Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/1-eHL8yMOc2DPQ1D9_gOiNe_pNzY.roa
File: 1-eHL8yMOc2DPQ1D9_gOiNe_pNzY.roa (raw, json)
Hash identifier: rsBJ7BAbvvbIvILg2h6zi8kYj94opuNeEDNC88TK38I=
Subject key identifier: F9:E1:CB:F3:23:0E:73:60:CF:43:50:FD:FE:03:A2:35:EF:E9:37:36
Certificate issuer: /CN=22373571c90249bf2aa948e78bed13e08528b87e
Certificate serial: 01942143C708008791D16A3F83403ACA4420
Authority key identifier: 22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/1-eHL8yMOc2DPQ1D9_gOiNe_pNzY.roa
Signing time: Wed 01 Jan 2025 09:47:57 +0000
ROA not before: Wed 01 Jan 2025 09:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51235
IP address blocks: 5.160.128.0/24 maxlen: 24
5.160.149.0/24 maxlen: 24
5.160.180.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:c7:08:00:87:91:d1:6a:3f:83:40:3a:ca:44:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22373571c90249bf2aa948e78bed13e08528b87e
Validity
Not Before: Jan 1 09:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9e1cbf3230e7360cf4350fdfe03a235efe93736
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:97:22:2b:60:72:aa:52:1d:51:30:76:fa:0c:
c5:4c:41:e7:2b:e7:a4:94:22:0f:aa:c2:62:c8:d9:
d3:ff:e2:6e:09:c6:f8:eb:12:b4:08:2b:97:11:3a:
c3:a1:4f:9f:35:e8:26:f9:58:86:f1:7a:0e:ed:a6:
54:29:1a:a8:17:f5:63:10:58:56:77:48:d4:8a:a9:
86:11:70:e8:3d:87:9d:35:f3:10:2f:e0:aa:ee:fe:
7f:90:70:59:9b:e1:21:f2:5e:0e:d4:00:d3:b9:7c:
7a:27:db:8e:7f:b7:d0:94:4a:20:36:7a:81:39:84:
07:58:7f:a9:6e:b3:32:77:f2:99:7b:de:97:cb:b3:
60:29:ca:b8:b9:1c:09:23:fe:7f:7e:94:76:e2:2e:
05:9f:86:e7:5f:bd:f7:6f:3b:b4:f0:a6:39:aa:7d:
b5:83:b3:e8:ba:d0:d8:6f:aa:84:79:af:dd:4d:ef:
8a:74:07:10:6e:a1:c4:54:d3:19:ca:38:ef:91:17:
5b:f4:d9:3b:4a:70:74:3e:c2:7f:17:e7:e3:b8:55:
bb:41:f5:e8:d2:db:93:e1:f4:cf:62:90:4c:a0:d0:
b8:f1:de:1a:2d:9f:47:bd:9e:b8:7b:a0:6f:25:91:
e0:83:1b:53:99:28:f1:4e:8a:5f:36:d7:7c:13:f5:
38:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:E1:CB:F3:23:0E:73:60:CF:43:50:FD:FE:03:A2:35:EF:E9:37:36
X509v3 Authority Key Identifier:
keyid:22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/1-eHL8yMOc2DPQ1D9_gOiNe_pNzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.128.0/24
5.160.149.0/24
5.160.180.0/22
Signature Algorithm: sha256WithRSAEncryption
63:0a:49:08:d1:01:e5:22:a1:da:c6:0e:63:75:0b:14:92:3a:
