Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/deeb4c-99d6-4a9e-8200-7caa97927142/1/5SQUdjWeY9PdQ3b1GR4L3yx_VJ4.roa
File: 5SQUdjWeY9PdQ3b1GR4L3yx_VJ4.roa (raw, json)
Hash identifier: VQXaoCtg+0JbslSnqFe7W7gX+zMPO93yVdM1v7U3tJ8=
Subject key identifier: E5:24:14:76:35:9E:63:D3:DD:43:76:F5:19:1E:0B:DF:2C:7F:54:9E
Certificate issuer: /CN=5550e06ee02c5a32e54dc89853b4aa378f8604f7
Certificate serial: 019421B1B65CCA601EFE84DAA5E0C5BCA59D
Authority key identifier: 55:50:E0:6E:E0:2C:5A:32:E5:4D:C8:98:53:B4:AA:37:8F:86:04:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VVDgbuAsWjLlTciYU7SqN4-GBPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/deeb4c-99d6-4a9e-8200-7caa97927142/1/5SQUdjWeY9PdQ3b1GR4L3yx_VJ4.roa
Signing time: Wed 01 Jan 2025 11:48:02 +0000
ROA not before: Wed 01 Jan 2025 11:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20649
IP address blocks: 2a11:1800::/32 maxlen: 32
2a11:1801::/32 maxlen: 32
2a11:1802::/32 maxlen: 32
2a11:1803::/32 maxlen: 32
2a11:1804::/32 maxlen: 32
2a11:1805::/32 maxlen: 32
2a11:1806::/32 maxlen: 32
2a11:1807::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/deeb4c-99d6-4a9e-8200-7caa97927142/1/VVDgbuAsWjLlTciYU7SqN4-GBPc.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/deeb4c-99d6-4a9e-8200-7caa97927142/1/VVDgbuAsWjLlTciYU7SqN4-GBPc.mft
rsync://rpki.ripe.net/repository/DEFAULT/VVDgbuAsWjLlTciYU7SqN4-GBPc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:b6:5c:ca:60:1e:fe:84:da:a5:e0:c5:bc:a5:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5550e06ee02c5a32e54dc89853b4aa378f8604f7
Validity
Not Before: Jan 1 11:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5241476359e63d3dd4376f5191e0bdf2c7f549e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:1a:77:22:08:c2:6e:55:be:44:85:8e:e2:cc:
8d:e1:8c:ad:e7:8f:b2:56:38:be:fa:98:6c:7c:29:
0b:89:ce:b3:bf:47:d9:3f:ce:5e:c4:fe:0e:9b:c8:
90:71:18:7a:c9:19:14:bf:22:27:a0:c8:8a:f0:13:
ff:42:09:35:b9:28:ea:4f:93:57:e3:da:b9:49:ad:
15:a2:0a:b8:43:6d:06:bb:8a:e7:ab:6b:6b:f7:4e:
18:f3:3d:ea:e0:24:ab:4a:65:d6:08:39:6f:36:bb:
5e:67:1a:9e:12:b7:97:01:2d:58:48:e2:24:2d:45:
27:9c:1d:3a:84:d2:65:99:8a:ac:53:c8:e7:a7:32:
b4:65:9c:e1:30:14:0e:4e:e4:ad:21:f1:c9:94:78:
a4:40:48:b3:ad:e6:0c:ee:96:38:66:ba:0c:90:e1:
61:17:71:c4:83:6c:f0:db:89:68:89:7e:db:c7:f7:
83:10:e3:75:24:69:bb:5d:0e:13:16:c0:d3:e1:14:
f3:eb:8c:95:4f:45:22:2e:ad:86:64:1c:24:e9:98:
76:96:71:69:da:c1:78:77:12:b7:09:9e:dc:14:d8:
fb:de:93:e0:e1:0e:5f:b2:12:38:93:0e:c2:0c:b0:
e3:62:08:cf:4d:68:ab:9f:30:be:86:e8:41:3d:9e:
2f:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:24:14:76:35:9E:63:D3:DD:43:76:F5:19:1E:0B:DF:2C:7F:54:9E
X509v3 Authority Key Identifier:
keyid:55:50:E0:6E:E0:2C:5A:32:E5:4D:C8:98:53:B4:AA:37:8F:86:04:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VVDgbuAsWjLlTciYU7SqN4-GBPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/deeb4c-99d6-4a9e-8200-7caa97927142/1/5SQUdjWeY9PdQ3b1GR4L3yx_VJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/deeb4c-99d6-4a9e-8200-7caa97927142/1/VVDgbuAsWjLlTciYU7SqN4-GBPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:1800::/29
Signature Algorithm: sha256WithRSAEncryption
17:4c:60:29:aa:53:bf:47:81:39:5d:df:e5:77:bc:e3:74:64:
1f:17:c0:43:4a:19:20:49:53:83:cb:0c:b6:04:e3:30:85:ab:
9d:2d:0c:c8:b0:2d:af:fd:fe:5e:de:89:82:64:0f:74:da:a3:
ef:bc:d0:3f:79:93:50:67:cb:91:41:33:bc:0f:55:f4:be:cd:
ee:35:33:71:6c:1f:df:e9:bc:ae:7c:bf:bb:14:93:0d:4e:7d:
26:46:bf:10:cb:67:65:e4:f0:4e:ad:f0:86:eb:ec:b7:a9:90:
e7:49:54:2f:73:c9:aa:95:4f:10:02:bc:d2:b6:ba:03:60:98:
0a:7c:95:d9:28:e6:7e:4f:03:11:cc:5f:53:5a:47:c0:28:c6:
8a:3a:b7:20:d2:2f:91:0e:a8:a3:00:58:d8:c6:89:17:c4:6c:
c5:af:a3:7c:cc:0a:41:89:c2:ca:52:e1:36:6d:48:ba:d1:8d:
f8:a1:b1:d5:5d:1c:1a:3f:3b:26:be:d0:eb:4c:7c:e8:96:6d:
5b:00:3d:03:0b:a8:34:97:ee:83:e8:5f:31:a8:ef:02:44:d7:
44:17:9b:d4:16:1d:bf:7e:d3:53:0c:58:23:2e:c2:f1:ec:9b:
cb:15:11:76:0e:2a:db:75:33:1f:ed:ef:b0:4c:00:a7:48:e0:
2d:d8:69:5b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQhsbZcymAe/oTapeDFvKWdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1NTBlMDZlZTAyYzVhMzJlNTRkYzg5ODUzYjRhYTM3OGY4
NjA0ZjcwHhcNMjUwMTAxMTE0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTI0MTQ3NjM1OWU2M2QzZGQ0Mzc2ZjUxOTFlMGJkZjJjN2Y1NDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Bp3IgjCblW+RIWO4syN4Yyt54+y
Vji++phsfCkLic6zv0fZP85exP4Om8iQcRh6yRkUvyInoMiK8BP/Qgk1uSjqT5NX
49q5Sa0Vogq4Q20Gu4rnq2tr904Y8z3q4CSrSmXWCDlvNrteZxqeEreXAS1YSOIk
LUUnnB06hNJlmYqsU8jnpzK0ZZzhMBQOTuStIfHJlHikQEizreYM7pY4ZroMkOFh
F3HEg2zw24loiX7bx/eDEON1JGm7XQ4TFsDT4RTz64yVT0UiLq2GZBwk6Zh2lnFp
2sF4dxK3CZ7cFNj73pPg4Q5fshI4kw7CDLDjYgjPTWirnzC+huhBPZ4vzQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOUkFHY1nmPT3UN29RkeC98sf1SeMB8GA1UdIwQY
MBaAFFVQ4G7gLFoy5U3ImFO0qjePhgT3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlZEZ2J1QXNXakxsVGNpWVU3U3FONC1HQlBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9kZWViNGMtOTlkNi00YTllLTgyMDAt
N2NhYTk3OTI3MTQyLzEvNVNRVWRqV2VZOVBkUTNiMUdSNEwzeXhfVko0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9kZWViNGMtOTlkNi00YTllLTgyMDAtN2NhYTk3OTI3MTQy
LzEvVlZEZ2J1QXNXakxsVGNpWVU3U3FONC1HQlBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhEYADAN
BgkqhkiG9w0BAQsFAAOCAQEAF0xgKapTv0eBOV3f5Xe843RkHxfAQ0oZIElTg8sM
tgTjMIWrnS0MyLAtr/3+Xt6JgmQPdNqj77zQP3mTUGfLkUEzvA9V9L7N7jUzcWwf
3+m8rny/uxSTDU59Jka/EMtnZeTwTq3whuvst6mQ50lUL3PJqpVPEAK80ra6A2CY
CnyV2Sjmfk8DEcxfU1pHwCjGijq3INIvkQ6oowBY2MaJF8Rsxa+jfMwKQYnCylLh
Nm1IutGN+KGx1V0cGj87Jr7Q60x86JZtWwA9AwuoNJfug+hfMajvAkTXRBeb1BYd
v37TUwxYIy7C8eybyxURdg4q23UzH+3vsEwAp0jgLdhpWw==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:54:34 2025 by rpki-client