Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/MtXcqoleDqMSyVWGFxd3850uGF8.roa
File: MtXcqoleDqMSyVWGFxd3850uGF8.roa (raw, json)
Hash identifier: 5zTGwHssmIeS5Ukj/HGoA7Wxq1gUaItGj34ri17+IlA=
Subject key identifier: 32:D5:DC:AA:89:5E:0E:A3:12:C9:55:86:17:17:77:F3:9D:2E:18:5F
Certificate issuer: /CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Certificate serial: 01951C835130DA1548CF232569BD49A3174E
Authority key identifier: 19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/MtXcqoleDqMSyVWGFxd3850uGF8.roa
Signing time: Wed 19 Feb 2025 04:42:02 +0000
ROA not before: Wed 19 Feb 2025 04:42:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201678
IP address blocks: 5.195.16.0/22 maxlen: 22
5.195.16.0/24 maxlen: 24
5.195.17.0/24 maxlen: 24
5.195.18.0/24 maxlen: 24
5.195.19.0/24 maxlen: 24
5.195.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Mar 2025 10:02:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1c:83:51:30:da:15:48:cf:23:25:69:bd:49:a3:17:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Validity
Not Before: Feb 19 04:42:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32d5dcaa895e0ea312c95586171777f39d2e185f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:5f:98:40:45:64:4e:f8:2b:f7:b9:ac:e0:98:
93:1c:ba:60:4f:b0:46:cb:44:70:11:ca:54:b6:52:
f7:31:d5:e2:0e:00:cc:5b:96:fb:87:1e:35:0a:14:
29:f8:ae:6d:89:20:88:01:cd:ee:f3:1d:bc:0b:45:
17:4b:47:98:9f:93:3d:db:32:66:13:be:42:12:6c:
86:a3:f2:8a:e0:c2:f4:fe:71:ca:f1:81:35:4a:50:
99:e9:4e:33:fd:13:aa:e8:0a:58:96:8a:a8:a4:9d:
22:03:25:ef:a0:51:54:60:f4:77:9e:0a:da:d4:1c:
c9:5b:21:8d:f2:6b:89:3e:3d:f4:e7:66:a6:60:0b:
dd:95:f5:7a:70:98:19:13:05:e4:85:91:48:31:0b:
2b:d8:f0:ca:6d:87:f1:81:1b:86:16:c9:88:af:5f:
e8:fe:e6:d9:ef:6f:5d:cc:2f:f3:0f:19:4f:70:77:
db:37:b0:c5:eb:f5:0d:31:b4:58:1c:7e:05:59:32:
83:57:8d:55:d7:5a:e6:e5:38:94:d5:94:6f:a5:b4:
a7:ac:80:b2:22:60:98:1d:b2:c8:5b:f6:ef:a9:31:
87:31:3f:be:79:fe:33:56:5b:0c:7f:4d:7a:f3:82:
3f:a8:d7:3e:40:fb:3c:5f:67:9e:68:d6:96:8b:af:
61:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:D5:DC:AA:89:5E:0E:A3:12:C9:55:86:17:17:77:F3:9D:2E:18:5F
X509v3 Authority Key Identifier:
keyid:19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/MtXcqoleDqMSyVWGFxd3850uGF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.195.16.0/22
5.195.21.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:17:ec:46:32:77:ed:1e:8a:f7:90:19:e4:fe:aa:75:24:12:
f7:aa:7b:09:04:1f:3c:b5:ce:fc:e1:d5:03:ba:68:7e:a8:a9:
4f:39:60:02:b9:e1:b4:1a:76:fb:a8:a4:36:68:82:98:7e:c3:
74:65:96:a5:2b:2d:d6:45:3b:91:3b:9e:bd:3a:f0:26:ba:8e:
3b:75:19:b6:a8:f1:2e:02:67:a5:df:1f:52:d2:3a:3a:78:45:
8e:d1:8e:dd:3f:81:44:25:42:40:5f:9d:9e:31:a0:59:9e:c0:
93:d0:95:43:79:65:e6:3a:b3:46:6b:e9:c1:73:8a:b9:39:f6:
71:dc:d9:77:dc:c7:eb:22:7f:7e:57:c3:9d:f8:ad:dc:fa:1e:
20:bb:ff:1f:27:77:8e:07:81:d7:66:ee:8b:2a:dd:50:83:e6:
c0:94:30:6b:e3:56:e1:15:b7:aa:ab:15:96:a1:2c:54:fd:96:
6c:7f:3b:96:5e:a7:e3:fd:76:b1:c9:ed:ad:4c:06:86:a3:e5:
11:e8:66:5e:99:0e:6b:01:e4:13:98:78:62:4c:ac:c7:99:83:
57:1d:49:98:88:5b:f0:b0:3b:ae:6e:0c:6b:80:c3:86:d4:f7:
fa:9e:bf:0d:4b:94:9a:5b:01:53:96:96:3c:c5:97:da:13:a5:
9b:fd:a2:bc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZUcg1Ew2hVIzyMlab1JoxdOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZWU1ZjE2ZmMxNDRhY2I5ODk3NzQ0OWZhYTBhYjc3ZGUx
YmRjYzkwHhcNMjUwMjE5MDQ0MjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmQ1ZGNhYTg5NWUwZWEzMTJjOTU1ODYxNzE3NzdmMzlkMmUxODVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuF+YQEVkTvgr97ms4JiTHLpgT7BG
y0RwEcpUtlL3MdXiDgDMW5b7hx41ChQp+K5tiSCIAc3u8x28C0UXS0eYn5M92zJm
E75CEmyGo/KK4ML0/nHK8YE1SlCZ6U4z/ROq6ApYloqopJ0iAyXvoFFUYPR3ngra
1BzJWyGN8muJPj3052amYAvdlfV6cJgZEwXkhZFIMQsr2PDKbYfxgRuGFsmIr1/o
/ubZ729dzC/zDxlPcHfbN7DF6/UNMbRYHH4FWTKDV41V11rm5TiU1ZRvpbSnrICy
ImCYHbLIW/bvqTGHMT++ef4zVlsMf01684I/qNc+QPs8X2eeaNaWi69hIQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDLV3KqJXg6jEslVhhcXd/OdLhhfMB8GA1UdIwQY
MBaAFBnuXxb8FErLmJd0Sfqgq3feG9zJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMt
NjFhZmI2NmQxZThjLzEvTXRYY3FvbGVEcU1TeVZXR0Z4ZDM4NTB1R0Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMtNjFhZmI2NmQxZThj
LzEvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBcMQAwQA
BcMVMA0GCSqGSIb3DQEBCwUAA4IBAQCiF+xGMnftHor3kBnk/qp1JBL3qnsJBB88
tc784dUDumh+qKlPOWACueG0Gnb7qKQ2aIKYfsN0ZZalKy3WRTuRO569OvAmuo47
dRm2qPEuAmel3x9S0jo6eEWO0Y7dP4FEJUJAX52eMaBZnsCT0JVDeWXmOrNGa+nB
c4q5OfZx3Nl33MfrIn9+V8Od+K3c+h4gu/8fJ3eOB4HXZu6LKt1Qg+bAlDBr41bh
FbeqqxWWoSxU/ZZsfzuWXqfj/Xaxye2tTAaGo+UR6GZemQ5rAeQTmHhiTKzHmYNX
HUmYiFvwsDuubgxrgMOG1Pf6nr8NS5SaWwFTlpY8xZfaE6Wb/aK8
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:42:10 2025 by rpki-client