bf:6b:90:72:26:99:91:88:43:e2:22:76:57:e3:74:7d:1d:4e:
f4:ae:cf:e3:43:59:7c:53:3c:00:3a:d9:35:f3:96:64:47:8d:
d4:ff:67:8d:6e:62:b7:db:f4:72:03:2a:df:29:92:74:ff:06:
1e:39:d7:57:56:8b:a5:be:f1:ae:d3:d7:ec:eb:f2:93:6b:c0:
cf:32:d6:be:53:4a:57:d2:4f:b2:69:b1:fa:96:16:cb:66:cd:
d1:2f:9a:e5:b4:5e:b4:63:5f:64:be:89:13:c1:e8:01:82:dd:
fb:f3:0b:03:98:be:21:ab:be:d7:1f:18:b2:76:31:01:63:08:
18:96:b3:49:ab:3e:8e:2c:b3:a2:fa:43:4f:28:54:28:ba:d5:
06:7e:9d:31:a7:86:a4:67:b2:6a:e7:7e:20:7a:67:69:25:d2:
3c:b0:51:99:0c:6f:d1:4c:cb:2e:4f:6b:21:da:26:35:c3:e0:
54:ca:a0:87:9b:2a:c0:c6:ac:9d:ba:91:c9:0a:38:3f:d9:d3:
65:31:d1:7b:d1:c2:b6:a4:ad:6b:fe:d5:eb:8d:77:9d:6b:22:
f2:85:78:1a:63:fa:41:c2:90:6b:2d:76:b3:48:96:16:9d:fd:
70:e3:03:88
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQhQ8cIAIeR0Wo/g0A6ykQgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzczNTcxYzkwMjQ5YmYyYWE5NDhlNzhiZWQxM2UwODUy
OGI4N2UwHhcNMjUwMTAxMDk0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWUxY2JmMzIzMGU3MzYwY2Y0MzUwZmRmZTAzYTIzNWVmZTkzNzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZciK2ByqlIdUTB2+gzFTEHnK+ek
lCIPqsJiyNnT/+JuCcb46xK0CCuXETrDoU+fNegm+ViG8XoO7aZUKRqoF/VjEFhW
d0jUiqmGEXDoPYedNfMQL+Cq7v5/kHBZm+Eh8l4O1ADTuXx6J9uOf7fQlEogNnqB
OYQHWH+pbrMyd/KZe96Xy7NgKcq4uRwJI/5/fpR24i4Fn4bnX733bzu08KY5qn21
g7PoutDYb6qEea/dTe+KdAcQbqHEVNMZyjjvkRdb9Nk7SnB0PsJ/F+fjuFW7QfXo
0tuT4fTPYpBMoNC48d4aLZ9HvZ64e6BvJZHggxtTmSjxTopfNtd8E/U44QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPnhy/MjDnNgz0NQ/f4DojXv6Tc2MB8GA1UdIwQY
MBaAFCI3NXHJAkm/KqlI54vtE+CFKLh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEt
YjQ1NDBjNzRjOTRiLzEvMS1lSEw4eU1PYzJEUFExRDlfZ09pTmVfcE56WS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmEvODY2ZTVlLTgzMWUtNGNiMS1iZDUxLWI0NTQwYzc0Yzk0
Yi8xL0lqYzFjY2tDU2I4cXFVam5pLTBUNElVb3VINC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAAWggAME
AAWglQMEAgWgtDANBgkqhkiG9w0BAQsFAAOCAQEAYwpJCNEB5SKh2sYOY3ULFJI6
v2uQciaZkYhD4iJ2V+N0fR1O9K7P40NZfFM8ADrZNfOWZEeN1P9njW5it9v0cgMq
3ymSdP8GHjnXV1aLpb7xrtPX7Ovyk2vAzzLWvlNKV9JPsmmx+pYWy2bN0S+a5bRe
tGNfZL6JE8HoAYLd+/MLA5i+Iau+1x8YsnYxAWMIGJazSas+jiyzovpDTyhUKLrV
Bn6dMaeGpGeyaud+IHpnaSXSPLBRmQxv0UzLLk9rIdomNcPgVMqgh5sqwMasnbqR
yQo4P9nTZTHRe9HCtqSta/7V6413nWsi8oV4GmP6QcKQay12s0iWFp39cOMDiA==
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:52:44 2025 by rpki-client