Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/1bbk3xQO4GAsakJYReXogLvLM4k.roa
File: 1bbk3xQO4GAsakJYReXogLvLM4k.roa (raw, json)
Hash identifier: ma7JWfiezOV+JM83OPhYUisosrWCLMi3zSbBAzKD2O0=
Subject key identifier: D5:B6:E4:DF:14:0E:E0:60:2C:6A:42:58:45:E5:E8:80:BB:CB:33:89
Certificate issuer: /CN=323ab5ba98bef5d0d9bd0cea031a1fe13777a486
Certificate serial: 01942444B11D4259B39AC8AC09063734187A
Authority key identifier: 32:3A:B5:BA:98:BE:F5:D0:D9:BD:0C:EA:03:1A:1F:E1:37:77:A4:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mjq1upi-9dDZvQzqAxof4Td3pIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/1bbk3xQO4GAsakJYReXogLvLM4k.roa
Signing time: Wed 01 Jan 2025 23:47:48 +0000
ROA not before: Wed 01 Jan 2025 23:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199139
IP address blocks: 5.172.216.0/21 maxlen: 21
185.64.192.0/22 maxlen: 22
185.122.152.0/22 maxlen: 22
2a02:f600::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/Mjq1upi-9dDZvQzqAxof4Td3pIY.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/Mjq1upi-9dDZvQzqAxof4Td3pIY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Mjq1upi-9dDZvQzqAxof4Td3pIY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 03:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:b1:1d:42:59:b3:9a:c8:ac:09:06:37:34:18:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=323ab5ba98bef5d0d9bd0cea031a1fe13777a486
Validity
Not Before: Jan 1 23:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5b6e4df140ee0602c6a425845e5e880bbcb3389
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:2c:83:93:98:fa:44:bf:b6:49:f9:be:9f:88:
81:3f:26:17:81:a1:6f:cc:d8:79:ba:a8:ea:2c:7e:
5b:bc:fe:35:68:1d:6c:49:d8:79:03:d7:a7:e5:af:
ef:75:c9:dd:f4:60:65:f9:82:4b:68:73:75:69:ef:
05:82:04:79:57:5d:d4:ef:bc:de:5a:df:10:f5:0b:
9c:f9:dd:d9:2a:58:1c:3d:fa:66:75:bf:2d:d7:28:
b8:13:70:7d:9c:79:a6:4c:f1:2e:74:99:c2:09:78:
24:5c:ee:30:92:a3:e1:3c:ab:e7:74:b2:26:f6:e0:
70:0b:e7:c7:80:6a:d7:46:7f:9c:1f:a0:b3:3d:f3:
33:13:35:18:24:a0:7a:8e:b6:58:87:74:66:f1:25:
fc:23:24:c9:13:56:ea:34:c5:19:cb:68:ac:9e:8d:
4d:dd:7a:ef:c6:77:e7:12:e3:fd:c2:68:10:69:68:
0d:56:c2:56:a7:00:0c:b4:e5:1c:7d:04:54:66:8f:
02:8c:e3:fd:c2:98:70:16:4b:32:84:c6:98:10:a7:
24:43:08:f5:87:ca:16:79:e0:87:40:92:78:1b:6a:
dc:f3:34:25:09:51:ad:07:b2:a7:9c:24:91:6c:07:
22:af:28:b9:ed:a2:80:a6:5b:b9:53:5d:3c:08:e9:
0f:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:B6:E4:DF:14:0E:E0:60:2C:6A:42:58:45:E5:E8:80:BB:CB:33:89
X509v3 Authority Key Identifier:
keyid:32:3A:B5:BA:98:BE:F5:D0:D9:BD:0C:EA:03:1A:1F:E1:37:77:A4:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mjq1upi-9dDZvQzqAxof4Td3pIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/1bbk3xQO4GAsakJYReXogLvLM4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/Mjq1upi-9dDZvQzqAxof4Td3pIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.216.0/21
