Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/ddd9f1-0f2e-4d5f-857d-02bab9f6f955/1/rE12S5_UCVz_qE96OpsYCotvRdo.roa
File: rE12S5_UCVz_qE96OpsYCotvRdo.roa (raw, json)
Hash identifier: HmY8gAlqRzAv6/rOzxQZtJmfpwofsJXd2sCI5/LnmTQ=
Subject key identifier: AC:4D:76:4B:9F:D4:09:5C:FF:A8:4F:7A:3A:9B:18:0A:8B:6F:45:DA
Certificate issuer: /CN=03e53d18f5f212ae0802a17ee5994c3331a43524
Certificate serial: 019427479A89FC01B6832B55400C95956E68
Authority key identifier: 03:E5:3D:18:F5:F2:12:AE:08:02:A1:7E:E5:99:4C:33:31:A4:35:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A-U9GPXyEq4IAqF-5ZlMMzGkNSQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/ddd9f1-0f2e-4d5f-857d-02bab9f6f955/1/rE12S5_UCVz_qE96OpsYCotvRdo.roa
Signing time: Thu 02 Jan 2025 13:49:51 +0000
ROA not before: Thu 02 Jan 2025 13:49:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29119
IP address blocks: 5.83.48.0/21 maxlen: 21
5.83.64.0/19 maxlen: 19
5.83.91.0/24 maxlen: 24
153.92.120.0/23 maxlen: 23
153.92.122.0/23 maxlen: 23
185.67.104.0/23 maxlen: 23
212.85.246.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/ddd9f1-0f2e-4d5f-857d-02bab9f6f955/1/A-U9GPXyEq4IAqF-5ZlMMzGkNSQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/ddd9f1-0f2e-4d5f-857d-02bab9f6f955/1/A-U9GPXyEq4IAqF-5ZlMMzGkNSQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/A-U9GPXyEq4IAqF-5ZlMMzGkNSQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 13:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:9a:89:fc:01:b6:83:2b:55:40:0c:95:95:6e:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03e53d18f5f212ae0802a17ee5994c3331a43524
Validity
Not Before: Jan 2 13:49:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac4d764b9fd4095cffa84f7a3a9b180a8b6f45da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:58:47:ab:59:60:aa:07:60:9d:5b:32:fa:72:
b4:7d:a2:b0:3b:9b:5e:11:2c:65:78:b8:43:bb:d2:
01:58:01:3b:09:fe:c1:06:02:80:d7:4a:2f:56:57:
f2:e3:73:92:94:90:be:d8:b4:41:91:db:a5:6d:02:
4b:b5:a7:c4:d6:57:2b:da:a8:f7:18:1a:ea:86:47:
7a:1e:95:60:ec:63:86:e0:c6:da:99:38:ab:9d:e0:
8a:ba:2e:f1:f2:87:21:fd:d0:25:0e:d3:32:41:1a:
e0:0e:7e:e8:04:0e:74:7d:cd:67:21:dd:6d:fc:09:
c2:40:4d:31:85:62:e9:15:e0:fb:67:61:ef:62:9c:
86:89:57:df:55:3b:70:5d:ca:ad:bf:93:67:09:63:
74:e7:0b:05:1e:1e:16:e2:37:3b:f1:ab:84:f3:01:
f6:59:13:cf:8c:48:ec:60:da:62:81:fb:00:2a:db:
2b:2f:bf:85:8f:72:b6:8f:24:86:3b:32:54:05:0b:
f1:50:4a:7c:5e:a4:fe:33:77:26:47:0d:7b:16:48:
3e:e5:f8:2c:2c:d3:94:e3:66:4a:de:f7:33:ea:90:
b1:bd:74:ab:1d:11:dd:33:37:73:42:61:81:60:2d:
95:18:82:a5:90:1c:86:bd:a5:a5:d0:6a:09:fc:a3:
0a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:4D:76:4B:9F:D4:09:5C:FF:A8:4F:7A:3A:9B:18:0A:8B:6F:45:DA
X509v3 Authority Key Identifier:
