Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c14a62-aa6a-486d-b9e6-bc004649ee99/1/Ax6Gu0A1WVAMHnMyLh3B32000sA.roa
File: Ax6Gu0A1WVAMHnMyLh3B32000sA.roa (raw, json)
Hash identifier: iBKFcxVigEAfe9uJMe9wdFyXZBq4/nsbINBCDNHDxXI=
Subject key identifier: 03:1E:86:BB:40:35:59:50:0C:1E:73:32:2E:1D:C1:DF:6D:34:D2:C0
Certificate issuer: /CN=b96e8b6d73f2f38548996f66621330a8d7108529
Certificate serial: 019427479CA47030DEC203F9C9A7BAA676EE
Authority key identifier: B9:6E:8B:6D:73:F2:F3:85:48:99:6F:66:62:13:30:A8:D7:10:85:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uW6LbXPy84VImW9mYhMwqNcQhSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c14a62-aa6a-486d-b9e6-bc004649ee99/1/Ax6Gu0A1WVAMHnMyLh3B32000sA.roa
Signing time: Thu 02 Jan 2025 13:49:52 +0000
ROA not before: Thu 02 Jan 2025 13:49:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43366
IP address blocks: 5.133.84.0/22 maxlen: 24
185.197.188.0/22 maxlen: 24
185.205.240.0/22 maxlen: 24
192.145.24.0/22 maxlen: 24
194.164.116.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c14a62-aa6a-486d-b9e6-bc004649ee99/1/uW6LbXPy84VImW9mYhMwqNcQhSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/c14a62-aa6a-486d-b9e6-bc004649ee99/1/uW6LbXPy84VImW9mYhMwqNcQhSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/uW6LbXPy84VImW9mYhMwqNcQhSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 08:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:9c:a4:70:30:de:c2:03:f9:c9:a7:ba:a6:76:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b96e8b6d73f2f38548996f66621330a8d7108529
Validity
Not Before: Jan 2 13:49:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=031e86bb403559500c1e73322e1dc1df6d34d2c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d3:e4:a9:c4:22:bd:53:06:6a:14:2d:86:a0:
6d:ec:aa:58:ae:b1:74:e3:73:1c:87:cf:7e:2e:31:
a0:7a:23:5e:d7:8a:5b:4e:f4:8e:90:82:26:00:63:
34:90:8c:bd:ea:16:4c:79:c4:14:94:c9:ac:ef:71:
8e:e6:6b:70:ca:4f:2f:8f:90:11:1f:6f:da:01:6c:
2e:c7:e5:59:d2:2b:73:26:4a:d0:46:88:06:ae:b1:
50:43:29:3c:c2:76:b4:03:d7:4d:7e:0e:12:a5:b3:
c0:4e:47:57:56:7a:e8:d2:df:6f:4d:87:85:8c:b6:
2d:26:be:80:54:cc:72:21:0f:ea:93:c6:c6:82:82:
ce:4b:82:c1:4e:10:f4:f7:98:e1:54:ca:1d:68:31:
f0:ea:63:a1:31:7f:7f:6b:dd:a7:5c:f3:24:15:fe:
5d:ed:b4:56:f3:15:9a:51:af:7b:7d:bd:6b:68:ca:
ac:01:97:12:81:a3:3e:83:e9:37:24:f1:ac:eb:85:
f2:60:c1:25:16:a5:e9:4c:5a:f6:96:8b:ec:1f:4c:
92:00:eb:1c:fd:5e:38:d8:1d:d5:20:f3:6a:25:88:
46:41:ad:2f:b9:05:d8:2a:c7:b5:9f:97:a5:83:68:
2b:18:60:a3:e5:6b:57:b5:92:92:92:a7:c6:9b:1f:
67:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:1E:86:BB:40:35:59:50:0C:1E:73:32:2E:1D:C1:DF:6D:34:D2:C0
X509v3 Authority Key Identifier:
keyid:B9:6E:8B:6D:73:F2:F3:85:48:99:6F:66:62:13:30:A8:D7:10:85:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uW6LbXPy84VImW9mYhMwqNcQhSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c14a62-aa6a-486d-b9e6-bc004649ee99/1/Ax6Gu0A1WVAMHnMyLh3B32000sA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c14a62-aa6a-486d-b9e6-bc004649ee99/1/uW6LbXPy84VImW9mYhMwqNcQhSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.84.0/22
185.197.188.0/22
185.205.240.0/22
192.145.24.0/22
194.164.116.0/23
Signature Algorithm: sha256WithRSAEncryption
32:47:4e:96:3d:f6:8f:e8:89:05:0f:0c:52:a8:f8:0a:84:66:
7a:1b:f0:a7:eb:ed:c0:66:0d:f7:dd:12:3d:f7:af:1e:5b:e5:
72:a0:48:16:f1:e6:cb:33:f4:17:63:d0:21:0e:34:f7:be:33:
3b:eb:cd:b2:e7:17:2f:7c:b1:50:72:92:a6:7f:d6:f5:7c:6b:
37:b9:3a:e3:42:02:4a:ce:5e:18:40:0d:a2:ea:c2:8d:d9:57:
09:0c:61:ab:56:12:a2:f9:9c:b1:ab:a7:47:da:42:ca:5f:98:
81:6d:34:84:8c:db:4a:c7:92:85:ae:23:44:fd:b8:e8:19:13:
1b:f5:7c:b0:98:f8:d2:d5:44:be:43:c0:7e:f7:a0:41:09:9f:
d3:95:76:a9:43:24:9e:39:b7:8a:72:ee:88:13:ce:2f:6a:07:
a0:fb:ac:9d:4e:84:7a:2e:c3:b2:07:36:81:75:bd:02:26:6f:
aa:45:55:92:c9:eb:53:ac:08:56:91:c5:b2:2a:2c:20:24:65:
8a:8f:26:38:4b:1b:20:c2:fc:2f:79:9e:95:34:09:45:91:4e:
1b:d5:85:6f:5b:33:a5:67:7f:c4:f9:c6:e5:fa:71:ca:72:7f:
2a:fb:a6:4d:b1:9d:f7:f9:c4:ab:78:83:99:9e:f0:e3:b3:b1:
56:0f:b4:d1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQnR5ykcDDewgP5yae6pnbuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NmU4YjZkNzNmMmYzODU0ODk5NmY2NjYyMTMzMGE4ZDcx
MDg1MjkwHhcNMjUwMTAyMTM0OTUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzFlODZiYjQwMzU1OTUwMGMxZTczMzIyZTFkYzFkZjZkMzRkMmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNPkqcQivVMGahQthqBt7KpYrrF0
43Mch89+LjGgeiNe14pbTvSOkIImAGM0kIy96hZMecQUlMms73GO5mtwyk8vj5AR
H2/aAWwux+VZ0itzJkrQRogGrrFQQyk8wna0A9dNfg4SpbPATkdXVnro0t9vTYeF
jLYtJr6AVMxyIQ/qk8bGgoLOS4LBThD095jhVModaDHw6mOhMX9/a92nXPMkFf5d
7bRW8xWaUa97fb1raMqsAZcSgaM+g+k3JPGs64XyYMElFqXpTFr2lovsH0ySAOsc
/V442B3VIPNqJYhGQa0vuQXYKse1n5elg2grGGCj5WtXtZKSkqfGmx9nowIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAMehrtANVlQDB5zMi4dwd9tNNLAMB8GA1UdIwQY
MBaAFLlui21z8vOFSJlvZmITMKjXEIUpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVc2TGJYUHk4NFZJbVc5bVloTXdxTmNRaFNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jMTRhNjItYWE2YS00ODZkLWI5ZTYt
YmMwMDQ2NDllZTk5LzEvQXg2R3UwQTFXVkFNSG5NeUxoM0IzMjAwMHNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jMTRhNjItYWE2YS00ODZkLWI5ZTYtYmMwMDQ2NDllZTk5
LzEvdVc2TGJYUHk4NFZJbVc5bVloTXdxTmNRaFNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCBYVUAwQC
ucW8AwQCuc3wAwQCwJEYAwQBwqR0MA0GCSqGSIb3DQEBCwUAA4IBAQAyR06WPfaP
6IkFDwxSqPgKhGZ6G/Cn6+3AZg333RI9968eW+VyoEgW8ebLM/QXY9AhDjT3vjM7
682y5xcvfLFQcpKmf9b1fGs3uTrjQgJKzl4YQA2i6sKN2VcJDGGrVhKi+Zyxq6dH
2kLKX5iBbTSEjNtKx5KFriNE/bjoGRMb9XywmPjS1US+Q8B+96BBCZ/TlXapQySe
ObeKcu6IE84vageg+6ydToR6LsOyBzaBdb0CJm+qRVWSyetTrAhWkcWyKiwgJGWK
jyY4SxsgwvwveZ6VNAlFkU4b1YVvWzOlZ3/E+cbl+nHKcn8q+6ZNsZ33+cSreIOZ
nvDjs7FWD7TR
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:55:36 2025 by rpki-client