Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/ee33d3-ff38-4a8d-a2db-3fbc795a6be5/1/1-u2sU3DDBTp7tslVtZM2YXONawE.roa
File: 1-u2sU3DDBTp7tslVtZM2YXONawE.roa (raw, json)
Hash identifier: hY4Vnqp2FHEqA3NhSl3nyi2JgSEr1mIebkZ+fS2Quh0=
Subject key identifier: FA:ED:AC:53:70:C3:05:3A:7B:B6:C9:55:B5:93:36:61:73:8D:6B:01
Certificate issuer: /CN=5b192aa28315f5942d4105d52ebfd6d328f0f405
Certificate serial: 01942747B6B8804FD3F18CAE8438CE396C39
Authority key identifier: 5B:19:2A:A2:83:15:F5:94:2D:41:05:D5:2E:BF:D6:D3:28:F0:F4:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WxkqooMV9ZQtQQXVLr_W0yjw9AU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/ee33d3-ff38-4a8d-a2db-3fbc795a6be5/1/1-u2sU3DDBTp7tslVtZM2YXONawE.roa
Signing time: Thu 02 Jan 2025 13:49:58 +0000
ROA not before: Thu 02 Jan 2025 13:49:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57388
IP address blocks: 185.139.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/ee33d3-ff38-4a8d-a2db-3fbc795a6be5/1/WxkqooMV9ZQtQQXVLr_W0yjw9AU.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/ee33d3-ff38-4a8d-a2db-3fbc795a6be5/1/WxkqooMV9ZQtQQXVLr_W0yjw9AU.mft
rsync://rpki.ripe.net/repository/DEFAULT/WxkqooMV9ZQtQQXVLr_W0yjw9AU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:b6:b8:80:4f:d3:f1:8c:ae:84:38:ce:39:6c:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b192aa28315f5942d4105d52ebfd6d328f0f405
Validity
Not Before: Jan 2 13:49:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=faedac5370c3053a7bb6c955b5933661738d6b01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:ac:74:65:bc:9e:d2:99:99:90:03:ba:1c:01:
fc:84:93:77:f7:db:8b:4e:05:c1:3f:2f:56:61:f4:
59:4e:08:7e:4d:21:54:67:68:3f:5e:f6:80:88:47:
1b:e2:06:a9:72:f9:8b:2e:27:24:64:f0:e8:a1:23:
30:ea:9f:f1:08:0d:57:bc:c8:21:bb:ac:45:2c:b8:
40:49:58:f5:88:05:ea:b2:86:30:83:dc:55:8b:be:
32:76:e5:97:31:ac:fa:d5:86:01:3e:fd:9a:5d:de:
45:1a:43:ac:ad:e5:27:96:1c:71:f1:30:ba:80:7f:
db:78:fd:19:31:77:33:99:cf:bf:be:1b:fb:70:56:
e9:52:94:1d:b2:c9:d3:12:38:a8:7e:b4:33:91:b5:
e7:1d:4d:8e:a3:a9:d5:fa:2b:3b:66:f4:29:31:53:
b2:90:95:6e:fd:d6:f0:05:ca:8e:c5:a1:be:71:42:
07:34:3e:55:89:02:cd:18:95:b8:16:be:1b:db:00:
a5:17:69:0b:66:90:73:41:fc:42:1c:f2:7c:bd:8e:
7a:e6:33:56:db:ef:6c:91:59:85:d5:05:d6:8d:46:
f1:13:51:c1:a6:ad:cb:50:68:c9:3b:d7:23:a5:57:
2b:8e:a0:0e:31:6a:61:00:b5:5e:6f:1d:82:fa:d7:
99:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:ED:AC:53:70:C3:05:3A:7B:B6:C9:55:B5:93:36:61:73:8D:6B:01
X509v3 Authority Key Identifier:
keyid:5B:19:2A:A2:83:15:F5:94:2D:41:05:D5:2E:BF:D6:D3:28:F0:F4:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WxkqooMV9ZQtQQXVLr_W0yjw9AU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/ee33d3-ff38-4a8d-a2db-3fbc795a6be5/1/1-u2sU3DDBTp7tslVtZM2YXONawE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/ee33d3-ff38-4a8d-a2db-3fbc795a6be5/1/WxkqooMV9ZQtQQXVLr_W0yjw9AU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.4.0/24
