Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/mSVl-uBULoDcYhtkgx1KYwUM8tg.roa
File: mSVl-uBULoDcYhtkgx1KYwUM8tg.roa (raw, json)
Hash identifier: H9fSrK9wvxyuOOz8Iw19tw2MV+6oUmA+g+wgRQrB7b4=
Subject key identifier: 99:25:65:FA:E0:54:2E:80:DC:62:1B:64:83:1D:4A:63:05:0C:F2:D8
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194236A473C3DE4F2851093B005560FF04E
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/mSVl-uBULoDcYhtkgx1KYwUM8tg.roa
Signing time: Wed 01 Jan 2025 19:49:15 +0000
ROA not before: Wed 01 Jan 2025 19:49:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 163.5.36.0/24 maxlen: 24
163.5.82.0/24 maxlen: 24
163.5.87.0/24 maxlen: 24
163.5.95.0/24 maxlen: 24
163.5.99.0/24 maxlen: 24
163.5.127.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.181.0/24 maxlen: 24
163.5.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:47:3c:3d:e4:f2:85:10:93:b0:05:56:0f:f0:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 19:49:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=992565fae0542e80dc621b64831d4a63050cf2d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:23:c2:85:51:ab:00:f1:d4:54:60:16:d5:7a:
c0:6e:79:84:1b:05:ff:40:30:35:4f:56:5e:4c:32:
c8:9e:eb:36:ac:c3:02:13:c8:bc:70:fe:9d:8f:29:
dd:f5:99:91:de:5d:66:70:5f:f7:f7:64:96:f7:0e:
1e:dd:73:92:41:c2:02:48:52:15:26:81:49:6e:cd:
03:5f:b7:e2:68:2b:e8:18:9c:38:11:ae:ac:2e:e1:
94:50:e2:9d:4e:9d:a8:94:72:50:41:b8:4a:15:46:
ab:5b:16:dd:9b:8b:7a:25:71:ad:7a:cc:f0:fa:dc:
a8:04:31:fd:22:25:43:0c:33:51:0d:ac:9e:d0:c8:
d7:71:48:72:ad:a9:cc:d5:ef:73:24:44:16:cf:7c:
1c:33:4a:d6:a4:10:7a:78:77:4d:85:f9:3d:26:84:
6b:b2:1f:bd:e7:de:56:66:11:f1:bf:75:de:8c:f3:
e7:9f:86:cc:63:54:2b:3a:f1:ca:61:55:11:6a:d5:
97:e2:e5:9d:ce:68:74:ea:36:4f:5b:41:7e:7e:fc:
81:c7:aa:2b:0c:7b:4d:cd:8a:5e:cd:2b:e4:cf:bc:
1c:c2:a2:df:3f:3a:71:d2:df:f1:2f:a6:c5:28:25:
11:d6:91:11:8a:92:27:a2:9d:76:46:e5:0d:64:76:
eb:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:25:65:FA:E0:54:2E:80:DC:62:1B:64:83:1D:4A:63:05:0C:F2:D8
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/mSVl-uBULoDcYhtkgx1KYwUM8tg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.36.0/24
163.5.82.0/24
163.5.87.0/24
163.5.95.0/24
163.5.99.0/24
163.5.127.0/24
163.5.136.0/24
163.5.181.0/24
163.5.202.0/24
Signature Algorithm: sha256WithRSAEncryption
44:cd:95:aa:ed:62:60:13:73:1c:0f:35:8f:84:19:05:82:2f:
fa:9a:cb:2e:e3:ee:33:2d:99:b1:43:38:f1:79:fc:c8:bc:f1:
70:fc:00:4f:1c:8f:6e:38:c2:35:68:4f:b3:87:0b:98:fb:22:
16:7d:40:0c:83:e4:55:db:3f:39:e3:2d:fb:9d:97:99:53:9e:
fa:18:b2:82:93:dc:80:fb:fe:98:0d:22:40:91:de:2f:db:c3:
6c:c9:56:86:1a:35:4b:9a:80:e2:bc:b6:39:83:23:b1:55:5f:
ad:ab:98:3e:8c:51:8b:a7:a4:bb:9f:d4:ce:f5:a1:37:8c:41:
0b:23:f1:d3:55:74:33:68:2c:23:fc:9f:dd:7f:d4:00:ef:16:
c3:8f:a3:cc:c8:4b:4b:0d:c6:cb:04:a4:6b:ed:d0:26:61:f8:
35:3f:80:d8:27:36:9a:fd:c1:0b:87:e0:ac:50:b8:c2:d8:dc:
64:be:d0:c4:63:10:fb:cc:ed:c0:b6:47:38:dc:5e:cd:43:b8:
95:de:86:42:98:a5:1e:5d:27:f2:8f:ef:d7:37:1a:35:39:1d:
f8:8b:28:d4:23:fc:0d:b9:69:ee:d8:b5:81:ec:59:2f:f2:38:
36:50:e6:a5:b0:25:81:46:a7:86:75:e4:1f:97:be:b1:db:b9:
0e:6f:63:9b
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQjakc8PeTyhRCTsAVWD/BOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTAxMTk0OTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTI1NjVmYWUwNTQyZTgwZGM2MjFiNjQ4MzFkNGE2MzA1MGNmMmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSPChVGrAPHUVGAW1XrAbnmEGwX/
QDA1T1ZeTDLInus2rMMCE8i8cP6djynd9ZmR3l1mcF/392SW9w4e3XOSQcICSFIV
JoFJbs0DX7fiaCvoGJw4Ea6sLuGUUOKdTp2olHJQQbhKFUarWxbdm4t6JXGteszw
+tyoBDH9IiVDDDNRDaye0MjXcUhyranM1e9zJEQWz3wcM0rWpBB6eHdNhfk9JoRr
sh+9595WZhHxv3XejPPnn4bMY1QrOvHKYVURatWX4uWdzmh06jZPW0F+fvyBx6or
DHtNzYpezSvkz7wcwqLfPzpx0t/xL6bFKCUR1pERipInop12RuUNZHbriQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFJklZfrgVC6A3GIbZIMdSmMFDPLYMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbVNWbC11QlVMb0RjWWh0a2d4MUtZd1VNOHRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAowUkAwQA
owVSAwQAowVXAwQAowVfAwQAowVjAwQAowV/AwQAowWIAwQAowW1AwQAowXKMA0G
CSqGSIb3DQEBCwUAA4IBAQBEzZWq7WJgE3McDzWPhBkFgi/6mssu4+4zLZmxQzjx
efzIvPFw/ABPHI9uOMI1aE+zhwuY+yIWfUAMg+RV2z854y37nZeZU576GLKCk9yA
+/6YDSJAkd4v28NsyVaGGjVLmoDivLY5gyOxVV+tq5g+jFGLp6S7n9TO9aE3jEEL
I/HTVXQzaCwj/J/df9QA7xbDj6PMyEtLDcbLBKRr7dAmYfg1P4DYJzaa/cELh+Cs
ULjC2NxkvtDEYxD7zO3Atkc43F7NQ7iV3oZCmKUeXSfyj+/XNxo1OR34iyjUI/wN
uWnu2LWB7Fkv8jg2UOalsCWBRqeGdeQfl76x27kOb2Ob
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:48:03 2025 by rpki-client