Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/cdbfbd-ed67-44b7-9e1f-b29107b98acc/1/hRMqKbI5ZBKlaiDQw_wO9nw88a0.roa
File: hRMqKbI5ZBKlaiDQw_wO9nw88a0.roa (raw, json)
Hash identifier: tQTOlSI2XH6rsXW1nhJPPPkXPxhSWEfkvDRnTJEB2Ws=
Subject key identifier: 85:13:2A:29:B2:39:64:12:A5:6A:20:D0:C3:FC:0E:F6:7C:3C:F1:AD
Certificate issuer: /CN=27f958c3b759b2c7896f5ed663e807781f3ff5a2
Certificate serial: 019424B27411F74B58B6AEBE449153AC7BBB
Authority key identifier: 27:F9:58:C3:B7:59:B2:C7:89:6F:5E:D6:63:E8:07:78:1F:3F:F5:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J_lYw7dZsseJb17WY-gHeB8_9aI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/cdbfbd-ed67-44b7-9e1f-b29107b98acc/1/hRMqKbI5ZBKlaiDQw_wO9nw88a0.roa
Signing time: Thu 02 Jan 2025 01:47:42 +0000
ROA not before: Thu 02 Jan 2025 01:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210251
IP address blocks: 5.1.120.0/23 maxlen: 23
2a02:e740::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/cdbfbd-ed67-44b7-9e1f-b29107b98acc/1/J_lYw7dZsseJb17WY-gHeB8_9aI.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/cdbfbd-ed67-44b7-9e1f-b29107b98acc/1/J_lYw7dZsseJb17WY-gHeB8_9aI.mft
rsync://rpki.ripe.net/repository/DEFAULT/J_lYw7dZsseJb17WY-gHeB8_9aI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:74:11:f7:4b:58:b6:ae:be:44:91:53:ac:7b:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27f958c3b759b2c7896f5ed663e807781f3ff5a2
Validity
Not Before: Jan 2 01:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85132a29b2396412a56a20d0c3fc0ef67c3cf1ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f7:53:59:78:80:cc:85:fc:08:6b:7d:3e:db:
8d:44:32:de:1e:bb:0b:43:ab:cd:23:59:18:cc:3c:
a4:d0:ce:ce:5f:54:85:08:97:66:95:93:27:e7:02:
73:65:1b:08:1b:a9:70:d8:18:07:a8:99:16:ee:a2:
5f:db:84:d2:46:f2:d9:aa:4f:a1:90:06:92:e2:a4:
cd:e0:c8:a9:43:58:17:71:5c:02:e4:1e:11:a7:82:
c3:3e:72:d7:0c:93:8e:29:6f:e4:1d:3a:80:a1:f4:
64:42:12:d7:83:ec:12:64:84:5d:83:17:09:2b:16:
82:dc:d2:e4:38:f0:3f:9b:c1:34:2a:93:f3:7c:f7:
65:79:35:a9:53:d9:8c:72:a4:75:e3:0e:fa:20:58:
6b:dc:c9:12:19:0c:bd:ef:4e:4d:d1:74:90:81:9e:
4e:a0:fc:3c:7e:69:c5:42:24:53:c5:05:42:85:12:
50:5e:a7:fb:91:a2:6c:fa:28:98:be:77:90:c8:de:
4f:5d:53:5d:08:2a:43:3f:dd:24:d3:7b:4c:9e:f3:
c6:86:f1:f1:dc:81:ea:7e:20:09:8a:02:1b:db:76:
18:71:4e:91:8e:5b:d8:cd:09:9e:96:72:b2:7b:33:
d6:53:56:58:72:a7:3f:cf:77:69:5d:92:6a:2b:27:
8f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:13:2A:29:B2:39:64:12:A5:6A:20:D0:C3:FC:0E:F6:7C:3C:F1:AD
X509v3 Authority Key Identifier:
keyid:27:F9:58:C3:B7:59:B2:C7:89:6F:5E:D6:63:E8:07:78:1F:3F:F5:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J_lYw7dZsseJb17WY-gHeB8_9aI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/cdbfbd-ed67-44b7-9e1f-b29107b98acc/1/hRMqKbI5ZBKlaiDQw_wO9nw88a0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/cdbfbd-ed67-44b7-9e1f-b29107b98acc/1/J_lYw7dZsseJb17WY-gHeB8_9aI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.120.0/23
