Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/4CkYdPgwuFRB9yfCSUR4mFZ2aRY.roa
File: 4CkYdPgwuFRB9yfCSUR4mFZ2aRY.roa (raw, json)
Hash identifier: uxH7iNCE7ZmZDPzgHrmT88B0442eI2IPmR0JGvSaYus=
Subject key identifier: E0:29:18:74:F8:30:B8:54:41:F7:27:C2:49:44:78:98:56:76:69:16
Certificate issuer: /CN=adac830ccaa74783dd961fab241a228d7cc6f808
Certificate serial: 01942823166EE7D8E2251FB86B6AD9BA6DF8
Authority key identifier: AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/4CkYdPgwuFRB9yfCSUR4mFZ2aRY.roa
Signing time: Thu 02 Jan 2025 17:49:35 +0000
ROA not before: Thu 02 Jan 2025 17:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12688
IP address blocks: 5.254.224.0/19 maxlen: 19
31.47.160.0/19 maxlen: 19
37.49.160.0/19 maxlen: 19
141.105.32.0/20 maxlen: 20
141.105.48.0/21 maxlen: 21
164.215.80.0/20 maxlen: 20
185.13.120.0/22 maxlen: 22
2a01:b580::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.mft
rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 05:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:16:6e:e7:d8:e2:25:1f:b8:6b:6a:d9:ba:6d:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adac830ccaa74783dd961fab241a228d7cc6f808
Validity
Not Before: Jan 2 17:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e0291874f830b85441f727c24944789856766916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e2:71:39:47:83:2e:92:64:21:23:a3:8c:06:
08:7a:ca:18:ea:c0:17:51:cf:06:91:19:82:8a:5c:
b9:da:0f:c4:9a:a4:ba:3c:68:40:71:3e:34:08:f6:
71:be:9a:a1:bb:c4:02:6e:38:a8:35:0b:3c:c3:d6:
97:7f:0d:ce:ce:52:8b:30:88:bf:a6:6e:a7:3c:13:
e4:7f:a7:93:d2:58:7b:f9:79:f2:38:ae:77:79:76:
8a:68:69:3b:8b:1c:22:ab:e3:86:0c:9a:d0:24:1f:
17:f9:88:88:dd:31:dc:b5:72:6a:1d:30:72:59:2d:
bb:44:de:b0:00:db:74:c0:c6:72:1b:dc:04:ca:5e:
d6:d6:2a:ac:bb:20:3b:fd:fd:df:ed:26:cc:16:71:
97:c9:0a:17:ad:d0:76:12:51:19:97:1c:18:cf:b1:
c7:61:e8:04:5b:bc:fa:d5:ee:f6:a2:e4:08:4a:71:
a8:fd:93:c7:3d:07:1b:a6:f3:3b:ac:5b:69:ac:47:
59:8d:8c:c8:2d:c2:4b:39:cf:af:74:81:39:bf:11:
17:c6:19:5b:9b:9c:fa:0a:b4:8b:ec:8b:ee:40:db:
00:fe:81:c4:99:ba:6c:0f:1e:c4:6b:86:a0:d7:58:
46:2f:8b:5e:7d:cd:09:e3:91:ad:e9:a9:d5:63:69:
18:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:29:18:74:F8:30:B8:54:41:F7:27:C2:49:44:78:98:56:76:69:16
X509v3 Authority Key Identifier:
keyid:AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/4CkYdPgwuFRB9yfCSUR4mFZ2aRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.254.224.0/19
31.47.160.0/19
37.49.160.0/19
141.105.32.0-141.105.55.255
164.215.80.0/20
185.13.120.0/22
IPv6:
2a01:b580::/32
Signature Algorithm: sha256WithRSAEncryption
