Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/24149d-d115-4330-bd49-cb56ed3ea7fa/1/m5gUSNnJ2hKaiWTW0ODmWqqDw-s.roa
File: m5gUSNnJ2hKaiWTW0ODmWqqDw-s.roa (raw, json)
Hash identifier: EE2S7AYIPyyJZqEsdRi77q99LaNKBqMzcLpUq4bS+A8=
Subject key identifier: 9B:98:14:48:D9:C9:DA:12:9A:89:64:D6:D0:E0:E6:5A:AA:83:C3:EB
Certificate issuer: /CN=dc1089c942b68033683b4dd506c0c36f74be0ea3
Certificate serial: 01942067CC7DD5C6A97E5F1738A5117C18E8
Authority key identifier: DC:10:89:C9:42:B6:80:33:68:3B:4D:D5:06:C0:C3:6F:74:BE:0E:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3BCJyUK2gDNoO03VBsDDb3S-DqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/24149d-d115-4330-bd49-cb56ed3ea7fa/1/m5gUSNnJ2hKaiWTW0ODmWqqDw-s.roa
Signing time: Wed 01 Jan 2025 05:47:40 +0000
ROA not before: Wed 01 Jan 2025 05:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205479
IP address blocks: 92.118.28.0/22 maxlen: 24
92.118.29.0/24 maxlen: 24
2a09:a440::/29 maxlen: 48
2a09:a443::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/24149d-d115-4330-bd49-cb56ed3ea7fa/1/3BCJyUK2gDNoO03VBsDDb3S-DqM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/24149d-d115-4330-bd49-cb56ed3ea7fa/1/3BCJyUK2gDNoO03VBsDDb3S-DqM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3BCJyUK2gDNoO03VBsDDb3S-DqM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 02:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:cc:7d:d5:c6:a9:7e:5f:17:38:a5:11:7c:18:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc1089c942b68033683b4dd506c0c36f74be0ea3
Validity
Not Before: Jan 1 05:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b981448d9c9da129a8964d6d0e0e65aaa83c3eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:47:55:76:19:d0:2b:b3:c9:2c:da:cf:bc:46:
d3:61:72:81:38:a4:4a:90:0e:59:67:7f:10:c7:18:
4f:7a:c2:69:9a:0b:40:ab:52:7f:1a:9a:5c:eb:0b:
65:26:28:35:45:18:16:d9:81:d1:00:0c:f6:b5:9b:
42:7e:9e:12:68:3b:49:f3:e1:87:b3:8a:02:68:8f:
99:c1:b3:bd:93:eb:c5:84:c5:f5:79:2f:9d:a4:e1:
39:a7:7f:d2:00:2e:a5:4d:59:44:22:58:d1:e2:3f:
9b:de:5a:8f:02:93:6c:8c:a9:8b:74:71:1f:93:8d:
1d:74:f4:14:39:16:55:1e:49:46:fc:2d:35:c9:d5:
1d:ad:81:5f:0c:76:12:f6:47:99:24:7d:52:78:cd:
59:8e:70:7f:c7:bf:80:96:de:ed:f1:9b:73:4b:ac:
74:54:37:7f:66:fc:dd:74:53:1a:68:0c:ee:cb:4d:
71:1d:5c:a1:29:f0:e0:f0:3e:85:4a:68:f0:ef:33:
e2:ea:00:97:ff:0d:11:a2:5a:4e:3e:c7:fe:ce:35:
81:99:98:b0:13:e0:f9:a5:c1:d3:62:e9:cd:ee:5f:
ba:86:80:4b:51:23:35:5a:b0:a0:ca:18:da:f3:e4:
56:7a:5e:6f:2e:5a:e0:f6:f0:94:b5:a6:d4:54:82:
65:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:98:14:48:D9:C9:DA:12:9A:89:64:D6:D0:E0:E6:5A:AA:83:C3:EB
X509v3 Authority Key Identifier:
