Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/5R1iDQt_jpAs4gRTjYIiTCijoFA.roa
File: 5R1iDQt_jpAs4gRTjYIiTCijoFA.roa (raw, json)
Hash identifier: mmkAQLGE8LmgwjT34GOkgBAsVgXVqkU9ibiVLrTA0k8=
Subject key identifier: E5:1D:62:0D:0B:7F:8E:90:2C:E2:04:53:8D:82:22:4C:28:A3:A0:50
Certificate issuer: /CN=1224e5eff1abc0e6d8bf029e4f732e0ab71bc16a
Certificate serial: 01941FFA5AEB079B0FFE511820219D45C74B
Authority key identifier: 12:24:E5:EF:F1:AB:C0:E6:D8:BF:02:9E:4F:73:2E:0A:B7:1B:C1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EiTl7_GrwObYvwKeT3MuCrcbwWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/5R1iDQt_jpAs4gRTjYIiTCijoFA.roa
Signing time: Wed 01 Jan 2025 03:48:08 +0000
ROA not before: Wed 01 Jan 2025 03:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6095
IP address blocks: 160.62.0.0/24 maxlen: 24
160.62.3.0/24 maxlen: 24
160.62.21.0/24 maxlen: 24
160.62.22.0/24 maxlen: 24
160.62.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/EiTl7_GrwObYvwKeT3MuCrcbwWo.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/EiTl7_GrwObYvwKeT3MuCrcbwWo.mft
rsync://rpki.ripe.net/repository/DEFAULT/EiTl7_GrwObYvwKeT3MuCrcbwWo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 03:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:5a:eb:07:9b:0f:fe:51:18:20:21:9d:45:c7:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1224e5eff1abc0e6d8bf029e4f732e0ab71bc16a
Validity
Not Before: Jan 1 03:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e51d620d0b7f8e902ce204538d82224c28a3a050
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:70:c2:0d:cd:3b:ec:b6:81:83:43:a6:2e:13:
55:06:60:c7:60:ae:cf:1e:fa:6c:e1:0a:5a:51:96:
52:f4:88:14:77:ee:5b:a7:ef:39:ee:c3:c4:72:2d:
83:01:f4:09:44:98:2a:40:ba:76:b8:ed:0b:1e:b5:
82:b8:ef:75:0a:83:72:b0:6c:71:81:75:f8:2d:29:
d9:ce:a4:2f:94:59:27:ac:6e:95:f6:48:2d:f9:f5:
10:02:3e:6c:99:f6:83:1b:c3:96:7d:28:96:ee:01:
b4:ac:81:68:1f:d6:b7:a1:88:25:8c:a3:b3:96:21:
1b:39:0b:9a:8d:57:bf:21:f8:cb:be:79:61:6f:97:
25:6d:66:9d:89:9e:39:4a:99:f8:f9:a7:c5:92:87:
a3:10:da:64:23:fb:d2:50:eb:10:9c:f9:58:f3:36:
5b:49:19:85:87:4e:5f:73:41:ac:c7:3d:e8:f4:ce:
a0:2f:49:24:98:15:84:de:27:cb:1b:7d:8d:de:92:
34:8d:dd:a6:28:21:2c:7d:3a:d9:f3:52:1d:ef:96:
21:eb:11:d3:fe:8e:e7:5a:30:bc:68:b6:96:8d:28:
9d:d0:df:65:e9:dd:b1:4e:cd:16:30:11:24:8f:82:
31:20:76:ee:1d:80:e9:7e:09:8b:5c:e0:1c:e8:59:
5a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:1D:62:0D:0B:7F:8E:90:2C:E2:04:53:8D:82:22:4C:28:A3:A0:50
X509v3 Authority Key Identifier:
keyid:12:24:E5:EF:F1:AB:C0:E6:D8:BF:02:9E:4F:73:2E:0A:B7:1B:C1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EiTl7_GrwObYvwKeT3MuCrcbwWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/5R1iDQt_jpAs4gRTjYIiTCijoFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/EiTl7_GrwObYvwKeT3MuCrcbwWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.62.0.0/24
