Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/VQNQwkBf4DKiAyptu1NuzZNk1DE.roa
File: VQNQwkBf4DKiAyptu1NuzZNk1DE.roa (raw, json)
Hash identifier: KvtJJO5ZGQ49qNKAGMorGsOIb3EaRZS5YhJcNfPGvO4=
Subject key identifier: 55:03:50:C2:40:5F:E0:32:A2:03:2A:6D:BB:53:6E:CD:93:64:D4:31
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 0194266C22E33D0AACBC88CAFE3FC6E2D5D9
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/VQNQwkBf4DKiAyptu1NuzZNk1DE.roa
Signing time: Thu 02 Jan 2025 09:50:08 +0000
ROA not before: Thu 02 Jan 2025 09:50:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 5.144.181.0/24 maxlen: 24
5.144.182.0/24 maxlen: 24
5.178.106.0/24 maxlen: 24
5.178.110.0/24 maxlen: 24
185.5.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:22:e3:3d:0a:ac:bc:88:ca:fe:3f:c6:e2:d5:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Jan 2 09:50:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=550350c2405fe032a2032a6dbb536ecd9364d431
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:06:0b:1e:9f:d4:8f:66:7d:88:d5:6e:9e:d5:
c2:c4:62:45:4f:f8:e5:8d:5f:13:41:e3:66:6f:b9:
3f:11:e9:b1:bc:d1:1f:67:5b:c5:39:a9:61:9f:d4:
50:b4:8e:f6:3d:b7:ea:68:25:97:45:f1:08:94:a7:
da:9b:01:dc:cf:5f:1b:aa:04:b0:2e:2b:ee:23:fd:
1a:e5:5a:35:cc:cc:29:91:f8:83:20:1e:e4:06:42:
54:c1:16:7e:51:40:e3:af:b8:df:f2:64:ba:ac:5a:
2d:d0:3b:7b:d5:b4:f8:4f:ac:e8:05:ad:3d:58:8c:
b9:df:8d:e1:8b:c0:b0:2a:81:30:5d:60:44:fe:de:
4a:95:23:7f:e4:27:fc:9e:12:50:1c:0d:34:fa:b7:
24:f0:d3:15:be:52:76:c4:b8:8e:03:16:4e:c1:54:
83:5f:4b:84:7e:05:6c:e8:a1:65:62:7f:54:e7:0b:
48:d4:24:5d:dd:4b:0c:db:6f:b2:5f:2b:fc:ab:76:
1d:e7:41:ca:89:5c:d7:b1:47:7a:49:99:a2:31:55:
27:b5:03:7f:00:96:bc:8f:c1:d0:06:0f:4e:3b:58:
f2:eb:44:eb:ef:0d:68:f2:e5:69:16:2f:c1:41:7a:
88:91:7b:1a:b8:81:59:94:fd:ee:d4:be:a2:5c:c9:
e4:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:03:50:C2:40:5F:E0:32:A2:03:2A:6D:BB:53:6E:CD:93:64:D4:31
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/VQNQwkBf4DKiAyptu1NuzZNk1DE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.181.0-5.144.182.255
5.178.106.0/24
5.178.110.0/24
185.5.39.0/24
Signature Algorithm: sha256WithRSAEncryption
d6:21:d8:0d:32:b9:96:31:4b:1f:84:b6:0d:ad:f3:07:e6:d6:
e0:02:e6:a7:cd:4b:c0:3e:fb:4c:8a:95:8c:84:dc:3d:a3:f6:
23:83:f5:e0:d4:88:95:a0:6a:5f:84:e5:73:3b:b4:65:a1:c4:
7c:28:42:fa:be:d1:1c:ef:b4:75:7e:6b:ab:9f:be:41:93:0d:
c0:1c:46:ee:1f:73:0c:13:c0:a1:6d:cc:e4:06:ad:9d:77:df:
f5:aa:18:63:97:41:ae:ed:06:59:f6:2e:04:86:40:dd:59:84:
2f:5e:fc:cf:d3:25:a5:04:88:d3:9b:d5:8b:49:89:b3:00:80:
d7:d9:a0:91:8b:3e:41:bf:68:12:fe:63:39:58:4e:1b:37:87:
05:81:e6:56:07:a4:45:8d:ff:46:b4:a2:08:56:a0:bc:eb:f3:
3b:1c:b3:92:60:19:57:1e:a1:9a:79:be:7f:50:3e:bb:a8:62:
e6:bd:ab:5b:d7:d3:c8:7e:ce:88:25:0d:f3:dc:87:75:b3:bb:
23:52:3a:9a:95:fb:d9:d9:38:56:de:51:d8:23:7e:87:9e:90:
e7:bb:e8:51:a5:c5:f6:9d:e3:25:12:29:ce:d2:8e:2c:cb:93:
58:f6:2c:23:f8:5b:fd:81:de:78:de:e9:66:86:ad:64:30:8a:
eb:51:62:b6
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQmbCLjPQqsvIjK/j/G4tXZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjUwMTAyMDk1MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTAzNTBjMjQwNWZlMDMyYTIwMzJhNmRiYjUzNmVjZDkzNjRkNDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAYLHp/Uj2Z9iNVuntXCxGJFT/jl
jV8TQeNmb7k/EemxvNEfZ1vFOalhn9RQtI72PbfqaCWXRfEIlKfamwHcz18bqgSw
LivuI/0a5Vo1zMwpkfiDIB7kBkJUwRZ+UUDjr7jf8mS6rFot0Dt71bT4T6zoBa09
WIy5343hi8CwKoEwXWBE/t5KlSN/5Cf8nhJQHA00+rck8NMVvlJ2xLiOAxZOwVSD
X0uEfgVs6KFlYn9U5wtI1CRd3UsM22+yXyv8q3Yd50HKiVzXsUd6SZmiMVUntQN/
AJa8j8HQBg9OO1jy60Tr7w1o8uVpFi/BQXqIkXsauIFZlP3u1L6iXMnk2wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFUDUMJAX+AyogMqbbtTbs2TZNQxMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvVlFOUXdrQmY0REtpQXlwdHUxTnV6Wk5rMURFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAAFkLUD
BAAFkLYDBAAFsmoDBAAFsm4DBAC5BScwDQYJKoZIhvcNAQELBQADggEBANYh2A0y
uZYxSx+Etg2t8wfm1uAC5qfNS8A++0yKlYyE3D2j9iOD9eDUiJWgal+E5XM7tGWh
xHwoQvq+0RzvtHV+a6ufvkGTDcAcRu4fcwwTwKFtzOQGrZ133/WqGGOXQa7tBln2
LgSGQN1ZhC9e/M/TJaUEiNOb1YtJibMAgNfZoJGLPkG/aBL+YzlYThs3hwWB5lYH
pEWN/0a0oghWoLzr8zscs5JgGVceoZp5vn9QPruoYua9q1vX08h+zoglDfPch3Wz
uyNSOpqV+9nZOFbeUdgjfoeekOe76FGlxfad4yUSKc7SjizLk1j2LCP4W/2B3nje
6WaGrWQwiutRYrY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:30:49 2025 by rpki-client