Signature Algorithm: sha256WithRSAEncryption
20:14:c9:24:af:b6:a0:32:fc:ef:39:47:d4:13:02:bd:5a:15:
64:3c:88:e3:92:20:f9:91:9d:8b:da:9a:a8:0b:7c:43:cf:dc:
a7:e5:19:5d:06:11:d6:6f:cc:f6:21:be:84:4a:0a:96:76:58:
3b:b7:f7:f8:d3:4a:7f:67:4b:95:e2:5f:96:b8:b9:37:88:4f:
f4:be:4c:62:a7:4f:2f:06:8c:aa:68:83:be:f1:d8:02:74:d8:
56:b9:95:6c:b9:11:48:d4:87:b0:70:aa:a0:d8:ad:8c:bb:7f:
99:94:1f:02:fa:a6:51:c0:c9:ba:fd:1c:36:ba:98:f6:6c:39:
1d:91:7f:a9:04:e9:be:3d:6d:a6:42:90:49:41:74:c5:d6:08:
03:ab:56:d9:4e:02:ae:14:e4:e5:5f:3d:88:43:71:21:37:d2:
1b:bd:00:b3:57:30:95:f7:26:a8:66:ac:44:62:99:79:ea:92:
c3:ae:e6:f6:19:40:4e:57:ef:98:71:c0:b1:2a:c8:ca:88:37:
78:ad:54:a1:ad:72:97:68:c2:53:7a:a0:e6:72:55:c1:81:51:
19:e9:47:2e:eb:06:5f:6a:e8:37:a7:62:17:d4:67:c2:f2:fb:
84:97:31:f4:e5:e5:b1:b3:66:fa:52:20:99:76:29:82:0e:d0:
6d:b3:b8:0b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQnR7a4gE/T8YyuhDjOOWw5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMTkyYWEyODMxNWY1OTQyZDQxMDVkNTJlYmZkNmQzMjhm
MGY0MDUwHhcNMjUwMTAyMTM0OTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWVkYWM1MzcwYzMwNTNhN2JiNmM5NTViNTkzMzY2MTczOGQ2YjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA46x0Zbye0pmZkAO6HAH8hJN399uL
TgXBPy9WYfRZTgh+TSFUZ2g/XvaAiEcb4gapcvmLLickZPDooSMw6p/xCA1XvMgh
u6xFLLhASVj1iAXqsoYwg9xVi74yduWXMaz61YYBPv2aXd5FGkOsreUnlhxx8TC6
gH/beP0ZMXczmc+/vhv7cFbpUpQdssnTEjiofrQzkbXnHU2Oo6nV+is7ZvQpMVOy
kJVu/dbwBcqOxaG+cUIHND5ViQLNGJW4Fr4b2wClF2kLZpBzQfxCHPJ8vY565jNW
2+9skVmF1QXWjUbxE1HBpq3LUGjJO9cjpVcrjqAOMWphALVebx2C+teZsQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPrtrFNwwwU6e7bJVbWTNmFzjWsBMB8GA1UdIwQY
MBaAFFsZKqKDFfWULUEF1S6/1tMo8PQFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3hrcW9vTVY5WlF0UVFYVkxyX1cweWp3OUFVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9lZTMzZDMtZmYzOC00YThkLWEyZGIt
M2ZiYzc5NWE2YmU1LzEvMS11MnNVM0REQlRwN3RzbFZ0Wk0yWVhPTmF3RS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2EvZWUzM2QzLWZmMzgtNGE4ZC1hMmRiLTNmYmM3OTVhNmJl
NS8xL1d4a3Fvb01WOVpRdFFRWFZMcl9XMHlqdzlBVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmLBDAN
BgkqhkiG9w0BAQsFAAOCAQEAIBTJJK+2oDL87zlH1BMCvVoVZDyI45Ig+ZGdi9qa
qAt8Q8/cp+UZXQYR1m/M9iG+hEoKlnZYO7f3+NNKf2dLleJflri5N4hP9L5MYqdP
LwaMqmiDvvHYAnTYVrmVbLkRSNSHsHCqoNitjLt/mZQfAvqmUcDJuv0cNrqY9mw5
HZF/qQTpvj1tpkKQSUF0xdYIA6tW2U4CrhTk5V89iENxITfSG70As1cwlfcmqGas
RGKZeeqSw67m9hlATlfvmHHAsSrIyog3eK1Uoa1yl2jCU3qg5nJVwYFRGelHLusG
X2roN6diF9RnwvL7hJcx9OXlsbNm+lIgmXYpgg7QbbO4Cw==
-----END CERTIFICATE-----
Generated at Wed Apr 16 04:40:57 2025 by rpki-client