Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/af23c6-efec-491b-87cd-9faa62a1f178/1/taYmShyZEWW4U8j1R_6KnQDOweM.roa
File: taYmShyZEWW4U8j1R_6KnQDOweM.roa (raw, json)
Hash identifier: GjJYuf7T9BVgN+aam1ca3lpMWRi293GWW2n+eayTU5A=
Subject key identifier: B5:A6:26:4A:1C:99:11:65:B8:53:C8:F5:47:FE:8A:9D:00:CE:C1:E3
Certificate issuer: /CN=e5c9fff2f8ed0d65aad0b94f8036f2ee1aeeea0a
Certificate serial: 019420D614E9D9A65D9BA07C8C658497446D
Authority key identifier: E5:C9:FF:F2:F8:ED:0D:65:AA:D0:B9:4F:80:36:F2:EE:1A:EE:EA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5cn_8vjtDWWq0LlPgDby7hru6go.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/af23c6-efec-491b-87cd-9faa62a1f178/1/taYmShyZEWW4U8j1R_6KnQDOweM.roa
Signing time: Wed 01 Jan 2025 07:48:08 +0000
ROA not before: Wed 01 Jan 2025 07:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51095
IP address blocks: 89.35.237.0/24 maxlen: 24
185.40.106.0/24 maxlen: 24
213.170.143.0/24 maxlen: 24
2a0c:e080::/29 maxlen: 32
2a0c:e080::/44 maxlen: 44
2a0c:e082::/44 maxlen: 44
2a0c:e082:10::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/af23c6-efec-491b-87cd-9faa62a1f178/1/5cn_8vjtDWWq0LlPgDby7hru6go.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/af23c6-efec-491b-87cd-9faa62a1f178/1/5cn_8vjtDWWq0LlPgDby7hru6go.mft
rsync://rpki.ripe.net/repository/DEFAULT/5cn_8vjtDWWq0LlPgDby7hru6go.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 07:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:14:e9:d9:a6:5d:9b:a0:7c:8c:65:84:97:44:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5c9fff2f8ed0d65aad0b94f8036f2ee1aeeea0a
Validity
Not Before: Jan 1 07:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5a6264a1c991165b853c8f547fe8a9d00cec1e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:37:fe:a0:d4:4b:6b:d5:1e:b5:f4:4b:b8:40:
99:f6:6b:a3:cb:b5:77:71:aa:a5:e3:f2:c5:0a:7b:
73:da:50:e8:ea:18:87:9b:f3:bc:9e:78:aa:c7:5b:
ab:4a:03:95:79:06:cc:bc:2d:4f:d1:fe:85:82:e1:
be:38:fb:5d:c8:69:be:be:7d:cc:a5:1e:25:ed:7b:
fd:96:16:72:73:d5:2a:8d:c4:99:45:0f:a8:b0:b2:
56:3d:b3:c5:07:ff:57:18:17:c8:32:57:e2:7b:8f:
c6:88:cf:19:14:45:53:8f:6c:df:2e:8b:00:ef:cd:
ae:1a:ee:50:e7:64:84:68:9c:0b:7e:41:c0:da:55:
52:51:03:50:1c:60:9a:a4:d1:69:89:f8:ca:45:c2:
3c:90:5a:97:7e:eb:7e:fa:66:30:13:bf:34:be:c1:
c5:7a:15:3b:dc:8c:4f:cc:ce:e2:db:ae:2e:62:18:
11:bd:2f:6e:5b:96:59:11:45:d8:6f:76:19:20:b1:
b4:d5:ac:0a:7b:c7:50:df:8a:c8:82:d2:9f:47:f6:
73:a4:b9:61:f2:06:c9:18:56:16:62:ff:88:56:58:
b5:b7:87:b9:db:7d:88:75:b1:51:ab:21:b8:84:63:
5c:4c:ba:2d:08:ef:b3:fc:b0:9f:61:7a:d7:d1:cd:
a0:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:A6:26:4A:1C:99:11:65:B8:53:C8:F5:47:FE:8A:9D:00:CE:C1:E3
X509v3 Authority Key Identifier:
