Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/oaaGsDmkbz08MEq8vaai065vpDo.roa
File: oaaGsDmkbz08MEq8vaai065vpDo.roa (raw, json)
Hash identifier: +IE7LfBd7332VXa3dYPtUf8z7AniNLN84K0NY4kDDas=
Subject key identifier: A1:A6:86:B0:39:A4:6F:3D:3C:30:4A:BC:BD:A6:A2:D3:AE:6F:A4:3A
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194236A1F6F022426C5DBA1FEAA0B77B432
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/oaaGsDmkbz08MEq8vaai065vpDo.roa
Signing time: Wed 01 Jan 2025 19:49:04 +0000
ROA not before: Wed 01 Jan 2025 19:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5511
IP address blocks: 163.5.47.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.193.0/24 maxlen: 24
163.5.195.0/24 maxlen: 24
163.5.213.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:1f:6f:02:24:26:c5:db:a1:fe:aa:0b:77:b4:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 19:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a1a686b039a46f3d3c304abcbda6a2d3ae6fa43a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:49:91:db:6b:f9:1c:0d:49:6f:fd:79:bf:11:
cc:8a:01:23:68:fb:98:80:72:79:1a:cc:d4:5b:5a:
54:79:ed:e9:ed:29:12:ec:37:7c:e0:72:4e:4f:e3:
0f:87:fe:f6:8c:3c:5c:8f:94:19:cf:40:95:e4:86:
69:2e:f7:be:63:f1:01:95:2e:93:e7:b8:36:8b:b9:
65:52:b3:f9:d3:df:e2:11:b2:79:62:f7:c4:05:8c:
74:a6:eb:93:22:25:79:25:bf:a5:47:d6:e7:02:7a:
2c:73:7d:31:b3:1d:3b:09:56:46:6f:5d:d9:87:ae:
20:24:f7:e3:ee:2c:ec:c4:3f:7b:35:19:e1:31:d1:
cc:12:af:1b:cc:ea:6d:ee:45:cb:16:91:a9:6b:de:
3e:a9:f4:6b:ab:b4:cf:8e:7a:7a:b0:49:cf:e3:73:
e8:ea:38:fb:5b:71:06:75:dc:8d:cb:54:1f:1b:5d:
1a:88:4e:3d:61:6a:bc:b4:4b:b6:35:75:38:36:16:
c3:80:53:88:72:2a:c8:71:72:ad:5e:52:c0:37:f8:
0d:25:98:a8:45:3b:e5:84:79:ce:59:67:83:3b:28:
c4:11:8e:3c:39:c0:57:e4:5a:a2:ad:93:cb:3b:f2:
63:c0:42:22:a1:a1:e9:58:15:e2:73:f0:0a:30:66:
18:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:A6:86:B0:39:A4:6F:3D:3C:30:4A:BC:BD:A6:A2:D3:AE:6F:A4:3A
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/oaaGsDmkbz08MEq8vaai065vpDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.47.0/24
163.5.192.0/23
163.5.195.0/24
163.5.213.0-163.5.214.255
Signature Algorithm: sha256WithRSAEncryption
72:33:52:1c:1a:73:55:1a:68:c3:0c:7e:6d:8a:20:8d:85:c5:
23:20:fe:70:df:91:e0:b2:a3:b8:03:73:a1:76:24:3a:30:8d:
6c:b8:74:31:a9:cb:68:2a:44:26:bf:ef:8b:24:4b:dd:cb:33:
1f:5a:35:fc:b7:56:99:84:a7:73:98:09:bd:d1:d0:63:9d:28:
d3:87:de:3e:f1:91:2c:2b:38:90:d0:31:d2:40:6b:c4:64:3c:
84:3c:89:87:bb:06:54:75:08:d2:22:cc:ed:47:c9:eb:1e:54:
44:41:b3:56:74:5f:17:07:de:d2:e9:e1:76:c0:50:4b:8a:f7:
29:8d:0b:7c:dd:64:bf:a3:bf:24:cf:bc:2a:83:1b:3d:9f:a8:
87:80:9b:13:0b:e5:76:b4:ef:0f:a3:25:47:ff:b4:69:2d:99:
6b:65:dd:a4:c1:8b:4a:26:14:8b:47:27:a4:94:01:07:85:a5:
06:a1:6f:53:b0:50:09:42:5c:ec:de:1c:9a:34:ff:1e:e5:0e:
be:af:ca:40:25:06:96:bc:31:32:39:82:f4:14:d6:da:93:37:
e7:ce:04:f9:a0:c1:b0:77:93:7c:b0:87:2f:13:3b:2f:3e:f6:
6d:9a:9b:99:95:c4:c7:9c:bc:96:d0:7e:cd:26:75:5b:64:89:
ed:bd:8f:21
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQjah9vAiQmxduh/qoLd7QyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTAxMTk0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWE2ODZiMDM5YTQ2ZjNkM2MzMDRhYmNiZGE2YTJkM2FlNmZhNDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkmR22v5HA1Jb/15vxHMigEjaPuY
gHJ5GszUW1pUee3p7SkS7Dd84HJOT+MPh/72jDxcj5QZz0CV5IZpLve+Y/EBlS6T
57g2i7llUrP509/iEbJ5YvfEBYx0puuTIiV5Jb+lR9bnAnosc30xsx07CVZGb13Z
h64gJPfj7izsxD97NRnhMdHMEq8bzOpt7kXLFpGpa94+qfRrq7TPjnp6sEnP43Po
6jj7W3EGddyNy1QfG10aiE49YWq8tEu2NXU4NhbDgFOIcirIcXKtXlLAN/gNJZio
RTvlhHnOWWeDOyjEEY48OcBX5FqirZPLO/JjwEIioaHpWBXic/AKMGYYHQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKGmhrA5pG89PDBKvL2motOub6Q6MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvb2FhR3NEbWtiejA4TUVxOHZhYWkwNjV2cERvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAowUvAwQB
owXAAwQAowXDMAwDBACjBdUDBACjBdYwDQYJKoZIhvcNAQELBQADggEBAHIzUhwa
c1UaaMMMfm2KII2FxSMg/nDfkeCyo7gDc6F2JDowjWy4dDGpy2gqRCa/74skS93L
Mx9aNfy3VpmEp3OYCb3R0GOdKNOH3j7xkSwrOJDQMdJAa8RkPIQ8iYe7BlR1CNIi
zO1HyeseVERBs1Z0XxcH3tLp4XbAUEuK9ymNC3zdZL+jvyTPvCqDGz2fqIeAmxML
5Xa07w+jJUf/tGktmWtl3aTBi0omFItHJ6SUAQeFpQahb1OwUAlCXOzeHJo0/x7l
Dr6vykAlBpa8MTI5gvQU1tqTN+fOBPmgwbB3k3ywhy8TOy8+9m2am5mVxMecvJbQ
fs0mdVtkie29jyE=
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:54:02 2025 by rpki-client