Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/5KA65hOOKNz9EuX6YK-gfaOukrk.roa
File: 5KA65hOOKNz9EuX6YK-gfaOukrk.roa (raw, json)
Hash identifier: PdDTNbXgo67l0ruRP78o7mFUIKksbnBt24lH/mdrr9c=
Subject key identifier: E4:A0:3A:E6:13:8E:28:DC:FD:12:E5:FA:60:AF:A0:7D:A3:AE:92:B9
Certificate issuer: /CN=370e5450d1486780aba54f045ec4802f19f0b4f7
Certificate serial: 019428271AA39D71ADB69E394BEBB3C36811
Authority key identifier: 37:0E:54:50:D1:48:67:80:AB:A5:4F:04:5E:C4:80:2F:19:F0:B4:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/5KA65hOOKNz9EuX6YK-gfaOukrk.roa
Signing time: Thu 02 Jan 2025 17:53:58 +0000
ROA not before: Thu 02 Jan 2025 17:53:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210691
IP address blocks: 2a0e:46c4:1500::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:1a:a3:9d:71:ad:b6:9e:39:4b:eb:b3:c3:68:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=370e5450d1486780aba54f045ec4802f19f0b4f7
Validity
Not Before: Jan 2 17:53:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e4a03ae6138e28dcfd12e5fa60afa07da3ae92b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ea:b7:f8:6c:3b:dc:bc:7a:d0:af:87:f6:de:
7f:c3:20:66:fc:c8:56:c0:b0:f5:a9:86:8b:bf:8d:
81:c5:61:73:23:eb:ee:f2:47:a2:1b:ca:39:8a:9c:
a6:f1:fc:23:9d:0c:4a:94:6a:bf:1f:2b:b9:26:5f:
ed:80:15:c6:a3:d2:34:4b:6d:53:2b:5d:e4:dd:2b:
af:a7:ab:b2:bc:db:26:82:08:84:d5:c8:9c:86:a4:
26:01:2b:e7:0a:c3:a2:65:4b:c8:de:7f:b2:81:47:
35:a1:6c:86:8e:d1:2a:04:21:1f:2c:fe:dc:c8:f8:
a6:ec:ff:64:8b:90:1b:1e:30:0c:15:bb:d4:6a:d9:
28:96:55:3a:28:a1:2f:2c:a4:1f:74:90:00:6d:83:
cd:b6:20:37:81:9d:22:00:10:b8:2c:a9:e6:16:5d:
d3:78:09:a7:2d:88:65:6e:70:4c:13:f2:41:bd:f2:
30:a7:86:61:0d:24:dc:72:93:94:49:38:16:44:c2:
18:19:c2:49:3a:0a:ec:96:df:0e:77:5f:38:63:1b:
2d:48:9b:b1:36:82:86:68:8e:ba:6a:eb:c3:6e:29:
ed:03:2c:90:29:6d:97:98:37:4f:be:f2:b2:da:72:
28:bb:f8:74:43:eb:e4:2d:d6:f8:a8:49:cb:a3:a5:
03:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:A0:3A:E6:13:8E:28:DC:FD:12:E5:FA:60:AF:A0:7D:A3:AE:92:B9
X509v3 Authority Key Identifier:
keyid:37:0E:54:50:D1:48:67:80:AB:A5:4F:04:5E:C4:80:2F:19:F0:B4:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/5KA65hOOKNz9EuX6YK-gfaOukrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:46c4:1500::/44
Signature Algorithm: sha256WithRSAEncryption
18:b4:1f:59:cb:02:ad:2e:eb:03:fe:7a:13:07:89:53:76:ce:
4b:22:95:49:83:e4:51:76:d3:7b:c2:97:0b:b5:e0:43:53:6c:
09:ad:f2:55:48:92:0d:e4:66:24:01:8b:e5:7c:c7:94:26:f3:
95:26:de:ce:ee:61:ac:ee:0c:15:16:2c:f6:0b:7b:29:63:c7:
12:16:92:62:3a:fc:3b:aa:74:21:82:fd:d9:85:47:c6:19:40:
70:3f:91:e9:be:a3:bc:5c:c0:48:96:30:6a:9e:31:be:79:94:
f3:2a:4b:49:36:18:a3:aa:30:76:90:8a:b2:26:d9:27:63:88:
07:a5:9c:6c:4a:b0:5b:15:e3:85:08:2b:bd:12:a7:fe:7f:45:
ad:07:16:13:55:9e:0d:61:36:c5:03:9d:97:de:c3:4a:56:89:
26:ac:99:52:95:8a:9c:8d:16:ee:f5:a7:74:bb:cd:45:9e:c0:
3e:81:8a:38:2e:c4:f7:9a:58:40:81:03:f3:b3:26:6c:2d:5b:
0d:23:a6:69:47:26:ff:3f:a8:f2:89:ef:6e:ff:cd:28:e1:d6:
84:1a:22:6b:23:57:0a:54:57:2e:b0:4c:d4:1f:3c:d4:75:4e:
43:c6:e9:ac:5f:0d:87:63:b9:0b:43:b6:03:b5:52:d2:5d:a5:
f8:c1:c2:6f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQoJxqjnXGttp45S+uzw2gRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MGU1NDUwZDE0ODY3ODBhYmE1NGYwNDVlYzQ4MDJmMTlm
MGI0ZjcwHhcNMjUwMTAyMTc1MzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGEwM2FlNjEzOGUyOGRjZmQxMmU1ZmE2MGFmYTA3ZGEzYWU5MmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOq3+Gw73Lx60K+H9t5/wyBm/MhW
wLD1qYaLv42BxWFzI+vu8keiG8o5ipym8fwjnQxKlGq/Hyu5Jl/tgBXGo9I0S21T
K13k3Suvp6uyvNsmggiE1cichqQmASvnCsOiZUvI3n+ygUc1oWyGjtEqBCEfLP7c
yPim7P9ki5AbHjAMFbvUatkollU6KKEvLKQfdJAAbYPNtiA3gZ0iABC4LKnmFl3T
eAmnLYhlbnBME/JBvfIwp4ZhDSTccpOUSTgWRMIYGcJJOgrslt8Od184YxstSJux
NoKGaI66auvDbintAyyQKW2XmDdPvvKy2nIou/h0Q+vkLdb4qEnLo6UDxQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOSgOuYTjijc/RLl+mCvoH2jrpK5MB8GA1UdIwQY
MBaAFDcOVFDRSGeAq6VPBF7EgC8Z8LT3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnc1VVVORklaNENycFU4RVhzU0FMeG53dFBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9mMGY3MGMtMDZlNy00MWFjLWEyYjgt
ODU4ZGNlNTdmY2RiLzEvNUtBNjVoT09LTno5RXVYNllLLWdmYU91a3JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9mMGY3MGMtMDZlNy00MWFjLWEyYjgtODU4ZGNlNTdmY2Ri
LzEvTnc1VVVORklaNENycFU4RVhzU0FMeG53dFBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg5GxBUA
MA0GCSqGSIb3DQEBCwUAA4IBAQAYtB9ZywKtLusD/noTB4lTds5LIpVJg+RRdtN7
wpcLteBDU2wJrfJVSJIN5GYkAYvlfMeUJvOVJt7O7mGs7gwVFiz2C3spY8cSFpJi
Ovw7qnQhgv3ZhUfGGUBwP5HpvqO8XMBIljBqnjG+eZTzKktJNhijqjB2kIqyJtkn
Y4gHpZxsSrBbFeOFCCu9Eqf+f0WtBxYTVZ4NYTbFA52X3sNKVokmrJlSlYqcjRbu
9ad0u81FnsA+gYo4LsT3mlhAgQPzsyZsLVsNI6ZpRyb/P6jyie9u/80o4daEGiJr
I1cKVFcusEzUHzzUdU5DxumsXw2HY7kLQ7YDtVLSXaX4wcJv
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:34 2025 by rpki-client