Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/5xoa_s9hHCqBdRVojMZQkieywOI.roa
File: 5xoa_s9hHCqBdRVojMZQkieywOI.roa (raw, json)
Hash identifier: dLkmlG+BPyJ83dYgEjVkZRzgqQ7WrHrEwODRUOEeHuU=
Subject key identifier: E7:1A:1A:FE:CF:61:1C:2A:81:75:15:68:8C:C6:50:92:27:B2:C0:E2
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01941F8C702EA12C214E522FF28AB7082C40
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/5xoa_s9hHCqBdRVojMZQkieywOI.roa
Signing time: Wed 01 Jan 2025 01:48:04 +0000
ROA not before: Wed 01 Jan 2025 01:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57026
IP address blocks: 2a02:2698:8c00::/38 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.mft
rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:70:2e:a1:2c:21:4e:52:2f:f2:8a:b7:08:2c:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 01:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e71a1afecf611c2a817515688cc6509227b2c0e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:44:d7:2e:97:9f:2d:3a:9f:88:51:05:35:3e:
9f:f7:af:94:a7:52:f5:6b:bc:0b:e6:8f:08:8e:c6:
22:ab:94:fb:1f:5d:60:c8:63:3a:89:ea:96:a2:43:
9e:cd:ef:b1:36:98:5c:7d:c6:b4:e2:24:df:09:53:
31:99:cb:c7:08:3d:74:7a:ec:8e:ed:60:9d:1c:f2:
2c:7e:ac:a4:98:4f:80:aa:95:2f:d2:b2:c8:74:66:
57:df:78:14:80:b3:7d:72:6e:87:ba:76:9a:5d:b5:
7e:8f:3e:91:33:1c:21:1e:61:ad:8a:91:1d:40:6f:
dd:01:2e:78:10:e6:1d:f1:79:a3:6b:69:9f:30:7b:
4f:35:c3:7c:3b:3c:da:1b:ff:11:e4:51:a5:64:48:
b6:de:cb:e8:bf:f5:6d:3e:c4:74:9c:28:6c:1e:27:
1f:d7:fb:85:fd:a5:98:b6:3e:58:4f:b3:0e:e4:4e:
1d:90:e5:83:94:c5:2a:1f:d1:74:6e:ca:c9:4b:2d:
a5:6d:1c:94:c8:dc:3a:3d:1c:fd:f3:61:be:b5:37:
3e:9d:f1:81:5f:b1:86:18:2e:b6:15:83:91:f1:50:
ee:71:c1:47:00:cf:5a:b7:0a:6d:4e:9b:27:a8:43:
74:88:6a:a5:84:c4:88:cd:72:68:4a:82:71:69:0d:
a3:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:1A:1A:FE:CF:61:1C:2A:81:75:15:68:8C:C6:50:92:27:B2:C0:E2
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/5xoa_s9hHCqBdRVojMZQkieywOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:8c00::/38
Signature Algorithm: sha256WithRSAEncryption
18:73:f3:a0:af:33:d0:f5:ab:34:e2:22:b8:46:17:1c:e9:3a:
9b:61:b4:b0:02:29:e6:3c:26:f1:7c:24:80:56:e7:5b:c9:b9:
e7:25:04:60:97:2c:d2:3d:bb:98:ad:6e:d7:b7:24:40:b0:b7:
f2:f7:2a:6d:51:9d:91:b3:58:01:53:0c:74:96:38:ef:7f:01:
de:9a:56:16:65:2d:c9:cf:ff:14:a7:7f:74:44:94:83:18:b4:
10:42:8f:d7:18:d2:d8:18:d9:35:9c:99:a5:5d:08:32:49:92:
55:8c:43:92:7a:01:12:d9:dd:2d:61:5d:e1:71:de:05:20:25:
53:7f:6f:e8:f4:d0:0b:7c:97:45:15:b9:fc:44:45:b9:e4:d6:
a1:77:46:02:d4:d0:ad:6a:6f:9f:42:d2:d9:46:2e:95:99:3a:
96:b6:51:a5:e4:39:f2:29:d2:00:e5:e6:3c:51:6a:d3:01:72:
8c:8c:c3:d4:63:ca:2a:8f:b8:ae:82:a8:e2:56:78:9d:0e:de:
b2:7e:48:b5:9f:0f:9a:81:5d:5b:e6:92:d6:59:25:b6:17:32:
0e:f9:df:0d:1d:e0:eb:1f:61:41:a2:33:d3:23:20:5f:57:49:
cc:3e:e7:6d:7f:b2:be:c9:e6:3d:23:2c:e6:30:cd:58:e1:0a:
3d:15:48:ec
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQfjHAuoSwhTlIv8oq3CCxAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjUwMTAxMDE0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzFhMWFmZWNmNjExYzJhODE3NTE1Njg4Y2M2NTA5MjI3YjJjMGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnETXLpefLTqfiFEFNT6f96+Up1L1
a7wL5o8IjsYiq5T7H11gyGM6ieqWokOeze+xNphcfca04iTfCVMxmcvHCD10euyO
7WCdHPIsfqykmE+AqpUv0rLIdGZX33gUgLN9cm6HunaaXbV+jz6RMxwhHmGtipEd
QG/dAS54EOYd8Xmja2mfMHtPNcN8OzzaG/8R5FGlZEi23svov/VtPsR0nChsHicf
1/uF/aWYtj5YT7MO5E4dkOWDlMUqH9F0bsrJSy2lbRyUyNw6PRz982G+tTc+nfGB
X7GGGC62FYOR8VDuccFHAM9atwptTpsnqEN0iGqlhMSIzXJoSoJxaQ2jNwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFOcaGv7PYRwqgXUVaIzGUJInssDiMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvNXhvYV9zOWhIQ3FCZFJWb2pNWlFraWV5d09JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmIww
DQYJKoZIhvcNAQELBQADggEBABhz86CvM9D1qzTiIrhGFxzpOpthtLACKeY8JvF8
JIBW51vJueclBGCXLNI9u5itbte3JECwt/L3Km1RnZGzWAFTDHSWOO9/Ad6aVhZl
LcnP/xSnf3RElIMYtBBCj9cY0tgY2TWcmaVdCDJJklWMQ5J6ARLZ3S1hXeFx3gUg
JVN/b+j00At8l0UVufxERbnk1qF3RgLU0K1qb59C0tlGLpWZOpa2UaXkOfIp0gDl
5jxRatMBcoyMw9RjyiqPuK6CqOJWeJ0O3rJ+SLWfD5qBXVvmktZZJbYXMg753w0d
4OsfYUGiM9MjIF9XScw+521/sr7J5j0jLOYwzVjhCj0VSOw=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:32 2025 by rpki-client