Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/59650d-c935-4aa9-9804-d1bd06f5bf00/1/RtI2t-xfA3CVU9o2N66E_VQ0tAE.roa
File: RtI2t-xfA3CVU9o2N66E_VQ0tAE.roa (raw, json)
Hash identifier: DL3BEIidpUe9S3B80+Z9r5T7eyCfvhEDaHGpB/iZxlk=
Subject key identifier: 46:D2:36:B7:EC:5F:03:70:95:53:DA:36:37:AE:84:FD:54:34:B4:01
Certificate issuer: /CN=5efccd7d7e308f81807051f8d487e9d829c24868
Certificate serial: 01942444C73BDB6207F8D82A168C27806BDA
Authority key identifier: 5E:FC:CD:7D:7E:30:8F:81:80:70:51:F8:D4:87:E9:D8:29:C2:48:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XvzNfX4wj4GAcFH41Ifp2CnCSGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/59650d-c935-4aa9-9804-d1bd06f5bf00/1/RtI2t-xfA3CVU9o2N66E_VQ0tAE.roa
Signing time: Wed 01 Jan 2025 23:47:54 +0000
ROA not before: Wed 01 Jan 2025 23:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12620
IP address blocks: 62.48.96.0/19 maxlen: 19
84.55.192.0/18 maxlen: 18
176.46.192.0/18 maxlen: 18
185.179.16.0/22 maxlen: 22
195.190.160.0/19 maxlen: 19
2001:4b00::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/59650d-c935-4aa9-9804-d1bd06f5bf00/1/XvzNfX4wj4GAcFH41Ifp2CnCSGg.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/59650d-c935-4aa9-9804-d1bd06f5bf00/1/XvzNfX4wj4GAcFH41Ifp2CnCSGg.mft
rsync://rpki.ripe.net/repository/DEFAULT/XvzNfX4wj4GAcFH41Ifp2CnCSGg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:c7:3b:db:62:07:f8:d8:2a:16:8c:27:80:6b:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5efccd7d7e308f81807051f8d487e9d829c24868
Validity
Not Before: Jan 1 23:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=46d236b7ec5f03709553da3637ae84fd5434b401
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b6:bd:f8:09:7a:95:8b:90:60:7a:81:a7:28:
7c:dc:01:00:f6:e9:c1:c5:4d:b2:d3:f3:3c:50:19:
a3:9e:8a:5e:76:aa:61:11:ec:ce:42:49:ed:34:69:
44:67:14:a9:37:94:da:b3:06:3a:2e:93:22:7a:25:
8e:c3:8f:4e:e3:fd:76:11:ca:f6:e4:dd:8b:8d:40:
49:c7:6e:ef:8f:3d:16:b8:4e:f3:53:59:20:20:3c:
8f:29:01:a1:8d:62:98:86:83:41:65:d1:cb:5c:00:
91:21:32:84:d3:5d:fe:20:22:17:81:37:00:f4:96:
21:2f:af:4d:d5:17:80:7f:d1:a7:d1:33:52:ae:e8:
08:02:e1:d4:d7:1c:c0:6f:e6:94:75:83:b8:69:69:
a2:c0:be:a5:da:b2:fb:4f:98:5d:ad:5f:63:f3:b5:
b9:c4:7c:7c:19:56:cd:cb:9c:69:36:28:f6:87:3f:
4d:5f:64:90:4a:c2:f8:5b:58:db:6e:b5:e7:08:0c:
fa:eb:a2:1a:02:d3:96:8a:92:de:e6:59:5b:eb:42:
63:cb:6e:11:dc:8a:00:ff:c5:ef:0b:6c:69:e7:e8:
7f:3c:d6:51:57:32:44:23:c7:80:93:71:6c:23:3d:
8f:83:1f:a4:8d:6b:88:1c:8a:a4:a5:18:e3:1a:14:
e0:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:D2:36:B7:EC:5F:03:70:95:53:DA:36:37:AE:84:FD:54:34:B4:01
X509v3 Authority Key Identifier:
keyid:5E:FC:CD:7D:7E:30:8F:81:80:70:51:F8:D4:87:E9:D8:29:C2:48:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XvzNfX4wj4GAcFH41Ifp2CnCSGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/59650d-c935-4aa9-9804-d1bd06f5bf00/1/RtI2t-xfA3CVU9o2N66E_VQ0tAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/59650d-c935-4aa9-9804-d1bd06f5bf00/1/XvzNfX4wj4GAcFH41Ifp2CnCSGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.48.96.0/19
