Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/136156-0753-4072-92b0-1407c08db582/1/1-bqNZN34Z6tA08rjf9Ue9gz9z4M.roa
File: 1-bqNZN34Z6tA08rjf9Ue9gz9z4M.roa (raw, json)
Hash identifier: ZBK1wDofmlTI3jgUly3vW6cc/crra2evnmHTHJR0jqI=
Subject key identifier: F9:BA:8D:64:DD:F8:67:AB:40:D3:CA:E3:7F:D5:1E:F6:0C:FD:CF:83
Certificate issuer: /CN=16d96cf4109a4a85d1863bf54aa4fa3e81e0c0e6
Certificate serial: 019425FD662816BE004A1BF8C5F3CEA9E14B
Authority key identifier: 16:D9:6C:F4:10:9A:4A:85:D1:86:3B:F5:4A:A4:FA:3E:81:E0:C0:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ftls9BCaSoXRhjv1SqT6PoHgwOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/136156-0753-4072-92b0-1407c08db582/1/1-bqNZN34Z6tA08rjf9Ue9gz9z4M.roa
Signing time: Thu 02 Jan 2025 07:49:11 +0000
ROA not before: Thu 02 Jan 2025 07:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44549
IP address blocks: 5.32.136.0/21 maxlen: 21
91.199.161.0/24 maxlen: 24
185.205.116.0/22 maxlen: 22
185.205.116.0/24 maxlen: 24
194.247.162.0/23 maxlen: 23
2a06:c180::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/136156-0753-4072-92b0-1407c08db582/1/Ftls9BCaSoXRhjv1SqT6PoHgwOY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/136156-0753-4072-92b0-1407c08db582/1/Ftls9BCaSoXRhjv1SqT6PoHgwOY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ftls9BCaSoXRhjv1SqT6PoHgwOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:66:28:16:be:00:4a:1b:f8:c5:f3:ce:a9:e1:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16d96cf4109a4a85d1863bf54aa4fa3e81e0c0e6
Validity
Not Before: Jan 2 07:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9ba8d64ddf867ab40d3cae37fd51ef60cfdcf83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:cd:3f:55:70:b4:65:32:0d:07:3a:ee:b2:01:
66:cf:67:93:8f:1d:89:8e:bb:eb:e7:bb:16:b2:bf:
12:c2:f1:e9:f1:2c:1b:ac:44:8a:6d:23:93:7e:1a:
8f:8a:35:94:19:67:4d:64:60:fd:91:9f:ff:e7:d0:
75:6b:ce:cd:dd:e4:ea:de:89:f8:f8:2a:a3:e9:3e:
10:7e:c5:1a:67:74:04:65:1a:33:17:85:88:91:30:
30:a2:c2:f9:09:de:d0:14:45:06:df:8c:4f:26:7d:
bc:79:33:da:fb:af:a8:a3:cc:d7:15:61:e7:07:f4:
24:03:c3:5e:fd:a8:a5:e8:e8:55:51:a9:a4:bb:56:
cc:cd:cf:dc:ed:4c:4b:00:af:e8:1c:12:25:d8:69:
a8:b4:ee:8b:90:20:ba:59:c3:e9:85:f8:e6:23:ff:
32:c2:48:63:f2:0d:c3:d8:e0:78:61:d1:48:19:91:
e3:9b:1f:de:e4:fc:d6:8a:b8:04:37:59:9b:ce:22:
a0:72:99:00:40:c1:a7:45:fc:cd:c3:58:b4:22:db:
5c:86:0f:49:01:eb:74:19:88:0e:85:7d:b9:af:2d:
96:d2:fb:14:e7:13:06:4d:ee:ae:13:7d:58:59:ba:
37:39:3d:99:35:a4:14:50:0c:a8:b9:d5:39:0d:95:
37:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:BA:8D:64:DD:F8:67:AB:40:D3:CA:E3:7F:D5:1E:F6:0C:FD:CF:83
X509v3 Authority Key Identifier:
keyid:16:D9:6C:F4:10:9A:4A:85:D1:86:3B:F5:4A:A4:FA:3E:81:E0:C0:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ftls9BCaSoXRhjv1SqT6PoHgwOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/136156-0753-4072-92b0-1407c08db582/1/1-bqNZN34Z6tA08rjf9Ue9gz9z4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/136156-0753-4072-92b0-1407c08db582/1/Ftls9BCaSoXRhjv1SqT6PoHgwOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.32.136.0/21
