Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/b5Ion5GrwgbgDGgDU2oIBQwl71I.roa
File: b5Ion5GrwgbgDGgDU2oIBQwl71I.roa (raw, json)
Hash identifier: s2BNNZ/YL0MZbVQ7+KFyzhIbgC+glqHPa3ufKKP2g/E=
Subject key identifier: 6F:92:28:9F:91:AB:C2:06:E0:0C:68:03:53:6A:08:05:0C:25:EF:52
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01942369889A3B2EE606F5C176C40F756271
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/b5Ion5GrwgbgDGgDU2oIBQwl71I.roa
Signing time: Wed 01 Jan 2025 19:48:26 +0000
ROA not before: Wed 01 Jan 2025 19:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25097
IP address blocks: 188.210.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:88:9a:3b:2e:e6:06:f5:c1:76:c4:0f:75:62:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 1 19:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f92289f91abc206e00c6803536a08050c25ef52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f0:ea:34:9f:09:93:d8:6c:84:8b:9c:8e:f4:
cf:6e:3d:c5:ea:5b:61:d1:d1:ac:7d:9b:02:89:c3:
7f:c7:49:2f:7e:51:18:9a:24:c1:d5:e9:c4:e0:82:
4a:52:84:c4:56:d5:f5:31:8b:60:bf:6d:7b:b8:c4:
2c:f5:0b:41:06:ed:52:5b:3d:43:a6:f6:72:09:de:
3c:45:d5:24:04:d9:50:ab:89:1e:56:4d:e6:b6:df:
68:e4:e0:60:43:0a:7e:10:8e:dc:40:d0:5e:78:e7:
74:40:0f:c8:d7:49:20:dd:45:8a:07:fb:97:6d:98:
18:7f:dd:c8:0b:94:df:ee:30:36:d1:9e:66:c3:a7:
fb:1a:77:d7:3b:1c:44:dd:46:14:e7:3c:98:27:8a:
cf:18:49:8b:64:91:69:5a:44:65:10:f3:f5:68:ee:
58:cf:ff:ba:3c:b1:48:ca:97:03:70:9e:d8:6a:26:
8f:5c:45:52:70:27:16:1a:49:67:87:7b:9d:5d:b8:
4b:bc:5c:f5:58:9a:86:e7:c9:da:10:89:62:f0:46:
f5:b3:bd:65:a9:82:39:27:07:5c:83:d3:57:b0:da:
50:dd:40:d4:a2:3f:8d:69:33:fb:a0:23:34:ae:c3:
97:20:5a:e3:50:b9:11:ac:1c:6f:12:28:b4:1d:21:
43:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:92:28:9F:91:AB:C2:06:E0:0C:68:03:53:6A:08:05:0C:25:EF:52
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/b5Ion5GrwgbgDGgDU2oIBQwl71I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.210.238.0/24
Signature Algorithm: sha256WithRSAEncryption
84:bc:48:ff:f8:6f:f4:f4:af:b2:c0:c2:3c:e4:7a:2c:ee:52:
b1:7c:64:2f:32:c3:00:62:c7:8e:05:15:28:44:c0:29:49:d9:
80:09:2c:22:79:b2:46:bc:cb:a2:ac:02:40:7b:44:cb:05:fa:
e6:44:1f:7a:06:39:f7:59:d8:97:2d:45:a7:06:08:6c:32:fa:
3b:ca:69:3a:68:ee:38:d1:7f:20:c9:16:cf:68:d9:f7:0a:a7:
8b:7c:2a:75:96:48:7f:5f:d5:60:ec:7c:16:76:86:92:3c:ea:
10:ab:84:fc:b4:6a:11:30:1b:dc:3a:a0:62:e8:13:41:24:e1:
97:7f:aa:18:c9:03:95:63:e8:f5:ed:6a:ae:e0:c6:47:5a:85:
43:44:23:c0:cf:7c:04:ae:46:fd:50:ea:28:69:06:03:09:a9:
cf:93:fd:3c:5d:91:db:5e:90:5d:f4:b4:19:7c:c4:71:fb:a8:
75:5d:00:5e:84:b1:2c:b7:76:98:6c:8d:fb:5b:a1:ee:8a:55:
21:d6:a3:52:f0:85:7d:0d:ee:0b:c3:05:41:4f:e3:7f:4d:dc:
e1:bf:fa:8a:2d:e8:ff:c7:54:5e:27:d5:70:12:e3:5c:5c:73:
2d:5d:0c:35:11:ec:ad:af:ba:aa:a4:96:b4:1b:30:3a:18:dd:
e5:36:ac:ed
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQjaYiaOy7mBvXBdsQPdWJxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjUwMTAxMTk0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjkyMjg5ZjkxYWJjMjA2ZTAwYzY4MDM1MzZhMDgwNTBjMjVlZjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvDqNJ8Jk9hshIucjvTPbj3F6lth
0dGsfZsCicN/x0kvflEYmiTB1enE4IJKUoTEVtX1MYtgv217uMQs9QtBBu1SWz1D
pvZyCd48RdUkBNlQq4keVk3mtt9o5OBgQwp+EI7cQNBeeOd0QA/I10kg3UWKB/uX
bZgYf93IC5Tf7jA20Z5mw6f7GnfXOxxE3UYU5zyYJ4rPGEmLZJFpWkRlEPP1aO5Y
z/+6PLFIypcDcJ7YaiaPXEVScCcWGklnh3udXbhLvFz1WJqG58naEIli8Eb1s71l
qYI5Jwdcg9NXsNpQ3UDUoj+NaTP7oCM0rsOXIFrjULkRrBxvEii0HSFDNQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFG+SKJ+Rq8IG4AxoA1NqCAUMJe9SMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL2I1SW9uNUdyd2diZ0RHZ0RVMm9JQlF3bDcxSS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC80u4w
DQYJKoZIhvcNAQELBQADggEBAIS8SP/4b/T0r7LAwjzkeizuUrF8ZC8ywwBix44F
FShEwClJ2YAJLCJ5ska8y6KsAkB7RMsF+uZEH3oGOfdZ2JctRacGCGwy+jvKaTpo
7jjRfyDJFs9o2fcKp4t8KnWWSH9f1WDsfBZ2hpI86hCrhPy0ahEwG9w6oGLoE0Ek
4Zd/qhjJA5Vj6PXtaq7gxkdahUNEI8DPfASuRv1Q6ihpBgMJqc+T/TxdkdtekF30
tBl8xHH7qHVdAF6EsSy3dphsjftboe6KVSHWo1LwhX0N7gvDBUFP439N3OG/+oot
6P/HVF4n1XAS41xccy1dDDUR7K2vuqqklrQbMDoY3eU2rO0=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:18 2025 by rpki-client