Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/9PSapFMTPNk4IdNW9y6poBt9F-8.roa
File: 9PSapFMTPNk4IdNW9y6poBt9F-8.roa (raw, json)
Hash identifier: 8bpN1GnvHuxF0OMzhkYo8NajNlF4XsVoLSST5wsn0Zk=
Subject key identifier: F4:F4:9A:A4:53:13:3C:D9:38:21:D3:56:F7:2E:A9:A0:1B:7D:17:EF
Certificate issuer: /CN=22373571c90249bf2aa948e78bed13e08528b87e
Certificate serial: 01942143D236EF1EF05B5F74E9B37EDF0862
Authority key identifier: 22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/9PSapFMTPNk4IdNW9y6poBt9F-8.roa
Signing time: Wed 01 Jan 2025 09:48:00 +0000
ROA not before: Wed 01 Jan 2025 09:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200554
IP address blocks: 5.160.10.0/24 maxlen: 24
5.160.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:d2:36:ef:1e:f0:5b:5f:74:e9:b3:7e:df:08:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22373571c90249bf2aa948e78bed13e08528b87e
Validity
Not Before: Jan 1 09:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4f49aa453133cd93821d356f72ea9a01b7d17ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:1a:d9:f0:2f:00:94:66:53:f0:65:ce:55:a9:
f3:8b:b5:c1:ae:8f:08:66:61:4a:b6:ab:14:02:1c:
08:ae:fd:3d:42:12:7f:82:29:fa:16:9f:56:a9:ab:
51:83:d9:3b:64:94:3f:0f:2b:b3:9a:4e:5e:35:9b:
9c:a5:ec:31:7e:7b:19:f1:b6:b0:8e:52:c1:eb:f8:
bf:f8:eb:ae:ff:36:aa:2c:75:b1:a4:d1:9b:52:74:
8a:b8:db:79:ee:be:45:c6:41:aa:f5:79:c8:09:73:
32:09:d3:b8:6d:6a:b0:27:1f:89:b6:8b:d0:47:dd:
9c:d6:df:a6:69:35:c7:45:ba:eb:4c:74:54:b1:51:
7a:00:77:b7:4c:d5:cd:46:83:b5:9d:46:81:1a:fc:
7d:6b:25:8a:85:94:33:4c:0b:5b:3d:61:36:a5:b9:
cc:28:c1:f3:20:aa:7a:54:8a:f3:01:20:aa:e1:f2:
98:54:56:d2:1f:fe:e2:00:1a:da:78:53:e9:f2:d1:
80:ab:07:b0:87:25:55:2c:6e:78:50:8d:82:8a:ba:
31:2f:c6:12:05:5b:8c:9f:d7:dd:56:97:1e:c7:a2:
c8:79:a4:3d:25:d1:0c:b3:59:6a:fc:10:70:67:33:
10:a1:f7:9b:3d:05:f6:92:6a:a6:59:d1:c6:81:de:
80:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:F4:9A:A4:53:13:3C:D9:38:21:D3:56:F7:2E:A9:A0:1B:7D:17:EF
X509v3 Authority Key Identifier:
keyid:22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/9PSapFMTPNk4IdNW9y6poBt9F-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.10.0/24
5.160.196.0/24
Signature Algorithm: sha256WithRSAEncryption
71:a1:3e:36:3d:2a:8e:e9:c8:ef:bf:3b:00:d3:ca:6b:7f:9c:
7c:d4:69:ae:d6:40:9d:b7:fd:25:1c:14:a6:cb:f6:8c:53:e6:
5c:48:b1:21:f3:1a:c0:d3:a6:05:b9:99:64:8f:36:33:d2:03:
e7:60:3f:6e:21:1c:f9:b4:ef:0d:1f:59:38:22:a2:9a:2c:d7:
24:bc:0b:98:57:aa:de:96:a0:a8:98:c6:a3:09:b1:ec:60:f4:
6f:70:a9:8d:f7:f0:e8:65:d9:55:74:a3:d8:95:a8:9c:b0:d9:
4b:20:91:3f:0c:d1:12:89:43:12:0a:ea:8d:de:22:1e:cc:e8:
0c:ad:2c:40:f3:12:f2:2e:16:09:d2:58:fb:b9:46:e0:94:6c:
e6:77:7f:88:2f:f6:5d:1a:3c:6e:a6:15:3b:cd:6b:89:de:0a:
5a:e9:20:20:a2:e7:75:d7:97:45:d4:ba:1d:cd:ce:56:28:fb:
34:ca:a9:50:81:1d:17:5b:a0:7d:e2:a6:00:4a:91:70:44:a8:
ff:77:1c:08:6b:08:71:be:81:57:ea:98:cb:7e:0b:ee:5f:55:
b5:b4:da:3a:1c:07:94:1f:27:f1:ff:d9:6e:87:16:9b:1a:f8:
e0:36:a2:d1:d2:df:dc:42:3b:20:47:e3:52:02:bd:c1:dd:8c:
8d:78:89:48
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhQ9I27x7wW1906bN+3whiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzczNTcxYzkwMjQ5YmYyYWE5NDhlNzhiZWQxM2UwODUy
OGI4N2UwHhcNMjUwMTAxMDk0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGY0OWFhNDUzMTMzY2Q5MzgyMWQzNTZmNzJlYTlhMDFiN2QxN2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4xrZ8C8AlGZT8GXOVanzi7XBro8I
ZmFKtqsUAhwIrv09QhJ/gin6Fp9WqatRg9k7ZJQ/Dyuzmk5eNZucpewxfnsZ8baw
jlLB6/i/+Ouu/zaqLHWxpNGbUnSKuNt57r5FxkGq9XnICXMyCdO4bWqwJx+JtovQ
R92c1t+maTXHRbrrTHRUsVF6AHe3TNXNRoO1nUaBGvx9ayWKhZQzTAtbPWE2pbnM
KMHzIKp6VIrzASCq4fKYVFbSH/7iABraeFPp8tGAqwewhyVVLG54UI2CiroxL8YS
BVuMn9fdVpcex6LIeaQ9JdEMs1lq/BBwZzMQofebPQX2kmqmWdHGgd6A5QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPT0mqRTEzzZOCHTVvcuqaAbfRfvMB8GA1UdIwQY
MBaAFCI3NXHJAkm/KqlI54vtE+CFKLh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEt
YjQ1NDBjNzRjOTRiLzEvOVBTYXBGTVRQTms0SWROVzl5NnBvQnQ5Ri04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEtYjQ1NDBjNzRjOTRi
LzEvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABaAKAwQA
BaDEMA0GCSqGSIb3DQEBCwUAA4IBAQBxoT42PSqO6cjvvzsA08prf5x81Gmu1kCd
t/0lHBSmy/aMU+ZcSLEh8xrA06YFuZlkjzYz0gPnYD9uIRz5tO8NH1k4IqKaLNck
vAuYV6relqComMajCbHsYPRvcKmN9/DoZdlVdKPYlaicsNlLIJE/DNESiUMSCuqN
3iIezOgMrSxA8xLyLhYJ0lj7uUbglGzmd3+IL/ZdGjxuphU7zWuJ3gpa6SAgoud1
15dF1Lodzc5WKPs0yqlQgR0XW6B94qYASpFwRKj/dxwIawhxvoFX6pjLfgvuX1W1
tNo6HAeUHyfx/9luhxabGvjgNqLR0t/cQjsgR+NSAr3B3YyNeIlI
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:07:44 2025 by rpki-client