keyid:E5:C9:FF:F2:F8:ED:0D:65:AA:D0:B9:4F:80:36:F2:EE:1A:EE:EA:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5cn_8vjtDWWq0LlPgDby7hru6go.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/af23c6-efec-491b-87cd-9faa62a1f178/1/taYmShyZEWW4U8j1R_6KnQDOweM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/af23c6-efec-491b-87cd-9faa62a1f178/1/5cn_8vjtDWWq0LlPgDby7hru6go.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.237.0/24
185.40.106.0/24
213.170.143.0/24
IPv6:
2a0c:e080::/29
Signature Algorithm: sha256WithRSAEncryption
23:b6:54:77:5f:2b:70:ca:8f:40:6e:b6:93:29:04:a3:1d:0d:
eb:5c:8e:e0:77:42:80:73:8c:39:07:28:04:e9:65:3a:3b:ff:
1c:90:e0:ae:74:3c:c4:95:67:ab:cd:f6:6d:e9:43:93:aa:07:
2d:c3:10:4b:78:9f:c7:ba:98:c0:6c:80:21:e2:12:12:bd:78:
e1:de:6e:bc:73:43:14:1d:30:51:51:4a:98:b8:66:57:ca:7d:
ca:ba:08:23:37:f1:f9:e9:7f:5d:d4:a9:25:a1:e9:cb:c5:c5:
62:73:88:17:fd:05:d3:d5:07:67:11:2a:0e:f4:aa:ce:b7:b1:
85:2f:a5:d6:46:21:60:63:3f:3b:76:82:da:a7:47:33:65:d9:
13:c7:40:ac:3a:03:e9:33:9b:29:03:6d:47:fe:4b:03:60:88:
47:2a:56:6b:1b:1a:e6:d4:e0:3d:a9:a7:05:b4:c8:68:62:52:
7c:22:ab:f8:64:89:f3:98:41:8d:f7:b8:90:f0:83:9e:20:e6:
e8:f4:bd:b0:b3:cd:ed:74:29:63:47:aa:80:34:ea:f5:77:61:
0e:a7:ef:c0:2e:00:ad:aa:ce:e8:5f:0e:20:a2:58:d7:54:8c:
7b:f8:9f:36:4e:18:3c:37:03:5d:9b:82:a3:64:6f:a9:4f:d5:
bc:65:cc:0c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQg1hTp2aZdm6B8jGWEl0RtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YzlmZmYyZjhlZDBkNjVhYWQwYjk0ZjgwMzZmMmVlMWFl
ZWVhMGEwHhcNMjUwMTAxMDc0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWE2MjY0YTFjOTkxMTY1Yjg1M2M4ZjU0N2ZlOGE5ZDAwY2VjMWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Df+oNRLa9UetfRLuECZ9mujy7V3
caql4/LFCntz2lDo6hiHm/O8nniqx1urSgOVeQbMvC1P0f6FguG+OPtdyGm+vn3M
pR4l7Xv9lhZyc9UqjcSZRQ+osLJWPbPFB/9XGBfIMlfie4/GiM8ZFEVTj2zfLosA
782uGu5Q52SEaJwLfkHA2lVSUQNQHGCapNFpifjKRcI8kFqXfut++mYwE780vsHF
ehU73IxPzM7i264uYhgRvS9uW5ZZEUXYb3YZILG01awKe8dQ34rIgtKfR/ZzpLlh
8gbJGFYWYv+IVli1t4e5232IdbFRqyG4hGNcTLotCO+z/LCfYXrX0c2gCQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLWmJkocmRFluFPI9Uf+ip0AzsHjMB8GA1UdIwQY
MBaAFOXJ//L47Q1lqtC5T4A28u4a7uoKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWNuXzh2anREV1dxMExsUGdEYnk3aHJ1NmdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9hZjIzYzYtZWZlYy00OTFiLTg3Y2Qt
OWZhYTYyYTFmMTc4LzEvdGFZbVNoeVpFV1c0VThqMVJfNktuUURPd2VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9hZjIzYzYtZWZlYy00OTFiLTg3Y2QtOWZhYTYyYTFmMTc4
LzEvNWNuXzh2anREV1dxMExsUGdEYnk3aHJ1NmdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAWSPtAwQA
uShqAwQA1aqPMA0EAgACMAcDBQMqDOCAMA0GCSqGSIb3DQEBCwUAA4IBAQAjtlR3
Xytwyo9AbraTKQSjHQ3rXI7gd0KAc4w5BygE6WU6O/8ckOCudDzElWerzfZt6UOT
qgctwxBLeJ/HupjAbIAh4hISvXjh3m68c0MUHTBRUUqYuGZXyn3KuggjN/H56X9d
1KkloenLxcVic4gX/QXT1QdnESoO9KrOt7GFL6XWRiFgYz87doLap0czZdkTx0Cs
OgPpM5spA21H/ksDYIhHKlZrGxrm1OA9qacFtMhoYlJ8Iqv4ZInzmEGN97iQ8IOe
IObo9L2ws83tdCljR6qANOr1d2EOp+/ALgCtqs7oXw4goljXVIx7+J82Thg8NwNd
m4KjZG+pT9W8ZcwM
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:33:26 2025 by rpki-client