e1:8b:ce:66:4a:08:66:d7:eb:11:72:41:94:48:f3:aa:c2:5c:
ee:ea:ef:15:e5:ac:b0:7c:eb:f7:45:cb:86:c0:a3:1f:75:fa:
24:33:97:5e:77:89:78:4f:b0:9a:f4:a2:91:8c:32:dc:15:68:
d5:af:19:30:b3:8b:65:af:26:a6:70:f4:ac:20:c8:36:fc:e3:
55:92:3c:5d:8b:4c:a1:32:5c:76:67:52:e2:2e:1f:c1:18:dc:
8d:d1:a5:6c:b4:23:51:75:ea:cf:f5:d0:ea:82:a0:b6:73:96:
c2:d9:0b:86:06:5f:ab:f3:62:32:44:83:b8:e9:05:e2:e1:2c:
ad:14:d6:0d:63:e3:a0:5e:15:fd:e3:e3:7f:cb:8c:00:32:a6:
d2:0a:3c:62:2a:ac:02:3e:f9:c4:7e:ed:dd:72:07:af:41:8d:
dc:2d:10:07:45:9b:41:d5:fc:9b:ef:26:d6:bd:fb:c2:5a:31:
56:7a:71:bb:17:5e:89:45:ad:78:3f:5c:0c:81:7d:1f:17:16:
02:ca:c0:9f:51:92:49:e7:bc:bf:43:7a:26:3a:1c:d0:51:c0:
d9:bb:04:70:15:67:d3:a0:79:a9:4c:5a:1f:83:9d:03:ed:44:
1d:9b:f1:45:b4:f9:a0:21:36:e1:57:11:70:26:51:53:a7:3d:
82:5d:5a:4e
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZQoIxZu59jiJR+4a2rZum34MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYWM4MzBjY2FhNzQ3ODNkZDk2MWZhYjI0MWEyMjhkN2Nj
NmY4MDgwHhcNMjUwMTAyMTc0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDI5MTg3NGY4MzBiODU0NDFmNzI3YzI0OTQ0Nzg5ODU2NzY2OTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseJxOUeDLpJkISOjjAYIesoY6sAX
Uc8GkRmCily52g/EmqS6PGhAcT40CPZxvpqhu8QCbjioNQs8w9aXfw3OzlKLMIi/
pm6nPBPkf6eT0lh7+XnyOK53eXaKaGk7ixwiq+OGDJrQJB8X+YiI3THctXJqHTBy
WS27RN6wANt0wMZyG9wEyl7W1iqsuyA7/f3f7SbMFnGXyQoXrdB2ElEZlxwYz7HH
YegEW7z61e72ouQISnGo/ZPHPQcbpvM7rFtprEdZjYzILcJLOc+vdIE5vxEXxhlb
m5z6CrSL7IvuQNsA/oHEmbpsDx7Ea4ag11hGL4tefc0J45Gt6anVY2kYawIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFOApGHT4MLhUQfcnwklEeJhWdmkWMB8GA1UdIwQY
MBaAFK2sgwzKp0eD3ZYfqyQaIo18xvgIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmF5RERNcW5SNFBkbGgtckpCb2lqWHpHLUFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zMjVjOGQtZDM2OC00ZWVlLTljYTgt
OTI5ZjdkNjM1ZjRiLzEvNENrWWRQZ3d1RlJCOXlmQ1NVUjRtRloyYVJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zMjVjOGQtZDM2OC00ZWVlLTljYTgtOTI5ZjdkNjM1ZjRi
LzEvcmF5RERNcW5SNFBkbGgtckpCb2lqWHpHLUFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQFBf7gAwQF
Hy+gAwQFJTGgMAwDBAWNaSADBAONaTADBASk11ADBAK5DXgwDQQCAAIwBwMFACoB
tYAwDQYJKoZIhvcNAQELBQADggEBAOGLzmZKCGbX6xFyQZRI86rCXO7q7xXlrLB8
6/dFy4bAox91+iQzl153iXhPsJr0opGMMtwVaNWvGTCzi2WvJqZw9KwgyDb841WS
PF2LTKEyXHZnUuIuH8EY3I3RpWy0I1F16s/10OqCoLZzlsLZC4YGX6vzYjJEg7jp
BeLhLK0U1g1j46BeFf3j43/LjAAyptIKPGIqrAI++cR+7d1yB69BjdwtEAdFm0HV
/JvvJta9+8JaMVZ6cbsXXolFrXg/XAyBfR8XFgLKwJ9RkknnvL9DeiY6HNBRwNm7
BHAVZ9OgealMWh+DnQPtRB2b8UW0+aAhNuFXEXAmUVOnPYJdWk4=
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:38:20 2025 by rpki-client