Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/c5a159-8568-4945-8026-23c338680771/1/kM5CulzBTgjqTdxC0kA20nIBInM.roa
File: kM5CulzBTgjqTdxC0kA20nIBInM.roa (raw, json)
Hash identifier: 4mPvZr8lZjvljhR4YU0MwI6WkG6rsEag6Ecnz4z85HY=
Subject key identifier: 90:CE:42:BA:5C:C1:4E:08:EA:4D:DC:42:D2:40:36:D2:72:01:22:73
Certificate issuer: /CN=acbe212a2f1a119ef64ab62e1a96d711524c8bc7
Certificate serial: 01941FFA34EB30322CEC9E81C528C81A61E7
Authority key identifier: AC:BE:21:2A:2F:1A:11:9E:F6:4A:B6:2E:1A:96:D7:11:52:4C:8B:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rL4hKi8aEZ72SrYuGpbXEVJMi8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/c5a159-8568-4945-8026-23c338680771/1/kM5CulzBTgjqTdxC0kA20nIBInM.roa
Signing time: Wed 01 Jan 2025 03:47:58 +0000
ROA not before: Wed 01 Jan 2025 03:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60848
IP address blocks: 94.127.60.0/22 maxlen: 22
185.247.96.0/24 maxlen: 24
185.247.99.0/24 maxlen: 24
2a02:2188::/48 maxlen: 48
2a02:2188:2000::/36 maxlen: 36
2a02:2188:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/c5a159-8568-4945-8026-23c338680771/1/rL4hKi8aEZ72SrYuGpbXEVJMi8c.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/c5a159-8568-4945-8026-23c338680771/1/rL4hKi8aEZ72SrYuGpbXEVJMi8c.mft
rsync://rpki.ripe.net/repository/DEFAULT/rL4hKi8aEZ72SrYuGpbXEVJMi8c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:34:eb:30:32:2c:ec:9e:81:c5:28:c8:1a:61:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acbe212a2f1a119ef64ab62e1a96d711524c8bc7
Validity
Not Before: Jan 1 03:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90ce42ba5cc14e08ea4ddc42d24036d272012273
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:46:9e:66:8d:46:26:7a:9d:c9:a0:cc:91:e1:
bd:be:be:eb:4d:80:ae:d1:96:7a:cc:c6:0e:21:80:
a3:bf:bd:30:8e:6b:5c:40:c1:55:5b:6b:e1:1b:d9:
64:b0:12:8e:36:fa:1d:23:bd:d8:45:a9:5e:0e:74:
33:a2:d9:c9:75:3e:73:ab:34:54:95:33:42:f8:78:
79:10:d5:4b:7e:1e:78:ec:08:e1:c4:7c:86:ca:bd:
5b:91:2b:95:e6:e6:7a:50:a1:a3:75:85:f2:15:d5:
a2:38:2a:54:06:41:ff:92:83:82:1a:7b:1b:45:98:
54:0a:b0:5e:be:46:5d:c7:85:1b:ec:63:e7:26:85:
0d:0c:c3:7f:1d:cf:96:0f:3b:02:21:16:99:1c:26:
e0:90:92:de:00:f1:88:ed:22:93:32:62:04:23:6f:
48:41:cd:f0:d7:06:ac:9e:ad:2d:d6:37:f4:c6:4b:
fb:7e:16:7b:56:e7:e2:fa:1c:df:10:33:18:6c:c3:
a5:b1:68:9e:4e:1c:b2:cc:24:9c:59:61:c9:f9:aa:
ce:ae:c5:14:13:25:2b:cb:22:41:20:c8:14:9e:38:
a6:e5:3c:56:d5:80:c9:5e:41:b1:63:5b:ea:8f:68:
9a:30:c2:b8:67:8a:3d:2e:bd:50:f1:cc:f6:0e:30:
64:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:CE:42:BA:5C:C1:4E:08:EA:4D:DC:42:D2:40:36:D2:72:01:22:73
X509v3 Authority Key Identifier:
keyid:AC:BE:21:2A:2F:1A:11:9E:F6:4A:B6:2E:1A:96:D7:11:52:4C:8B:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rL4hKi8aEZ72SrYuGpbXEVJMi8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/c5a159-8568-4945-8026-23c338680771/1/kM5CulzBTgjqTdxC0kA20nIBInM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/c5a159-8568-4945-8026-23c338680771/1/rL4hKi8aEZ72SrYuGpbXEVJMi8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.127.60.0/22
