Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/2fc007-361d-4f47-aaf7-484d843e6de3/1/AY8RhKUHj2NodWuR-dwkYpgBEvk.roa
File: AY8RhKUHj2NodWuR-dwkYpgBEvk.roa (raw, json)
Hash identifier: 8sR3EhQJ4OZ7BluQZL72WnRYRz2pw1cIu2X1WaLS0DE=
Subject key identifier: 01:8F:11:84:A5:07:8F:63:68:75:6B:91:F9:DC:24:62:98:01:12:F9
Certificate issuer: /CN=079eb4d8c65f3a7b454ca2a5e5f64094e9d88bd3
Certificate serial: 019425FD03D3CA3C7915EB39AB59FED3AEA0
Authority key identifier: 07:9E:B4:D8:C6:5F:3A:7B:45:4C:A2:A5:E5:F6:40:94:E9:D8:8B:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B5602MZfOntFTKKl5fZAlOnYi9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/2fc007-361d-4f47-aaf7-484d843e6de3/1/AY8RhKUHj2NodWuR-dwkYpgBEvk.roa
Signing time: Thu 02 Jan 2025 07:48:46 +0000
ROA not before: Thu 02 Jan 2025 07:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49835
IP address blocks: 5.10.200.0/24 maxlen: 24
5.10.201.0/24 maxlen: 24
5.10.202.0/24 maxlen: 24
5.10.203.0/24 maxlen: 24
5.10.204.0/24 maxlen: 24
5.10.205.0/24 maxlen: 24
5.10.206.0/24 maxlen: 24
5.10.207.0/24 maxlen: 24
109.69.8.0/24 maxlen: 24
109.69.9.0/24 maxlen: 24
109.69.10.0/24 maxlen: 24
109.69.11.0/24 maxlen: 24
109.69.12.0/24 maxlen: 24
109.69.13.0/24 maxlen: 24
109.69.14.0/24 maxlen: 24
109.69.15.0/24 maxlen: 24
185.32.16.0/24 maxlen: 24
185.32.17.0/24 maxlen: 24
185.32.18.0/24 maxlen: 24
185.32.19.0/24 maxlen: 24
2a00:1508::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/2fc007-361d-4f47-aaf7-484d843e6de3/1/B5602MZfOntFTKKl5fZAlOnYi9M.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/2fc007-361d-4f47-aaf7-484d843e6de3/1/B5602MZfOntFTKKl5fZAlOnYi9M.mft
rsync://rpki.ripe.net/repository/DEFAULT/B5602MZfOntFTKKl5fZAlOnYi9M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 18:01:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:03:d3:ca:3c:79:15:eb:39:ab:59:fe:d3:ae:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=079eb4d8c65f3a7b454ca2a5e5f64094e9d88bd3
Validity
Not Before: Jan 2 07:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=018f1184a5078f6368756b91f9dc2462980112f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:7b:35:46:c0:81:d2:eb:47:21:c3:01:85:5c:
aa:d3:e0:25:1a:63:22:f3:1c:90:c1:e9:8a:00:f4:
d3:ec:47:44:89:1d:9b:32:12:d2:d1:cd:f9:1e:a4:
29:b7:77:d9:fc:dc:df:3c:36:90:cf:f7:4c:6a:fa:
87:74:f4:41:65:0a:1d:4a:c3:43:b7:7d:12:55:c9:
3b:a8:08:73:47:e4:66:c2:09:1a:c2:91:7b:32:06:
1b:28:b2:1d:df:6a:06:01:53:23:56:11:4b:a6:6e:
83:3d:e7:b9:62:c5:d9:9d:ff:27:e5:ab:47:63:33:
8f:73:1e:3d:ab:a3:25:25:fc:55:1f:07:05:3b:32:
53:d4:0a:d3:22:6e:d3:cf:7e:73:95:47:36:9e:26:
05:98:0e:06:ea:e7:bb:8e:6f:b2:d7:3b:a3:eb:a5:
3f:b4:1f:12:5b:eb:65:ff:22:e1:66:e6:c4:39:fa:
9f:6e:36:43:94:56:23:34:50:bf:b8:69:8c:18:34:
20:2b:76:00:a2:a9:1f:69:25:a1:46:7a:50:97:1d:
9a:e4:89:f5:bd:d2:1a:4c:2e:89:95:3e:62:f2:4a:
f0:f9:d7:6a:a4:99:5e:e9:ee:b4:bc:de:76:f4:2c:
cd:bb:0d:f5:16:13:ba:52:cd:9e:84:57:14:18:dc:
92:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:8F:11:84:A5:07:8F:63:68:75:6B:91:F9:DC:24:62:98:01:12:F9
X509v3 Authority Key Identifier:
keyid:07:9E:B4:D8:C6:5F:3A:7B:45:4C:A2:A5:E5:F6:40:94:E9:D8:8B:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B5602MZfOntFTKKl5fZAlOnYi9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/2fc007-361d-4f47-aaf7-484d843e6de3/1/AY8RhKUHj2NodWuR-dwkYpgBEvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/2fc007-361d-4f47-aaf7-484d843e6de3/1/B5602MZfOntFTKKl5fZAlOnYi9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.200.0/21
109.69.8.0/21
185.32.16.0/22
IPv6:
2a00:1508::/32
Signature Algorithm: sha256WithRSAEncryption
ad:f1:16:9b:d3:d6:41:a1:2a:25:84:bf:b0:7a:9f:81:e1:f5:
f9:ea:fb:21:1d:9b:89:d7:18:4f:c0:71:1f:5a:be:38:00:1a:
68:9c:64:54:36:cf:ad:5e:8d:f8:c4:6f:72:cf:c2:a2:93:2c:
b0:92:17:6f:09:e9:76:a4:ce:99:90:f2:0e:00:24:62:b3:03:
17:5f:38:01:9e:17:bf:7b:90:24:9d:4a:76:2b:25:1d:f3:17:
02:a2:14:84:f3:57:a2:7c:37:d6:6e:4a:96:82:19:97:bf:0d:
6e:c3:22:ee:a7:36:73:b1:63:60:2d:6b:de:54:9b:74:ff:bd:
2a:86:87:3f:6d:54:4a:76:6e:89:49:2e:e8:d3:e7:73:69:6f:
fc:d3:cf:f5:91:90:c1:c9:3a:02:48:c2:df:88:d9:09:1b:bc:
a3:5c:df:f3:4d:44:c7:92:55:f2:71:25:b2:f6:a4:10:cc:52:
50:05:41:da:a8:c8:90:05:e1:6b:99:4b:96:5e:f8:ee:fd:7f:
70:ea:19:f7:30:aa:5f:8e:b6:69:f2:6f:df:04:3f:94:5f:9e:
12:48:17:4a:38:a8:e8:38:7b:8f:d8:13:06:9e:06:c7:c2:68:
89:fa:36:f4:c7:81:42:15:21:44:9f:ef:32:6c:43:c0:d1:2d:
d3:ee:bd:18
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQl/QPTyjx5Fes5q1n+066gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3OWViNGQ4YzY1ZjNhN2I0NTRjYTJhNWU1ZjY0MDk0ZTlk
ODhiZDMwHhcNMjUwMTAyMDc0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMThmMTE4NGE1MDc4ZjYzNjg3NTZiOTFmOWRjMjQ2Mjk4MDExMmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ns1RsCB0utHIcMBhVyq0+AlGmMi
8xyQwemKAPTT7EdEiR2bMhLS0c35HqQpt3fZ/NzfPDaQz/dMavqHdPRBZQodSsND
t30SVck7qAhzR+RmwgkawpF7MgYbKLId32oGAVMjVhFLpm6DPee5YsXZnf8n5atH
YzOPcx49q6MlJfxVHwcFOzJT1ArTIm7Tz35zlUc2niYFmA4G6ue7jm+y1zuj66U/
tB8SW+tl/yLhZubEOfqfbjZDlFYjNFC/uGmMGDQgK3YAoqkfaSWhRnpQlx2a5In1
vdIaTC6JlT5i8krw+ddqpJle6e60vN529CzNuw31FhO6Us2ehFcUGNyS0wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAGPEYSlB49jaHVrkfncJGKYARL5MB8GA1UdIwQY
MBaAFAeetNjGXzp7RUyipeX2QJTp2IvTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjU2MDJNWmZPbnRGVEtLbDVmWkFsT25ZaTlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8yZmMwMDctMzYxZC00ZjQ3LWFhZjct
NDg0ZDg0M2U2ZGUzLzEvQVk4UmhLVUhqMk5vZFd1Ui1kd2tZcGdCRXZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8yZmMwMDctMzYxZC00ZjQ3LWFhZjctNDg0ZDg0M2U2ZGUz
LzEvQjU2MDJNWmZPbnRGVEtLbDVmWkFsT25ZaTlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBQrIAwQD
bUUIAwQCuSAQMA0EAgACMAcDBQAqABUIMA0GCSqGSIb3DQEBCwUAA4IBAQCt8Rab
09ZBoSolhL+wep+B4fX56vshHZuJ1xhPwHEfWr44ABponGRUNs+tXo34xG9yz8Ki
kyywkhdvCel2pM6ZkPIOACRiswMXXzgBnhe/e5AknUp2KyUd8xcCohSE81eifDfW
bkqWghmXvw1uwyLupzZzsWNgLWveVJt0/70qhoc/bVRKdm6JSS7o0+dzaW/808/1
kZDByToCSMLfiNkJG7yjXN/zTUTHklXycSWy9qQQzFJQBUHaqMiQBeFrmUuWXvju
/X9w6hn3MKpfjrZp8m/fBD+UX54SSBdKOKjoOHuP2BMGngbHwmiJ+jb0x4FCFSFE
n+8ybEPA0S3T7r0Y
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:39:11 2025 by rpki-client