Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/CBCMd0O0ugLTt_K-5ysCPNiCzks.roa
File: CBCMd0O0ugLTt_K-5ysCPNiCzks.roa (raw, json)
Hash identifier: eiYkt+NnlruHU2MeFfX+deEbXkhBIuhLSO0YQoouPYc=
Subject key identifier: 08:10:8C:77:43:B4:BA:02:D3:B7:F2:BE:E7:2B:02:3C:D8:82:CE:4B
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194236A2B16732E3EF38BFFD1CC89B2B30C
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/CBCMd0O0ugLTt_K-5ysCPNiCzks.roa
Signing time: Wed 01 Jan 2025 19:49:07 +0000
ROA not before: Wed 01 Jan 2025 19:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 163.5.153.0/24 maxlen: 24
163.5.154.0/24 maxlen: 24
163.5.177.0/24 maxlen: 24
163.5.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:2b:16:73:2e:3e:f3:8b:ff:d1:cc:89:b2:b3:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 19:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=08108c7743b4ba02d3b7f2bee72b023cd882ce4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8a:64:fa:54:0b:89:7a:27:8d:7a:82:28:a1:
9e:50:f1:62:e0:0f:9c:7e:7f:bf:5d:bb:47:85:6f:
dc:af:44:b7:e5:fe:0b:0a:5c:70:17:0d:f3:02:20:
6a:ab:bb:76:b2:fe:cc:af:30:92:4c:53:c1:69:ce:
8b:f8:47:03:f8:c5:ae:95:b0:94:83:b4:72:04:95:
7f:37:d5:4a:40:66:b5:b3:fe:2a:a2:76:f3:18:ee:
ca:df:72:e6:67:e3:d5:de:dc:42:28:f3:e1:ec:36:
77:17:1c:4d:0e:df:9e:6b:59:68:a1:31:c9:ea:69:
71:b3:82:85:67:a4:73:51:01:6d:33:52:db:af:cc:
54:25:2f:76:f5:c3:df:9c:74:2c:43:39:ed:73:1a:
cc:d4:53:66:fb:89:3f:b7:aa:82:fe:11:f8:22:fb:
4d:59:31:cb:ba:87:5e:a2:a7:55:42:29:81:99:a4:
a8:23:ea:2e:f3:d0:80:24:5d:8c:b8:2a:de:fd:59:
34:95:b1:67:cf:2b:80:73:8b:ac:39:f8:e2:b2:11:
8c:13:da:15:b3:29:c0:f3:50:58:f7:c0:71:db:b3:
1e:bf:eb:32:e8:42:72:0e:28:76:35:56:ca:06:da:
7e:67:d1:7b:4e:b5:3c:4b:c6:60:6e:21:46:c6:48:
cf:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:10:8C:77:43:B4:BA:02:D3:B7:F2:BE:E7:2B:02:3C:D8:82:CE:4B
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/CBCMd0O0ugLTt_K-5ysCPNiCzks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.153.0-163.5.154.255
163.5.177.0/24
163.5.252.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:cb:15:d5:f9:95:89:94:d9:32:89:78:6c:2b:c5:45:44:56:
bd:c3:ea:d6:6f:c0:68:60:e1:1d:59:73:83:15:f9:29:59:8f:
1a:83:21:7e:b6:18:2d:61:12:f4:a7:c2:b3:86:83:66:b1:e7:
ff:d0:f6:a3:fb:bc:16:c0:90:25:94:7f:1d:54:b8:ff:18:15:
8b:64:4f:dc:1d:a0:f7:01:21:fe:3c:ed:76:f5:de:c9:b6:de:
03:a1:07:f6:71:0e:0a:3f:96:16:3a:a0:3e:bb:f1:08:ed:8d:
42:cf:29:69:d5:a4:0d:ea:e8:ea:4c:e1:b2:0a:66:e4:53:cb:
4c:10:8a:72:75:b9:94:44:1c:1c:f4:a4:d7:e9:f5:f2:ba:fc:
c9:0f:36:6b:94:eb:b5:64:44:26:6f:30:b2:bc:92:c8:1f:63:
52:78:93:71:13:6b:58:05:b9:1d:02:e0:55:25:d0:b4:bf:fb:
7f:1d:c5:c8:2a:66:25:e6:8e:e7:9c:dd:64:c8:36:1d:8b:80:
5e:00:35:54:57:24:18:00:49:37:49:7b:e9:39:5e:01:a1:ea:
05:8b:f6:87:14:15:3f:df:08:67:7a:b5:ae:cd:57:80:4d:95:
49:f2:ff:66:df:92:ea:25:8b:84:6c:f9:c8:6b:a6:21:3f:b1:
1c:18:43:c8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQjaisWcy4+84v/0cyJsrMMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTAxMTk0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODEwOGM3NzQzYjRiYTAyZDNiN2YyYmVlNzJiMDIzY2Q4ODJjZTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4pk+lQLiXonjXqCKKGeUPFi4A+c
fn+/XbtHhW/cr0S35f4LClxwFw3zAiBqq7t2sv7MrzCSTFPBac6L+EcD+MWulbCU
g7RyBJV/N9VKQGa1s/4qonbzGO7K33LmZ+PV3txCKPPh7DZ3FxxNDt+ea1looTHJ
6mlxs4KFZ6RzUQFtM1Lbr8xUJS929cPfnHQsQzntcxrM1FNm+4k/t6qC/hH4IvtN
WTHLuodeoqdVQimBmaSoI+ou89CAJF2MuCre/Vk0lbFnzyuAc4usOfjishGME9oV
synA81BY98Bx27Mev+sy6EJyDih2NVbKBtp+Z9F7TrU8S8ZgbiFGxkjPOQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFAgQjHdDtLoC07fyvucrAjzYgs5LMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvQ0JDTWQwTzB1Z0xUdF9LLTV5c0NQTmlDemtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBACjBZkD
BACjBZoDBACjBbEDBACjBfwwDQYJKoZIhvcNAQELBQADggEBADvLFdX5lYmU2TKJ
eGwrxUVEVr3D6tZvwGhg4R1Zc4MV+SlZjxqDIX62GC1hEvSnwrOGg2ax5//Q9qP7
vBbAkCWUfx1UuP8YFYtkT9wdoPcBIf487Xb13sm23gOhB/ZxDgo/lhY6oD678Qjt
jULPKWnVpA3q6OpM4bIKZuRTy0wQinJ1uZREHBz0pNfp9fK6/MkPNmuU67VkRCZv
MLK8ksgfY1J4k3ETa1gFuR0C4FUl0LS/+38dxcgqZiXmjuec3WTINh2LgF4ANVRX
JBgASTdJe+k5XgGh6gWL9ocUFT/fCGd6ta7NV4BNlUny/2bfkuoli4Rs+chrpiE/
sRwYQ8g=
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:37:33 2025 by rpki-client