3:26:dc:b5:28:2e:7f:ef:
5e:d9:e3:2d:4b:86:37:2b:62:12:12:80:95:c6:c7:
ef:94:fb:fc:be:da:96:ad:ea:18:21:40:a4:5b:47:
d6:03:26:77:8e:0f:82:9a:54:f0:bb:72:fc:10:da:
4a:70:1d:5e:3a:26:86:2b:2f:ec:af:6b:ad:fa:96:
86:9d:96:d0:38:60:54:a8:b9:3a:77:b1:fe:d1:4a:
24:57:23:e9:0f:f9:e0:9f:c5:69:4f:1a:02:da:78:
ea:f8:a2:b2:0e:7d:52:fa:3d:01:24:f8:1e:7b:7b:
1a:ab:6e:7c:34:c6:32:ed:bf:ad:67:59:b6:a5:a5:
6a:3d:fd:d2:06:ec:3c:0e:ce:5b:67:9a:8f:7e:1e:
9f:44:ac:b0:c9:f8:4c:fb:c8:09:32:cf:73:ec:61:
6c:67:5e:5b:64:94:07:26:e7:9b:25:48:75:4d:bf:
c8:41:94:b1:a5:5c:88:d2:e5:dc:3d:3b:06:a4:3f:
f6:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:11:AA:E2:92:5C:64:A4:29:64:44:40:1C:89:7B:CB:87:6B:5F:A4
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/3RGq4pJcZKQpZERAHIl7y4drX6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.198.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:eb:1a:f0:4e:30:c6:08:15:22:dd:2f:0b:a1:0c:84:e6:00:
ed:5b:1c:1c:af:77:f8:85:e4:e9:93:e0:19:ed:1b:e6:cd:4d:
7c:07:ef:e5:fe:ad:64:df:0b:47:63:05:8a:6e:78:15:22:ff:
49:9e:37:80:19:e0:f7:2e:aa:e5:5f:2b:01:38:f5:54:56:ee:
ae:dd:69:3e:93:1a:1d:5f:7c:04:e6:72:ea:58:f5:a8:ea:b7:
a5:bd:ee:35:06:af:64:a0:95:d1:1e:ad:a1:dd:68:94:8d:c6:
51:7d:df:2f:83:26:34:31:c8:8e:86:18:11:5a:90:6f:74:41:
0d:8d:03:ad:49:fc:87:91:1f:f9:33:f8:9e:27:bf:76:15:9a:
fa:27:af:3f:8c:cc:54:90:36:ee:ef:7b:e0:cb:62:55:f6:dc:
0a:94:e9:dc:07:9b:9a:d9:18:b1:aa:c8:a6:8a:02:ab:12:d9:
3f:7b:6c:6c:88:af:9f:a8:88:33:ad:90:ef:9a:22:34:d0:ca:
72:4c:07:0d:d2:83:ae:38:2b:de:fe:49:4f:1a:5c:b9:77:da:
71:46:49:fa:34:5d:8e:f3:bb:42:94:61:d7:89:7c:ae:72:e4:
26:80:80:b5:61:7e:47:b2:33:5e:39:2d:9e:cd:6d:9f:87:43:
bf:8e:cb:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjalBGSe58A2z1tccqFQkSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTAxMTk0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDExYWFlMjkyNWM2NGE0Mjk2NDQ0NDAxYzg5N2JjYjg3NmI1ZmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAom4KFm/hWBEGsv8ZZSCCb0lPWOus
OdZCaj0gI45DzF9uFO4zmiG5tTWTn0ADxWqGRpMBLfBG787JO5ow9UY3ERmN8ybc
tSguf+9e2eMtS4Y3K2ISEoCVxsfvlPv8vtqWreoYIUCkW0fWAyZ3jg+CmlTwu3L8
ENpKcB1eOiaGKy/sr2ut+paGnZbQOGBUqLk6d7H+0UokVyPpD/ngn8VpTxoC2njq
+KKyDn1S+j0BJPgee3saq258NMYy7b+tZ1m2paVqPf3SBuw8Ds5bZ5qPfh6fRKyw
yfhM+8gJMs9z7GFsZ15bZJQHJuebJUh1Tb/IQZSxpVyI0uXcPTsGpD/2wQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN0RquKSXGSkKWREQByJe8uHa1+kMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvM1JHcTRwSmNaS1FwWkVSQUhJbDd5NGRyWDZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowXGMA0G
CSqGSIb3DQEBCwUAA4IBAQCM6xrwTjDGCBUi3S8LoQyE5gDtWxwcr3f4heTpk+AZ
7RvmzU18B+/l/q1k3wtHYwWKbngVIv9JnjeAGeD3LqrlXysBOPVUVu6u3Wk+kxod
X3wE5nLqWPWo6relve41Bq9koJXRHq2h3WiUjcZRfd8vgyY0MciOhhgRWpBvdEEN
jQOtSfyHkR/5M/ieJ792FZr6J68/jMxUkDbu73vgy2JV9twKlOncB5ua2Rixqsim
igKrEtk/e2xsiK+fqIgzrZDvmiI00MpyTAcN0oOuOCve/klPGly5d9pxRkn6NF2O
87tClGHXiXyucuQmgIC1YX5HsjNeOS2ezW2fh0O/jsvW
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:45:26 2025 by rpki-client