185.247.96.0/24
185.247.99.0/24
IPv6:
2a02:2188::/48
2a02:2188:2000::/36
2a02:2188:f000::/36
Signature Algorithm: sha256WithRSAEncryption
8c:53:e4:31:95:13:02:60:ae:f1:76:41:44:a6:50:70:2e:30:
cb:7c:9f:4e:17:da:64:72:3e:18:6d:0b:44:d2:79:f0:1f:9b:
aa:98:00:9d:75:4d:81:b8:59:52:b2:b3:9f:a4:52:57:29:6b:
cd:21:8a:76:9c:6d:73:64:cc:1c:8a:b5:7e:ff:6e:9b:23:40:
75:fe:db:22:26:67:d9:49:8a:81:5d:be:5f:19:e9:ea:a8:f9:
fb:5a:fd:7d:a7:b2:45:a8:e0:f9:c7:dc:c1:71:b9:6a:ef:b9:
33:8d:a8:8d:36:31:8e:d0:a0:bd:84:59:58:db:da:c1:ab:ab:
e6:bf:a9:af:e2:da:fd:68:73:d8:ad:89:b6:d3:ee:8e:25:9b:
76:0d:92:f7:95:67:75:ab:47:5f:00:50:a9:d5:fd:e9:a7:5e:
16:96:cc:60:58:d8:63:50:06:53:3a:7b:3d:8f:ab:f7:4e:61:
31:c5:b5:07:66:f3:f5:e4:59:aa:e8:58:df:13:87:dd:d5:0a:
47:90:ee:a4:02:00:54:33:50:bd:24:f4:2b:46:ce:68:f4:b2:
38:56:1b:08:38:f1:a4:14:99:29:4f:62:e8:ce:02:35:b3:1a:
fd:ae:87:85:f4:68:5a:ba:2a:f2:4e:0d:e5:3b:fb:56:cd:38:
42:34:5a:34
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQf+jTrMDIs7J6BxSjIGmHnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYmUyMTJhMmYxYTExOWVmNjRhYjYyZTFhOTZkNzExNTI0
YzhiYzcwHhcNMjUwMTAxMDM0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGNlNDJiYTVjYzE0ZTA4ZWE0ZGRjNDJkMjQwMzZkMjcyMDEyMjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EaeZo1GJnqdyaDMkeG9vr7rTYCu
0ZZ6zMYOIYCjv70wjmtcQMFVW2vhG9lksBKONvodI73YRaleDnQzotnJdT5zqzRU
lTNC+Hh5ENVLfh547AjhxHyGyr1bkSuV5uZ6UKGjdYXyFdWiOCpUBkH/koOCGnsb
RZhUCrBevkZdx4Ub7GPnJoUNDMN/Hc+WDzsCIRaZHCbgkJLeAPGI7SKTMmIEI29I
Qc3w1wasnq0t1jf0xkv7fhZ7Vufi+hzfEDMYbMOlsWieThyyzCScWWHJ+arOrsUU
EyUryyJBIMgUnjim5TxW1YDJXkGxY1vqj2iaMMK4Z4o9Lr1Q8cz2DjBkiQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFJDOQrpcwU4I6k3cQtJANtJyASJzMB8GA1UdIwQY
MBaAFKy+ISovGhGe9kq2LhqW1xFSTIvHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckw0aEtpOGFFWjcyU3JZdUdwYlhFVkpNaThjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9jNWExNTktODU2OC00OTQ1LTgwMjYt
MjNjMzM4NjgwNzcxLzEva001Q3VsekJUZ2pxVGR4QzBrQTIwbklCSW5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9jNWExNTktODU2OC00OTQ1LTgwMjYtMjNjMzM4NjgwNzcx
LzEvckw0aEtpOGFFWjcyU3JZdUdwYlhFVkpNaThjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAYBAIAATASAwQCXn88AwQA
ufdgAwQAufdjMB8EAgACMBkDBwAqAiGIAAADBgQqAiGIIAMGBCoCIYjwMA0GCSqG
SIb3DQEBCwUAA4IBAQCMU+QxlRMCYK7xdkFEplBwLjDLfJ9OF9pkcj4YbQtE0nnw
H5uqmACddU2BuFlSsrOfpFJXKWvNIYp2nG1zZMwcirV+/26bI0B1/tsiJmfZSYqB
Xb5fGenqqPn7Wv19p7JFqOD5x9zBcblq77kzjaiNNjGO0KC9hFlY29rBq6vmv6mv
4tr9aHPYrYm20+6OJZt2DZL3lWd1q0dfAFCp1f3pp14WlsxgWNhjUAZTOns9j6v3
TmExxbUHZvP15Fmq6FjfE4fd1QpHkO6kAgBUM1C9JPQrRs5o9LI4VhsIOPGkFJkp
T2LozgI1sxr9roeF9GhauiryTg3lO/tWzThCNFo0
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:40:16 2025 by rpki-client