Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/117fc9-7a62-4682-bfbc-2ca3aa71ec5f/1/5cgOzSdi7uU8K175If3cpMpwKRM.roa
File: 5cgOzSdi7uU8K175If3cpMpwKRM.roa (raw, json)
Hash identifier: C/i5uJSjAgqLYfWFS7wVgO1ATrqTFXCd5z/TUE/tvF4=
Subject key identifier: E5:C8:0E:CD:27:62:EE:E5:3C:2B:5E:F9:21:FD:DC:A4:CA:70:29:13
Certificate issuer: /CN=489c263e818486cfd831c245ddfacca91fbd81c0
Certificate serial: 0194228DB6288ED1DE2D49FDB282E683468C
Authority key identifier: 48:9C:26:3E:81:84:86:CF:D8:31:C2:45:DD:FA:CC:A9:1F:BD:81:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SJwmPoGEhs_YMcJF3frMqR-9gcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/117fc9-7a62-4682-bfbc-2ca3aa71ec5f/1/5cgOzSdi7uU8K175If3cpMpwKRM.roa
Signing time: Wed 01 Jan 2025 15:48:19 +0000
ROA not before: Wed 01 Jan 2025 15:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209281
IP address blocks: 93.115.196.0/22 maxlen: 22
137.59.56.0/23 maxlen: 23
185.20.108.0/22 maxlen: 22
185.107.0.0/22 maxlen: 22
185.216.188.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/117fc9-7a62-4682-bfbc-2ca3aa71ec5f/1/SJwmPoGEhs_YMcJF3frMqR-9gcA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/117fc9-7a62-4682-bfbc-2ca3aa71ec5f/1/SJwmPoGEhs_YMcJF3frMqR-9gcA.mft
rsync://rpki.ripe.net/repository/DEFAULT/SJwmPoGEhs_YMcJF3frMqR-9gcA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:b6:28:8e:d1:de:2d:49:fd:b2:82:e6:83:46:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=489c263e818486cfd831c245ddfacca91fbd81c0
Validity
Not Before: Jan 1 15:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5c80ecd2762eee53c2b5ef921fddca4ca702913
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:06:01:42:4c:43:0b:31:00:f5:a0:f4:a9:49:
56:e8:7f:27:a4:f8:8e:99:03:e0:91:a5:71:91:d5:
1f:f2:52:8c:82:0b:ad:ba:55:a7:70:a9:34:ef:56:
d5:8b:49:63:3c:aa:56:ea:fd:0a:29:84:72:20:89:
69:35:ed:ba:4d:9f:cd:23:55:b8:e6:8a:e6:81:ae:
b9:3c:7e:1a:31:26:b6:49:8d:93:07:d4:6e:24:c6:
c4:9c:64:94:84:d8:14:69:1b:95:89:86:f8:9a:12:
ad:b7:fe:a8:af:18:d9:2b:ed:b5:bf:3d:2e:26:95:
44:25:3a:60:3a:06:80:c4:81:29:35:bd:76:bc:39:
be:7d:c0:db:ea:89:00:3e:c6:0c:c3:e1:08:2c:fe:
2e:1f:17:3b:a9:51:b1:fb:49:e8:12:de:b6:91:7b:
ba:b5:c3:34:b6:6d:4e:6e:30:5f:a6:03:a2:81:63:
29:07:17:f5:f1:dc:25:41:30:e1:2c:fb:a5:e6:55:
21:48:ad:dd:c4:78:09:8f:91:b8:c3:0c:51:52:97:
99:18:2d:7d:14:da:b0:31:f6:f4:9c:87:b8:09:a8:
49:b7:37:77:ad:2d:0e:f6:a1:44:bd:40:ea:f4:22:
84:67:9a:6e:89:32:c4:92:75:2a:3e:c4:70:d8:2b:
9d:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:C8:0E:CD:27:62:EE:E5:3C:2B:5E:F9:21:FD:DC:A4:CA:70:29:13
X509v3 Authority Key Identifier:
keyid:48:9C:26:3E:81:84:86:CF:D8:31:C2:45:DD:FA:CC:A9:1F:BD:81:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SJwmPoGEhs_YMcJF3frMqR-9gcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/117fc9-7a62-4682-bfbc-2ca3aa71ec5f/1/5cgOzSdi7uU8K175If3cpMpwKRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/117fc9-7a62-4682-bfbc-2ca3aa71ec5f/1/SJwmPoGEhs_YMcJF3frMqR-9gcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.115.196.0/22
