Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/dbe50a-2ca1-4362-b5e7-6683c8fc9e5b/1/5OdHvHOcZkrao-9cj9p2twVtXj0.roa
File: 5OdHvHOcZkrao-9cj9p2twVtXj0.roa (raw, json)
Hash identifier: XE/cbPsbZGNTjgltCjh6PwbFsSQa/FeH5vMG4ogZQBU=
Subject key identifier: E4:E7:47:BC:73:9C:66:4A:DA:A3:EF:5C:8F:DA:76:B7:05:6D:5E:3D
Certificate issuer: /CN=09ee7ee0f75b7164ac7596197c7f121d6fca1576
Certificate serial: 019426D9CEFF776AA39D6ADD019C804F8754
Authority key identifier: 09:EE:7E:E0:F7:5B:71:64:AC:75:96:19:7C:7F:12:1D:6F:CA:15:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ce5-4PdbcWSsdZYZfH8SHW_KFXY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/dbe50a-2ca1-4362-b5e7-6683c8fc9e5b/1/5OdHvHOcZkrao-9cj9p2twVtXj0.roa
Signing time: Thu 02 Jan 2025 11:49:56 +0000
ROA not before: Thu 02 Jan 2025 11:49:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13009
IP address blocks: 216.245.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/dbe50a-2ca1-4362-b5e7-6683c8fc9e5b/1/Ce5-4PdbcWSsdZYZfH8SHW_KFXY.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/dbe50a-2ca1-4362-b5e7-6683c8fc9e5b/1/Ce5-4PdbcWSsdZYZfH8SHW_KFXY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ce5-4PdbcWSsdZYZfH8SHW_KFXY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 05:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:ce:ff:77:6a:a3:9d:6a:dd:01:9c:80:4f:87:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09ee7ee0f75b7164ac7596197c7f121d6fca1576
Validity
Not Before: Jan 2 11:49:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e4e747bc739c664adaa3ef5c8fda76b7056d5e3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:cb:8e:7e:21:9d:35:90:33:c0:c2:09:9a:c8:
a7:5e:28:0a:27:52:44:6e:a7:cc:ba:fa:f1:15:b6:
7c:51:ba:88:32:44:6c:a5:32:44:bf:09:cb:29:9a:
61:24:0b:b0:75:5e:89:44:ea:b4:b1:a6:1d:d4:76:
8b:0d:0f:aa:7c:95:1e:28:2f:f2:45:d7:59:62:91:
34:c7:a9:06:68:6e:d0:99:21:95:3c:8a:03:9d:f1:
1f:5c:29:5c:21:c8:10:92:c6:cc:15:f5:cd:74:cf:
d7:97:8f:17:3d:66:2f:c2:75:43:ef:b0:2e:81:c6:
de:2e:75:3b:4b:e5:38:15:9c:b8:96:70:5e:04:ff:
ff:77:04:cc:8a:5d:14:de:90:87:ca:8e:b2:f1:f1:
c3:77:20:45:0b:c2:42:8c:6f:28:22:5b:ed:36:e2:
c1:ff:e1:80:88:6d:bc:6d:e2:e6:68:7e:be:ce:a5:
39:7e:1c:6d:12:ce:12:53:c6:8f:71:cd:07:7d:83:
32:c9:24:74:33:4b:81:8b:46:cd:86:06:3b:03:fa:
9b:4a:0a:53:88:46:09:c8:1f:9c:49:74:7b:95:41:
b1:eb:18:90:3c:c1:29:2f:c9:55:9d:af:40:66:1f:
f9:68:b7:4e:c1:b5:46:aa:cb:5b:f8:80:9c:aa:10:
94:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:E7:47:BC:73:9C:66:4A:DA:A3:EF:5C:8F:DA:76:B7:05:6D:5E:3D
X509v3 Authority Key Identifier:
keyid:09:EE:7E:E0:F7:5B:71:64:AC:75:96:19:7C:7F:12:1D:6F:CA:15:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ce5-4PdbcWSsdZYZfH8SHW_KFXY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/dbe50a-2ca1-4362-b5e7-6683c8fc9e5b/1/5OdHvHOcZkrao-9cj9p2twVtXj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/dbe50a-2ca1-4362-b5e7-6683c8fc9e5b/1/Ce5-4PdbcWSsdZYZfH8SHW_KFXY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
216.245.80.0/24
Signature Algorithm: sha256WithRSAEncryption
83:a3:b9:85:05:95:ba:eb:18:a4:8e:24:75:0d:43:79:5e:bc:
4a:d2:5e:ba:1d:77:4e:d4:c4:ad:58:fe:67:76:dc:98:a8:a3:
dd:7e:8e:2a:68:02:22:d0:f5:99:17:e5:9d:55:84:e6:68:c5:
2c:b9:ac:51:2e:c1:48:41:18:6e:f6:8c:4b:46:79:ca:40:1f:
5c:64:33:60:d8:f7:55:33:cd:43:78:95:c5:7d:11:59:90:7e:
de:2b:84:8b:8b:a6:4e:7a:a3:52:81:f9:f0:d2:c2:97:53:03:
f6:7d:23:00:b6:0c:20:04:05:a6:6a:b4:ed:4d:12:8d:55:29:
86:b6:bc:07:f7:64:48:1c:6e:a7:90:57:af:2a:44:3d:b5:1c:
16:6a:76:c7:8f:7b:00:ed:9b:00:07:a5:73:3c:c6:93:e9:a1:
71:66:7d:ba:ef:55:46:05:44:53:db:9e:c0:3e:e4:d0:c1:e9:
d3:ef:04:8e:54:59:6e:3d:87:85:bc:68:07:68:bf:c0:ee:37:
4f:f7:94:52:37:af:89:01:f0:24:88:21:b2:5f:9f:62:ae:ad:
03:2c:41:ce:b7:1b:86:ff:10:03:1e:94:5e:1b:a5:71:9e:4f:
39:ec:af:d0:f9:69:be:a5:4f:e9:06:b0:91:2d:12:ac:03:e0:
7a:e5:9e:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2c7/d2qjnWrdAZyAT4dUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZWU3ZWUwZjc1YjcxNjRhYzc1OTYxOTdjN2YxMjFkNmZj
YTE1NzYwHhcNMjUwMTAyMTE0OTU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGU3NDdiYzczOWM2NjRhZGFhM2VmNWM4ZmRhNzZiNzA1NmQ1ZTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1suOfiGdNZAzwMIJmsinXigKJ1JE
bqfMuvrxFbZ8UbqIMkRspTJEvwnLKZphJAuwdV6JROq0saYd1HaLDQ+qfJUeKC/y
RddZYpE0x6kGaG7QmSGVPIoDnfEfXClcIcgQksbMFfXNdM/Xl48XPWYvwnVD77Au
gcbeLnU7S+U4FZy4lnBeBP//dwTMil0U3pCHyo6y8fHDdyBFC8JCjG8oIlvtNuLB
/+GAiG28beLmaH6+zqU5fhxtEs4SU8aPcc0HfYMyySR0M0uBi0bNhgY7A/qbSgpT
iEYJyB+cSXR7lUGx6xiQPMEpL8lVna9AZh/5aLdOwbVGqstb+ICcqhCUowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOTnR7xznGZK2qPvXI/adrcFbV49MB8GA1UdIwQY
MBaAFAnufuD3W3FkrHWWGXx/Eh1vyhV2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2U1LTRQZGJjV1NzZFpZWmZIOFNIV19LRlhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kYmU1MGEtMmNhMS00MzYyLWI1ZTct
NjY4M2M4ZmM5ZTViLzEvNU9kSHZIT2Naa3Jhby05Y2o5cDJ0d1Z0WGowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kYmU1MGEtMmNhMS00MzYyLWI1ZTctNjY4M2M4ZmM5ZTVi
LzEvQ2U1LTRQZGJjV1NzZFpZWmZIOFNIV19LRlhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2PVQMA0G
CSqGSIb3DQEBCwUAA4IBAQCDo7mFBZW66xikjiR1DUN5XrxK0l66HXdO1MStWP5n
dtyYqKPdfo4qaAIi0PWZF+WdVYTmaMUsuaxRLsFIQRhu9oxLRnnKQB9cZDNg2PdV
M81DeJXFfRFZkH7eK4SLi6ZOeqNSgfnw0sKXUwP2fSMAtgwgBAWmarTtTRKNVSmG
trwH92RIHG6nkFevKkQ9tRwWanbHj3sA7ZsAB6VzPMaT6aFxZn2671VGBURT257A
PuTQwenT7wSOVFluPYeFvGgHaL/A7jdP95RSN6+JAfAkiCGyX59irq0DLEHOtxuG
/xADHpReG6Vxnk857K/Q+Wm+pU/pBrCRLRKsA+B65Z7d
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:48:24 2025 by rpki-client