160.62.3.0/24
160.62.21.0-160.62.23.255
Signature Algorithm: sha256WithRSAEncryption
38:05:29:8b:2a:14:06:ff:61:c8:60:1d:ef:d3:d3:a1:14:97:
31:65:9c:6b:5a:04:46:73:9a:59:af:e4:55:f0:a1:07:0e:e4:
d0:a6:32:53:53:30:8c:f7:8c:01:eb:3b:a0:74:24:a1:9b:e9:
0e:5b:1d:12:ab:b6:92:ed:2e:b1:c1:04:e0:28:ea:09:da:50:
58:44:6d:e5:49:fa:f3:97:de:6d:03:b3:e7:c4:19:f1:7f:8b:
47:6f:99:16:c6:e2:2b:29:83:5e:25:fa:ff:2b:00:3e:f0:0c:
29:d8:28:8e:97:62:5a:be:15:f9:b7:8d:c0:40:e1:a5:57:63:
7d:32:a4:92:d5:a1:8d:d7:f5:a3:25:f5:9a:21:a0:77:5a:0c:
c9:8e:ff:9f:ec:2f:68:48:51:3b:44:94:b5:3d:81:e3:f4:7c:
df:c1:a0:b1:b3:45:a0:f9:21:06:bf:72:cd:f3:1f:44:6a:ea:
36:f5:09:23:b2:11:1a:db:97:ba:59:72:e9:ce:38:19:28:2d:
05:bf:21:13:3e:29:52:dd:60:66:9e:55:21:c5:a0:97:7d:24:
2c:cd:d5:ad:1d:9e:f8:bb:34:20:b2:b3:5a:c6:43:5e:43:5c:
54:5e:2f:c3:30:41:b9:52:d5:aa:db:ea:5f:1b:9d:4b:9e:62:
52:b9:ea:71
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQf+lrrB5sP/lEYICGdRcdLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMjRlNWVmZjFhYmMwZTZkOGJmMDI5ZTRmNzMyZTBhYjcx
YmMxNmEwHhcNMjUwMTAxMDM0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTFkNjIwZDBiN2Y4ZTkwMmNlMjA0NTM4ZDgyMjI0YzI4YTNhMDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonDCDc077LaBg0OmLhNVBmDHYK7P
Hvps4QpaUZZS9IgUd+5bp+857sPEci2DAfQJRJgqQLp2uO0LHrWCuO91CoNysGxx
gXX4LSnZzqQvlFknrG6V9kgt+fUQAj5smfaDG8OWfSiW7gG0rIFoH9a3oYgljKOz
liEbOQuajVe/IfjLvnlhb5clbWadiZ45Spn4+afFkoejENpkI/vSUOsQnPlY8zZb
SRmFh05fc0Gsxz3o9M6gL0kkmBWE3ifLG32N3pI0jd2mKCEsfTrZ81Id75Yh6xHT
/o7nWjC8aLaWjSid0N9l6d2xTs0WMBEkj4IxIHbuHYDpfgmLXOAc6FlagwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOUdYg0Lf46QLOIEU42CIkwoo6BQMB8GA1UdIwQY
MBaAFBIk5e/xq8Dm2L8Cnk9zLgq3G8FqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWlUbDdfR3J3T2JZdndLZVQzTXVDcmNid1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8xMWJlMjMtM2JlNi00ODgxLWEzZDEt
NTM4NmIxZDk2M2JjLzEvNVIxaURRdF9qcEFzNGdSVGpZSWlUQ2lqb0ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8xMWJlMjMtM2JlNi00ODgxLWEzZDEtNTM4NmIxZDk2M2Jj
LzEvRWlUbDdfR3J3T2JZdndLZVQzTXVDcmNid1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAoD4AAwQA
oD4DMAwDBACgPhUDBAOgPhAwDQYJKoZIhvcNAQELBQADggEBADgFKYsqFAb/Ychg
He/T06EUlzFlnGtaBEZzmlmv5FXwoQcO5NCmMlNTMIz3jAHrO6B0JKGb6Q5bHRKr
tpLtLrHBBOAo6gnaUFhEbeVJ+vOX3m0Ds+fEGfF/i0dvmRbG4ispg14l+v8rAD7w
DCnYKI6XYlq+Ffm3jcBA4aVXY30ypJLVoY3X9aMl9ZohoHdaDMmO/5/sL2hIUTtE
lLU9geP0fN/BoLGzRaD5IQa/cs3zH0Rq6jb1CSOyERrbl7pZcunOOBkoLQW/IRM+
KVLdYGaeVSHFoJd9JCzN1a0dnvi7NCCys1rGQ15DXFReL8MwQblS1arb6l8bnUue
YlK56nE=
-----END CERTIFICATE-----
Generated at Sun Apr 13 11:18:14 2025 by rpki-client