keyid:03:E5:3D:18:F5:F2:12:AE:08:02:A1:7E:E5:99:4C:33:31:A4:35:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A-U9GPXyEq4IAqF-5ZlMMzGkNSQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/ddd9f1-0f2e-4d5f-857d-02bab9f6f955/1/rE12S5_UCVz_qE96OpsYCotvRdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/ddd9f1-0f2e-4d5f-857d-02bab9f6f955/1/A-U9GPXyEq4IAqF-5ZlMMzGkNSQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.48.0/21
5.83.64.0/19
153.92.120.0/22
185.67.104.0/23
212.85.246.0/23
Signature Algorithm: sha256WithRSAEncryption
84:2a:ef:d2:6a:2a:f8:4b:40:10:35:a9:65:cc:6a:44:f8:1c:
bf:47:81:9b:4f:ed:6c:2f:92:81:03:a8:16:5f:6d:85:65:fb:
07:dc:aa:ff:eb:1b:6e:4f:55:6c:60:da:28:fd:fe:78:de:b2:
0f:cf:db:bf:ea:5c:3b:9a:84:17:3b:51:10:15:9a:f5:d0:8c:
ec:f4:f3:13:f8:db:5d:8d:ce:cb:22:b3:ed:46:63:c1:90:be:
95:34:29:41:00:97:15:23:cf:28:b2:29:05:2d:68:4b:88:53:
42:27:95:66:a9:ea:eb:51:c6:18:f7:d1:7e:ca:66:07:1e:99:
a2:b2:81:a4:7c:66:38:21:18:f2:35:10:e9:69:02:65:da:f0:
22:40:b4:12:d6:52:7a:98:68:93:24:7a:85:12:df:ef:bc:d6:
7e:ac:b5:6a:b6:a1:4d:e8:20:14:b0:67:46:96:5c:70:10:35:
86:47:a0:90:8b:29:7a:d1:f4:9a:6d:89:53:53:4b:11:20:bb:
02:52:80:72:1c:ea:6e:1a:56:d5:34:e7:e1:11:d6:83:06:a8:
54:74:38:33:e8:e6:a7:45:3e:87:90:29:8e:f8:f0:59:1f:61:
f2:c5:ef:1a:dd:cc:74:31:a2:2b:48:e0:bd:e7:57:8f:6f:a6:
db:71:1a:45
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQnR5qJ/AG2gytVQAyVlW5oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzZTUzZDE4ZjVmMjEyYWUwODAyYTE3ZWU1OTk0YzMzMzFh
NDM1MjQwHhcNMjUwMTAyMTM0OTUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzRkNzY0YjlmZDQwOTVjZmZhODRmN2EzYTliMTgwYThiNmY0NWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1hHq1lgqgdgnVsy+nK0faKwO5te
ESxleLhDu9IBWAE7Cf7BBgKA10ovVlfy43OSlJC+2LRBkdulbQJLtafE1lcr2qj3
GBrqhkd6HpVg7GOG4MbamTirneCKui7x8och/dAlDtMyQRrgDn7oBA50fc1nId1t
/AnCQE0xhWLpFeD7Z2HvYpyGiVffVTtwXcqtv5NnCWN05wsFHh4W4jc78auE8wH2
WRPPjEjsYNpigfsAKtsrL7+Fj3K2jySGOzJUBQvxUEp8XqT+M3cmRw17Fkg+5fgs
LNOU42ZK3vcz6pCxvXSrHRHdMzdzQmGBYC2VGIKlkByGvaWl0GoJ/KMKNQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKxNdkuf1Alc/6hPejqbGAqLb0XaMB8GA1UdIwQY
MBaAFAPlPRj18hKuCAKhfuWZTDMxpDUkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQS1VOUdQWHlFcTRJQXFGLTVabE1NekdrTlNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9kZGQ5ZjEtMGYyZS00ZDVmLTg1N2Qt
MDJiYWI5ZjZmOTU1LzEvckUxMlM1X1VDVnpfcUU5Nk9wc1lDb3R2UmRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9kZGQ5ZjEtMGYyZS00ZDVmLTg1N2QtMDJiYWI5ZjZmOTU1
LzEvQS1VOUdQWHlFcTRJQXFGLTVabE1NekdrTlNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDBVMwAwQF
BVNAAwQCmVx4AwQBuUNoAwQB1FX2MA0GCSqGSIb3DQEBCwUAA4IBAQCEKu/Sair4
S0AQNallzGpE+By/R4GbT+1sL5KBA6gWX22FZfsH3Kr/6xtuT1VsYNoo/f543rIP
z9u/6lw7moQXO1EQFZr10Izs9PMT+Ntdjc7LIrPtRmPBkL6VNClBAJcVI88osikF
LWhLiFNCJ5VmqerrUcYY99F+ymYHHpmisoGkfGY4IRjyNRDpaQJl2vAiQLQS1lJ6
mGiTJHqFEt/vvNZ+rLVqtqFN6CAUsGdGllxwEDWGR6CQiyl60fSabYlTU0sRILsC
UoByHOpuGlbVNOfhEdaDBqhUdDgz6OanRT6HkCmO+PBZH2Hyxe8a3cx0MaIrSOC9
51ePb6bbcRpF
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:11 2025 by rpki-client