IPv6:
2a02:e740::/48
Signature Algorithm: sha256WithRSAEncryption
9b:e0:d7:c0:2a:63:f0:77:bd:08:61:4a:1e:da:4c:b3:e3:70:
fe:4b:71:76:1e:97:d4:08:9e:8a:2d:8c:ac:ad:43:41:24:56:
03:fa:02:70:75:fe:23:e4:02:11:d5:f7:92:56:42:a2:c7:9e:
6d:23:80:ab:68:27:21:53:16:74:93:17:11:75:60:45:f7:04:
56:ee:f0:f4:e1:ff:79:a5:87:6d:8c:d3:11:92:9b:17:67:d1:
62:bb:1e:09:a7:fd:45:56:fc:97:b9:9e:c3:a3:52:44:a0:85:
ac:1a:55:78:de:d6:b9:77:21:e6:1f:71:3e:d1:c5:47:5b:13:
80:73:6a:35:94:02:c3:da:dc:6d:5f:57:1c:d6:ea:47:3a:ef:
18:3c:49:a9:18:76:f4:fb:fe:e1:bc:d9:5b:af:7a:43:67:24:
30:c8:8e:fd:27:7d:ea:ab:25:44:9d:ec:86:fe:8c:d9:ba:9b:
f5:b5:ea:2e:31:90:8a:36:f1:c4:7b:50:ee:e6:49:37:af:37:
72:7a:09:0c:7e:be:96:d9:fb:c9:c2:e2:ac:c3:2c:d2:c4:fd:
fd:75:77:c7:5b:fb:97:a6:67:0b:e4:33:18:65:25:79:2d:eb:
d1:66:95:c3:cb:20:e0:dc:42:e5:b0:75:e0:3a:08:58:f9:73:
10:69:f4:98
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQksnQR90tYtq6+RJFTrHu7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3Zjk1OGMzYjc1OWIyYzc4OTZmNWVkNjYzZTgwNzc4MWYz
ZmY1YTIwHhcNMjUwMTAyMDE0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTEzMmEyOWIyMzk2NDEyYTU2YTIwZDBjM2ZjMGVmNjdjM2NmMWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/dTWXiAzIX8CGt9PtuNRDLeHrsL
Q6vNI1kYzDyk0M7OX1SFCJdmlZMn5wJzZRsIG6lw2BgHqJkW7qJf24TSRvLZqk+h
kAaS4qTN4MipQ1gXcVwC5B4Rp4LDPnLXDJOOKW/kHTqAofRkQhLXg+wSZIRdgxcJ
KxaC3NLkOPA/m8E0KpPzfPdleTWpU9mMcqR14w76IFhr3MkSGQy9705N0XSQgZ5O
oPw8fmnFQiRTxQVChRJQXqf7kaJs+iiYvneQyN5PXVNdCCpDP90k03tMnvPGhvHx
3IHqfiAJigIb23YYcU6RjlvYzQmelnKyezPWU1ZYcqc/z3dpXZJqKyePbQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIUTKimyOWQSpWog0MP8DvZ8PPGtMB8GA1UdIwQY
MBaAFCf5WMO3WbLHiW9e1mPoB3gfP/WiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSl9sWXc3ZFpzc2VKYjE3V1ktZ0hlQjhfOWFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9jZGJmYmQtZWQ2Ny00NGI3LTllMWYt
YjI5MTA3Yjk4YWNjLzEvaFJNcUtiSTVaQktsYWlEUXdfd085bnc4OGEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9jZGJmYmQtZWQ2Ny00NGI3LTllMWYtYjI5MTA3Yjk4YWNj
LzEvSl9sWXc3ZFpzc2VKYjE3V1ktZ0hlQjhfOWFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBBQF4MA8E
AgACMAkDBwAqAudAAAAwDQYJKoZIhvcNAQELBQADggEBAJvg18AqY/B3vQhhSh7a
TLPjcP5LcXYel9QInootjKytQ0EkVgP6AnB1/iPkAhHV95JWQqLHnm0jgKtoJyFT
FnSTFxF1YEX3BFbu8PTh/3mlh22M0xGSmxdn0WK7Hgmn/UVW/Je5nsOjUkSghawa
VXje1rl3IeYfcT7RxUdbE4BzajWUAsPa3G1fVxzW6kc67xg8SakYdvT7/uG82Vuv
ekNnJDDIjv0nfeqrJUSd7Ib+jNm6m/W16i4xkIo28cR7UO7mSTevN3J6CQx+vpbZ
+8nC4qzDLNLE/f11d8db+5emZwvkMxhlJXkt69FmlcPLIODcQuWwdeA6CFj5cxBp
9Jg=
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:29:09 2025 by rpki-client