Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/5b6b06-9af6-4026-b47c-4e85897f309c/1/B4orFeIWC5coFv0DXPFWV6bX2TA.roa
File: B4orFeIWC5coFv0DXPFWV6bX2TA.roa (raw, json)
Hash identifier: QvvdOu/flX7Du+SLiSNrRfEvw1jIp3bm67X+T+zP1MI=
Subject key identifier: 07:8A:2B:15:E2:16:0B:97:28:16:FD:03:5C:F1:56:57:A6:D7:D9:30
Certificate issuer: /CN=7b48945b9d716cd47fbde2860d8100fcda987496
Certificate serial: 019424B3944D89A4F6F8AF6AE1721A3D56E8
Authority key identifier: 7B:48:94:5B:9D:71:6C:D4:7F:BD:E2:86:0D:81:00:FC:DA:98:74:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e0iUW51xbNR_veKGDYEA_NqYdJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/5b6b06-9af6-4026-b47c-4e85897f309c/1/B4orFeIWC5coFv0DXPFWV6bX2TA.roa
Signing time: Thu 02 Jan 2025 01:48:56 +0000
ROA not before: Thu 02 Jan 2025 01:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 196763
IP address blocks: 5.22.144.0/24 maxlen: 24
5.22.148.0/22 maxlen: 22
78.109.56.0/21 maxlen: 21
109.234.104.0/21 maxlen: 21
185.33.180.0/22 maxlen: 22
2a00:18e0::/48 maxlen: 48
2a00:18e0:6::/48 maxlen: 48
2a00:18e0:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/5b6b06-9af6-4026-b47c-4e85897f309c/1/e0iUW51xbNR_veKGDYEA_NqYdJY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/5b6b06-9af6-4026-b47c-4e85897f309c/1/e0iUW51xbNR_veKGDYEA_NqYdJY.mft
rsync://rpki.ripe.net/repository/DEFAULT/e0iUW51xbNR_veKGDYEA_NqYdJY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 10:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:94:4d:89:a4:f6:f8:af:6a:e1:72:1a:3d:56:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b48945b9d716cd47fbde2860d8100fcda987496
Validity
Not Before: Jan 2 01:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=078a2b15e2160b972816fd035cf15657a6d7d930
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4c:2e:5b:53:27:16:d2:74:78:36:cc:6c:55:
1e:02:e6:3e:81:c2:97:18:47:b4:30:b9:4e:c4:71:
e1:5e:c5:d1:fc:33:11:2d:3d:c5:b0:fb:35:d2:85:
d1:d5:32:40:c7:a6:45:eb:59:74:e9:f4:40:c2:b7:
2b:9f:3d:ab:4f:d4:c8:cd:40:24:6b:7e:7f:a8:a7:
69:d3:21:71:b8:93:2a:1c:7c:f1:98:c0:b3:cb:9f:
58:c9:f7:9c:f0:14:e5:ad:86:32:38:74:08:c4:78:
0b:28:83:29:3b:ae:7b:41:b9:cc:e0:6f:8e:96:91:
8e:71:ef:0b:67:08:2a:f4:ba:0b:eb:a2:a6:8e:fe:
45:5c:85:92:bf:f0:ce:d6:45:35:f7:d5:80:0a:af:
01:06:a3:81:f0:20:a9:bb:11:d9:67:bb:89:a1:5d:
f3:6e:21:9f:21:d9:f5:00:07:65:74:79:b0:01:e4:
76:d4:6b:f9:4c:f6:c8:dc:d0:73:1d:c3:e5:e2:8d:
a5:8c:4d:65:1a:a1:68:8b:3a:65:0d:78:93:f2:6a:
9f:63:9b:6a:56:8b:07:a6:5a:08:a4:09:aa:fe:88:
13:c9:9a:0d:38:fe:75:b9:32:f2:dc:c1:50:71:41:
0d:ea:03:4f:fd:4c:23:07:91:06:d9:7a:c0:1e:e4:
a3:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:8A:2B:15:E2:16:0B:97:28:16:FD:03:5C:F1:56:57:A6:D7:D9:30
X509v3 Authority Key Identifier:
keyid:7B:48:94:5B:9D:71:6C:D4:7F:BD:E2:86:0D:81:00:FC:DA:98:74:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0iUW51xbNR_veKGDYEA_NqYdJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/5b6b06-9af6-4026-b47c-4e85897f309c/1/B4orFeIWC5coFv0DXPFWV6bX2TA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/5b6b06-9af6-4026-b47c-4e85897f309c/1/e0iUW51xbNR_veKGDYEA_NqYdJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.144.0/24
5.22.148.0/22
78.109.56.0/21
109.234.104.0/21
185.33.180.0/22
IPv6:
2a00:18e0::/48
2a00:18e0:6::/47
Signature Algorithm: sha256WithRSAEncryption
79:b2:86:8e:d1:18:24:ea:fc:61:40:25:4c:ab:64:1d:6f:28:
73:d2:21:12:31:e2:fe:8d:9e:45:7b:ab:0e:03:59:56:05:67:
06:a6:94:31:ee:7f:90:9e:35:b7:8f:8d:17:41:54:9e:1c:e1:
46:c2:fc:6d:b8:a3:ae:9c:1e:1e:12:a4:0a:f7:ff:ca:ff:05:
9c:8f:db:d3:fb:85:da:14:1d:17:6c:74:07:81:30:4b:9d:4e:
ff:7d:b2:e1:81:9f:7c:47:c2:59:da:72:30:bd:58:65:ae:6f:
62:ac:7c:87:e0:24:05:2c:b1:4e:43:75:66:fd:6a:79:3e:c5:
0b:6a:78:90:90:9c:5f:72:55:2e:55:8f:a3:0d:6e:40:dc:f6:
94:91:50:66:84:89:f6:7d:84:f2:2b:14:4b:9a:25:d1:39:b9:
f9:bc:b7:27:36:78:7b:2f:5c:1f:f6:98:ca:54:aa:4e:83:66:
e4:5d:b1:95:f0:15:62:8c:1f:1f:24:a8:da:2b:61:07:52:b3:
57:fb:d8:7b:68:b2:12:d9:b5:dd:62:fa:c8:c6:7a:43:fc:7c:
d7:ff:bc:1b:59:88:9c:31:10:68:3b:17:af:47:11:1b:6b:07:
1e:fc:c5:c9:5d:b7:00:d7:92:48:1b:e5:9d:b5:bc:50:17:b1:
11:0e:4e:85
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZQks5RNiaT2+K9q4XIaPVboMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNDg5NDViOWQ3MTZjZDQ3ZmJkZTI4NjBkODEwMGZjZGE5
ODc0OTYwHhcNMjUwMTAyMDE0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzhhMmIxNWUyMTYwYjk3MjgxNmZkMDM1Y2YxNTY1N2E2ZDdkOTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEwuW1MnFtJ0eDbMbFUeAuY+gcKX
GEe0MLlOxHHhXsXR/DMRLT3FsPs10oXR1TJAx6ZF61l06fRAwrcrnz2rT9TIzUAk
a35/qKdp0yFxuJMqHHzxmMCzy59Yyfec8BTlrYYyOHQIxHgLKIMpO657QbnM4G+O
lpGOce8LZwgq9LoL66Kmjv5FXIWSv/DO1kU199WACq8BBqOB8CCpuxHZZ7uJoV3z
biGfIdn1AAdldHmwAeR21Gv5TPbI3NBzHcPl4o2ljE1lGqFoizplDXiT8mqfY5tq
VosHploIpAmq/ogTyZoNOP51uTLy3MFQcUEN6gNP/UwjB5EG2XrAHuSjEwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFAeKKxXiFguXKBb9A1zxVlem19kwMB8GA1UdIwQY
MBaAFHtIlFudcWzUf73ihg2BAPzamHSWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTBpVVc1MXhiTlJfdmVLR0RZRUFfTnFZZEpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS81YjZiMDYtOWFmNi00MDI2LWI0N2Mt
NGU4NTg5N2YzMDljLzEvQjRvckZlSVdDNWNvRnYwRFhQRldWNmJYMlRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS81YjZiMDYtOWFmNi00MDI2LWI0N2MtNGU4NTg5N2YzMDlj
LzEvZTBpVVc1MXhiTlJfdmVLR0RZRUFfTnFZZEpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAkBAIAATAeAwQABRaQAwQC
BRaUAwQDTm04AwQDbepoAwQCuSG0MBgEAgACMBIDBwAqABjgAAADBwEqABjgAAYw
DQYJKoZIhvcNAQELBQADggEBAHmyho7RGCTq/GFAJUyrZB1vKHPSIRIx4v6NnkV7
qw4DWVYFZwamlDHuf5CeNbePjRdBVJ4c4UbC/G24o66cHh4SpAr3/8r/BZyP29P7
hdoUHRdsdAeBMEudTv99suGBn3xHwlnacjC9WGWub2KsfIfgJAUssU5DdWb9ank+
xQtqeJCQnF9yVS5Vj6MNbkDc9pSRUGaEifZ9hPIrFEuaJdE5ufm8tyc2eHsvXB/2
mMpUqk6DZuRdsZXwFWKMHx8kqNorYQdSs1f72HtoshLZtd1i+sjGekP8fNf/vBtZ
iJwxEGg7F69HERtrBx78xcldtwDXkkgb5Z21vFAXsREOToU=
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:30:59 2025 by rpki-client