Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/5WpWrypca4XGx0ISHtuZYRT_cno.roa
File: 5WpWrypca4XGx0ISHtuZYRT_cno.roa (raw, json)
Hash identifier: R8ZoU8UZw1Z3gy7t3IJTFumdlDzgJjWSubPKAJkbvV0=
Subject key identifier: E5:6A:56:AF:2A:5C:6B:85:C6:C7:42:12:1E:DB:99:61:14:FF:72:7A
Certificate issuer: /CN=70f9b16adf2fd31988859922b4457481dd7eef40
Certificate serial: 0194221FD85EA8FB9FBB163A7532A22820F0
Authority key identifier: 70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/5WpWrypca4XGx0ISHtuZYRT_cno.roa
Signing time: Wed 01 Jan 2025 13:48:19 +0000
ROA not before: Wed 01 Jan 2025 13:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42689
IP address blocks: 141.226.240.0/24 maxlen: 24
141.226.244.0/24 maxlen: 24
141.226.247.0/24 maxlen: 24
213.137.80.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.mft
rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 12:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:d8:5e:a8:fb:9f:bb:16:3a:75:32:a2:28:20:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70f9b16adf2fd31988859922b4457481dd7eef40
Validity
Not Before: Jan 1 13:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e56a56af2a5c6b85c6c742121edb996114ff727a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:f2:21:4d:5a:61:cd:ea:db:64:1b:2a:52:75:
13:e2:f8:df:62:81:f7:63:28:ab:98:c1:b3:02:c1:
d2:7b:22:27:e4:ee:72:ba:ae:aa:3b:d2:ad:bc:32:
98:d4:03:27:33:55:bf:5a:e1:6b:f3:46:3e:07:bb:
0f:bd:1c:09:54:09:a1:62:03:5e:17:db:29:88:f6:
f6:88:81:10:82:30:fe:b1:24:8b:d2:1c:e5:07:5f:
27:57:93:eb:b8:00:d6:f0:51:2b:d1:f9:93:6e:d7:
49:c6:67:15:7e:ed:ab:a7:05:01:9d:3a:4f:20:7a:
dd:c0:f5:b5:a1:4d:6b:80:07:ff:a8:db:5b:6f:7a:
48:96:76:aa:c0:a2:a4:36:00:08:3b:f0:f7:e4:de:
a2:f3:c9:9b:4e:78:d2:b6:43:3d:94:8b:06:9c:69:
23:86:a6:f7:7a:82:fb:a7:7e:20:b8:d7:d1:00:98:
58:90:fe:74:2e:8a:7f:5d:68:13:45:dc:53:1d:bb:
ed:fd:48:ea:b4:0c:59:db:ea:2d:ae:4c:e1:d3:cf:
88:7d:28:92:cd:56:fd:1e:dd:7c:b1:5a:15:ba:6d:
8b:54:50:e8:81:e4:2a:bf:3f:56:c3:af:85:8b:ca:
95:73:91:3d:56:99:04:9d:b6:a0:f3:79:c3:31:a6:
b0:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:6A:56:AF:2A:5C:6B:85:C6:C7:42:12:1E:DB:99:61:14:FF:72:7A
X509v3 Authority Key Identifier:
keyid:70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/5WpWrypca4XGx0ISHtuZYRT_cno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.226.240.0/24
141.226.244.0/24
141.226.247.0/24
213.137.80.0/23
