Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/5ylzUozH0X5KfArQKo4i4yUI-II.roa
File: 5ylzUozH0X5KfArQKo4i4yUI-II.roa (raw, json)
Hash identifier: /U7VX7N0LYLMWn9ZhI8TzwqGtktcWpOPVB+Ela0LG78=
Subject key identifier: E7:29:73:52:8C:C7:D1:7E:4A:7C:0A:D0:2A:8E:22:E3:25:08:F8:82
Certificate issuer: /CN=90b8a15466c3ff1e915d780a10b0baa9ad694860
Certificate serial: 01956C04AA829F4D9FF26E56C9AFB8F86894
Authority key identifier: 90:B8:A1:54:66:C3:FF:1E:91:5D:78:0A:10:B0:BA:A9:AD:69:48:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kLihVGbD_x6RXXgKELC6qa1pSGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/5ylzUozH0X5KfArQKo4i4yUI-II.roa
Signing time: Thu 06 Mar 2025 15:13:19 +0000
ROA not before: Thu 06 Mar 2025 15:13:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50411
IP address blocks: 37.130.8.0/22 maxlen: 22
37.130.12.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/kLihVGbD_x6RXXgKELC6qa1pSGA.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/kLihVGbD_x6RXXgKELC6qa1pSGA.mft
rsync://rpki.ripe.net/repository/DEFAULT/kLihVGbD_x6RXXgKELC6qa1pSGA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6c:04:aa:82:9f:4d:9f:f2:6e:56:c9:af:b8:f8:68:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90b8a15466c3ff1e915d780a10b0baa9ad694860
Validity
Not Before: Mar 6 15:13:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e72973528cc7d17e4a7c0ad02a8e22e32508f882
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5b:e3:fc:3e:12:f1:15:1e:e4:82:df:9a:bb:
1d:ba:27:c3:8f:62:e2:66:11:50:22:01:28:ee:cb:
e5:05:72:ff:48:6d:ea:5c:b2:cb:d0:b8:52:77:a4:
9f:ca:f7:61:4b:76:dc:6a:c1:cf:cd:43:88:3a:dd:
91:9f:49:4a:24:61:a0:23:7d:60:d5:98:f4:44:f5:
8c:6e:13:b7:ae:72:e3:f2:c7:70:5b:3e:e9:00:c5:
d3:ef:31:0c:e8:f0:e9:a9:e8:25:e9:b9:1f:22:68:
b5:31:84:0d:6a:7c:8b:9b:db:59:44:cd:ba:cd:97:
0d:95:cd:b0:59:ee:5f:f8:12:33:89:3d:06:16:b5:
37:20:c3:33:3d:df:f0:61:73:45:4c:ce:23:86:93:
8c:1e:53:03:8f:8e:3e:41:92:ed:8f:8c:cc:ee:9c:
ea:f7:9e:da:2d:21:0e:0f:70:4a:67:8b:0d:1f:c9:
7f:2a:0b:0a:dc:96:11:72:de:55:35:7a:39:62:49:
fe:2c:6e:2a:52:7a:92:b6:85:f2:be:dc:de:50:62:
41:fa:4d:0a:5d:bc:70:5e:8e:1c:21:3b:a0:a8:37:
d1:ce:40:c9:bb:a1:3d:9c:f1:c8:a4:d2:09:a5:c7:
d1:cc:77:04:cf:13:3c:39:58:1d:64:34:e7:6f:c9:
31:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:29:73:52:8C:C7:D1:7E:4A:7C:0A:D0:2A:8E:22:E3:25:08:F8:82
X509v3 Authority Key Identifier:
keyid:90:B8:A1:54:66:C3:FF:1E:91:5D:78:0A:10:B0:BA:A9:AD:69:48:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kLihVGbD_x6RXXgKELC6qa1pSGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/5ylzUozH0X5KfArQKo4i4yUI-II.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/kLihVGbD_x6RXXgKELC6qa1pSGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.130.8.0-37.130.13.255