84.55.192.0/18
176.46.192.0/18
185.179.16.0/22
195.190.160.0/19
IPv6:
2001:4b00::/29
Signature Algorithm: sha256WithRSAEncryption
29:d8:e1:80:be:99:d9:46:f6:0f:5a:37:35:ef:4f:4d:5e:c5:
04:ed:6b:f8:60:3c:16:fc:89:92:be:51:2f:6f:32:6b:4d:03:
0e:06:ee:5d:07:78:9e:e5:9a:91:b7:f3:37:10:78:e4:8d:65:
41:8b:aa:87:8b:ec:10:f7:91:5b:94:89:14:6b:7a:6b:fe:08:
01:38:36:4f:9b:16:27:12:d6:d2:39:8c:e6:a7:51:9f:b2:60:
16:bf:98:cf:ce:70:fd:30:c7:68:e9:3a:5e:61:ce:c3:2c:32:
23:e1:39:13:e0:09:83:f1:0a:3a:bc:9f:a3:da:38:b1:e9:f8:
18:ee:22:58:c1:b3:5a:11:2d:03:4c:f5:a9:1a:68:d3:7c:4e:
f8:2c:b7:f3:bc:ff:7d:7b:f5:67:e4:a9:55:83:03:a9:73:ab:
df:3e:a7:0a:89:23:46:2c:b0:c6:a9:4e:04:f1:a8:fd:34:35:
5e:af:c5:5b:a7:a2:18:eb:02:4e:78:30:47:60:ed:98:a4:68:
41:2c:43:a0:2c:2c:1b:b8:e9:df:8f:00:d9:15:55:64:ad:88:
b5:4f:50:bd:07:b5:a3:eb:3a:30:67:60:b2:96:f5:b6:6c:a1:
89:1d:50:58:e6:95:2b:26:2f:e1:2a:19:a7:3d:00:62:06:81:
b4:5a:af:3f
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQkRMc722IH+NgqFowngGvaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZmNjZDdkN2UzMDhmODE4MDcwNTFmOGQ0ODdlOWQ4Mjlj
MjQ4NjgwHhcNMjUwMTAxMjM0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmQyMzZiN2VjNWYwMzcwOTU1M2RhMzYzN2FlODRmZDU0MzRiNDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7a9+Al6lYuQYHqBpyh83AEA9unB
xU2y0/M8UBmjnopedqphEezOQkntNGlEZxSpN5TaswY6LpMieiWOw49O4/12Ecr2
5N2LjUBJx27vjz0WuE7zU1kgIDyPKQGhjWKYhoNBZdHLXACRITKE013+ICIXgTcA
9JYhL69N1ReAf9Gn0TNSrugIAuHU1xzAb+aUdYO4aWmiwL6l2rL7T5hdrV9j87W5
xHx8GVbNy5xpNij2hz9NX2SQSsL4W1jbbrXnCAz666IaAtOWipLe5llb60Jjy24R
3IoA/8XvC2xp5+h/PNZRVzJEI8eAk3FsIz2Pgx+kjWuIHIqkpRjjGhTgdwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFEbSNrfsXwNwlVPaNjeuhP1UNLQBMB8GA1UdIwQY
MBaAFF78zX1+MI+BgHBR+NSH6dgpwkhoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHZ6TmZYNHdqNEdBY0ZINDFJZnAyQ25DU0dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS81OTY1MGQtYzkzNS00YWE5LTk4MDQt
ZDFiZDA2ZjViZjAwLzEvUnRJMnQteGZBM0NWVTlvMk42NkVfVlEwdEFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS81OTY1MGQtYzkzNS00YWE5LTk4MDQtZDFiZDA2ZjViZjAw
LzEvWHZ6TmZYNHdqNEdBY0ZINDFJZnAyQ25DU0dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFPjBgAwQG
VDfAAwQGsC7AAwQCubMQAwQFw76gMA0EAgACMAcDBQMgAUsAMA0GCSqGSIb3DQEB
CwUAA4IBAQAp2OGAvpnZRvYPWjc1709NXsUE7Wv4YDwW/ImSvlEvbzJrTQMOBu5d
B3ie5ZqRt/M3EHjkjWVBi6qHi+wQ95FblIkUa3pr/ggBODZPmxYnEtbSOYzmp1Gf
smAWv5jPznD9MMdo6TpeYc7DLDIj4TkT4AmD8Qo6vJ+j2jix6fgY7iJYwbNaES0D
TPWpGmjTfE74LLfzvP99e/Vn5KlVgwOpc6vfPqcKiSNGLLDGqU4E8aj9NDVer8Vb
p6IY6wJOeDBHYO2YpGhBLEOgLCwbuOnfjwDZFVVkrYi1T1C9B7Wj6zowZ2CylvW2
bKGJHVBY5pUrJi/hKhmnPQBiBoG0Wq8/
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:59:33 2025 by rpki-client