Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/65gUyds3oCUaNZo7VomV4lVYduk.roa
File: 65gUyds3oCUaNZo7VomV4lVYduk.roa (raw, json)
Hash identifier: 8+W1K2P2HsFJ7cNqOL/cIv584zWJzkLDjqA3phgWH8k=
Subject key identifier: EB:98:14:C9:DB:37:A0:25:1A:35:9A:3B:56:89:95:E2:55:58:76:E9
Certificate issuer: /CN=d48555f9a52727f6bcf715cb4750a2a4a6c35161
Certificate serial: 0194252194472F5EB0818FD1AB0E74EA3708
Authority key identifier: D4:85:55:F9:A5:27:27:F6:BC:F7:15:CB:47:50:A2:A4:A6:C3:51:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1IVV-aUnJ_a89xXLR1CipKbDUWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/65gUyds3oCUaNZo7VomV4lVYduk.roa
Signing time: Thu 02 Jan 2025 03:49:05 +0000
ROA not before: Thu 02 Jan 2025 03:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5511
IP address blocks: 130.185.168.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/1IVV-aUnJ_a89xXLR1CipKbDUWE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/1IVV-aUnJ_a89xXLR1CipKbDUWE.mft
rsync://rpki.ripe.net/repository/DEFAULT/1IVV-aUnJ_a89xXLR1CipKbDUWE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:94:47:2f:5e:b0:81:8f:d1:ab:0e:74:ea:37:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48555f9a52727f6bcf715cb4750a2a4a6c35161
Validity
Not Before: Jan 2 03:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb9814c9db37a0251a359a3b568995e2555876e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e6:e5:30:ce:94:1f:47:41:b3:90:3d:9f:03:
25:5e:4d:87:1e:e7:e3:9d:97:ed:cb:84:7d:f7:4f:
34:65:ee:ca:d1:dd:1a:81:79:66:f5:e9:30:d6:87:
e4:18:0f:b1:b4:81:96:a0:9a:99:0a:d4:14:47:8f:
65:9f:b3:5e:24:6b:f1:d5:b6:ef:08:54:ac:31:44:
60:25:1e:a8:b4:3a:5d:51:98:8a:52:b7:7d:9e:19:
31:03:24:40:16:a4:c5:81:ec:a9:cc:0f:bb:be:76:
75:80:f2:ab:7a:bc:8a:b8:30:f8:2e:9e:be:56:bd:
02:97:56:f5:e4:01:ef:8c:dd:14:d2:7f:ff:11:89:
a6:37:e9:3f:b2:d9:2b:78:ef:c3:95:e2:b6:87:9c:
d4:6b:a8:d7:22:4e:cb:bb:7a:29:2d:b5:11:eb:e0:
5b:92:cb:d4:40:6a:c4:f6:5b:ac:e8:e3:97:4f:bf:
8a:b1:61:12:bd:6f:47:17:51:4c:13:4a:85:b8:e9:
d7:6c:e2:6a:08:4b:12:ed:ab:54:b6:4d:e1:6d:c3:
04:27:a0:0c:1c:3b:c4:98:59:11:13:d3:8e:95:46:
b8:83:28:58:6f:9f:11:20:0b:ef:8f:ad:b7:84:f1:
bd:0a:32:1a:15:3b:a3:0e:5a:e8:58:58:be:ae:92:
68:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:98:14:C9:DB:37:A0:25:1A:35:9A:3B:56:89:95:E2:55:58:76:E9
X509v3 Authority Key Identifier:
keyid:D4:85:55:F9:A5:27:27:F6:BC:F7:15:CB:47:50:A2:A4:A6:C3:51:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1IVV-aUnJ_a89xXLR1CipKbDUWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/65gUyds3oCUaNZo7VomV4lVYduk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/1IVV-aUnJ_a89xXLR1CipKbDUWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.185.168.0/22