Signature Algorithm: sha256WithRSAEncryption
33:f7:d4:31:2d:32:ef:fa:4b:45:0f:5e:4d:82:19:78:28:12:
f5:89:51:3a:69:1a:77:73:b0:60:f3:04:67:66:23:3a:4e:55:
2f:0a:88:d4:07:92:2e:da:18:06:c6:d1:c5:a3:2c:ba:61:f4:
b0:ee:db:b6:6d:60:7f:07:bb:90:5d:78:3f:8e:05:94:a0:5b:
23:63:bb:1b:11:2d:87:75:40:ec:53:92:e1:9a:2c:67:0e:b5:
ba:5b:45:3b:53:4f:22:ee:52:8e:49:39:99:67:a9:4c:2c:37:
a0:f7:78:6e:d9:af:2f:43:bb:61:a9:bc:36:8f:65:c8:7b:b6:
4f:cd:e7:cc:1d:9d:d3:48:de:4b:42:44:2e:78:08:ec:90:47:
0b:f0:d3:de:54:8a:0a:10:1b:69:c8:43:66:c0:26:c9:a3:72:
61:14:6c:db:2c:b8:c8:d0:8f:55:69:bc:af:94:2a:b3:0c:47:
d0:f9:7a:1b:87:65:78:d0:9d:92:95:43:40:26:fa:99:92:d9:
05:f3:46:ed:bc:ac:59:a8:0a:87:77:c5:b6:75:d7:fa:fb:1c:
40:11:1b:8d:2f:e4:a0:4e:ab:0a:cb:9f:10:f2:a0:ec:a0:40:
0d:44:f4:06:2c:46:a0:0d:55:a5:d7:59:ad:f8:6c:f5:9e:0d:
7f:e3:b4:a5
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZVsBKqCn02f8m5Wya+4+GiUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYjhhMTU0NjZjM2ZmMWU5MTVkNzgwYTEwYjBiYWE5YWQ2
OTQ4NjAwHhcNMjUwMzA2MTUxMzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzI5NzM1MjhjYzdkMTdlNGE3YzBhZDAyYThlMjJlMzI1MDhmODgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlvj/D4S8RUe5ILfmrsduifDj2Li
ZhFQIgEo7svlBXL/SG3qXLLL0LhSd6SfyvdhS3bcasHPzUOIOt2Rn0lKJGGgI31g
1Zj0RPWMbhO3rnLj8sdwWz7pAMXT7zEM6PDpqegl6bkfImi1MYQNanyLm9tZRM26
zZcNlc2wWe5f+BIziT0GFrU3IMMzPd/wYXNFTM4jhpOMHlMDj44+QZLtj4zM7pzq
957aLSEOD3BKZ4sNH8l/KgsK3JYRct5VNXo5Ykn+LG4qUnqStoXyvtzeUGJB+k0K
XbxwXo4cITugqDfRzkDJu6E9nPHIpNIJpcfRzHcEzxM8OVgdZDTnb8kx8wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOcpc1KMx9F+SnwK0CqOIuMlCPiCMB8GA1UdIwQY
MBaAFJC4oVRmw/8ekV14ChCwuqmtaUhgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0xpaFZHYkRfeDZSWFhnS0VMQzZxYTFwU0dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9hMmRmNDQtMzhiMi00ZDEyLTgzNDct
NzhlOTk3ODY5OTUyLzEvNXlselVvekgwWDVLZkFyUUtvNGk0eVVJLUlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9hMmRmNDQtMzhiMi00ZDEyLTgzNDctNzhlOTk3ODY5OTUy
LzEva0xpaFZHYkRfeDZSWFhnS0VMQzZxYTFwU0dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAMlgggD
BAElggwwDQYJKoZIhvcNAQELBQADggEBADP31DEtMu/6S0UPXk2CGXgoEvWJUTpp
GndzsGDzBGdmIzpOVS8KiNQHki7aGAbG0cWjLLph9LDu27ZtYH8Hu5BdeD+OBZSg
WyNjuxsRLYd1QOxTkuGaLGcOtbpbRTtTTyLuUo5JOZlnqUwsN6D3eG7Zry9Du2Gp
vDaPZch7tk/N58wdndNI3ktCRC54COyQRwvw095UigoQG2nIQ2bAJsmjcmEUbNss
uMjQj1VpvK+UKrMMR9D5ehuHZXjQnZKVQ0Am+pmS2QXzRu28rFmoCod3xbZ11/r7
HEARG40v5KBOqwrLnxDyoOygQA1E9AYsRqANVaXXWa34bPWeDX/jtKU=
-----END CERTIFICATE-----
Generated at Thu Apr 24 20:37:33 2025 by rpki-client