keyid:DC:10:89:C9:42:B6:80:33:68:3B:4D:D5:06:C0:C3:6F:74:BE:0E:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BCJyUK2gDNoO03VBsDDb3S-DqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/24149d-d115-4330-bd49-cb56ed3ea7fa/1/m5gUSNnJ2hKaiWTW0ODmWqqDw-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/24149d-d115-4330-bd49-cb56ed3ea7fa/1/3BCJyUK2gDNoO03VBsDDb3S-DqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.28.0/22
IPv6:
2a09:a440::/29
Signature Algorithm: sha256WithRSAEncryption
1e:2a:82:e5:76:d8:7c:bb:53:e0:1c:43:f2:f2:73:05:f2:07:
b6:a3:7c:5a:ae:0f:ea:69:42:d3:ef:fc:c1:c2:68:43:63:25:
ae:69:0b:32:c1:01:d3:ae:a8:24:90:fa:1c:f6:ee:58:9e:dc:
01:4f:08:fa:9f:b0:a3:27:5c:74:d8:d0:00:e1:35:49:6b:c6:
ef:9e:24:0f:c3:ad:71:3b:7a:c4:25:fc:82:58:0f:0d:9c:05:
18:e0:06:d1:d9:e1:c7:16:ed:6e:33:cf:c6:53:7b:0b:5e:d2:
04:ce:cf:2e:62:61:da:28:8f:1b:2c:ca:7a:40:e4:eb:5a:67:
ba:72:1c:ee:41:f5:b0:ec:10:ad:80:16:66:1a:8d:b4:9b:01:
86:d1:98:c3:63:7d:fe:11:06:24:df:86:b9:75:30:10:35:d7:
ed:ca:29:f4:01:aa:8a:6d:a9:0c:b7:53:54:54:8d:93:b9:7c:
88:c9:e9:d6:2f:e6:8c:89:f1:98:5e:73:9f:04:04:ba:28:39:
66:16:69:41:31:51:1c:17:74:65:f8:12:ee:be:66:b0:9c:08:
de:8e:a9:20:9d:31:e2:a4:df:87:ce:ca:83:38:01:54:7f:f6:
c4:9a:0e:e6:be:13:cf:23:a9:df:aa:b6:e4:1d:b8:37:15:23:
36:5d:7c:6c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQgZ8x91capfl8XOKURfBjoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTA4OWM5NDJiNjgwMzM2ODNiNGRkNTA2YzBjMzZmNzRi
ZTBlYTMwHhcNMjUwMTAxMDU0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yjk4MTQ0OGQ5YzlkYTEyOWE4OTY0ZDZkMGUwZTY1YWFhODNjM2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6kdVdhnQK7PJLNrPvEbTYXKBOKRK
kA5ZZ38QxxhPesJpmgtAq1J/Gppc6wtlJig1RRgW2YHRAAz2tZtCfp4SaDtJ8+GH
s4oCaI+ZwbO9k+vFhMX1eS+dpOE5p3/SAC6lTVlEIljR4j+b3lqPApNsjKmLdHEf
k40ddPQUORZVHklG/C01ydUdrYFfDHYS9keZJH1SeM1ZjnB/x7+Alt7t8ZtzS6x0
VDd/ZvzddFMaaAzuy01xHVyhKfDg8D6FSmjw7zPi6gCX/w0RolpOPsf+zjWBmZiw
E+D5pcHTYunN7l+6hoBLUSM1WrCgyhja8+RWel5vLlrg9vCUtabUVIJlDQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJuYFEjZydoSmolk1tDg5lqqg8PrMB8GA1UdIwQY
MBaAFNwQiclCtoAzaDtN1QbAw290vg6jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JDSnlVSzJnRE5vTzAzVkJzRERiM1MtRHFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8yNDE0OWQtZDExNS00MzMwLWJkNDkt
Y2I1NmVkM2VhN2ZhLzEvbTVnVVNObkoyaEthaVdUVzBPRG1XcXFEdy1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy8yNDE0OWQtZDExNS00MzMwLWJkNDktY2I1NmVkM2VhN2Zh
LzEvM0JDSnlVSzJnRE5vTzAzVkJzRERiM1MtRHFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCXHYcMA0E
AgACMAcDBQMqCaRAMA0GCSqGSIb3DQEBCwUAA4IBAQAeKoLldth8u1PgHEPy8nMF
8ge2o3xarg/qaULT7/zBwmhDYyWuaQsywQHTrqgkkPoc9u5YntwBTwj6n7CjJ1x0
2NAA4TVJa8bvniQPw61xO3rEJfyCWA8NnAUY4AbR2eHHFu1uM8/GU3sLXtIEzs8u
YmHaKI8bLMp6QOTrWme6chzuQfWw7BCtgBZmGo20mwGG0ZjDY33+EQYk34a5dTAQ
Ndftyin0AaqKbakMt1NUVI2TuXyIyenWL+aMifGYXnOfBAS6KDlmFmlBMVEcF3Rl
+BLuvmawnAjejqkgnTHipN+HzsqDOAFUf/bEmg7mvhPPI6nfqrbkHbg3FSM2XXxs
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:42:24 2025 by rpki-client