Signature Algorithm: sha256WithRSAEncryption
92:97:dc:69:a5:e6:f4:9f:02:d3:2e:4a:39:dc:33:b2:9b:66:
c9:4b:ed:bb:f6:85:79:1a:f9:9b:ef:54:1c:e6:db:09:5c:4c:
0c:68:19:0e:99:92:ce:87:1f:69:26:ad:23:55:3e:08:d0:7a:
79:22:83:9e:d0:2d:06:51:db:bd:5b:35:cb:6a:42:e1:a6:7e:
44:00:4c:b3:6e:66:13:9b:79:4e:f1:95:25:66:02:21:a7:91:
ad:95:6f:e7:06:dc:a4:e7:26:88:af:65:ba:f2:fc:b7:21:c6:
0f:bf:4f:2b:1e:bc:01:ac:96:8c:5e:93:fd:5a:0b:43:73:25:
06:bf:b1:c0:d0:80:d5:30:09:4f:1f:50:3b:70:fd:61:e6:b1:
19:99:f9:8e:49:47:0e:1c:90:3f:bc:f6:af:b9:93:78:fe:41:
36:59:4b:ce:b6:74:3c:80:98:b3:c2:7f:18:0f:ac:ee:3d:a2:
0a:83:1e:21:43:39:89:d3:f4:8b:57:6d:a2:d2:f0:69:d1:45:
10:d5:77:b9:e3:e9:f7:43:98:b8:0f:58:8d:bf:04:e5:10:b3:
09:ca:fe:ce:c5:14:59:e4:dd:e8:aa:68:eb:9b:3c:1a:3c:82:
09:f3:3b:57:9c:94:6b:33:fb:91:4c:77:57:7e:4a:e5:6e:e1:
0c:17:78:01
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQiH9heqPufuxY6dTKiKCDwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZjliMTZhZGYyZmQzMTk4ODg1OTkyMmI0NDU3NDgxZGQ3
ZWVmNDAwHhcNMjUwMTAxMTM0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTZhNTZhZjJhNWM2Yjg1YzZjNzQyMTIxZWRiOTk2MTE0ZmY3MjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/IhTVphzerbZBsqUnUT4vjfYoH3
YyirmMGzAsHSeyIn5O5yuq6qO9KtvDKY1AMnM1W/WuFr80Y+B7sPvRwJVAmhYgNe
F9spiPb2iIEQgjD+sSSL0hzlB18nV5PruADW8FEr0fmTbtdJxmcVfu2rpwUBnTpP
IHrdwPW1oU1rgAf/qNtbb3pIlnaqwKKkNgAIO/D35N6i88mbTnjStkM9lIsGnGkj
hqb3eoL7p34guNfRAJhYkP50Lop/XWgTRdxTHbvt/UjqtAxZ2+otrkzh08+IfSiS
zVb9Ht18sVoVum2LVFDogeQqvz9Ww6+Fi8qVc5E9VpkEnbag83nDMaawxQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOVqVq8qXGuFxsdCEh7bmWEU/3J6MB8GA1UdIwQY
MBaAFHD5sWrfL9MZiIWZIrRFdIHdfu9AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUt
YmM2ZGI3MjQ4YWRkLzEvNVdwV3J5cGNhNFhHeDBJU0h0dVpZUlRfY25vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUtYmM2ZGI3MjQ4YWRk
LzEvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAjeLwAwQA
jeL0AwQAjeL3AwQB1YlQMA0GCSqGSIb3DQEBCwUAA4IBAQCSl9xppeb0nwLTLko5
3DOym2bJS+279oV5Gvmb71Qc5tsJXEwMaBkOmZLOhx9pJq0jVT4I0Hp5IoOe0C0G
Udu9WzXLakLhpn5EAEyzbmYTm3lO8ZUlZgIhp5GtlW/nBtyk5yaIr2W68vy3IcYP
v08rHrwBrJaMXpP9WgtDcyUGv7HA0IDVMAlPH1A7cP1h5rEZmfmOSUcOHJA/vPav
uZN4/kE2WUvOtnQ8gJizwn8YD6zuPaIKgx4hQzmJ0/SLV22i0vBp0UUQ1Xe54+n3
Q5i4D1iNvwTlELMJyv7OxRRZ5N3oqmjrmzwaPIIJ8ztXnJRrM/uRTHdXfkrlbuEM
F3gB
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:44 2025 by rpki-client