Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/b97294-2802-4d05-9155-1098d6d88de8/1/5KIIVyjGIk4Y46LFCgXlsbG0ceU.roa
File: 5KIIVyjGIk4Y46LFCgXlsbG0ceU.roa (raw, json)
Hash identifier: Xz1vxoc/2JzTYgWFNLP2b5HhiG4cOh6ASEmZ5MSoawI=
Subject key identifier: E4:A2:08:57:28:C6:22:4E:18:E3:A2:C5:0A:05:E5:B1:B1:B4:71:E5
Certificate issuer: /CN=13ea78b28f054f72f5226ae3ec454980ed2a10c9
Certificate serial: 019420D66207EBB6ABB0D646315A8CA8FBB6
Authority key identifier: 13:EA:78:B2:8F:05:4F:72:F5:22:6A:E3:EC:45:49:80:ED:2A:10:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E-p4so8FT3L1Imrj7EVJgO0qEMk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/b97294-2802-4d05-9155-1098d6d88de8/1/5KIIVyjGIk4Y46LFCgXlsbG0ceU.roa
Signing time: Wed 01 Jan 2025 07:48:28 +0000
ROA not before: Wed 01 Jan 2025 07:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8456
IP address blocks: 161.9.144.0/21 maxlen: 24
161.9.147.0/24 maxlen: 24
161.9.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/b97294-2802-4d05-9155-1098d6d88de8/1/E-p4so8FT3L1Imrj7EVJgO0qEMk.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/b97294-2802-4d05-9155-1098d6d88de8/1/E-p4so8FT3L1Imrj7EVJgO0qEMk.mft
rsync://rpki.ripe.net/repository/DEFAULT/E-p4so8FT3L1Imrj7EVJgO0qEMk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:62:07:eb:b6:ab:b0:d6:46:31:5a:8c:a8:fb:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13ea78b28f054f72f5226ae3ec454980ed2a10c9
Validity
Not Before: Jan 1 07:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e4a2085728c6224e18e3a2c50a05e5b1b1b471e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1a:35:93:d9:fd:8b:b8:7c:30:83:89:a0:03:
e5:1f:25:0b:63:f1:27:37:44:8e:f2:24:bb:ef:31:
a6:79:a6:5e:ea:d7:01:e1:1f:d8:1b:74:a0:ba:f4:
f2:46:fd:de:e8:a8:ee:cb:b6:18:39:a1:e3:9f:35:
15:70:67:e6:9d:17:1c:a3:52:b4:e0:bc:90:f1:4b:
90:34:77:17:34:b0:2e:4e:3e:ee:59:65:41:50:a1:
55:c5:e4:8d:c5:be:85:e1:5a:75:e9:70:46:f2:c9:
1b:3b:f7:45:1a:75:e8:68:80:ba:ce:11:f3:47:36:
93:f4:9f:79:4d:8f:8e:f7:43:3c:d0:73:ac:13:e9:
0d:02:e0:b4:7d:ed:c9:4f:65:f2:84:70:42:a4:d4:
d7:b6:78:a4:93:73:29:be:43:9b:e0:ea:ed:1c:2a:
33:9a:b5:52:06:0f:56:d7:a2:78:e0:d6:d9:59:3d:
ba:83:7d:6c:d0:18:e7:a9:0b:54:3c:ee:15:c7:46:
75:ac:22:f3:ef:a1:88:74:0b:1f:b1:92:7e:cd:eb:
6b:e7:77:c2:d0:7d:15:f9:39:28:f9:a2:40:c5:a5:
db:7d:86:c0:91:68:00:b1:f4:7a:a3:f2:90:5d:28:
ca:48:39:47:08:b3:18:6e:a0:d3:b8:bc:f7:90:10:
03:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:A2:08:57:28:C6:22:4E:18:E3:A2:C5:0A:05:E5:B1:B1:B4:71:E5
X509v3 Authority Key Identifier:
keyid:13:EA:78:B2:8F:05:4F:72:F5:22:6A:E3:EC:45:49:80:ED:2A:10:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E-p4so8FT3L1Imrj7EVJgO0qEMk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/b97294-2802-4d05-9155-1098d6d88de8/1/5KIIVyjGIk4Y46LFCgXlsbG0ceU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/b97294-2802-4d05-9155-1098d6d88de8/1/E-p4so8FT3L1Imrj7EVJgO0qEMk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