137.59.56.0/23
185.20.108.0/22
185.107.0.0/22
185.216.188.0/23
Signature Algorithm: sha256WithRSAEncryption
68:89:30:4e:4d:79:a5:76:43:ea:bb:8d:17:70:02:84:5a:f7:
a9:83:ff:3c:34:d8:26:4f:47:bf:2b:f0:45:e4:9b:e8:5a:a8:
7a:71:ee:b6:c8:73:73:ae:01:e8:cc:30:9c:4b:94:5f:0b:ba:
b5:19:2a:b2:aa:a9:36:f5:79:74:fd:25:e7:01:63:0d:44:4a:
b7:f2:82:f2:2f:cd:24:02:75:ae:b0:7c:41:2f:d4:8d:f5:33:
61:5f:6f:3f:a2:a2:40:49:56:49:36:9d:a9:dd:06:44:79:cc:
17:29:36:70:7e:3f:67:cb:df:d9:e0:8f:8e:00:28:59:c3:ad:
46:5c:03:f1:a8:92:16:d6:6a:eb:14:01:cd:dd:c7:f7:27:da:
4a:38:8c:25:be:bb:02:1b:4e:b5:6d:24:2b:fa:89:00:97:62:
9a:ee:86:04:e5:15:c7:d1:8c:31:91:3f:64:f3:4c:f2:75:b7:
ad:7a:33:ce:f1:c0:28:84:76:1e:89:5e:4a:d8:7e:cd:24:2e:
70:f2:e6:8c:fe:8b:ad:f0:ba:74:0b:9e:38:27:ab:3d:af:ad:
77:01:24:da:28:42:33:f5:2f:42:5e:50:09:47:3b:97:5f:c5:
70:c9:0a:59:04:3f:4e:fb:36:6f:27:50:ae:ac:a6:6f:a4:55:
80:73:aa:d5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQijbYojtHeLUn9soLmg0aMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4OWMyNjNlODE4NDg2Y2ZkODMxYzI0NWRkZmFjY2E5MWZi
ZDgxYzAwHhcNMjUwMTAxMTU0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWM4MGVjZDI3NjJlZWU1M2MyYjVlZjkyMWZkZGNhNGNhNzAyOTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgYBQkxDCzEA9aD0qUlW6H8npPiO
mQPgkaVxkdUf8lKMggutulWncKk071bVi0ljPKpW6v0KKYRyIIlpNe26TZ/NI1W4
5ormga65PH4aMSa2SY2TB9RuJMbEnGSUhNgUaRuViYb4mhKtt/6orxjZK+21vz0u
JpVEJTpgOgaAxIEpNb12vDm+fcDb6okAPsYMw+EILP4uHxc7qVGx+0noEt62kXu6
tcM0tm1ObjBfpgOigWMpBxf18dwlQTDhLPul5lUhSK3dxHgJj5G4wwxRUpeZGC19
FNqwMfb0nIe4CahJtzd3rS0O9qFEvUDq9CKEZ5puiTLEknUqPsRw2Cud1QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOXIDs0nYu7lPCte+SH93KTKcCkTMB8GA1UdIwQY
MBaAFEicJj6BhIbP2DHCRd36zKkfvYHAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0p3bVBvR0Voc19ZTWNKRjNmck1xUi05Z2NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi8xMTdmYzktN2E2Mi00NjgyLWJmYmMt
MmNhM2FhNzFlYzVmLzEvNWNnT3pTZGk3dVU4SzE3NUlmM2NwTXB3S1JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi8xMTdmYzktN2E2Mi00NjgyLWJmYmMtMmNhM2FhNzFlYzVm
LzEvU0p3bVBvR0Voc19ZTWNKRjNmck1xUi05Z2NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCXXPEAwQB
iTs4AwQCuRRsAwQCuWsAAwQBudi8MA0GCSqGSIb3DQEBCwUAA4IBAQBoiTBOTXml
dkPqu40XcAKEWvepg/88NNgmT0e/K/BF5JvoWqh6ce62yHNzrgHozDCcS5RfC7q1
GSqyqqk29Xl0/SXnAWMNREq38oLyL80kAnWusHxBL9SN9TNhX28/oqJASVZJNp2p
3QZEecwXKTZwfj9ny9/Z4I+OAChZw61GXAPxqJIW1mrrFAHN3cf3J9pKOIwlvrsC
G061bSQr+okAl2Ka7oYE5RXH0YwxkT9k80zydbetejPO8cAohHYeiV5K2H7NJC5w
8uaM/out8Lp0C544J6s9r613ASTaKEIz9S9CXlAJRzuXX8VwyQpZBD9O+zZvJ1Cu
rKZvpFWAc6rV
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:51:13 2025 by rpki-client