185.64.192.0/22
185.122.152.0/22
IPv6:
2a02:f600::/29
Signature Algorithm: sha256WithRSAEncryption
7b:2f:2f:42:5d:ca:29:da:6d:5b:0c:0d:08:ee:0b:b7:a3:6c:
fb:8f:a5:40:5d:26:48:1b:d4:6a:43:c6:bc:06:ff:45:5b:73:
2f:8e:85:a5:a0:c3:74:cb:af:ab:67:c9:4a:c8:17:43:ee:c2:
52:9f:4c:d5:67:2b:e8:56:7d:27:b5:25:7a:db:bb:79:a8:8e:
4c:dd:a4:cf:0c:d6:3b:28:77:59:5f:3b:3f:d0:94:54:75:c7:
0b:97:88:2e:8e:79:6a:25:98:85:b1:5e:ff:1c:ca:53:6b:fe:
6b:81:cc:0b:c7:2f:0a:e5:7f:08:e8:74:8e:81:bd:11:cf:65:
f2:ed:c3:4c:7d:5e:82:3c:b9:07:29:1e:28:f2:4b:6e:57:0c:
5b:11:dd:14:c0:12:87:40:1b:84:8f:b0:62:a9:6b:c2:ae:16:
a7:21:27:e2:39:08:df:8e:9f:d4:81:a8:29:b7:31:d7:c6:9e:
7d:26:ab:43:11:aa:12:98:5c:65:0d:3a:32:87:01:83:d7:1d:
f1:89:2f:77:1d:f4:f7:45:aa:09:72:12:7d:5e:09:30:4b:f3:
91:13:d1:ac:05:a6:16:14:af:2b:b1:2e:fd:54:67:3b:af:eb:
57:60:8c:1e:33:1a:8e:39:39:fd:68:9e:cf:b1:54:56:c8:2f:
82:42:43:10
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQkRLEdQlmzmsisCQY3NBh6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyM2FiNWJhOThiZWY1ZDBkOWJkMGNlYTAzMWExZmUxMzc3
N2E0ODYwHhcNMjUwMTAxMjM0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWI2ZTRkZjE0MGVlMDYwMmM2YTQyNTg0NWU1ZTg4MGJiY2IzMzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSyDk5j6RL+2Sfm+n4iBPyYXgaFv
zNh5uqjqLH5bvP41aB1sSdh5A9en5a/vdcnd9GBl+YJLaHN1ae8FggR5V13U77ze
Wt8Q9Quc+d3ZKlgcPfpmdb8t1yi4E3B9nHmmTPEudJnCCXgkXO4wkqPhPKvndLIm
9uBwC+fHgGrXRn+cH6CzPfMzEzUYJKB6jrZYh3Rm8SX8IyTJE1bqNMUZy2isno1N
3XrvxnfnEuP9wmgQaWgNVsJWpwAMtOUcfQRUZo8CjOP9wphwFksyhMaYEKckQwj1
h8oWeeCHQJJ4G2rc8zQlCVGtB7KnnCSRbAciryi57aKAplu5U108COkPiwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNW25N8UDuBgLGpCWEXl6IC7yzOJMB8GA1UdIwQY
MBaAFDI6tbqYvvXQ2b0M6gMaH+E3d6SGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWpxMXVwaS05ZERadlF6cUF4b2Y0VGQzcElZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9iMDEyOTAtZDc2ZC00MmQ4LWEyMzQt
Zjk1MTI0OTllMDVjLzEvMWJiazN4UU80R0FzYWtKWVJlWG9nTHZMTTRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9iMDEyOTAtZDc2ZC00MmQ4LWEyMzQtZjk1MTI0OTllMDVj
LzEvTWpxMXVwaS05ZERadlF6cUF4b2Y0VGQzcElZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBazYAwQC
uUDAAwQCuXqYMA0EAgACMAcDBQMqAvYAMA0GCSqGSIb3DQEBCwUAA4IBAQB7Ly9C
Xcop2m1bDA0I7gu3o2z7j6VAXSZIG9RqQ8a8Bv9FW3MvjoWloMN0y6+rZ8lKyBdD
7sJSn0zVZyvoVn0ntSV627t5qI5M3aTPDNY7KHdZXzs/0JRUdccLl4gujnlqJZiF
sV7/HMpTa/5rgcwLxy8K5X8I6HSOgb0Rz2Xy7cNMfV6CPLkHKR4o8ktuVwxbEd0U
wBKHQBuEj7BiqWvCrhanISfiOQjfjp/UgagptzHXxp59JqtDEaoSmFxlDToyhwGD
1x3xiS93HfT3RaoJchJ9XgkwS/ORE9GsBaYWFK8rsS79VGc7r+tXYIweMxqOOTn9
aJ7PsVRWyC+CQkMQ
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:42:46 2025 by rpki-client