Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/49cdec-69f0-4540-89ba-ea45969950cc/1/t0wNgCpzIiHd0fZLik8oKup2IRU.roa
File: t0wNgCpzIiHd0fZLik8oKup2IRU.roa (raw, json)
Hash identifier: eDGvGeZXSnNxXFSxZa5NU4er/BuDVU9oTOPF3gyQwp8=
Subject key identifier: B7:4C:0D:80:2A:73:22:21:DD:D1:F6:4B:8A:4F:28:2A:EA:76:21:15
Certificate issuer: /CN=b0095ed011c94358245c32757d46bed860df4c19
Certificate serial: 01943D1429320C690AF0E52E5E0B5D90652B
Authority key identifier: B0:09:5E:D0:11:C9:43:58:24:5C:32:75:7D:46:BE:D8:60:DF:4C:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sAle0BHJQ1gkXDJ1fUa-2GDfTBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/49cdec-69f0-4540-89ba-ea45969950cc/1/t0wNgCpzIiHd0fZLik8oKup2IRU.roa
Signing time: Mon 06 Jan 2025 19:25:18 +0000
ROA not before: Mon 06 Jan 2025 19:25:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200209
IP address blocks: 5.63.20.0/24 maxlen: 24
185.23.109.0/24 maxlen: 24
2a13:a000::/32 maxlen: 32
2a13:a000:1000::/36 maxlen: 36
2a13:a000:2000::/36 maxlen: 36
2a13:a000:3000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/49cdec-69f0-4540-89ba-ea45969950cc/1/sAle0BHJQ1gkXDJ1fUa-2GDfTBk.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/49cdec-69f0-4540-89ba-ea45969950cc/1/sAle0BHJQ1gkXDJ1fUa-2GDfTBk.mft
rsync://rpki.ripe.net/repository/DEFAULT/sAle0BHJQ1gkXDJ1fUa-2GDfTBk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3d:14:29:32:0c:69:0a:f0:e5:2e:5e:0b:5d:90:65:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0095ed011c94358245c32757d46bed860df4c19
Validity
Not Before: Jan 6 19:25:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b74c0d802a732221ddd1f64b8a4f282aea762115
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6f:b5:d4:47:0d:14:b6:a0:74:60:8a:57:e8:
b4:d3:4f:1f:05:8d:c4:68:38:03:78:25:9f:9e:b8:
74:c9:46:04:76:58:4a:79:81:b4:03:63:38:c3:7a:
69:6d:4f:c4:aa:f4:98:b6:5f:7a:1a:51:5d:fa:bd:
29:3a:c6:ad:2e:ad:e9:d4:fe:5b:f3:7b:68:ca:b7:
a6:e5:b7:31:c6:24:7e:dd:a2:63:18:b0:09:ea:65:
f5:3f:75:8e:99:3b:9e:ee:17:cd:30:09:3c:62:fc:
ca:de:ff:f0:18:fb:5d:8e:0e:cb:78:91:5b:75:ff:
f0:79:54:e2:29:db:e4:15:ad:27:4f:d3:55:a1:5d:
77:eb:e0:21:2e:a5:48:77:07:1d:a2:42:43:64:a8:
ec:c4:54:b6:dd:89:ad:2e:97:5b:28:42:7c:79:3f:
e6:96:82:26:c9:8d:b8:2b:62:58:13:a4:48:2c:ab:
5a:f3:74:2d:96:cd:35:9e:dc:6f:f3:ef:26:f3:37:
74:56:1b:2a:ec:0c:4c:ba:ce:ea:cc:b3:5a:d9:4b:
08:94:82:5c:3e:dc:64:7b:01:5e:a5:4f:90:db:37:
fb:c3:6d:dc:69:c1:a0:21:62:6e:05:78:69:4c:a9:
f8:6f:6a:c8:80:42:2f:13:43:6d:cf:9d:a5:7a:04:
50:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:4C:0D:80:2A:73:22:21:DD:D1:F6:4B:8A:4F:28:2A:EA:76:21:15
X509v3 Authority Key Identifier:
keyid:B0:09:5E:D0:11:C9:43:58:24:5C:32:75:7D:46:BE:D8:60:DF:4C:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sAle0BHJQ1gkXDJ1fUa-2GDfTBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/49cdec-69f0-4540-89ba-ea45969950cc/1/t0wNgCpzIiHd0fZLik8oKup2IRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/49cdec-69f0-4540-89ba-ea45969950cc/1/sAle0BHJQ1gkXDJ1fUa-2GDfTBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.20.0/24
185.23.109.0/24
IPv6:
2a13:a000::/32
Signature Algorithm: sha256WithRSAEncryption
8a:35:5e:de:ae:55:f4:20:d8:b6:72:0e:3b:af:f1:1e:4c:4e:
eb:79:01:85:b8:a0:dc:96:ef:c2:ec:1d:6a:49:b0:7e:1d:f8:
78:a3:45:75:f2:66:9e:47:ed:11:ac:0b:b9:de:0f:87:f0:88:
3e:60:c6:b0:9d:8f:85:0d:dc:f6:ca:2c:15:74:cc:24:96:c8:
6c:da:6f:f2:d5:32:ef:fc:e5:0b:c4:f9:df:e9:3a:3b:03:c4:
5f:48:e4:4c:84:05:ff:e2:8d:06:8b:4d:db:e6:63:b1:39:4c:
56:bb:12:cd:10:86:0d:52:7d:4c:2c:55:9b:03:cf:ae:03:e7:
54:f2:ec:3f:2d:87:94:80:15:df:36:fc:40:c3:27:c6:25:f9:
d6:7e:fb:73:1c:eb:4c:4d:6b:90:57:f3:76:71:f8:64:ad:cb:
0a:c6:6e:21:ac:fe:34:e2:0d:d6:b3:16:66:e6:e2:e1:5f:c5:
9b:37:a1:49:b1:ef:e9:5f:5c:11:20:be:86:8a:68:d5:2c:28:
b9:27:d8:a4:aa:45:18:c5:30:18:14:4e:96:55:6b:e9:bf:c5:
4d:c4:f1:d6:45:11:8d:3a:8f:7b:5c:be:67:8e:c3:7a:a0:b1:
ca:1d:1c:2a:1a:ef:28:5c:fe:56:11:bb:98:0f:6f:a4:9a:5d:
b7:28:e4:1e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQ9FCkyDGkK8OUuXgtdkGUrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMDk1ZWQwMTFjOTQzNTgyNDVjMzI3NTdkNDZiZWQ4NjBk
ZjRjMTkwHhcNMjUwMTA2MTkyNTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzRjMGQ4MDJhNzMyMjIxZGRkMWY2NGI4YTRmMjgyYWVhNzYyMTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2+11EcNFLagdGCKV+i0008fBY3E
aDgDeCWfnrh0yUYEdlhKeYG0A2M4w3ppbU/EqvSYtl96GlFd+r0pOsatLq3p1P5b
83toyrem5bcxxiR+3aJjGLAJ6mX1P3WOmTue7hfNMAk8YvzK3v/wGPtdjg7LeJFb
df/weVTiKdvkFa0nT9NVoV136+AhLqVIdwcdokJDZKjsxFS23YmtLpdbKEJ8eT/m
loImyY24K2JYE6RILKta83Qtls01ntxv8+8m8zd0Vhsq7AxMus7qzLNa2UsIlIJc
PtxkewFepU+Q2zf7w23cacGgIWJuBXhpTKn4b2rIgEIvE0Ntz52legRQTwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLdMDYAqcyIh3dH2S4pPKCrqdiEVMB8GA1UdIwQY
MBaAFLAJXtARyUNYJFwydX1Gvthg30wZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0FsZTBCSEpRMWdrWERKMWZVYS0yR0RmVEJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS80OWNkZWMtNjlmMC00NTQwLTg5YmEt
ZWE0NTk2OTk1MGNjLzEvdDB3TmdDcHpJaUhkMGZaTGlrOG9LdXAySVJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS80OWNkZWMtNjlmMC00NTQwLTg5YmEtZWE0NTk2OTk1MGNj
LzEvc0FsZTBCSEpRMWdrWERKMWZVYS0yR0RmVEJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQABT8UAwQA
uRdtMA0EAgACMAcDBQAqE6AAMA0GCSqGSIb3DQEBCwUAA4IBAQCKNV7erlX0INi2
cg47r/EeTE7reQGFuKDclu/C7B1qSbB+Hfh4o0V18maeR+0RrAu53g+H8Ig+YMaw
nY+FDdz2yiwVdMwklshs2m/y1TLv/OULxPnf6To7A8RfSORMhAX/4o0Gi03b5mOx
OUxWuxLNEIYNUn1MLFWbA8+uA+dU8uw/LYeUgBXfNvxAwyfGJfnWfvtzHOtMTWuQ
V/N2cfhkrcsKxm4hrP404g3WsxZm5uLhX8WbN6FJse/pX1wRIL6GimjVLCi5J9ik
qkUYxTAYFE6WVWvpv8VNxPHWRRGNOo97XL5njsN6oLHKHRwqGu8oXP5WEbuYD2+k
ml23KOQe
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:50:06 2025 by rpki-client