Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/b6c783-f55d-4ead-8c6a-19633f08ed6a/1/L5mBnSY0HeEAnUmT_xC_Qui2__o.roa
File: L5mBnSY0HeEAnUmT_xC_Qui2__o.roa (raw, json)
Hash identifier: pEnOPp9OXxAyhAm8z7JMf69YUoQujcTxw5JmYxCTmcE=
Subject key identifier: 2F:99:81:9D:26:34:1D:E1:00:9D:49:93:FF:10:BF:42:E8:B6:FF:FA
Certificate issuer: /CN=1cd8b25cceac38c99372bf72b00c6c8b6418e923
Certificate serial: 019422203431BEABE86B831AB247E6E905F3
Authority key identifier: 1C:D8:B2:5C:CE:AC:38:C9:93:72:BF:72:B0:0C:6C:8B:64:18:E9:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HNiyXM6sOMmTcr9ysAxsi2QY6SM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/b6c783-f55d-4ead-8c6a-19633f08ed6a/1/L5mBnSY0HeEAnUmT_xC_Qui2__o.roa
Signing time: Wed 01 Jan 2025 13:48:43 +0000
ROA not before: Wed 01 Jan 2025 13:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39686
IP address blocks: 193.53.16.0/22 maxlen: 24
193.53.20.0/23 maxlen: 24
2a00:f620:1::/48 maxlen: 64
2a00:f620:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/b6c783-f55d-4ead-8c6a-19633f08ed6a/1/HNiyXM6sOMmTcr9ysAxsi2QY6SM.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/b6c783-f55d-4ead-8c6a-19633f08ed6a/1/HNiyXM6sOMmTcr9ysAxsi2QY6SM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HNiyXM6sOMmTcr9ysAxsi2QY6SM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:34:31:be:ab:e8:6b:83:1a:b2:47:e6:e9:05:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cd8b25cceac38c99372bf72b00c6c8b6418e923
Validity
Not Before: Jan 1 13:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f99819d26341de1009d4993ff10bf42e8b6fffa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:65:19:4d:1d:b2:4a:77:ad:7f:2b:cf:a7:34:
1a:68:4b:0c:d0:3e:63:e9:5a:ad:be:aa:de:85:53:
27:3f:73:88:52:3d:12:d2:9f:97:88:69:fc:10:90:
f6:09:9a:1c:85:bd:23:1d:e0:31:65:a2:8e:a2:ee:
80:dd:24:de:18:92:22:09:59:e0:18:0b:fb:44:c5:
61:2d:30:05:a2:2c:40:df:9a:51:e2:d7:ea:d9:54:
6f:ba:70:35:6a:3b:6d:f7:be:c6:41:8e:21:f6:ef:
17:57:a3:b8:94:3c:18:3b:59:77:c0:ab:67:1d:e8:
b2:e9:5b:11:95:3a:e7:a0:eb:bb:4c:43:57:d5:dd:
2d:f9:fa:b6:71:30:bc:c6:16:28:52:36:5e:d2:04:
c9:01:a1:84:c3:46:c7:93:0d:84:96:94:d9:cf:f5:
c4:bb:aa:09:f5:17:b6:3f:e5:9d:b7:82:1d:b2:f8:
1a:4e:57:b2:d4:17:00:61:f1:be:2a:5f:15:4c:11:
a6:ba:a1:80:20:61:c3:98:10:fe:13:dc:5b:29:f3:
d0:20:0c:23:83:d6:6f:73:9a:3c:98:89:35:7a:a6:
ef:37:19:b6:18:58:39:70:6e:99:23:60:1e:3a:d6:
e1:4d:fc:50:0b:47:24:f0:2b:40:55:b8:74:e0:a5:
8c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:99:81:9D:26:34:1D:E1:00:9D:49:93:FF:10:BF:42:E8:B6:FF:FA
X509v3 Authority Key Identifier:
keyid:1C:D8:B2:5C:CE:AC:38:C9:93:72:BF:72:B0:0C:6C:8B:64:18:E9:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HNiyXM6sOMmTcr9ysAxsi2QY6SM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/b6c783-f55d-4ead-8c6a-19633f08ed6a/1/L5mBnSY0HeEAnUmT_xC_Qui2__o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/b6c783-f55d-4ead-8c6a-19633f08ed6a/1/HNiyXM6sOMmTcr9ysAxsi2QY6SM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.53.16.0-193.53.21.255
