Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/edd7af-2ff0-45dc-b14b-77d516be7a87/1/sUz3CUFPMP6K6odB4EEfathIrJc.roa
File: sUz3CUFPMP6K6odB4EEfathIrJc.roa (raw, json)
Hash identifier: 1ZdcoiC8lHKCzYuENUSvIoHg+7T85+kAy12nWc2yMX0=
Subject key identifier: B1:4C:F7:09:41:4F:30:FE:8A:EA:87:41:E0:41:1F:6A:D8:48:AC:97
Certificate issuer: /CN=c42978d532698fb20840f942b0247c01c8f578b2
Certificate serial: 0194221FF2DD5FD8E7B55AE0D581AED6E162
Authority key identifier: C4:29:78:D5:32:69:8F:B2:08:40:F9:42:B0:24:7C:01:C8:F5:78:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCl41TJpj7IIQPlCsCR8Acj1eLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/edd7af-2ff0-45dc-b14b-77d516be7a87/1/sUz3CUFPMP6K6odB4EEfathIrJc.roa
Signing time: Wed 01 Jan 2025 13:48:26 +0000
ROA not before: Wed 01 Jan 2025 13:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209549
IP address blocks: 5.180.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/edd7af-2ff0-45dc-b14b-77d516be7a87/1/xCl41TJpj7IIQPlCsCR8Acj1eLI.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/edd7af-2ff0-45dc-b14b-77d516be7a87/1/xCl41TJpj7IIQPlCsCR8Acj1eLI.mft
rsync://rpki.ripe.net/repository/DEFAULT/xCl41TJpj7IIQPlCsCR8Acj1eLI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:f2:dd:5f:d8:e7:b5:5a:e0:d5:81:ae:d6:e1:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42978d532698fb20840f942b0247c01c8f578b2
Validity
Not Before: Jan 1 13:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b14cf709414f30fe8aea8741e0411f6ad848ac97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2c:29:38:ba:73:93:0e:06:33:fc:ca:fa:87:
0b:ac:ae:80:e2:0a:22:45:63:b6:d6:61:1e:ea:76:
73:21:b1:2d:1f:1f:ee:a2:ad:5a:68:59:d0:c5:4c:
f3:2b:de:83:02:5f:ea:22:f2:25:63:d8:71:2e:94:
32:9d:0b:e8:b3:b3:1a:42:c5:f5:11:fc:49:35:00:
0b:71:2c:fc:ef:48:f4:ee:a7:ce:e2:18:56:d6:79:
e8:14:f3:4f:56:08:cc:d6:f4:70:51:e1:6f:28:d7:
1a:41:66:b0:c2:65:a9:2c:d4:cd:47:f9:1a:d8:85:
f2:63:21:e0:2a:4a:19:f5:5c:2c:22:3b:01:fe:51:
c5:70:d6:a5:4a:59:6d:1e:6e:6b:0c:71:6a:04:e3:
89:be:3a:28:6d:56:5d:51:c1:b4:e5:46:dc:c2:60:
6b:2a:d1:d4:af:16:85:7c:8c:7d:0f:ff:19:4c:e9:
1f:85:68:48:26:07:74:0f:64:5a:0b:a8:91:82:6b:
79:a9:38:c3:48:42:08:f2:e8:78:30:71:17:ea:d1:
e4:b2:de:c4:c8:3b:17:46:16:5e:2e:f9:94:de:48:
87:84:5c:42:80:8d:2c:8c:65:8a:20:56:70:2a:0e:
b6:1b:65:e4:5a:83:37:52:37:1d:9a:03:3f:81:91:
52:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:4C:F7:09:41:4F:30:FE:8A:EA:87:41:E0:41:1F:6A:D8:48:AC:97
X509v3 Authority Key Identifier:
keyid:C4:29:78:D5:32:69:8F:B2:08:40:F9:42:B0:24:7C:01:C8:F5:78:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCl41TJpj7IIQPlCsCR8Acj1eLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/edd7af-2ff0-45dc-b14b-77d516be7a87/1/sUz3CUFPMP6K6odB4EEfathIrJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/edd7af-2ff0-45dc-b14b-77d516be7a87/1/xCl41TJpj7IIQPlCsCR8Acj1eLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.124.0/24
