Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/mS4C21ztnhJ1CQEhvl6HMt_DrKI.roa
File: mS4C21ztnhJ1CQEhvl6HMt_DrKI.roa (raw, json)
Hash identifier: +AZpnsUJfoswiZ8L8H5vFWzIYnjuMk5tWnCTTVqTzgU=
Subject key identifier: 99:2E:02:DB:5C:ED:9E:12:75:09:01:21:BE:5E:87:32:DF:C3:AC:A2
Certificate issuer: /CN=d504e641e55a48aee0141e2c0d26227102caa6d4
Certificate serial: 019427B5DD4D89D642EAE91E475926346024
Authority key identifier: D5:04:E6:41:E5:5A:48:AE:E0:14:1E:2C:0D:26:22:71:02:CA:A6:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1QTmQeVaSK7gFB4sDSYicQLKptQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/mS4C21ztnhJ1CQEhvl6HMt_DrKI.roa
Signing time: Thu 02 Jan 2025 15:50:17 +0000
ROA not before: Thu 02 Jan 2025 15:50:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209242
IP address blocks: 5.182.84.0/24 maxlen: 24
5.182.85.0/24 maxlen: 24
46.254.92.0/24 maxlen: 24
46.254.93.0/24 maxlen: 24
77.232.140.0/24 maxlen: 24
77.232.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/1QTmQeVaSK7gFB4sDSYicQLKptQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/1QTmQeVaSK7gFB4sDSYicQLKptQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1QTmQeVaSK7gFB4sDSYicQLKptQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:dd:4d:89:d6:42:ea:e9:1e:47:59:26:34:60:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d504e641e55a48aee0141e2c0d26227102caa6d4
Validity
Not Before: Jan 2 15:50:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=992e02db5ced9e1275090121be5e8732dfc3aca2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:88:e8:49:7e:44:b9:93:00:cb:0f:86:cb:42:
f6:48:a5:3e:d8:75:2b:fc:2a:eb:86:1d:d5:23:95:
f9:da:f5:bb:77:93:59:75:9d:59:fb:23:67:21:67:
97:df:28:c9:fd:cb:1e:b7:0c:10:e4:cd:61:5e:ea:
e4:02:49:96:d9:ab:02:56:eb:a6:63:6b:3d:eb:25:
a5:5b:5f:23:ce:86:cf:8a:7f:0e:23:eb:54:e4:16:
4c:19:17:d5:22:9f:92:f0:b6:b6:1c:83:5b:a7:b2:
eb:fd:e7:b1:64:79:61:f3:7c:45:2e:4f:1f:9f:aa:
65:8c:92:54:ac:65:9f:18:e3:1c:4d:43:09:e9:66:
f2:fd:62:06:84:d9:60:95:32:db:0d:fa:87:31:58:
a3:05:3b:c4:8a:5e:c6:7a:80:86:ab:79:e5:c3:51:
52:f9:f9:11:30:68:41:9d:97:c3:06:61:64:b4:d7:
7c:08:9d:84:1f:0c:b2:09:ee:38:af:35:df:22:9e:
88:6f:28:51:b7:bb:a7:f3:d8:76:0e:6a:5e:f1:7d:
12:d0:8a:1b:5c:ee:d8:f1:56:aa:ee:74:94:89:ca:
0c:1d:14:ee:1a:28:b5:54:3a:36:5d:e6:11:d1:60:
24:c9:86:60:88:34:fb:5d:c1:4b:09:66:04:48:60:
f3:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:2E:02:DB:5C:ED:9E:12:75:09:01:21:BE:5E:87:32:DF:C3:AC:A2
X509v3 Authority Key Identifier:
keyid:D5:04:E6:41:E5:5A:48:AE:E0:14:1E:2C:0D:26:22:71:02:CA:A6:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QTmQeVaSK7gFB4sDSYicQLKptQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/mS4C21ztnhJ1CQEhvl6HMt_DrKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/1QTmQeVaSK7gFB4sDSYicQLKptQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.84.0/23