IPv6:
2a00:f620:1::-2a00:f620:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
aa:20:27:2c:58:ce:49:64:1a:25:52:98:4a:2c:9e:58:03:ec:
5b:71:5b:29:2d:0a:d3:9a:75:7b:ca:7a:35:74:4b:fd:27:f8:
d1:25:ab:8f:a6:c9:cd:b2:5b:61:50:14:fe:c5:ae:68:7a:c4:
91:24:d2:58:e5:4b:af:d1:9a:b5:9a:49:07:de:c2:f3:b1:c8:
85:aa:40:40:26:3d:08:72:11:41:51:76:eb:d3:79:2c:90:0e:
a8:f8:a8:15:a8:02:1d:19:b5:9e:54:6f:4b:5a:44:d4:fb:6a:
08:a4:76:86:b3:d7:63:82:98:50:32:d2:24:4d:6a:fd:25:b9:
91:bf:03:d2:3a:77:2b:d9:03:d5:ce:fb:93:8c:0c:0d:42:fb:
94:cc:de:ac:42:18:34:3b:e4:d4:ea:3f:e8:23:83:df:1d:c2:
e8:f5:12:e9:e6:85:66:52:45:6d:3d:1d:33:04:ab:13:61:fc:
f2:23:07:ae:99:8c:38:ee:f2:ec:17:3a:12:8f:e1:11:bf:c7:
79:e9:c9:78:82:c8:7e:e2:ae:d4:98:38:1f:74:77:a4:34:2a:
79:90:31:4b:20:5c:1e:e0:6e:47:ac:9d:39:f8:d6:f8:72:76:
d3:dc:74:5c:41:48:e8:ca:e8:c4:e7:ff:8b:37:b2:12:4e:01:
f8:73:c8:27
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQiIDQxvqvoa4Maskfm6QXzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZDhiMjVjY2VhYzM4Yzk5MzcyYmY3MmIwMGM2YzhiNjQx
OGU5MjMwHhcNMjUwMTAxMTM0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjk5ODE5ZDI2MzQxZGUxMDA5ZDQ5OTNmZjEwYmY0MmU4YjZmZmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5mUZTR2ySnetfyvPpzQaaEsM0D5j
6VqtvqrehVMnP3OIUj0S0p+XiGn8EJD2CZochb0jHeAxZaKOou6A3STeGJIiCVng
GAv7RMVhLTAFoixA35pR4tfq2VRvunA1ajtt977GQY4h9u8XV6O4lDwYO1l3wKtn
Heiy6VsRlTrnoOu7TENX1d0t+fq2cTC8xhYoUjZe0gTJAaGEw0bHkw2ElpTZz/XE
u6oJ9Re2P+Wdt4IdsvgaTley1BcAYfG+Kl8VTBGmuqGAIGHDmBD+E9xbKfPQIAwj
g9Zvc5o8mIk1eqbvNxm2GFg5cG6ZI2AeOtbhTfxQC0ck8CtAVbh04KWM3wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFC+ZgZ0mNB3hAJ1Jk/8Qv0Lotv/6MB8GA1UdIwQY
MBaAFBzYslzOrDjJk3K/crAMbItkGOkjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE5peVhNNnNPTW1UY3I5eXNBeHNpMlFZNlNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9iNmM3ODMtZjU1ZC00ZWFkLThjNmEt
MTk2MzNmMDhlZDZhLzEvTDVtQm5TWTBIZUVBblVtVF94Q19RdWkyX19vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9iNmM3ODMtZjU1ZC00ZWFkLThjNmEtMTk2MzNmMDhlZDZh
LzEvSE5peVhNNnNPTW1UY3I5eXNBeHNpMlFZNlNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAUBAIAATAOMAwDBATBNRAD
BAHBNRQwGgQCAAIwFDASAwcAKgD2IAABAwcAKgD2IAACMA0GCSqGSIb3DQEBCwUA
A4IBAQCqICcsWM5JZBolUphKLJ5YA+xbcVspLQrTmnV7yno1dEv9J/jRJauPpsnN
slthUBT+xa5oesSRJNJY5Uuv0Zq1mkkH3sLzsciFqkBAJj0IchFBUXbr03kskA6o
+KgVqAIdGbWeVG9LWkTU+2oIpHaGs9djgphQMtIkTWr9JbmRvwPSOncr2QPVzvuT
jAwNQvuUzN6sQhg0O+TU6j/oI4PfHcLo9RLp5oVmUkVtPR0zBKsTYfzyIweumYw4
7vLsFzoSj+ERv8d56cl4gsh+4q7UmDgfdHekNCp5kDFLIFwe4G5HrJ05+Nb4cnbT
3HRcQUjoyujE5/+LN7ISTgH4c8gn
-----END CERTIFICATE-----
Generated at Sun Apr 13 01:38:53 2025 by rpki-client