Signature Algorithm: sha256WithRSAEncryption
48:99:08:17:17:10:fa:d2:a3:4f:af:a9:02:09:43:4c:ba:6b:
d7:43:fe:32:9a:ca:80:eb:08:54:de:59:61:0c:7e:ad:c7:65:
ff:d2:e1:5c:c1:e0:0d:ae:bf:da:05:c8:7a:9c:59:82:6b:07:
00:fd:1a:b2:6b:45:a2:07:04:6b:d6:91:f5:e0:33:0c:c2:62:
8d:b3:12:64:95:93:3e:d7:33:ed:dc:19:bd:3f:28:e6:07:ff:
ce:51:50:d1:7f:d8:7b:bb:96:4e:40:89:de:54:bb:fd:d6:47:
e8:14:32:f6:73:05:0f:89:57:bf:ed:03:22:99:ac:8d:3a:6c:
be:af:26:4c:29:a2:b4:f2:23:41:6f:89:83:e6:c5:09:c3:c0:
d6:21:c1:11:4e:d9:a3:b3:9e:b0:45:da:5f:de:60:26:c5:01:
c6:b7:f5:06:ea:56:1d:58:56:ae:6f:66:2b:21:27:1e:d7:1e:
9e:9b:04:ec:c5:29:51:51:4a:85:9f:89:48:56:67:d9:fa:9f:
3b:e3:e1:49:23:b9:15:8b:b8:c2:63:67:c8:26:6c:8e:89:c9:
52:a9:d5:d7:48:a4:8a:38:87:b7:da:16:f0:4f:21:20:e8:22:
d1:f3:d6:93:0d:85:06:cb:73:03:96:27:0f:86:d7:8b:47:54:
14:fe:34:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIZRHL16wgY/Rqw506jcIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ODU1NWY5YTUyNzI3ZjZiY2Y3MTVjYjQ3NTBhMmE0YTZj
MzUxNjEwHhcNMjUwMTAyMDM0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjk4MTRjOWRiMzdhMDI1MWEzNTlhM2I1Njg5OTVlMjU1NTg3NmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoublMM6UH0dBs5A9nwMlXk2HHufj
nZfty4R99080Ze7K0d0agXlm9ekw1ofkGA+xtIGWoJqZCtQUR49ln7NeJGvx1bbv
CFSsMURgJR6otDpdUZiKUrd9nhkxAyRAFqTFgeypzA+7vnZ1gPKreryKuDD4Lp6+
Vr0Cl1b15AHvjN0U0n//EYmmN+k/stkreO/DleK2h5zUa6jXIk7Lu3opLbUR6+Bb
ksvUQGrE9lus6OOXT7+KsWESvW9HF1FME0qFuOnXbOJqCEsS7atUtk3hbcMEJ6AM
HDvEmFkRE9OOlUa4gyhYb58RIAvvj623hPG9CjIaFTujDlroWFi+rpJoQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOuYFMnbN6AlGjWaO1aJleJVWHbpMB8GA1UdIwQY
MBaAFNSFVfmlJyf2vPcVy0dQoqSmw1FhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlWVi1hVW5KX2E4OXhYTFIxQ2lwS2JEVVdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9lNDU1NzctNjViMS00ZDQzLTg1M2Et
MDJhYmY4NTcyZmNiLzEvNjVnVXlkczNvQ1VhTlpvN1ZvbVY0bFZZZHVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9lNDU1NzctNjViMS00ZDQzLTg1M2EtMDJhYmY4NTcyZmNi
LzEvMUlWVi1hVW5KX2E4OXhYTFIxQ2lwS2JEVVdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCgrmoMA0G
CSqGSIb3DQEBCwUAA4IBAQBImQgXFxD60qNPr6kCCUNMumvXQ/4ymsqA6whU3llh
DH6tx2X/0uFcweANrr/aBch6nFmCawcA/Rqya0WiBwRr1pH14DMMwmKNsxJklZM+
1zPt3Bm9PyjmB//OUVDRf9h7u5ZOQIneVLv91kfoFDL2cwUPiVe/7QMimayNOmy+
ryZMKaK08iNBb4mD5sUJw8DWIcERTtmjs56wRdpf3mAmxQHGt/UG6lYdWFaub2Yr
ISce1x6emwTsxSlRUUqFn4lIVmfZ+p874+FJI7kVi7jCY2fIJmyOiclSqdXXSKSK
OIe32hbwTyEg6CLR89aTDYUGy3MDlicPhteLR1QU/jTB
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:38:35 2025 by rpki-client