46.254.92.0/23
77.232.140.0/23
Signature Algorithm: sha256WithRSAEncryption
ca:0c:a1:12:87:e6:a4:fc:35:a1:e1:c7:51:a8:42:f5:93:b6:
c7:c3:65:1e:ca:da:2c:36:cc:bb:18:4d:3b:b2:fc:68:bb:ec:
d6:c8:49:b0:ef:79:9a:4c:f0:fb:d1:14:2c:cc:e5:4c:2f:ff:
52:18:61:76:f3:68:f7:0e:60:44:32:c9:76:64:97:83:81:e1:
78:70:89:99:26:5e:48:66:f1:85:c2:4f:5c:4c:2a:6b:87:db:
19:05:b9:53:50:58:77:79:96:b4:27:7d:8f:13:96:75:9a:32:
51:7f:b4:22:d0:44:ce:97:a2:80:32:96:0b:bb:e6:80:3c:10:
16:6d:1f:2d:36:90:8f:d8:48:58:16:4c:37:3f:d4:c0:74:a7:
b9:d2:2d:65:f2:a1:3d:d8:a1:92:c6:16:dc:91:2b:9d:b5:f4:
7a:fc:e7:66:70:10:e7:0e:df:bd:40:b1:36:1a:d2:db:65:7f:
5f:35:9d:ce:ab:8b:f2:86:07:6d:02:b9:6b:1b:f7:81:18:ca:
5f:5c:7a:70:0c:f3:67:7e:a2:b6:87:6b:75:bd:16:95:98:11:
d5:97:e0:a0:7c:61:f1:40:96:77:b3:34:5f:ac:b3:da:57:c3:
08:c5:e6:9b:da:cd:ac:60:e0:06:a4:47:7a:64:d9:a4:6a:9a:
8b:81:35:cc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQntd1NidZC6ukeR1kmNGAkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MDRlNjQxZTU1YTQ4YWVlMDE0MWUyYzBkMjYyMjcxMDJj
YWE2ZDQwHhcNMjUwMTAyMTU1MDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTJlMDJkYjVjZWQ5ZTEyNzUwOTAxMjFiZTVlODczMmRmYzNhY2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4joSX5EuZMAyw+Gy0L2SKU+2HUr
/Crrhh3VI5X52vW7d5NZdZ1Z+yNnIWeX3yjJ/csetwwQ5M1hXurkAkmW2asCVuum
Y2s96yWlW18jzobPin8OI+tU5BZMGRfVIp+S8La2HINbp7Lr/eexZHlh83xFLk8f
n6pljJJUrGWfGOMcTUMJ6Wby/WIGhNlglTLbDfqHMVijBTvEil7GeoCGq3nlw1FS
+fkRMGhBnZfDBmFktNd8CJ2EHwyyCe44rzXfIp6IbyhRt7un89h2Dmpe8X0S0Iob
XO7Y8Vaq7nSUicoMHRTuGii1VDo2XeYR0WAkyYZgiDT7XcFLCWYESGDzqQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJkuAttc7Z4SdQkBIb5ehzLfw6yiMB8GA1UdIwQY
MBaAFNUE5kHlWkiu4BQeLA0mInECyqbUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVFUbVFlVmFTSzdnRkI0c0RTWWljUUxLcHRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9mMDFmMzUtMmNjYS00ZTVhLTgyOGEt
NmJmZmNiN2MwZjBhLzEvbVM0QzIxenRuaEoxQ1FFaHZsNkhNdF9EcktJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9mMDFmMzUtMmNjYS00ZTVhLTgyOGEtNmJmZmNiN2MwZjBh
LzEvMVFUbVFlVmFTSzdnRkI0c0RTWWljUUxLcHRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBbZUAwQB
Lv5cAwQBTeiMMA0GCSqGSIb3DQEBCwUAA4IBAQDKDKESh+ak/DWh4cdRqEL1k7bH
w2UeytosNsy7GE07svxou+zWyEmw73maTPD70RQszOVML/9SGGF282j3DmBEMsl2
ZJeDgeF4cImZJl5IZvGFwk9cTCprh9sZBblTUFh3eZa0J32PE5Z1mjJRf7Qi0ETO
l6KAMpYLu+aAPBAWbR8tNpCP2EhYFkw3P9TAdKe50i1l8qE92KGSxhbckSudtfR6
/OdmcBDnDt+9QLE2GtLbZX9fNZ3Oq4vyhgdtArlrG/eBGMpfXHpwDPNnfqK2h2t1
vRaVmBHVl+CgfGHxQJZ3szRfrLPaV8MIxeab2s2sYOAGpEd6ZNmkapqLgTXM
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:05:31 2025 by rpki-client