161.9.144.0/21
161.9.154.0/24
Signature Algorithm: sha256WithRSAEncryption
48:03:79:de:8c:89:ad:ce:7f:7d:9d:f7:16:3f:4e:3f:ec:a9:
2f:af:25:29:2a:27:11:09:af:ed:58:7c:5f:2a:e7:8e:11:da:
8b:7e:02:a4:8d:7a:6f:73:bc:7d:b5:00:e5:64:9a:25:6f:ca:
5e:26:42:3a:1c:4e:3d:fb:5c:f5:f4:c2:94:ef:92:54:41:2e:
d0:e6:cc:0c:05:b9:fc:4d:17:c3:a8:35:b8:50:ea:3d:73:74:
2f:80:31:04:72:7a:91:e2:2e:b3:43:00:87:bb:4a:04:b5:dd:
22:ea:ae:84:a6:39:39:af:4e:94:07:ef:5b:16:7b:f4:a7:59:
75:d9:c4:f3:ce:5b:0a:f6:1d:2a:61:3d:5a:cd:f6:80:5a:6c:
3f:36:f5:c6:e9:79:26:24:08:0a:a0:0f:80:1f:b9:e0:77:bd:
dc:42:ba:36:ff:31:e1:58:be:55:a5:74:66:40:40:f6:90:3c:
5e:02:76:70:ec:8b:1b:ff:fd:3f:06:58:d8:1a:62:cc:7b:cb:
92:0a:b3:c7:27:f5:81:64:41:63:18:09:dc:dc:33:54:d0:b6:
8d:7a:32:5d:38:02:a6:7c:10:11:94:c2:d5:84:d1:ad:de:8e:
c4:37:02:56:04:af:88:64:d7:e6:91:f0:30:7d:9c:fa:12:4d:
92:0f:b4:5f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQg1mIH67arsNZGMVqMqPu2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzZWE3OGIyOGYwNTRmNzJmNTIyNmFlM2VjNDU0OTgwZWQy
YTEwYzkwHhcNMjUwMTAxMDc0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGEyMDg1NzI4YzYyMjRlMThlM2EyYzUwYTA1ZTViMWIxYjQ3MWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxo1k9n9i7h8MIOJoAPlHyULY/En
N0SO8iS77zGmeaZe6tcB4R/YG3SguvTyRv3e6Kjuy7YYOaHjnzUVcGfmnRcco1K0
4LyQ8UuQNHcXNLAuTj7uWWVBUKFVxeSNxb6F4Vp16XBG8skbO/dFGnXoaIC6zhHz
RzaT9J95TY+O90M80HOsE+kNAuC0fe3JT2XyhHBCpNTXtnikk3MpvkOb4OrtHCoz
mrVSBg9W16J44NbZWT26g31s0BjnqQtUPO4Vx0Z1rCLz76GIdAsfsZJ+zetr53fC
0H0V+Tko+aJAxaXbfYbAkWgAsfR6o/KQXSjKSDlHCLMYbqDTuLz3kBADWwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOSiCFcoxiJOGOOixQoF5bGxtHHlMB8GA1UdIwQY
MBaAFBPqeLKPBU9y9SJq4+xFSYDtKhDJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRS1wNHNvOEZUM0wxSW1yajdFVkpnTzBxRU1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9iOTcyOTQtMjgwMi00ZDA1LTkxNTUt
MTA5OGQ2ZDg4ZGU4LzEvNUtJSVZ5akdJazRZNDZMRkNnWGxzYkcwY2VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9iOTcyOTQtMjgwMi00ZDA1LTkxNTUtMTA5OGQ2ZDg4ZGU4
LzEvRS1wNHNvOEZUM0wxSW1yajdFVkpnTzBxRU1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDoQmQAwQA
oQmaMA0GCSqGSIb3DQEBCwUAA4IBAQBIA3nejImtzn99nfcWP04/7KkvryUpKicR
Ca/tWHxfKueOEdqLfgKkjXpvc7x9tQDlZJolb8peJkI6HE49+1z19MKU75JUQS7Q
5swMBbn8TRfDqDW4UOo9c3QvgDEEcnqR4i6zQwCHu0oEtd0i6q6Epjk5r06UB+9b
Fnv0p1l12cTzzlsK9h0qYT1azfaAWmw/NvXG6XkmJAgKoA+AH7ngd73cQro2/zHh
WL5VpXRmQED2kDxeAnZw7Isb//0/BljYGmLMe8uSCrPHJ/WBZEFjGAnc3DNU0LaN
ejJdOAKmfBARlMLVhNGt3o7ENwJWBK+IZNfmkfAwfZz6Ek2SD7Rf
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:23:55 2025 by rpki-client