Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/8D_m1Upz_ihvTgjNvid7WEVMpeU.roa
File: 8D_m1Upz_ihvTgjNvid7WEVMpeU.roa (raw, json)
Hash identifier: hblM9EE6DUXGebpdc+uAjnilMFt8dZhMZ/fdcV4am4k=
Subject key identifier: F0:3F:E6:D5:4A:73:FE:28:6F:4E:08:CD:BE:27:7B:58:45:4C:A5:E5
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194236A30370253785A688F812918277E8F
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/8D_m1Upz_ihvTgjNvid7WEVMpeU.roa
Signing time: Wed 01 Jan 2025 19:49:09 +0000
ROA not before: Wed 01 Jan 2025 19:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58061
IP address blocks: 163.5.26.0/24 maxlen: 24
163.5.28.0/24 maxlen: 24
163.5.150.0/24 maxlen: 24
163.5.180.0/24 maxlen: 24
163.5.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:30:37:02:53:78:5a:68:8f:81:29:18:27:7e:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 19:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f03fe6d54a73fe286f4e08cdbe277b58454ca5e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:80:f0:fd:26:c7:3a:9b:92:4b:7e:52:58:7f:
69:09:19:f4:a8:bd:6d:d2:e8:5d:0f:96:d8:8f:2e:
17:7f:bc:43:fc:e9:6a:66:18:ae:e5:16:21:e7:a6:
c0:0b:3f:a0:46:2c:a3:dd:ca:2a:50:6e:4c:8c:03:
99:5b:64:09:a2:ae:85:ee:4c:cd:f4:ef:20:10:a0:
57:e6:dd:70:75:78:d0:34:43:a7:2d:26:d5:c5:bd:
02:1c:ac:37:29:c8:8e:96:5d:5d:94:62:ea:6f:78:
5b:33:07:f4:f4:eb:37:fc:47:e4:14:cc:93:a5:f1:
1a:ab:72:1b:c7:20:15:5c:ef:59:cd:9f:b3:2a:a9:
07:86:0b:c7:eb:a4:2e:8e:5e:e6:86:c0:c6:d7:6b:
a0:00:89:90:30:02:10:92:a4:94:c5:ac:ca:05:f5:
52:a9:d0:42:73:8b:21:83:95:e8:bb:22:31:9f:ae:
12:c9:24:a7:f8:42:1e:d8:f2:66:4b:ff:48:59:ae:
37:a9:fd:f9:e9:da:d9:87:71:d5:f5:1a:8e:14:d1:
d8:4e:ad:31:59:80:01:4a:82:53:df:cc:8e:ca:17:
52:ab:54:e2:df:4f:b9:3d:3d:c5:2f:ad:35:e9:b4:
5a:55:1b:9c:41:21:1f:5a:77:30:3d:76:b6:b3:81:
4e:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:3F:E6:D5:4A:73:FE:28:6F:4E:08:CD:BE:27:7B:58:45:4C:A5:E5
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/8D_m1Upz_ihvTgjNvid7WEVMpeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.26.0/24
163.5.28.0/24
163.5.150.0/24
163.5.180.0/24
163.5.183.0/24
Signature Algorithm: sha256WithRSAEncryption
54:60:fb:08:93:fe:74:0b:df:74:84:af:1e:cf:28:d5:1c:a6:
ea:53:6f:96:67:c0:61:89:68:d3:27:a1:a3:ef:ea:98:48:77:
c8:30:be:53:7b:a2:1d:e3:67:5f:32:d5:47:06:71:b0:b4:08:
07:ab:68:a3:33:60:f4:41:9d:7b:6f:59:ae:c1:41:13:bb:d7:
c3:3a:5a:ec:fa:9a:e7:11:b6:4d:08:70:4b:ba:56:e7:38:f3:
f9:f4:ad:e0:22:7d:74:58:d0:0e:98:0a:d9:10:fb:3b:02:44:
7e:ea:88:61:94:9b:0d:cf:60:a2:db:4e:2a:9b:81:27:ef:0f:
a1:78:de:4f:61:69:52:b7:f5:d4:ca:16:17:52:f0:ba:14:bf:
5c:c7:2b:5b:56:fd:68:41:0d:0a:39:0c:b2:69:43:2c:8a:3b:
4f:33:fb:0d:e0:c7:ac:2a:b1:0f:ff:43:42:56:d1:d7:22:42:
99:25:6b:30:e4:2c:0f:91:68:4a:6b:cb:70:03:12:f2:fb:9b:
4f:5c:ad:70:d9:36:37:be:97:9b:34:f2:42:e6:23:83:37:28:
18:c2:72:91:0c:77:fa:1c:5a:07:81:fe:61:bc:f3:21:c3:a2:
3b:ad:79:75:88:55:63:e9:2b:5e:5d:a1:3a:93:6d:9b:78:22:
9f:cd:87:45
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQjajA3AlN4WmiPgSkYJ36PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTAxMTk0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDNmZTZkNTRhNzNmZTI4NmY0ZTA4Y2RiZTI3N2I1ODQ1NGNhNWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoDw/SbHOpuSS35SWH9pCRn0qL1t
0uhdD5bYjy4Xf7xD/OlqZhiu5RYh56bACz+gRiyj3coqUG5MjAOZW2QJoq6F7kzN
9O8gEKBX5t1wdXjQNEOnLSbVxb0CHKw3KciOll1dlGLqb3hbMwf09Os3/EfkFMyT
pfEaq3IbxyAVXO9ZzZ+zKqkHhgvH66Qujl7mhsDG12ugAImQMAIQkqSUxazKBfVS
qdBCc4shg5XouyIxn64SySSn+EIe2PJmS/9IWa43qf356drZh3HV9RqOFNHYTq0x
WYABSoJT38yOyhdSq1Ti30+5PT3FL6016bRaVRucQSEfWncwPXa2s4FORwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPA/5tVKc/4ob04Izb4ne1hFTKXlMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvOERfbTFVcHpfaWh2VGdqTnZpZDdXRVZNcGVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowUaAwQA
owUcAwQAowWWAwQAowW0AwQAowW3MA0GCSqGSIb3DQEBCwUAA4IBAQBUYPsIk/50
C990hK8ezyjVHKbqU2+WZ8BhiWjTJ6Gj7+qYSHfIML5Te6Id42dfMtVHBnGwtAgH
q2ijM2D0QZ17b1muwUETu9fDOlrs+prnEbZNCHBLulbnOPP59K3gIn10WNAOmArZ
EPs7AkR+6ohhlJsNz2Ci204qm4En7w+heN5PYWlSt/XUyhYXUvC6FL9cxytbVv1o
QQ0KOQyyaUMsijtPM/sN4MesKrEP/0NCVtHXIkKZJWsw5CwPkWhKa8twAxLy+5tP
XK1w2TY3vpebNPJC5iODNygYwnKRDHf6HFoHgf5hvPMhw6I7rXl1iFVj6SteXaE6
k22beCKfzYdF
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:57:11 2025 by rpki-client