Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/5U4MEYVwKErq9FhOsJB89ZvBBuA.roa
File: 5U4MEYVwKErq9FhOsJB89ZvBBuA.roa (raw, json)
Hash identifier: NDCcRzRMP/wHXoUUOEq/IXJG3IgwKCj1GS7rUpsjlXY=
Subject key identifier: E5:4E:0C:11:85:70:28:4A:EA:F4:58:4E:B0:90:7C:F5:9B:C1:06:E0
Certificate issuer: /CN=ba60a4d874d9601c8142c352f80c56a43276cd47
Certificate serial: 019465CA68E342605F048E589E823A08C23C
Authority key identifier: BA:60:A4:D8:74:D9:60:1C:81:42:C3:52:F8:0C:56:A4:32:76:CD:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/5U4MEYVwKErq9FhOsJB89ZvBBuA.roa
Signing time: Tue 14 Jan 2025 17:09:11 +0000
ROA not before: Tue 14 Jan 2025 17:09:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197537
IP address blocks: 2.58.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/umCk2HTZYByBQsNS-AxWpDJ2zUc.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/umCk2HTZYByBQsNS-AxWpDJ2zUc.mft
rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 19:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:65:ca:68:e3:42:60:5f:04:8e:58:9e:82:3a:08:c2:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba60a4d874d9601c8142c352f80c56a43276cd47
Validity
Not Before: Jan 14 17:09:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e54e0c118570284aeaf4584eb0907cf59bc106e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:6c:80:6d:37:2a:f6:69:fe:8b:3e:bb:f4:3b:
92:87:92:76:cd:2e:c7:05:22:39:80:06:52:f4:54:
36:6f:be:c6:88:59:23:bc:30:9a:6b:99:69:93:5a:
e6:da:05:31:26:76:96:24:0d:12:92:73:7a:6e:fa:
fe:01:29:a9:fa:30:ad:2c:b1:e9:de:9b:ad:88:2c:
c0:9f:64:95:de:d9:af:f6:20:27:bf:7a:58:f5:e9:
5a:3d:63:7f:94:a7:ed:a2:13:b7:17:20:eb:0d:21:
cc:7e:cc:fe:46:2a:6c:37:4f:57:c6:f4:41:f9:7e:
69:a0:ee:62:15:07:0b:be:79:e2:27:53:01:9d:47:
9f:c9:06:4e:24:7e:5e:7f:9d:a9:f3:0c:81:7e:a1:
03:39:59:b0:59:16:b9:2f:ef:cd:f5:5f:d4:d6:3c:
e2:d0:29:4c:c5:33:80:08:64:1e:a9:55:68:98:08:
37:a0:d6:7c:4b:03:c6:6b:87:41:0b:a1:a8:f0:a8:
6a:a8:fc:bd:9b:43:3a:bb:1c:76:f3:09:11:d3:67:
a9:f5:9f:2a:fd:6e:30:fe:de:6b:21:e1:f0:cc:3d:
d5:97:85:00:6f:53:7c:5d:e6:72:1e:89:39:0e:eb:
e8:10:de:86:85:72:fe:2c:5f:9a:06:ed:43:40:cb:
bb:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:4E:0C:11:85:70:28:4A:EA:F4:58:4E:B0:90:7C:F5:9B:C1:06:E0
X509v3 Authority Key Identifier:
keyid:BA:60:A4:D8:74:D9:60:1C:81:42:C3:52:F8:0C:56:A4:32:76:CD:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/5U4MEYVwKErq9FhOsJB89ZvBBuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/umCk2HTZYByBQsNS-AxWpDJ2zUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.115.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:86:a2:a1:72:39:b1:71:5a:04:72:b3:ae:c5:d9:84:90:3d:
8e:9e:26:4e:36:09:5c:c7:af:55:d6:fb:f1:a9:f7:79:3c:0e:
83:40:54:27:90:71:b5:c2:7d:a9:ac:7a:c7:bb:a9:6b:03:88:
a3:bf:7d:86:53:05:b7:5b:c5:79:19:8f:56:49:ce:e5:59:4f:
cd:07:17:ca:03:92:7d:71:06:22:36:bf:32:26:c1:9d:ec:98:
67:9f:71:62:92:a1:32:46:82:36:58:53:ee:4c:62:53:5c:80:
ec:c9:0e:31:80:3f:47:5d:2f:bc:33:4e:50:4c:22:6a:e6:f1:
ca:8e:6b:11:7d:da:0a:98:ed:40:f1:15:f5:a5:93:45:4d:3c:
8a:1c:c6:d4:12:de:69:d1:6e:0b:99:2b:8d:ba:91:12:32:48:
c2:ed:e8:cb:77:55:67:5b:24:61:67:24:29:22:48:1d:98:d8:
4e:f6:63:e6:cf:d0:44:4a:ab:76:2e:ae:ad:62:df:07:d0:c8:
27:58:11:77:44:c5:7d:df:e2:2c:a7:24:65:b4:22:76:30:e9:
15:7c:61:0d:fa:fd:5d:ca:f4:58:1d:10:79:06:77:a4:31:fd:
be:14:ae:40:b5:a4:cc:28:a4:86:6d:38:99:bd:7c:76:71:71:
df:ed:d5:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRlymjjQmBfBI5YnoI6CMI8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNjBhNGQ4NzRkOTYwMWM4MTQyYzM1MmY4MGM1NmE0MzI3
NmNkNDcwHhcNMjUwMTE0MTcwOTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTRlMGMxMTg1NzAyODRhZWFmNDU4NGViMDkwN2NmNTliYzEwNmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWyAbTcq9mn+iz679DuSh5J2zS7H
BSI5gAZS9FQ2b77GiFkjvDCaa5lpk1rm2gUxJnaWJA0SknN6bvr+ASmp+jCtLLHp
3putiCzAn2SV3tmv9iAnv3pY9elaPWN/lKftohO3FyDrDSHMfsz+RipsN09XxvRB
+X5poO5iFQcLvnniJ1MBnUefyQZOJH5ef52p8wyBfqEDOVmwWRa5L+/N9V/U1jzi
0ClMxTOACGQeqVVomAg3oNZ8SwPGa4dBC6Go8KhqqPy9m0M6uxx28wkR02ep9Z8q
/W4w/t5rIeHwzD3Vl4UAb1N8XeZyHok5DuvoEN6GhXL+LF+aBu1DQMu7yQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOVODBGFcChK6vRYTrCQfPWbwQbgMB8GA1UdIwQY
MBaAFLpgpNh02WAcgULDUvgMVqQyds1HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW1DazJIVFpZQnlCUXNOUy1BeFdwREoyelVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yOGNiNWMtMjk4Zi00ZDhiLTgxNWIt
ZTVhMzc3OGJlM2FkLzEvNVU0TUVZVndLRXJxOUZoT3NKQjg5WnZCQnVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yOGNiNWMtMjk4Zi00ZDhiLTgxNWItZTVhMzc3OGJlM2Fk
LzEvdW1DazJIVFpZQnlCUXNOUy1BeFdwREoyelVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjpzMA0G
CSqGSIb3DQEBCwUAA4IBAQB+hqKhcjmxcVoEcrOuxdmEkD2OniZONglcx69V1vvx
qfd5PA6DQFQnkHG1wn2prHrHu6lrA4ijv32GUwW3W8V5GY9WSc7lWU/NBxfKA5J9
cQYiNr8yJsGd7Jhnn3FikqEyRoI2WFPuTGJTXIDsyQ4xgD9HXS+8M05QTCJq5vHK
jmsRfdoKmO1A8RX1pZNFTTyKHMbUEt5p0W4LmSuNupESMkjC7ejLd1VnWyRhZyQp
IkgdmNhO9mPmz9BESqt2Lq6tYt8H0MgnWBF3RMV93+IspyRltCJ2MOkVfGEN+v1d
yvRYHRB5BnekMf2+FK5AtaTMKKSGbTiZvXx2cXHf7dUK
-----END CERTIFICATE-----
Generated at Thu Apr 10 04:30:08 2025 by rpki-client