Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/097278-eab6-41f7-82ac-a078c6ccbe6b/1/5VpJh85q40wiF3tIcwBqbUYfHXs.roa
File: 5VpJh85q40wiF3tIcwBqbUYfHXs.roa (raw, json)
Hash identifier: FZq736wENvopOQrubygsWoOWFmhs6QXxNgIM0epTpuM=
Subject key identifier: E5:5A:49:87:CE:6A:E3:4C:22:17:7B:48:73:00:6A:6D:46:1F:1D:7B
Certificate issuer: /CN=f6b54e15714c23f35fdcf5a316c6b99a35410588
Certificate serial: 019424B2B9D4C3166BC2C7FD0538705FC24E
Authority key identifier: F6:B5:4E:15:71:4C:23:F3:5F:DC:F5:A3:16:C6:B9:9A:35:41:05:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9rVOFXFMI_Nf3PWjFsa5mjVBBYg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/097278-eab6-41f7-82ac-a078c6ccbe6b/1/5VpJh85q40wiF3tIcwBqbUYfHXs.roa
Signing time: Thu 02 Jan 2025 01:48:00 +0000
ROA not before: Thu 02 Jan 2025 01:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211785
IP address blocks: 185.241.11.0/24 maxlen: 24
2a10:9ec0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/097278-eab6-41f7-82ac-a078c6ccbe6b/1/9rVOFXFMI_Nf3PWjFsa5mjVBBYg.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/097278-eab6-41f7-82ac-a078c6ccbe6b/1/9rVOFXFMI_Nf3PWjFsa5mjVBBYg.mft
rsync://rpki.ripe.net/repository/DEFAULT/9rVOFXFMI_Nf3PWjFsa5mjVBBYg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 07:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:b9:d4:c3:16:6b:c2:c7:fd:05:38:70:5f:c2:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6b54e15714c23f35fdcf5a316c6b99a35410588
Validity
Not Before: Jan 2 01:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e55a4987ce6ae34c22177b4873006a6d461f1d7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:f4:bb:12:70:52:b5:1a:28:39:f9:fa:39:24:
02:62:6c:f3:a9:c8:52:0a:e6:ac:5f:c0:20:a0:15:
5d:27:b4:7b:9e:76:bb:d4:ed:c1:ac:c9:84:33:5b:
cd:e7:46:46:17:dc:1c:4f:d6:07:08:55:26:9c:27:
ae:3c:b7:bc:4c:65:9a:5e:48:42:1e:14:60:90:55:
ce:b6:a9:1e:a1:1a:e5:19:48:5d:67:0c:81:80:54:
16:0d:10:f2:26:9e:0b:95:55:1c:88:21:1e:ed:9e:
7c:66:0b:07:e7:93:7f:32:d8:da:3c:e5:dd:8d:ac:
71:25:05:ff:e8:6b:98:83:74:34:9e:db:a6:47:95:
a2:52:31:95:40:de:30:45:6b:4f:94:b2:ea:ce:50:
a5:17:67:49:60:ee:bd:01:e3:0f:c7:a5:b0:9e:ea:
5c:5d:a7:63:b2:b9:67:4f:fd:a8:f5:6e:fb:66:b3:
75:68:d1:08:19:7d:a0:5f:7c:b8:1a:41:1c:c0:6f:
05:7d:97:c9:4d:e5:e1:c8:6a:ff:a9:02:6d:f9:e6:
d2:c7:a2:53:e1:6b:ac:22:11:3c:b2:fc:5b:44:98:
65:60:c6:cf:9b:86:fc:b3:36:fa:67:7b:ec:ef:6e:
3e:77:f6:76:7d:4b:b7:6e:25:21:b2:b8:f2:78:fa:
b5:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:5A:49:87:CE:6A:E3:4C:22:17:7B:48:73:00:6A:6D:46:1F:1D:7B
X509v3 Authority Key Identifier:
keyid:F6:B5:4E:15:71:4C:23:F3:5F:DC:F5:A3:16:C6:B9:9A:35:41:05:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9rVOFXFMI_Nf3PWjFsa5mjVBBYg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/097278-eab6-41f7-82ac-a078c6ccbe6b/1/5VpJh85q40wiF3tIcwBqbUYfHXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/097278-eab6-41f7-82ac-a078c6ccbe6b/1/9rVOFXFMI_Nf3PWjFsa5mjVBBYg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.11.0/24
IPv6:
2a10:9ec0::/29
Signature Algorithm: sha256WithRSAEncryption
53:ee:ad:ef:b3:d7:78:bc:b7:64:46:f5:1a:11:b8:9a:44:9e:
ee:dc:7c:35:48:e5:ad:b6:e7:3d:8d:27:cd:f0:16:18:2c:a9:
6d:a9:a9:f0:eb:74:76:12:63:f8:c3:b8:75:9b:51:28:33:57:
b5:37:5d:ca:c9:48:e5:6b:57:7d:2f:8c:1c:49:90:42:33:07:
e7:fb:da:fc:8b:26:b5:fd:0c:f0:1f:27:11:c9:d2:ca:6c:6c:
f7:25:96:6a:dc:f8:60:71:40:3e:ed:1a:48:5a:58:ac:d4:f0:
33:e0:d3:b6:f7:af:b4:ff:55:d6:56:48:26:3a:76:3e:44:eb:
6b:c2:02:10:f8:15:ad:56:18:73:53:f9:69:07:29:d6:ee:6a:
1c:22:33:63:c8:72:a2:15:55:18:14:98:8f:4d:47:91:13:b1:
60:7d:73:31:48:dd:60:f1:dd:7c:72:4e:ac:3c:a7:54:87:e6:
05:df:4e:53:93:75:92:fc:e1:bd:c9:0f:77:b7:dc:b5:72:26:
1c:b4:f5:20:10:0d:59:8a:30:21:84:10:55:e4:cc:c5:bd:bf:
32:20:ed:6a:e8:f3:9f:f0:1d:ba:ed:cb:a3:40:38:c6:86:bc:
54:d4:0b:fd:ca:48:4c:f0:26:08:24:8c:fe:f9:19:9c:07:f2:
f5:1b:2b:c5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQksrnUwxZrwsf9BThwX8JOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2YjU0ZTE1NzE0YzIzZjM1ZmRjZjVhMzE2YzZiOTlhMzU0
MTA1ODgwHhcNMjUwMTAyMDE0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTVhNDk4N2NlNmFlMzRjMjIxNzdiNDg3MzAwNmE2ZDQ2MWYxZDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vS7EnBStRooOfn6OSQCYmzzqchS
CuasX8AgoBVdJ7R7nna71O3BrMmEM1vN50ZGF9wcT9YHCFUmnCeuPLe8TGWaXkhC
HhRgkFXOtqkeoRrlGUhdZwyBgFQWDRDyJp4LlVUciCEe7Z58ZgsH55N/MtjaPOXd
jaxxJQX/6GuYg3Q0ntumR5WiUjGVQN4wRWtPlLLqzlClF2dJYO69AeMPx6Wwnupc
XadjsrlnT/2o9W77ZrN1aNEIGX2gX3y4GkEcwG8FfZfJTeXhyGr/qQJt+ebSx6JT
4WusIhE8svxbRJhlYMbPm4b8szb6Z3vs724+d/Z2fUu3biUhsrjyePq1NQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOVaSYfOauNMIhd7SHMAam1GHx17MB8GA1UdIwQY
MBaAFPa1ThVxTCPzX9z1oxbGuZo1QQWIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXJWT0ZYRk1JX05mM1BXakZzYTVtalZCQllnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8wOTcyNzgtZWFiNi00MWY3LTgyYWMt
YTA3OGM2Y2NiZTZiLzEvNVZwSmg4NXE0MHdpRjN0SWN3QnFiVVlmSFhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8wOTcyNzgtZWFiNi00MWY3LTgyYWMtYTA3OGM2Y2NiZTZi
LzEvOXJWT0ZYRk1JX05mM1BXakZzYTVtalZCQllnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAufELMA0E
AgACMAcDBQMqEJ7AMA0GCSqGSIb3DQEBCwUAA4IBAQBT7q3vs9d4vLdkRvUaEbia
RJ7u3Hw1SOWttuc9jSfN8BYYLKltqanw63R2EmP4w7h1m1EoM1e1N13KyUjla1d9
L4wcSZBCMwfn+9r8iya1/QzwHycRydLKbGz3JZZq3PhgcUA+7RpIWlis1PAz4NO2
96+0/1XWVkgmOnY+ROtrwgIQ+BWtVhhzU/lpBynW7mocIjNjyHKiFVUYFJiPTUeR
E7FgfXMxSN1g8d18ck6sPKdUh+YF305Tk3WS/OG9yQ93t9y1ciYctPUgEA1ZijAh
hBBV5MzFvb8yIO1q6POf8B267cujQDjGhrxU1Av9ykhM8CYIJIz++RmcB/L1GyvF
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:34:42 2025 by rpki-client