Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/r2ZORJxSeCIu6eCO87hDb9jfS0s.roa
File: r2ZORJxSeCIu6eCO87hDb9jfS0s.roa (raw, json)
Hash identifier: kW/Le+50yBjcga1Wh8Y1h6UD2loMcqNEMFpy4Zq+anY=
Subject key identifier: AF:66:4E:44:9C:52:78:22:2E:E9:E0:8E:F3:B8:43:6F:D8:DF:4B:4B
Certificate issuer: /CN=5dd7336fa915721ce3bfee217f4e99164db9532b
Certificate serial: 019424B3FD62F3E4A341341BE6B29C1DDA00
Authority key identifier: 5D:D7:33:6F:A9:15:72:1C:E3:BF:EE:21:7F:4E:99:16:4D:B9:53:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xdczb6kVchzjv-4hf06ZFk25Uys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/r2ZORJxSeCIu6eCO87hDb9jfS0s.roa
Signing time: Thu 02 Jan 2025 01:49:22 +0000
ROA not before: Thu 02 Jan 2025 01:49:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396982
IP address blocks: 109.68.56.0/21 maxlen: 21
193.151.72.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/Xdczb6kVchzjv-4hf06ZFk25Uys.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/Xdczb6kVchzjv-4hf06ZFk25Uys.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xdczb6kVchzjv-4hf06ZFk25Uys.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 16:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:fd:62:f3:e4:a3:41:34:1b:e6:b2:9c:1d:da:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dd7336fa915721ce3bfee217f4e99164db9532b
Validity
Not Before: Jan 2 01:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af664e449c5278222ee9e08ef3b8436fd8df4b4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:1e:c7:aa:16:de:59:11:9c:f3:aa:d8:fb:f9:
64:d4:76:a0:53:ab:f3:52:49:f0:17:db:ff:8c:9f:
b5:b3:8d:ba:e9:ff:57:70:44:d9:df:39:fb:bc:c2:
f4:25:56:1a:42:ab:b1:d5:ce:f5:25:d0:f8:4b:50:
18:46:73:b5:d1:73:74:12:d0:e1:f0:c8:1e:07:67:
b0:55:09:7d:9b:22:8c:f3:a6:99:4c:04:e0:6b:7a:
5e:0f:57:b2:c5:85:47:75:17:2c:37:5e:2d:1b:70:
da:a0:8d:5f:5b:b1:d9:60:22:21:3e:99:24:5d:2d:
e2:52:c8:25:04:61:8d:8f:f0:bb:97:8e:6b:45:c8:
72:8b:4b:3c:ec:c1:08:5b:8c:81:c1:b8:4d:a6:b9:
2f:30:6f:16:84:ad:db:66:0c:dc:70:bd:6a:6b:de:
97:e2:89:e2:32:1b:af:4e:54:69:dd:0d:9a:41:32:
e2:3c:8a:73:c8:27:b6:68:7f:f4:cb:5d:7f:67:7e:
e2:66:48:63:d7:cf:6e:45:66:27:23:7e:59:35:5f:
3a:6c:f5:e1:61:2d:9f:13:25:dd:60:05:55:23:6e:
7f:25:74:50:bf:31:17:04:d4:84:b4:d6:40:8e:86:
a8:66:07:02:3d:ce:d5:a9:db:f2:c0:bf:2b:1b:e6:
22:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:66:4E:44:9C:52:78:22:2E:E9:E0:8E:F3:B8:43:6F:D8:DF:4B:4B
X509v3 Authority Key Identifier:
keyid:5D:D7:33:6F:A9:15:72:1C:E3:BF:EE:21:7F:4E:99:16:4D:B9:53:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xdczb6kVchzjv-4hf06ZFk25Uys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/r2ZORJxSeCIu6eCO87hDb9jfS0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/Xdczb6kVchzjv-4hf06ZFk25Uys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.68.56.0/21
