Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/fyssOg62r6mVz2rNLE2xBV04r6U.roa
File: fyssOg62r6mVz2rNLE2xBV04r6U.roa (raw, json)
Hash identifier: 1KGebOHPSYlA7rkaDbofqGkue7otBwDgqqcIcHLwk/E=
Subject key identifier: 7F:2B:2C:3A:0E:B6:AF:A9:95:CF:6A:CD:2C:4D:B1:05:5D:38:AF:A5
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194236A5187C3933AAB58A39E741987F9B9
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/fyssOg62r6mVz2rNLE2xBV04r6U.roa
Signing time: Wed 01 Jan 2025 19:49:17 +0000
ROA not before: Wed 01 Jan 2025 19:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 399486
IP address blocks: 163.5.32.0/24 maxlen: 24
163.5.64.0/24 maxlen: 24
163.5.106.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.169.0/24 maxlen: 24
163.5.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:51:87:c3:93:3a:ab:58:a3:9e:74:19:87:f9:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 19:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7f2b2c3a0eb6afa995cf6acd2c4db1055d38afa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2d:2c:ef:ff:b9:a4:23:27:54:ae:6a:d5:5f:
14:6e:42:65:8a:7f:5e:3a:6b:b1:a8:8c:c7:75:6b:
40:b5:6a:14:c5:3f:e9:a1:9d:47:42:e6:79:86:b2:
be:69:e7:01:ec:70:18:72:03:e5:65:13:65:7c:80:
c5:e5:3b:b4:72:f8:f3:77:67:c3:76:4b:25:92:fb:
b0:f1:06:d2:3b:8c:6d:67:fb:f2:dd:27:c1:df:50:
e8:f2:c2:d7:06:5a:dc:73:1a:27:37:ce:3b:ee:6f:
18:ba:65:c9:a6:a4:28:fb:9f:ed:57:f7:b8:6e:dc:
1b:84:4f:b7:18:4f:71:b6:a2:3f:98:70:c5:44:fe:
06:e7:bc:96:e4:4b:83:61:94:fb:20:4f:8e:79:bb:
3f:23:f3:e1:20:29:41:cf:86:e7:d3:b1:18:b6:4a:
f1:ff:bb:b0:24:c8:80:b9:54:8a:b3:f1:31:27:11:
18:67:89:aa:0b:67:b8:ff:2d:57:b5:9b:cf:e1:52:
cf:47:10:36:d5:e3:d8:24:d6:00:4a:18:25:ea:f8:
7c:a3:49:1c:e4:ab:03:18:40:6d:ef:fc:a1:38:dc:
17:87:f9:bb:17:58:9b:b6:ef:af:f4:ef:1c:40:f5:
7c:34:6b:9c:f3:a6:32:b6:02:3b:75:ec:98:b9:c5:
78:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:2B:2C:3A:0E:B6:AF:A9:95:CF:6A:CD:2C:4D:B1:05:5D:38:AF:A5
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/fyssOg62r6mVz2rNLE2xBV04r6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.32.0/24
163.5.64.0/24
163.5.106.0/24
163.5.112.0/24
163.5.160.0/24
163.5.169.0/24
163.5.210.0/24
Signature Algorithm: sha256WithRSAEncryption
71:3e:59:4c:9d:66:4b:9c:a0:3e:7a:74:5b:15:69:c5:b7:e7:
0c:82:72:2c:61:e0:4d:46:5b:32:d3:1f:59:ee:5d:97:2e:6b:
a2:76:42:2e:28:19:96:dd:5a:26:85:68:4d:b0:af:64:06:b0:
a9:5c:ef:66:d9:14:7f:0a:81:0c:cd:6c:72:e3:52:97:d2:9f:
f8:d4:ce:ad:dc:1b:7d:8a:0d:f6:e8:78:9a:cc:ee:93:5e:c5:
7c:c0:c5:f1:8d:6d:68:75:86:4d:aa:8e:ee:3b:7b:ef:fc:34:
14:e3:42:42:b6:22:50:ca:94:a9:06:4a:9c:ec:eb:c8:77:7b:
3a:92:f3:f9:8a:fe:83:d7:12:1b:b0:e8:14:11:ea:b5:3d:a6:
75:37:84:b7:a1:00:e6:6f:42:61:f5:b9:b2:43:ae:84:0b:70:
a0:76:27:82:8f:d3:1f:0a:e9:75:ff:d4:bf:d0:18:26:6c:97:
04:61:ae:2a:6a:25:be:b2:ac:0e:16:14:84:c7:64:8a:2f:a0:
15:46:b2:e7:6d:bf:02:2f:ec:39:15:41:8f:fb:10:b5:db:f5:
f7:d1:e1:6c:76:15:a7:a0:b6:b6:84:1c:30:35:e8:dc:db:24:
8a:a2:44:f5:e5:88:f9:17:31:ab:97:b3:31:f3:d2:a9:67:d7:
38:a0:9d:bd
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQjalGHw5M6q1ijnnQZh/m5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTAxMTk0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjJiMmMzYTBlYjZhZmE5OTVjZjZhY2QyYzRkYjEwNTVkMzhhZmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAry0s7/+5pCMnVK5q1V8UbkJlin9e
OmuxqIzHdWtAtWoUxT/poZ1HQuZ5hrK+aecB7HAYcgPlZRNlfIDF5Tu0cvjzd2fD
dkslkvuw8QbSO4xtZ/vy3SfB31Do8sLXBlrccxonN8477m8YumXJpqQo+5/tV/e4
btwbhE+3GE9xtqI/mHDFRP4G57yW5EuDYZT7IE+Oebs/I/PhIClBz4bn07EYtkrx
/7uwJMiAuVSKs/ExJxEYZ4mqC2e4/y1XtZvP4VLPRxA21ePYJNYAShgl6vh8o0kc
5KsDGEBt7/yhONwXh/m7F1ibtu+v9O8cQPV8NGuc86YytgI7deyYucV4pwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFH8rLDoOtq+plc9qzSxNsQVdOK+lMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZnlzc09nNjJyNm1WejJyTkxFMnhCVjA0cjZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAowUgAwQA
owVAAwQAowVqAwQAowVwAwQAowWgAwQAowWpAwQAowXSMA0GCSqGSIb3DQEBCwUA
A4IBAQBxPllMnWZLnKA+enRbFWnFt+cMgnIsYeBNRlsy0x9Z7l2XLmuidkIuKBmW
3VomhWhNsK9kBrCpXO9m2RR/CoEMzWxy41KX0p/41M6t3Bt9ig326HiazO6TXsV8
wMXxjW1odYZNqo7uO3vv/DQU40JCtiJQypSpBkqc7OvId3s6kvP5iv6D1xIbsOgU
Eeq1PaZ1N4S3oQDmb0Jh9bmyQ66EC3CgdieCj9MfCul1/9S/0BgmbJcEYa4qaiW+
sqwOFhSEx2SKL6AVRrLnbb8CL+w5FUGP+xC12/X30eFsdhWnoLa2hBwwNejc2ySK
okT15Yj5FzGrl7Mx89KpZ9c4oJ29
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:46:36 2025 by rpki-client