Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/U6PZiMPGFi59UQPbQvpJ5OeISTQ.roa
File: U6PZiMPGFi59UQPbQvpJ5OeISTQ.roa (raw, json)
Hash identifier: gM+BMcTeRgWeVB1ILtIfWaNCb7+/7Q9sOp/rbFUSzM8=
Subject key identifier: 53:A3:D9:88:C3:C6:16:2E:7D:51:03:DB:42:FA:49:E4:E7:88:49:34
Certificate issuer: /CN=015b6d1596ac0501a71a393447051a62ff1dda16
Certificate serial: 01949E0357359DECE31871C74F0815AFD19A
Authority key identifier: 01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/U6PZiMPGFi59UQPbQvpJ5OeISTQ.roa
Signing time: Sat 25 Jan 2025 15:10:06 +0000
ROA not before: Sat 25 Jan 2025 15:10:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 196977
IP address blocks: 5.153.188.0/22 maxlen: 24
5.153.190.0/23 maxlen: 23
5.153.190.0/24 maxlen: 24
5.153.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AVttFZasBQGnGjk0RwUaYv8d2hY.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AVttFZasBQGnGjk0RwUaYv8d2hY.mft
rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:9e:03:57:35:9d:ec:e3:18:71:c7:4f:08:15:af:d1:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=015b6d1596ac0501a71a393447051a62ff1dda16
Validity
Not Before: Jan 25 15:10:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53a3d988c3c6162e7d5103db42fa49e4e7884934
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:75:fc:d3:ac:59:3d:de:c4:ad:80:6a:3b:21:
34:5b:30:f0:37:6d:fc:c0:f6:e3:ff:fd:96:1f:7f:
48:27:00:06:b5:b8:90:6b:80:fa:78:0a:f0:7d:81:
07:12:99:60:26:98:09:ba:d7:9f:9a:22:07:b9:af:
d4:58:da:cf:fc:2b:74:3b:a0:8d:f5:6b:05:c1:9c:
32:00:f5:a6:59:4c:ed:b0:b4:11:34:2f:98:f8:44:
b1:ed:4d:77:52:16:92:71:c2:d6:5f:1c:8c:e6:14:
61:47:33:d3:c1:b0:b7:24:ec:20:8a:d3:f0:7c:e0:
0c:93:11:8d:19:f9:e1:65:ce:e3:42:4e:4e:e9:86:
47:47:74:de:71:4f:a1:f2:68:07:dd:c2:25:6f:32:
11:a9:9e:a9:0e:3b:69:c4:5c:2a:bf:63:ca:3e:10:
a6:36:e3:e3:f3:ff:ce:2c:77:5b:73:dd:a4:3a:6a:
7e:7f:a7:02:81:41:47:95:7f:d1:d3:09:bf:fe:d4:
86:19:ec:99:9e:df:ac:d1:3b:f9:9c:e9:71:ca:68:
84:68:3a:95:b3:d7:56:95:a9:56:74:8c:94:22:33:
9f:69:07:ab:8d:96:4f:e5:d1:b5:5d:25:69:46:bb:
49:48:60:a1:5e:4e:4d:ba:97:14:dc:6b:96:ae:26:
ef:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:A3:D9:88:C3:C6:16:2E:7D:51:03:DB:42:FA:49:E4:E7:88:49:34
X509v3 Authority Key Identifier:
keyid:01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/U6PZiMPGFi59UQPbQvpJ5OeISTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AVttFZasBQGnGjk0RwUaYv8d2hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.188.0/22
