Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/izMt4N3kEiPupkC6ICmDtUe2lJs.roa
File: izMt4N3kEiPupkC6ICmDtUe2lJs.roa (raw, json)
Hash identifier: rXDNqFahiIuJeSbP7xPY0kJL19PkQQt0BT476DV9WSc=
Subject key identifier: 8B:33:2D:E0:DD:E4:12:23:EE:A6:40:BA:20:29:83:B5:47:B6:94:9B
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194790A9FC129F071AE29FD549D6C5C86C5
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/izMt4N3kEiPupkC6ICmDtUe2lJs.roa
Signing time: Sat 18 Jan 2025 10:52:06 +0000
ROA not before: Sat 18 Jan 2025 10:52:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 53356
IP address blocks: 163.5.51.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.231.0/24 maxlen: 24
163.5.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:79:0a:9f:c1:29:f0:71:ae:29:fd:54:9d:6c:5c:86:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 18 10:52:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b332de0dde41223eea640ba202983b547b6949b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7e:e8:7c:41:2e:ba:ce:3f:47:14:de:9c:2f:
9b:f6:5e:b1:34:b6:dd:d2:45:64:50:44:ad:da:07:
e0:f9:ee:a2:f6:6e:00:c3:d1:e2:b2:a7:9c:97:ba:
be:1b:e2:dc:49:60:77:bc:aa:9e:5c:d5:08:ed:ff:
18:93:33:fa:9f:03:72:34:10:9d:48:dd:50:c8:7e:
54:1b:93:29:50:d6:c5:40:fc:8c:9c:36:29:5f:88:
52:1c:0a:f2:aa:f1:b7:b9:c8:c8:d8:d1:d8:c1:42:
a0:1c:92:3f:2b:32:2f:62:32:87:e0:f8:97:cf:cd:
a8:ef:90:b3:aa:d3:57:c7:46:1b:84:42:25:b5:f1:
81:f4:af:f9:75:5b:b7:f9:26:b4:a1:91:07:e3:f0:
2d:1d:0e:3e:ff:f5:7c:b5:9c:5e:e0:2a:cf:e6:ed:
49:d7:bc:0b:e9:af:1d:d4:10:b7:1f:b9:00:f1:e9:
9d:44:d1:45:19:f6:f5:16:e6:7e:69:7f:fd:24:f7:
fb:d6:da:02:3f:40:ba:ef:3a:67:41:b1:46:ea:6e:
58:a1:d7:19:00:67:18:9b:66:54:5b:ed:2e:c0:25:
00:68:46:60:2b:05:88:1c:4e:2b:6d:4a:58:df:e6:
a9:78:90:09:76:2f:be:dd:4f:aa:2d:b0:f7:a0:ed:
9b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:33:2D:E0:DD:E4:12:23:EE:A6:40:BA:20:29:83:B5:47:B6:94:9B
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/izMt4N3kEiPupkC6ICmDtUe2lJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.51.0/24
163.5.134.0/24
163.5.231.0/24
163.5.244.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:c5:d7:91:77:7a:3a:80:14:64:7e:34:2a:63:02:cc:c8:d9:
a6:c9:8f:ee:67:c2:56:90:93:9d:c0:9b:43:1f:19:79:f0:90:
cb:b9:08:17:16:e0:0f:ac:34:2f:3a:10:74:b7:3f:92:16:36:
12:28:d1:63:e9:e2:c7:35:3b:01:13:3d:46:3f:d8:64:e2:65:
0a:d9:eb:5c:29:7f:9e:33:df:c9:30:0c:0a:75:86:8b:3c:e2:
f7:7a:25:30:ce:d1:0f:75:c2:ed:02:e1:fe:87:9d:33:f6:da:
3d:8d:1d:0e:4a:f3:c1:46:bd:2a:c3:58:0b:3f:21:c6:e3:91:
10:88:7e:b1:16:e0:c5:db:47:20:0a:32:38:da:9f:d3:9a:96:
29:09:67:0a:71:67:41:dc:72:0e:86:94:87:56:9a:7c:e5:ab:
94:34:9f:47:cd:5c:a2:91:35:90:3e:50:c4:bf:97:4b:fd:90:
c8:42:aa:21:6e:89:cb:87:15:4a:bb:a1:fe:24:9a:58:c1:2a:
74:2b:cf:75:d2:fe:42:44:e8:1a:d3:d1:0b:3a:c9:f7:5b:74:
12:db:3c:f7:06:b3:d8:7e:3e:c0:07:53:4d:c2:11:4c:d5:28:
a0:5f:1e:71:bb:13:92:f3:ff:14:7b:a5:5d:34:69:08:3f:d5:
e0:15:a5:71
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZR5Cp/BKfBxrin9VJ1sXIbFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTE4MTA1MjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjMzMmRlMGRkZTQxMjIzZWVhNjQwYmEyMDI5ODNiNTQ3YjY5NDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqH7ofEEuus4/RxTenC+b9l6xNLbd
0kVkUESt2gfg+e6i9m4Aw9Hisqecl7q+G+LcSWB3vKqeXNUI7f8YkzP6nwNyNBCd
SN1QyH5UG5MpUNbFQPyMnDYpX4hSHAryqvG3ucjI2NHYwUKgHJI/KzIvYjKH4PiX
z82o75CzqtNXx0YbhEIltfGB9K/5dVu3+Sa0oZEH4/AtHQ4+//V8tZxe4CrP5u1J
17wL6a8d1BC3H7kA8emdRNFFGfb1FuZ+aX/9JPf71toCP0C67zpnQbFG6m5YodcZ
AGcYm2ZUW+0uwCUAaEZgKwWIHE4rbUpY3+apeJAJdi++3U+qLbD3oO2bCQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIszLeDd5BIj7qZAuiApg7VHtpSbMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvaXpNdDROM2tFaVB1cGtDNklDbUR0VWUybEpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowUzAwQA
owWGAwQAowXnAwQAowX0MA0GCSqGSIb3DQEBCwUAA4IBAQCKxdeRd3o6gBRkfjQq
YwLMyNmmyY/uZ8JWkJOdwJtDHxl58JDLuQgXFuAPrDQvOhB0tz+SFjYSKNFj6eLH
NTsBEz1GP9hk4mUK2etcKX+eM9/JMAwKdYaLPOL3eiUwztEPdcLtAuH+h50z9to9
jR0OSvPBRr0qw1gLPyHG45EQiH6xFuDF20cgCjI42p/TmpYpCWcKcWdB3HIOhpSH
Vpp85auUNJ9HzVyikTWQPlDEv5dL/ZDIQqohbonLhxVKu6H+JJpYwSp0K8910v5C
ROga09ELOsn3W3QS2zz3BrPYfj7AB1NNwhFM1SigXx5xuxOS8/8Ue6VdNGkIP9Xg
FaVx
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:49:00 2025 by rpki-client