Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/hDPnTr7SMwZqCNrz4Gdm-je36ak.roa
File: hDPnTr7SMwZqCNrz4Gdm-je36ak.roa (raw, json)
Hash identifier: 3VWnGzxd4U6Y4fDqjR1OsL4kevmL2pNZBI9nxipsv9M=
Subject key identifier: 84:33:E7:4E:BE:D2:33:06:6A:08:DA:F3:E0:67:66:FA:37:B7:E9:A9
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194236A2E9574C7B391C019B24586379A10
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/hDPnTr7SMwZqCNrz4Gdm-je36ak.roa
Signing time: Wed 01 Jan 2025 19:49:08 +0000
ROA not before: Wed 01 Jan 2025 19:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54252
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.123.0/24 maxlen: 24
163.5.199.0/24 maxlen: 24
163.5.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:2e:95:74:c7:b3:91:c0:19:b2:45:86:37:9a:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 19:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8433e74ebed233066a08daf3e06766fa37b7e9a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a2:7b:f8:71:a0:01:7d:87:80:f4:47:9c:5f:
51:7b:a0:6f:70:bc:58:5a:00:b3:23:96:25:02:97:
8c:2e:bb:80:b6:5e:a3:23:1f:c3:6a:b3:43:77:a3:
f1:92:0c:a4:73:94:96:20:f6:a3:0a:8a:75:8f:4c:
6c:d7:f2:0d:76:13:eb:47:8c:39:c8:7d:f5:b5:c3:
85:9b:91:5e:83:c5:14:18:b2:f3:20:f1:97:13:1c:
c2:48:39:68:43:d4:9d:d4:c8:aa:cd:19:e5:c8:1a:
d2:fc:34:3d:f7:5d:ff:1c:93:d5:af:5b:13:d2:66:
ca:00:f9:e0:29:b2:18:c6:bc:59:f4:15:c5:a8:25:
9d:48:ed:3e:43:7c:01:b8:0a:44:96:4b:40:c7:08:
62:15:9d:77:34:48:af:84:d3:2c:ff:c5:d8:73:76:
50:7a:b8:79:dd:a7:cb:6d:9d:9b:b6:72:54:d4:2f:
de:ba:f8:94:03:d4:42:9a:80:ae:cb:50:0b:10:bb:
b7:8c:3b:72:bd:1d:ba:08:a6:49:70:8c:1c:3c:56:
83:73:38:de:40:89:18:88:ba:00:9f:ef:e1:42:be:
59:64:63:71:f4:f0:a9:90:9b:7e:8f:7b:3c:6f:39:
90:29:fe:b7:db:95:44:06:2b:d5:84:4b:6b:9d:4d:
a7:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:33:E7:4E:BE:D2:33:06:6A:08:DA:F3:E0:67:66:FA:37:B7:E9:A9
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/hDPnTr7SMwZqCNrz4Gdm-je36ak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.123.0/24
163.5.199.0/24
163.5.216.0/24
Signature Algorithm: sha256WithRSAEncryption
33:f9:00:0a:04:65:be:c9:4f:14:6a:67:2b:8a:16:21:78:4d:
95:cc:13:f6:a0:31:a5:c0:0f:37:e2:82:c3:93:ef:eb:09:aa:
e0:27:cf:8c:69:85:67:32:37:03:99:27:95:c0:c2:8d:5a:8b:
50:e1:c1:02:60:0e:a1:7c:fe:95:55:d3:94:d4:3f:51:c3:b1:
bd:3a:84:80:e4:1a:7c:7f:66:ac:33:6d:c9:f7:1c:95:73:bc:
8b:b1:f9:bb:e9:95:3f:f0:0b:09:dc:04:c7:53:ed:c5:40:bf:
9d:49:53:84:22:d2:b5:34:c0:e8:a3:4e:27:c1:f6:c9:b7:aa:
7e:07:87:79:79:09:b4:d6:92:f1:f5:16:5c:19:48:c4:40:40:
ef:e9:85:d4:34:6f:0d:b3:50:92:72:77:f7:36:a2:e6:c1:d2:
e8:05:82:45:7a:26:8a:5d:a5:12:03:64:5c:6b:84:82:19:5f:
fd:1f:d6:28:83:62:fb:99:b9:91:30:aa:f5:fb:d4:f7:3b:d3:
2c:da:5c:fc:e7:ee:76:66:27:d9:a8:38:4c:52:91:44:12:65:
de:92:5f:3f:78:03:7e:9d:46:82:13:32:c4:ea:54:2a:8a:0d:
af:b4:82:4a:51:ab:34:27:45:75:0d:86:7c:5b:11:84:e2:b7:
07:7d:74:ee
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQjai6VdMezkcAZskWGN5oQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTAxMTk0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDMzZTc0ZWJlZDIzMzA2NmEwOGRhZjNlMDY3NjZmYTM3YjdlOWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6J7+HGgAX2HgPRHnF9Re6BvcLxY
WgCzI5YlApeMLruAtl6jIx/DarNDd6Pxkgykc5SWIPajCop1j0xs1/INdhPrR4w5
yH31tcOFm5Feg8UUGLLzIPGXExzCSDloQ9Sd1MiqzRnlyBrS/DQ9913/HJPVr1sT
0mbKAPngKbIYxrxZ9BXFqCWdSO0+Q3wBuApElktAxwhiFZ13NEivhNMs/8XYc3ZQ
erh53afLbZ2btnJU1C/euviUA9RCmoCuy1ALELu3jDtyvR26CKZJcIwcPFaDczje
QIkYiLoAn+/hQr5ZZGNx9PCpkJt+j3s8bzmQKf6325VEBivVhEtrnU2nWQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIQz506+0jMGagja8+BnZvo3t+mpMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvaERQblRyN1NNd1pxQ05yejRHZG0tamUzNmFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowUeAwQA
owV7AwQAowXHAwQAowXYMA0GCSqGSIb3DQEBCwUAA4IBAQAz+QAKBGW+yU8Uamcr
ihYheE2VzBP2oDGlwA834oLDk+/rCargJ8+MaYVnMjcDmSeVwMKNWotQ4cECYA6h
fP6VVdOU1D9Rw7G9OoSA5Bp8f2asM23J9xyVc7yLsfm76ZU/8AsJ3ATHU+3FQL+d
SVOEItK1NMDoo04nwfbJt6p+B4d5eQm01pLx9RZcGUjEQEDv6YXUNG8Ns1CScnf3
NqLmwdLoBYJFeiaKXaUSA2Rca4SCGV/9H9Yog2L7mbmRMKr1+9T3O9Ms2lz85+52
ZifZqDhMUpFEEmXekl8/eAN+nUaCEzLE6lQqig2vtIJKUas0J0V1DYZ8WxGE4rcH
fXTu
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:48:19 2025 by rpki-client