Signature Algorithm: sha256WithRSAEncryption
59:44:04:75:e4:aa:31:54:9e:f4:a9:df:00:db:e8:7c:26:27:
fb:50:d3:20:3f:06:05:2c:dd:ca:cb:73:32:e4:39:82:85:de:
5d:76:ea:0d:f9:5d:f4:1e:39:a2:53:72:a1:ac:9b:78:43:12:
af:7e:92:c5:7d:f8:89:ba:51:55:3a:6c:21:b7:ea:fd:d4:c2:
a1:1a:9f:b2:90:1c:e1:8d:1c:7e:1b:81:52:5a:91:69:12:aa:
da:37:a5:a0:da:5e:16:7e:8c:74:cd:9c:96:e0:75:5c:17:4c:
ee:8d:b4:fc:15:72:df:1a:8e:8d:fd:5f:df:30:bf:42:4a:0d:
36:32:4e:d4:cb:ef:bf:ae:d8:fd:df:eb:dc:05:7d:1a:b8:54:
9e:0f:aa:fa:73:c7:88:63:d4:b3:ac:a9:38:81:58:cf:8f:0f:
8c:ff:20:53:27:84:cb:3c:e4:96:72:65:7a:55:c3:cb:20:28:
d8:59:7a:c7:9b:d6:a4:9b:85:1b:1b:89:c0:9f:60:1b:a4:be:
72:59:d3:bb:9f:cf:f0:cc:01:9c:ee:04:ba:41:6e:11:fa:44:
93:77:22:90:7b:47:5c:23:dd:a6:8d:70:53:35:a9:97:ec:5b:
6b:9c:6f:63:22:64:9f:27:a5:4a:f8:70:2d:6d:20:f6:09:6c:
21:9a:41:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSeA1c1nezjGHHHTwgVr9GaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNWI2ZDE1OTZhYzA1MDFhNzFhMzkzNDQ3MDUxYTYyZmYx
ZGRhMTYwHhcNMjUwMTI1MTUxMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2EzZDk4OGMzYzYxNjJlN2Q1MTAzZGI0MmZhNDllNGU3ODg0OTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nX806xZPd7ErYBqOyE0WzDwN238
wPbj//2WH39IJwAGtbiQa4D6eArwfYEHEplgJpgJutefmiIHua/UWNrP/Ct0O6CN
9WsFwZwyAPWmWUztsLQRNC+Y+ESx7U13UhaSccLWXxyM5hRhRzPTwbC3JOwgitPw
fOAMkxGNGfnhZc7jQk5O6YZHR3TecU+h8mgH3cIlbzIRqZ6pDjtpxFwqv2PKPhCm
NuPj8//OLHdbc92kOmp+f6cCgUFHlX/R0wm//tSGGeyZnt+s0Tv5nOlxymiEaDqV
s9dWlalWdIyUIjOfaQerjZZP5dG1XSVpRrtJSGChXk5NupcU3GuWribvZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFOj2YjDxhYufVED20L6SeTniEk0MB8GA1UdIwQY
MBaAFAFbbRWWrAUBpxo5NEcFGmL/HdoWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgt
ZmVlOGYzNzkwNTY3LzEvVTZQWmlNUEdGaTU5VVFQYlF2cEo1T2VJU1RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgtZmVlOGYzNzkwNTY3
LzEvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBZm8MA0G
CSqGSIb3DQEBCwUAA4IBAQBZRAR15KoxVJ70qd8A2+h8Jif7UNMgPwYFLN3Ky3My
5DmChd5dduoN+V30HjmiU3KhrJt4QxKvfpLFffiJulFVOmwht+r91MKhGp+ykBzh
jRx+G4FSWpFpEqraN6Wg2l4Wfox0zZyW4HVcF0zujbT8FXLfGo6N/V/fML9CSg02
Mk7Uy++/rtj93+vcBX0auFSeD6r6c8eIY9SzrKk4gVjPjw+M/yBTJ4TLPOSWcmV6
VcPLICjYWXrHm9akm4UbG4nAn2AbpL5yWdO7n8/wzAGc7gS6QW4R+kSTdyKQe0dc
I92mjXBTNamX7FtrnG9jImSfJ6VK+HAtbSD2CWwhmkFw
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:42:23 2025 by rpki-client