Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/0376d1-12ca-4135-9483-8e7149f04a4e/1/XsL5B3czGNBOzfHerg03TyaBu5U.roa
File: XsL5B3czGNBOzfHerg03TyaBu5U.roa (raw, json)
Hash identifier: ISMIcudQZ6/ngajT0MeHKZhAvNpAbEEMDN0b+U1wlIs=
Subject key identifier: 5E:C2:F9:07:77:33:18:D0:4E:CD:F1:DE:AE:0D:37:4F:26:81:BB:95
Certificate issuer: /CN=ae1dc18a4b1fbfe2c2babd8bbb47fe1fd1cf22f8
Certificate serial: 019422FC3A062574A900B2C77AE640DB1A86
Authority key identifier: AE:1D:C1:8A:4B:1F:BF:E2:C2:BA:BD:8B:BB:47:FE:1F:D1:CF:22:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rh3Biksfv-LCur2Lu0f-H9HPIvg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/0376d1-12ca-4135-9483-8e7149f04a4e/1/XsL5B3czGNBOzfHerg03TyaBu5U.roa
Signing time: Wed 01 Jan 2025 17:49:02 +0000
ROA not before: Wed 01 Jan 2025 17:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203889
IP address blocks: 194.99.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/0376d1-12ca-4135-9483-8e7149f04a4e/1/rh3Biksfv-LCur2Lu0f-H9HPIvg.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/0376d1-12ca-4135-9483-8e7149f04a4e/1/rh3Biksfv-LCur2Lu0f-H9HPIvg.mft
rsync://rpki.ripe.net/repository/DEFAULT/rh3Biksfv-LCur2Lu0f-H9HPIvg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 20:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:3a:06:25:74:a9:00:b2:c7:7a:e6:40:db:1a:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae1dc18a4b1fbfe2c2babd8bbb47fe1fd1cf22f8
Validity
Not Before: Jan 1 17:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ec2f907773318d04ecdf1deae0d374f2681bb95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:fa:b9:37:31:6a:11:ef:f9:b5:66:c5:ae:6b:
32:3b:13:e3:dc:f7:5a:1f:bc:04:d1:9c:85:49:15:
85:c6:8e:b4:c5:c0:4d:5e:49:64:e0:bd:a4:55:c9:
09:1f:7a:e5:df:94:cd:2d:9a:d6:b8:a9:c0:60:1a:
3a:f2:14:2e:d3:55:40:ee:7d:a2:17:cb:10:0d:5d:
c3:7e:90:2b:a4:48:52:73:c1:3d:f6:56:96:67:ef:
6b:6c:35:ca:ce:eb:6a:c0:c9:b5:2f:96:7c:9b:09:
c4:ef:3f:50:24:48:bc:ed:96:eb:d1:24:e8:eb:e5:
25:1a:e5:57:0a:3c:e6:8d:71:49:83:0e:e9:97:63:
48:25:c9:2b:ba:35:b2:2a:41:ba:42:28:7f:be:38:
d1:a8:8a:63:4e:55:2b:ce:df:d1:9c:6e:30:ea:05:
2b:3f:d2:eb:dd:24:dc:99:b7:f5:af:8f:dd:5b:e1:
c4:2a:21:2e:c6:18:5d:03:8b:85:b1:0a:92:32:05:
ee:6b:cf:a5:47:40:e9:aa:9c:b2:b5:8e:31:ce:b4:
9a:9b:43:e7:2d:08:f2:51:fa:82:98:b6:c7:43:f5:
04:d4:74:70:f0:a1:d0:2d:25:48:58:89:b7:ee:ee:
2a:ce:e0:33:23:88:f0:4f:d5:a2:25:e5:36:56:42:
fb:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:C2:F9:07:77:33:18:D0:4E:CD:F1:DE:AE:0D:37:4F:26:81:BB:95
X509v3 Authority Key Identifier:
keyid:AE:1D:C1:8A:4B:1F:BF:E2:C2:BA:BD:8B:BB:47:FE:1F:D1:CF:22:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rh3Biksfv-LCur2Lu0f-H9HPIvg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/0376d1-12ca-4135-9483-8e7149f04a4e/1/XsL5B3czGNBOzfHerg03TyaBu5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/0376d1-12ca-4135-9483-8e7149f04a4e/1/rh3Biksfv-LCur2Lu0f-H9HPIvg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.99.113.0/24
Signature Algorithm: sha256WithRSAEncryption
03:2a:4b:b0:b9:f4:37:59:22:6d:93:97:76:14:10:10:b8:b2:
24:a9:b7:81:06:72:f7:b5:56:2f:4b:47:bc:8a:e1:23:da:4b:
88:0c:99:49:fb:7e:ed:01:f0:22:87:ac:e1:e8:8a:f6:7c:a5:
d3:b8:f5:33:2c:58:92:89:a8:92:ef:dc:54:4e:4f:a9:a3:9d:
d3:4f:a8:9e:a7:3e:ca:c0:e4:68:4c:e1:d2:e1:a3:37:43:51:
f7:09:1e:7e:4d:93:02:f2:70:db:ca:27:16:69:af:1d:07:d9:
63:55:0d:c8:00:10:e7:e8:67:3f:c0:9a:3e:f6:39:de:24:7c:
0b:14:cf:63:e9:b2:8a:26:6d:32:49:a1:85:70:02:ef:28:0e:
01:37:84:28:85:18:f3:85:18:ef:b4:7d:f7:9c:f4:7b:d2:83:
77:aa:2a:d1:de:ba:92:56:06:b9:82:0c:47:63:29:a9:be:54:
d5:83:6d:c2:d4:02:64:bb:5b:1c:e2:79:71:60:39:f1:16:71:
e4:73:c2:a0:f4:87:3b:e7:3f:39:ae:63:7d:b5:ad:63:3a:36:
89:fb:5e:f4:ea:1a:55:a4:65:0c:58:e6:f1:d9:cd:13:03:47:
e8:2f:1f:fe:52:fe:15:5d:16:2b:a7:a0:a8:70:9f:8b:f7:cb:
4b:a0:03:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/DoGJXSpALLHeuZA2xqGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlMWRjMThhNGIxZmJmZTJjMmJhYmQ4YmJiNDdmZTFmZDFj
ZjIyZjgwHhcNMjUwMTAxMTc0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWMyZjkwNzc3MzMxOGQwNGVjZGYxZGVhZTBkMzc0ZjI2ODFiYjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/q5NzFqEe/5tWbFrmsyOxPj3Pda
H7wE0ZyFSRWFxo60xcBNXklk4L2kVckJH3rl35TNLZrWuKnAYBo68hQu01VA7n2i
F8sQDV3DfpArpEhSc8E99laWZ+9rbDXKzutqwMm1L5Z8mwnE7z9QJEi87Zbr0STo
6+UlGuVXCjzmjXFJgw7pl2NIJckrujWyKkG6Qih/vjjRqIpjTlUrzt/RnG4w6gUr
P9Lr3STcmbf1r4/dW+HEKiEuxhhdA4uFsQqSMgXua8+lR0DpqpyytY4xzrSam0Pn
LQjyUfqCmLbHQ/UE1HRw8KHQLSVIWIm37u4qzuAzI4jwT9WiJeU2VkL7aQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF7C+Qd3MxjQTs3x3q4NN08mgbuVMB8GA1UdIwQY
MBaAFK4dwYpLH7/iwrq9i7tH/h/RzyL4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmgzQmlrc2Z2LUxDdXIyTHUwZi1IOUhQSXZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8wMzc2ZDEtMTJjYS00MTM1LTk0ODMt
OGU3MTQ5ZjA0YTRlLzEvWHNMNUIzY3pHTkJPemZIZXJnMDNUeWFCdTVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8wMzc2ZDEtMTJjYS00MTM1LTk0ODMtOGU3MTQ5ZjA0YTRl
LzEvcmgzQmlrc2Z2LUxDdXIyTHUwZi1IOUhQSXZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmNxMA0G
CSqGSIb3DQEBCwUAA4IBAQADKkuwufQ3WSJtk5d2FBAQuLIkqbeBBnL3tVYvS0e8
iuEj2kuIDJlJ+37tAfAih6zh6Ir2fKXTuPUzLFiSiaiS79xUTk+po53TT6iepz7K
wORoTOHS4aM3Q1H3CR5+TZMC8nDbyicWaa8dB9ljVQ3IABDn6Gc/wJo+9jneJHwL
FM9j6bKKJm0ySaGFcALvKA4BN4QohRjzhRjvtH33nPR70oN3qirR3rqSVga5ggxH
YympvlTVg23C1AJku1sc4nlxYDnxFnHkc8Kg9Ic75z85rmN9ta1jOjaJ+1706hpV
pGUMWObx2c0TA0foLx/+Uv4VXRYrp6CocJ+L98tLoANP
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:53:25 2025 by rpki-client