193.151.72.0/22
Signature Algorithm: sha256WithRSAEncryption
84:24:5a:d5:8f:a8:83:a5:d1:f7:32:ee:e0:a4:af:9b:4a:7a:
8d:62:80:1d:92:18:b1:8e:d4:c4:ea:2b:27:14:3b:e5:30:fd:
74:80:1c:01:f0:db:ec:83:6d:1e:a7:08:0c:95:8f:ab:d3:66:
3c:c9:07:a7:51:ff:23:0a:4c:9e:a6:11:b8:2a:b9:83:a9:3c:
1d:69:2e:61:91:cb:ee:26:b6:86:d3:62:20:b5:8e:04:75:e2:
1d:af:1b:ae:99:e1:e1:24:69:da:49:6f:fe:67:7e:f2:16:1a:
88:3b:b5:43:21:1a:77:06:e0:87:24:4c:f2:07:c3:c5:7b:41:
a9:d5:08:48:eb:a6:30:78:66:72:68:b2:54:00:94:f6:22:69:
4c:6e:bc:5c:fd:b7:0f:bf:d7:bf:11:b3:8e:68:cc:07:6b:52:
90:1d:83:02:db:6c:23:7f:97:cd:1c:75:47:b1:a7:08:1f:ba:
7b:eb:4d:5b:8c:f4:eb:33:2d:27:ab:c2:c7:6d:bd:5e:f8:34:
9f:2b:4c:99:d0:f7:35:73:7d:13:70:f2:dc:e4:cf:7e:63:d5:
0a:0b:5f:53:88:50:6a:50:77:72:94:0d:f6:84:68:de:15:fd:
82:21:89:e2:99:f3:e7:ff:c4:53:6c:b6:8f:79:bd:b4:05:5e:
3b:bd:0d:f9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQks/1i8+SjQTQb5rKcHdoAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDczMzZmYTkxNTcyMWNlM2JmZWUyMTdmNGU5OTE2NGRi
OTUzMmIwHhcNMjUwMTAyMDE0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjY2NGU0NDljNTI3ODIyMmVlOWUwOGVmM2I4NDM2ZmQ4ZGY0YjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwh7HqhbeWRGc86rY+/lk1HagU6vz
UknwF9v/jJ+1s4266f9XcETZ3zn7vML0JVYaQqux1c71JdD4S1AYRnO10XN0EtDh
8MgeB2ewVQl9myKM86aZTATga3peD1eyxYVHdRcsN14tG3DaoI1fW7HZYCIhPpkk
XS3iUsglBGGNj/C7l45rRchyi0s87MEIW4yBwbhNprkvMG8WhK3bZgzccL1qa96X
4oniMhuvTlRp3Q2aQTLiPIpzyCe2aH/0y11/Z37iZkhj189uRWYnI35ZNV86bPXh
YS2fEyXdYAVVI25/JXRQvzEXBNSEtNZAjoaoZgcCPc7VqdvywL8rG+YikQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK9mTkScUngiLungjvO4Q2/Y30tLMB8GA1UdIwQY
MBaAFF3XM2+pFXIc47/uIX9OmRZNuVMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRjemI2a1ZjaHpqdi00aGYwNlpGazI1VXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9lNzQ0YmQtZjZkOS00Zjc0LThjMDEt
OGM0YmM0NTkyN2EzLzEvcjJaT1JKeFNlQ0l1NmVDTzg3aERiOWpmUzBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9lNzQ0YmQtZjZkOS00Zjc0LThjMDEtOGM0YmM0NTkyN2Ez
LzEvWGRjemI2a1ZjaHpqdi00aGYwNlpGazI1VXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDbUQ4AwQC
wZdIMA0GCSqGSIb3DQEBCwUAA4IBAQCEJFrVj6iDpdH3Mu7gpK+bSnqNYoAdkhix
jtTE6isnFDvlMP10gBwB8Nvsg20epwgMlY+r02Y8yQenUf8jCkyephG4KrmDqTwd
aS5hkcvuJraG02IgtY4EdeIdrxuumeHhJGnaSW/+Z37yFhqIO7VDIRp3BuCHJEzy
B8PFe0Gp1QhI66YweGZyaLJUAJT2ImlMbrxc/bcPv9e/EbOOaMwHa1KQHYMC22wj
f5fNHHVHsacIH7p7601bjPTrMy0nq8LHbb1e+DSfK0yZ0Pc1c30TcPLc5M9+Y9UK
C19TiFBqUHdylA32hGjeFf2CIYnimfPn/8RTbLaPeb20BV47vQ35
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:57:33 2025 by rpki-client