Signature Algorithm: sha256WithRSAEncryption
11:ab:5c:34:8d:5b:49:47:51:a9:01:33:71:cd:2f:7e:f5:fd:
6d:96:54:7a:42:12:41:4b:b2:72:ed:8b:00:0f:f0:aa:75:7b:
81:a3:45:ee:15:6b:e4:a5:3f:d3:88:d2:40:9f:a3:da:2f:80:
4e:0c:9a:21:d8:98:9d:6f:b0:93:47:d3:f2:39:2e:5b:85:41:
27:87:80:83:8f:a6:09:66:c0:d8:ed:a6:db:03:6b:b8:36:9c:
9c:3a:22:ef:59:d2:87:e3:9e:3d:93:09:46:78:88:7c:f2:4b:
c0:e8:4f:50:b7:2f:42:41:35:61:21:65:f5:1a:f0:43:7c:fb:
b3:a8:7c:8a:a8:b9:0d:31:df:b0:e5:2d:95:53:7e:d0:1a:fb:
b2:41:95:c3:b0:84:01:d3:62:73:43:0b:5f:c7:83:fd:b9:c6:
20:5d:b9:e4:cd:e3:1b:39:06:76:6d:2e:19:d9:a7:c3:92:35:
58:0c:4c:f3:14:09:be:a2:44:83:87:f1:8d:a1:da:53:cc:69:
da:f0:c9:26:e1:f2:17:dc:46:af:3d:48:99:b1:54:d7:bc:34:
13:a4:14:da:73:3c:54:2c:9d:ef:ec:ad:79:58:60:bd:20:cf:
d0:50:86:bb:41:84:60:0b:40:32:17:3c:7d:1e:8e:6c:4c:00:
cd:d8:e2:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH/LdX9jntVrg1YGu1uFiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Mjk3OGQ1MzI2OThmYjIwODQwZjk0MmIwMjQ3YzAxYzhm
NTc4YjIwHhcNMjUwMTAxMTM0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTRjZjcwOTQxNGYzMGZlOGFlYTg3NDFlMDQxMWY2YWQ4NDhhYzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviwpOLpzkw4GM/zK+ocLrK6A4goi
RWO21mEe6nZzIbEtHx/uoq1aaFnQxUzzK96DAl/qIvIlY9hxLpQynQvos7MaQsX1
EfxJNQALcSz870j07qfO4hhW1nnoFPNPVgjM1vRwUeFvKNcaQWawwmWpLNTNR/ka
2IXyYyHgKkoZ9VwsIjsB/lHFcNalSlltHm5rDHFqBOOJvjoobVZdUcG05UbcwmBr
KtHUrxaFfIx9D/8ZTOkfhWhIJgd0D2RaC6iRgmt5qTjDSEII8uh4MHEX6tHkst7E
yDsXRhZeLvmU3kiHhFxCgI0sjGWKIFZwKg62G2XkWoM3UjcdmgM/gZFSWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLFM9wlBTzD+iuqHQeBBH2rYSKyXMB8GA1UdIwQY
MBaAFMQpeNUyaY+yCED5QrAkfAHI9XiyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENsNDFUSnBqN0lJUVBsQ3NDUjhBY2oxZUxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9lZGQ3YWYtMmZmMC00NWRjLWIxNGIt
NzdkNTE2YmU3YTg3LzEvc1V6M0NVRlBNUDZLNm9kQjRFRWZhdGhJckpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9lZGQ3YWYtMmZmMC00NWRjLWIxNGItNzdkNTE2YmU3YTg3
LzEveENsNDFUSnBqN0lJUVBsQ3NDUjhBY2oxZUxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbR8MA0G
CSqGSIb3DQEBCwUAA4IBAQARq1w0jVtJR1GpATNxzS9+9f1tllR6QhJBS7Jy7YsA
D/CqdXuBo0XuFWvkpT/TiNJAn6PaL4BODJoh2Jidb7CTR9PyOS5bhUEnh4CDj6YJ
ZsDY7abbA2u4NpycOiLvWdKH4549kwlGeIh88kvA6E9Qty9CQTVhIWX1GvBDfPuz
qHyKqLkNMd+w5S2VU37QGvuyQZXDsIQB02JzQwtfx4P9ucYgXbnkzeMbOQZ2bS4Z
2afDkjVYDEzzFAm+okSDh/GNodpTzGna8Mkm4fIX3EavPUiZsVTXvDQTpBTaczxU
LJ3v7K15WGC9IM/QUIa7QYRgC0AyFzx9Ho5sTADN2OKw
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:47:46 2025 by rpki-client