Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/5X3rHc8z5t7VxhZY_nYttSJjSx0.roa
File: 5X3rHc8z5t7VxhZY_nYttSJjSx0.roa (raw, json)
Hash identifier: xOLUkibvLaH3NVzAST8AJp3iU2n4zZ/NVLAiMbuj1Eg=
Subject key identifier: E5:7D:EB:1D:CF:33:E6:DE:D5:C6:16:58:FE:76:2D:B5:22:63:4B:1D
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019427B3ABE31A448702256C0A8C0698CD3C
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/5X3rHc8z5t7VxhZY_nYttSJjSx0.roa
Signing time: Thu 02 Jan 2025 15:47:53 +0000
ROA not before: Thu 02 Jan 2025 15:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206238
IP address blocks: 45.137.88.0/22 maxlen: 24
45.137.100.0/22 maxlen: 24
45.138.52.0/22 maxlen: 24
45.142.16.0/22 maxlen: 24
45.142.144.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:ab:e3:1a:44:87:02:25:6c:0a:8c:06:98:cd:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 15:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e57deb1dcf33e6ded5c61658fe762db522634b1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:d0:d8:f0:19:e0:8f:5d:5f:c1:b7:6c:68:61:
ae:e4:f0:bb:37:51:ee:06:f2:45:27:8e:4a:45:52:
02:11:1c:cb:9a:17:9f:40:a8:df:bd:c2:34:4b:c0:
f5:de:68:c0:da:01:96:0b:5d:f9:47:2e:f0:85:f6:
a3:43:87:33:98:ef:c6:49:df:5d:80:1a:46:e2:48:
47:10:84:dd:25:12:65:73:4a:bb:65:79:16:cd:8c:
41:e5:87:ee:77:06:46:cf:8d:58:36:d9:20:af:69:
eb:cc:49:a4:1c:a0:e9:9f:4e:8c:fb:84:07:be:be:
38:e4:6a:41:32:d3:9b:83:4e:08:e1:8b:19:d8:4b:
c4:ae:f6:21:74:80:94:c0:90:2f:44:89:57:a5:69:
72:ca:f3:6d:f7:a2:a8:10:15:ef:07:5b:d8:fa:5f:
56:0c:77:ce:b3:d7:36:3d:a0:b2:33:b7:6d:2a:bc:
a6:57:04:db:14:78:7f:3f:b5:45:4a:4f:0c:b5:b6:
25:ff:f3:e6:82:cf:70:37:b9:7d:78:f1:9d:3c:31:
92:c7:de:ea:e3:57:ed:6e:b8:e1:e6:ab:5b:3d:66:
a0:99:5a:8a:1b:b6:27:5a:a7:6e:89:02:e9:1a:65:
97:9b:29:b8:94:db:c1:23:df:f0:dd:62:7c:bb:be:
fc:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:7D:EB:1D:CF:33:E6:DE:D5:C6:16:58:FE:76:2D:B5:22:63:4B:1D
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/5X3rHc8z5t7VxhZY_nYttSJjSx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.88.0/22
45.137.100.0/22
45.138.52.0/22
45.142.16.0/22
45.142.144.0/22
Signature Algorithm: sha256WithRSAEncryption
94:4f:c3:7c:0b:c9:a3:f9:b0:1a:ad:e4:da:77:eb:0a:b5:87:
66:51:8b:54:39:a4:89:88:cf:85:2b:e3:37:55:37:66:b6:41:
a0:54:0f:52:51:39:1a:fa:d7:32:2a:cd:62:89:ce:c9:b0:00:
b2:1e:c9:3d:28:e7:b7:5a:2f:54:a8:ed:e0:0a:91:f2:6b:0b:
3d:a6:01:31:89:60:c0:b3:d3:e9:3a:df:23:e7:11:cb:0b:9c:
73:5a:bc:08:c2:a9:e0:57:f4:34:2f:12:2f:54:e8:bc:10:8e:
40:9e:94:95:7a:55:76:62:ba:04:fe:6c:70:bf:6d:d1:f8:f0:
41:6e:1d:7f:05:4b:39:bd:c7:ab:7d:8b:ab:50:79:73:8d:8d:
b5:c0:40:80:90:6b:f8:12:a5:f9:ed:e1:e2:a6:25:3c:9b:db:
7b:75:f0:4f:d1:a8:51:2a:fa:45:ee:dd:f8:ec:de:4c:80:b1:
45:64:9f:b7:3b:8b:e1:76:4d:6f:4c:6a:0a:ac:6c:c8:b3:c1:
16:41:79:1b:9a:2e:d0:60:3f:9e:e2:a6:38:d8:89:1d:39:72:
e1:39:54:56:d5:18:d1:87:1c:e2:da:df:07:d1:c0:fa:48:d6:
d6:46:0f:35:a8:f7:55:8b:87:41:4d:b3:62:22:8e:79:04:df:
ac:ea:56:f7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQns6vjGkSHAiVsCowGmM08MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTAyMTU0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTdkZWIxZGNmMzNlNmRlZDVjNjE2NThmZTc2MmRiNTIyNjM0YjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9NDY8Bngj11fwbdsaGGu5PC7N1Hu
BvJFJ45KRVICERzLmhefQKjfvcI0S8D13mjA2gGWC135Ry7whfajQ4czmO/GSd9d
gBpG4khHEITdJRJlc0q7ZXkWzYxB5YfudwZGz41YNtkgr2nrzEmkHKDpn06M+4QH
vr445GpBMtObg04I4YsZ2EvErvYhdICUwJAvRIlXpWlyyvNt96KoEBXvB1vY+l9W
DHfOs9c2PaCyM7dtKrymVwTbFHh/P7VFSk8MtbYl//Pmgs9wN7l9ePGdPDGSx97q
41ftbrjh5qtbPWagmVqKG7YnWqduiQLpGmWXmym4lNvBI9/w3WJ8u778rwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOV96x3PM+be1cYWWP52LbUiY0sdMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvNVgzckhjOHo1dDdWeGhaWV9uWXR0U0pqU3gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLYlYAwQC
LYlkAwQCLYo0AwQCLY4QAwQCLY6QMA0GCSqGSIb3DQEBCwUAA4IBAQCUT8N8C8mj
+bAareTad+sKtYdmUYtUOaSJiM+FK+M3VTdmtkGgVA9SUTka+tcyKs1iic7JsACy
Hsk9KOe3Wi9UqO3gCpHyaws9pgExiWDAs9PpOt8j5xHLC5xzWrwIwqngV/Q0LxIv
VOi8EI5AnpSVelV2YroE/mxwv23R+PBBbh1/BUs5vcerfYurUHlzjY21wECAkGv4
EqX57eHipiU8m9t7dfBP0ahRKvpF7t347N5MgLFFZJ+3O4vhdk1vTGoKrGzIs8EW
QXkbmi7QYD+e4qY42IkdOXLhOVRW1RjRhxzi2t8H0cD6SNbWRg81qPdVi4dBTbNi
Io55BN+s6lb3
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:41:10 2025 by rpki-client