Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/4b0283-a90c-4d64-8301-d221ebd0818d/1/tsiU7azXEn11ZU6Xi_XUw-9XI8A.roa
File: tsiU7azXEn11ZU6Xi_XUw-9XI8A.roa (raw, json)
Hash identifier: zObDmeFB3M8dfzRuyTAH/oAzX2g0/cCu39kU8lAYB64=
Subject key identifier: B6:C8:94:ED:AC:D7:12:7D:75:65:4E:97:8B:F5:D4:C3:EF:57:23:C0
Certificate issuer: /CN=9bed36af13da482fdf79fb5403e5074860eecd0d
Certificate serial: 019421B1E0C93A1E3F0E2FEAE60C52AEC331
Authority key identifier: 9B:ED:36:AF:13:DA:48:2F:DF:79:FB:54:03:E5:07:48:60:EE:CD:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m-02rxPaSC_feftUA-UHSGDuzQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/4b0283-a90c-4d64-8301-d221ebd0818d/1/tsiU7azXEn11ZU6Xi_XUw-9XI8A.roa
Signing time: Wed 01 Jan 2025 11:48:13 +0000
ROA not before: Wed 01 Jan 2025 11:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 196925
IP address blocks: 5.133.224.0/20 maxlen: 20
109.235.192.0/21 maxlen: 21
109.235.193.0/24 maxlen: 24
109.235.199.0/24 maxlen: 24
131.117.128.0/20 maxlen: 20
134.19.208.0/20 maxlen: 20
134.19.216.0/24 maxlen: 24
134.19.217.0/24 maxlen: 24
149.126.112.0/20 maxlen: 20
149.126.116.0/24 maxlen: 24
149.126.117.0/24 maxlen: 24
149.126.118.0/24 maxlen: 24
149.126.119.0/24 maxlen: 24
185.138.12.0/22 maxlen: 22
2a00:9100::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/4b0283-a90c-4d64-8301-d221ebd0818d/1/m-02rxPaSC_feftUA-UHSGDuzQ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/4b0283-a90c-4d64-8301-d221ebd0818d/1/m-02rxPaSC_feftUA-UHSGDuzQ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/m-02rxPaSC_feftUA-UHSGDuzQ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 23:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:e0:c9:3a:1e:3f:0e:2f:ea:e6:0c:52:ae:c3:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bed36af13da482fdf79fb5403e5074860eecd0d
Validity
Not Before: Jan 1 11:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b6c894edacd7127d75654e978bf5d4c3ef5723c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:10:16:06:e9:63:b3:be:b2:46:80:d7:8a:e0:
f5:e9:25:43:8d:d4:96:50:38:f7:75:2c:a9:00:c8:
bd:be:62:e1:9c:21:2f:40:36:e0:d7:a4:86:47:d4:
4f:74:69:41:f5:3b:5f:7a:9d:e5:28:8c:df:49:95:
38:1c:c8:01:58:4d:e4:8b:04:44:9b:14:dd:0c:2a:
bc:fd:50:f0:9a:3e:6a:fe:5c:1f:f5:16:4d:df:74:
d6:d4:78:ab:11:0f:6d:f9:45:13:3d:95:ae:ec:fd:
9e:bb:83:fc:2f:fa:5c:3a:ac:62:3f:9e:03:f1:24:
e6:45:5c:1b:14:d0:28:b7:e1:b1:9a:6b:b5:80:b5:
4a:e8:9c:97:7a:3d:b3:4b:3d:79:06:12:cd:ff:cd:
e6:d3:01:4c:29:67:8c:d5:11:bd:e0:49:d2:05:59:
2b:ee:ab:d6:17:c5:58:1e:44:c1:f7:65:6e:5f:e9:
82:a0:4e:f7:0b:bb:ea:98:79:e0:b6:a0:9e:58:7b:
85:b1:f4:8b:24:44:62:09:7e:12:0d:7a:34:13:5e:
05:48:2f:a3:6d:c7:a0:1e:4e:8a:0b:9b:8e:a0:65:
74:26:f0:43:14:c2:9a:e3:a9:8b:71:ac:52:85:bb:
4b:64:ce:73:b3:c1:c2:05:d1:89:dd:e4:e8:63:2e:
cf:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:C8:94:ED:AC:D7:12:7D:75:65:4E:97:8B:F5:D4:C3:EF:57:23:C0
X509v3 Authority Key Identifier:
keyid:9B:ED:36:AF:13:DA:48:2F:DF:79:FB:54:03:E5:07:48:60:EE:CD:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m-02rxPaSC_feftUA-UHSGDuzQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4b0283-a90c-4d64-8301-d221ebd0818d/1/tsiU7azXEn11ZU6Xi_XUw-9XI8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4b0283-a90c-4d64-8301-d221ebd0818d/1/m-02rxPaSC_feftUA-UHSGDuzQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.224.0/20
109.235.192.0/21
131.117.128.0/20
134.19.208.0/20
149.126.112.0/20
185.138.12.0/22
IPv6:
2a00:9100::/32
Signature Algorithm: sha256WithRSAEncryption
7d:25:85:5c:b4:6c:18:dc:97:74:5e:c7:b7:19:dd:c0:81:1b:
e9:5c:2d:a1:44:f6:79:4f:65:4b:7f:c5:37:79:b9:11:d2:e2:
15:01:a7:69:9f:89:f0:fe:9c:40:c9:05:97:4a:2c:b8:e4:0b:
df:9d:c6:a3:16:ae:d9:1f:70:f9:8a:fb:e4:95:b8:57:89:14:
08:96:a2:14:f7:9c:7a:9e:d6:b3:6f:ba:e8:a7:d1:76:fc:5f:
be:da:8a:e5:3e:e2:4e:6b:b1:01:51:12:38:5c:46:c6:fa:8a:
f7:51:1f:b9:89:5f:0b:ee:36:73:c2:86:53:6a:ba:9c:0e:cc:
36:7c:82:f8:0c:6d:82:25:cc:e0:ce:b4:c4:ea:74:71:2d:1b:
07:0d:cd:b7:9c:36:9d:eb:55:54:ff:74:fe:75:c0:11:60:d6:
14:79:8e:bd:4b:b4:d9:f6:e2:4f:8a:7d:da:1d:16:af:91:c5:
ba:8d:18:ac:ac:fa:55:b8:f1:70:8c:49:07:cd:7d:01:90:a3:
7d:3f:c5:d7:ce:52:eb:5a:f0:b4:73:fd:1d:ff:90:65:ec:72:
f6:29:55:b2:99:de:3c:e2:dd:ef:04:65:fd:a1:c3:1c:e9:3e:
09:20:d0:fb:68:c6:6e:3e:71:03:61:1d:7e:ba:b6:2e:ca:63:
d2:88:a9:15
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQhseDJOh4/Di/q5gxSrsMxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliZWQzNmFmMTNkYTQ4MmZkZjc5ZmI1NDAzZTUwNzQ4NjBl
ZWNkMGQwHhcNMjUwMTAxMTE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmM4OTRlZGFjZDcxMjdkNzU2NTRlOTc4YmY1ZDRjM2VmNTcyM2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0BAWBuljs76yRoDXiuD16SVDjdSW
UDj3dSypAMi9vmLhnCEvQDbg16SGR9RPdGlB9Ttfep3lKIzfSZU4HMgBWE3kiwRE
mxTdDCq8/VDwmj5q/lwf9RZN33TW1HirEQ9t+UUTPZWu7P2eu4P8L/pcOqxiP54D
8STmRVwbFNAot+Gxmmu1gLVK6JyXej2zSz15BhLN/83m0wFMKWeM1RG94EnSBVkr
7qvWF8VYHkTB92VuX+mCoE73C7vqmHngtqCeWHuFsfSLJERiCX4SDXo0E14FSC+j
bcegHk6KC5uOoGV0JvBDFMKa46mLcaxShbtLZM5zs8HCBdGJ3eToYy7PlQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFLbIlO2s1xJ9dWVOl4v11MPvVyPAMB8GA1UdIwQY
MBaAFJvtNq8T2kgv33n7VAPlB0hg7s0NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbS0wMnJ4UGFTQ19mZWZ0VUEtVUhTR0R1elEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni80YjAyODMtYTkwYy00ZDY0LTgzMDEt
ZDIyMWViZDA4MThkLzEvdHNpVTdhelhFbjExWlU2WGlfWFV3LTlYSThBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni80YjAyODMtYTkwYy00ZDY0LTgzMDEtZDIyMWViZDA4MThk
LzEvbS0wMnJ4UGFTQ19mZWZ0VUEtVUhTR0R1elEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQEBYXgAwQD
bevAAwQEg3WAAwQEhhPQAwQElX5wAwQCuYoMMA0EAgACMAcDBQAqAJEAMA0GCSqG
SIb3DQEBCwUAA4IBAQB9JYVctGwY3Jd0Xse3Gd3AgRvpXC2hRPZ5T2VLf8U3ebkR
0uIVAadpn4nw/pxAyQWXSiy45AvfncajFq7ZH3D5ivvklbhXiRQIlqIU95x6ntaz
b7rop9F2/F++2orlPuJOa7EBURI4XEbG+or3UR+5iV8L7jZzwoZTarqcDsw2fIL4
DG2CJczgzrTE6nRxLRsHDc23nDad61VU/3T+dcARYNYUeY69S7TZ9uJPin3aHRav
kcW6jRisrPpVuPFwjEkHzX0BkKN9P8XXzlLrWvC0c/0d/5Bl7HL2KVWymd484t3v
BGX9ocMc6T4JIND7aMZuPnEDYR1+urYuymPSiKkV
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:09:14 2025 by rpki-client