Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/RSunyofKx29E9zNh44cvjOO_M-U.roa
File: RSunyofKx29E9zNh44cvjOO_M-U.roa (raw, json)
Hash identifier: +wHP4uIJUrGPLRos5DdNyCZvpI+76fYunRVpiJzf4Uc=
Subject key identifier: 45:2B:A7:CA:87:CA:C7:6F:44:F7:33:61:E3:87:2F:8C:E3:BF:33:E5
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194236A25565EFC38D4ACFE5A9B28DFB540
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/RSunyofKx29E9zNh44cvjOO_M-U.roa
Signing time: Wed 01 Jan 2025 19:49:06 +0000
ROA not before: Wed 01 Jan 2025 19:49:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14445
IP address blocks: 163.5.29.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:25:56:5e:fc:38:d4:ac:fe:5a:9b:28:df:b5:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 19:49:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=452ba7ca87cac76f44f73361e3872f8ce3bf33e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d2:a6:a2:7f:b5:ac:3a:54:33:29:8d:ba:1e:
48:5d:72:3e:ea:59:16:2a:77:51:35:45:ef:ca:69:
c6:9a:2c:ad:0b:5e:ae:97:6a:7c:5e:48:02:75:97:
2f:65:27:c6:5f:67:7e:bc:1b:bd:3e:f6:f0:76:be:
56:23:da:2b:22:a4:c6:9f:e3:1a:27:2c:b3:6e:bd:
8c:d5:ff:2b:d1:13:f1:53:7f:7f:48:af:34:18:70:
6e:71:b1:6f:b4:09:23:aa:cd:98:ce:9d:bd:72:62:
a5:84:85:4d:df:ef:aa:be:29:48:ab:98:fa:97:6a:
30:89:e5:83:bb:17:a3:e7:8f:b5:60:81:35:0f:f4:
94:35:f9:f7:59:05:77:a1:19:69:5c:fb:19:58:ac:
d0:db:03:04:df:18:04:35:22:e5:41:a5:54:02:ab:
4b:da:ac:88:5c:0e:a6:14:07:b3:51:bd:c6:50:6e:
ab:4f:73:a8:ec:4c:fc:d2:9d:23:80:2b:e2:4a:e8:
71:c8:05:20:e4:4c:4c:5e:eb:90:5c:6d:e9:00:ec:
79:41:40:d8:4a:a9:0b:6e:f7:59:0d:3b:c2:12:90:
a9:ad:ae:19:33:bd:21:89:48:a3:7c:dd:9c:ff:68:
85:49:ae:25:46:cb:01:82:d0:be:4e:3d:18:7f:d0:
95:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:2B:A7:CA:87:CA:C7:6F:44:F7:33:61:E3:87:2F:8C:E3:BF:33:E5
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/RSunyofKx29E9zNh44cvjOO_M-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.29.0/24
163.5.200.0/24
163.5.206.0/24
Signature Algorithm: sha256WithRSAEncryption
15:10:08:52:64:e4:08:5f:cd:1a:96:4c:03:ad:f2:33:1a:e8:
51:1b:37:6b:64:ca:3f:dd:fa:7a:82:ff:14:5f:df:fb:8a:1a:
7a:87:ef:28:6f:4d:d0:84:8e:e6:5d:2f:e8:de:13:66:22:8c:
b2:80:c5:b8:9e:21:66:d7:d0:d0:b7:ff:67:de:7f:8d:b2:7e:
a4:e0:d3:88:af:ab:8e:e6:72:51:db:dd:6d:de:8c:6f:ca:3c:
20:0f:46:77:e6:da:30:87:46:e7:2d:9d:67:ea:90:a5:fb:09:
8b:52:c5:06:ec:5e:01:10:d0:cd:77:b5:c7:de:da:b4:6c:b3:
c5:d7:f2:a8:df:ba:a3:23:37:26:4a:04:bd:2c:4d:17:57:41:
8b:2f:3a:07:ff:df:ff:49:dc:ed:73:27:83:81:a2:49:e2:e8:
1e:3d:40:29:68:a4:27:2b:82:14:9b:69:3a:cf:0a:08:f5:de:
a4:89:45:4e:7c:c5:1f:0f:b8:a4:18:f3:7d:28:77:d4:af:ca:
19:c0:cc:e7:08:d3:f2:cc:b6:69:42:bc:8e:bc:34:3f:24:8c:
be:12:c3:6c:32:65:0e:d0:96:74:8d:9d:0d:e7:46:56:98:6f:
0a:43:bf:45:60:12:a0:14:03:bd:06:98:ef:7d:c4:dc:21:00:
56:e3:00:5b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQjaiVWXvw41Kz+Wpso37VAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTAxMTk0OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTJiYTdjYTg3Y2FjNzZmNDRmNzMzNjFlMzg3MmY4Y2UzYmYzM2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdKmon+1rDpUMymNuh5IXXI+6lkW
KndRNUXvymnGmiytC16ul2p8XkgCdZcvZSfGX2d+vBu9Pvbwdr5WI9orIqTGn+Ma
Jyyzbr2M1f8r0RPxU39/SK80GHBucbFvtAkjqs2Yzp29cmKlhIVN3++qvilIq5j6
l2owieWDuxej54+1YIE1D/SUNfn3WQV3oRlpXPsZWKzQ2wME3xgENSLlQaVUAqtL
2qyIXA6mFAezUb3GUG6rT3Oo7Ez80p0jgCviSuhxyAUg5ExMXuuQXG3pAOx5QUDY
SqkLbvdZDTvCEpCpra4ZM70hiUijfN2c/2iFSa4lRssBgtC+Tj0Yf9CVGQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEUrp8qHysdvRPczYeOHL4zjvzPlMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUlN1bnlvZkt4MjlFOXpOaDQ0Y3ZqT09fTS1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowUdAwQA
owXIAwQAowXOMA0GCSqGSIb3DQEBCwUAA4IBAQAVEAhSZOQIX80alkwDrfIzGuhR
GzdrZMo/3fp6gv8UX9/7ihp6h+8ob03QhI7mXS/o3hNmIoyygMW4niFm19DQt/9n
3n+Nsn6k4NOIr6uO5nJR291t3oxvyjwgD0Z35towh0bnLZ1n6pCl+wmLUsUG7F4B
ENDNd7XH3tq0bLPF1/Ko37qjIzcmSgS9LE0XV0GLLzoH/9//SdztcyeDgaJJ4uge
PUApaKQnK4IUm2k6zwoI9d6kiUVOfMUfD7ikGPN9KHfUr8oZwMznCNPyzLZpQryO
vDQ/JIy+EsNsMmUO0JZ0jZ0N50ZWmG8KQ79FYBKgFAO9BpjvfcTcIQBW4wBb
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:50:44 2025 by rpki-client