91.199.161.0/24
185.205.116.0/22
194.247.162.0/23
IPv6:
2a06:c180::/29
Signature Algorithm: sha256WithRSAEncryption
5d:4f:0a:1b:71:97:74:e9:2e:00:95:d7:38:a8:48:5a:c6:d0:
41:23:46:43:6b:1c:f6:2a:2a:c6:53:09:f8:ba:6a:97:29:ca:
8d:ae:bc:e8:d4:f6:ed:99:6d:78:54:d5:56:53:63:2d:27:6c:
a5:57:5a:3e:fe:48:aa:33:89:d6:ee:1a:30:ba:23:77:72:27:
3c:70:18:0c:6a:69:ef:53:bb:50:6f:a5:f2:a5:0a:8e:8e:6f:
92:34:05:e8:85:dd:16:75:b7:f2:04:a4:ed:f2:fa:1f:6d:8f:
59:bd:a7:14:3a:de:12:b9:c4:98:d4:98:0f:00:f3:97:99:17:
17:54:90:25:30:7f:82:e1:98:0c:73:01:64:b7:ab:e4:3d:d3:
e1:71:97:40:35:77:78:73:99:23:88:77:9f:5a:a9:bd:63:68:
2f:63:2f:70:48:4b:10:46:21:9e:3b:f4:87:18:ce:69:8f:ef:
b1:80:de:43:54:9d:f5:5c:8c:d0:48:41:37:bb:ab:2c:3e:97:
17:d9:e3:81:01:89:93:f3:57:3f:f9:f2:0b:0c:e4:4e:89:e6:
1d:5d:84:e1:f7:f2:4a:3f:10:de:f6:f4:b2:96:f6:40:55:f7:
9f:7d:44:aa:66:3a:74:3f:89:96:e3:64:63:11:5b:2e:33:e5:
f0:7d:f3:dd
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQl/WYoFr4AShv4xfPOqeFLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ZDk2Y2Y0MTA5YTRhODVkMTg2M2JmNTRhYTRmYTNlODFl
MGMwZTYwHhcNMjUwMTAyMDc0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWJhOGQ2NGRkZjg2N2FiNDBkM2NhZTM3ZmQ1MWVmNjBjZmRjZjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu80/VXC0ZTINBzrusgFmz2eTjx2J
jrvr57sWsr8SwvHp8SwbrESKbSOTfhqPijWUGWdNZGD9kZ//59B1a87N3eTq3on4
+Cqj6T4QfsUaZ3QEZRozF4WIkTAwosL5Cd7QFEUG34xPJn28eTPa+6+oo8zXFWHn
B/QkA8Ne/ail6OhVUamku1bMzc/c7UxLAK/oHBIl2GmotO6LkCC6WcPphfjmI/8y
wkhj8g3D2OB4YdFIGZHjmx/e5PzWirgEN1mbziKgcpkAQMGnRfzNw1i0Ittchg9J
Aet0GYgOhX25ry2W0vsU5xMGTe6uE31YWbo3OT2ZNaQUUAyoudU5DZU3AwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFPm6jWTd+GerQNPK43/VHvYM/c+DMB8GA1UdIwQY
MBaAFBbZbPQQmkqF0YY79Uqk+j6B4MDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnRsczlCQ2FTb1hSaGp2MVNxVDZQb0hnd09ZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8xMzYxNTYtMDc1My00MDcyLTkyYjAt
MTQwN2MwOGRiNTgyLzEvMS1icU5aTjM0WjZ0QTA4cmpmOVVlOWd6OXo0TS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjUvMTM2MTU2LTA3NTMtNDA3Mi05MmIwLTE0MDdjMDhkYjU4
Mi8xL0Z0bHM5QkNhU29YUmhqdjFTcVQ2UG9IZ3dPWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBABggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAwUgiAME
AFvHoQMEArnNdAMEAcL3ojANBAIAAjAHAwUDKgbBgDANBgkqhkiG9w0BAQsFAAOC
AQEAXU8KG3GXdOkuAJXXOKhIWsbQQSNGQ2sc9ioqxlMJ+LpqlynKja686NT27Zlt
eFTVVlNjLSdspVdaPv5IqjOJ1u4aMLojd3InPHAYDGpp71O7UG+l8qUKjo5vkjQF
6IXdFnW38gSk7fL6H22PWb2nFDreErnEmNSYDwDzl5kXF1SQJTB/guGYDHMBZLer
5D3T4XGXQDV3eHOZI4h3n1qpvWNoL2MvcEhLEEYhnjv0hxjOaY/vsYDeQ1Sd9VyM
0EhBN7urLD6XF9njgQGJk/NXP/nyCwzkTonmHV2E4ffySj8Q3vb0spb2QFX3n31E
qmY6dD+JluNkYxFbLjPl8H3z3Q==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:32 2025 by rpki-client