Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/CX1FqPz_rB1rFYm-Mpz-D8387mU.roa
File: CX1FqPz_rB1rFYm-Mpz-D8387mU.roa (raw, json)
Hash identifier: wCnxW0V26P20vCB284mcfIA47doSr/9lS3o6lcuYrfI=
Subject key identifier: 09:7D:45:A8:FC:FF:AC:1D:6B:15:89:BE:32:9C:FE:0F:CD:FC:EE:65
Certificate issuer: /CN=22373571c90249bf2aa948e78bed13e08528b87e
Certificate serial: 0194A17413706FE7F8C9AE676D53FD2E821C
Authority key identifier: 22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/CX1FqPz_rB1rFYm-Mpz-D8387mU.roa
Signing time: Sun 26 Jan 2025 07:12:06 +0000
ROA not before: Sun 26 Jan 2025 07:12:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198154
IP address blocks: 5.160.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a1:74:13:70:6f:e7:f8:c9:ae:67:6d:53:fd:2e:82:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22373571c90249bf2aa948e78bed13e08528b87e
Validity
Not Before: Jan 26 07:12:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=097d45a8fcffac1d6b1589be329cfe0fcdfcee65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:aa:1a:96:03:da:2e:d5:ff:bb:77:00:c9:ad:
4e:58:3a:80:eb:02:2c:17:0e:34:1f:84:3d:3a:00:
82:db:2f:02:23:0c:e2:d9:0b:9f:5f:73:57:e5:e5:
d4:72:7c:d9:18:e9:12:8a:ff:ab:0c:75:d6:2f:99:
3f:91:79:c4:1d:a2:e3:29:d8:23:7d:05:aa:20:69:
d1:a6:43:da:54:22:a2:16:75:40:3b:41:90:eb:51:
ac:eb:6d:f9:97:24:d8:38:79:27:c2:b1:65:75:ab:
31:e5:2f:cd:14:dc:bc:ea:3d:ff:a8:5e:64:b7:ff:
2d:0c:e1:52:01:8d:2b:86:82:ad:74:e3:1e:dc:f6:
17:0c:9c:a5:06:f2:50:4f:15:c5:ec:1b:cd:20:7b:
67:e8:78:a1:95:42:24:6e:b2:a3:25:32:e3:71:5c:
0c:5e:9b:8a:28:a9:55:60:f1:79:78:e3:25:e7:92:
16:b4:a9:d6:3b:dc:ff:81:dc:31:61:25:e2:1e:a5:
db:f7:55:7a:a9:ac:5e:31:70:81:5f:24:41:e5:25:
c6:ea:a2:ef:20:ef:ee:a4:02:fa:ae:18:99:3f:07:
67:e3:68:87:41:67:46:63:48:b8:b2:78:16:7f:d9:
aa:f7:a8:6d:e7:08:c8:2a:07:9d:c6:7a:aa:2d:ad:
75:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:7D:45:A8:FC:FF:AC:1D:6B:15:89:BE:32:9C:FE:0F:CD:FC:EE:65
X509v3 Authority Key Identifier:
keyid:22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/CX1FqPz_rB1rFYm-Mpz-D8387mU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.144.0/24
Signature Algorithm: sha256WithRSAEncryption
45:4b:6a:b5:53:4f:3a:7c:45:4a:6d:bc:a3:fc:24:11:d9:df:
fb:42:83:08:92:ec:0c:12:ba:8e:d9:e9:36:f4:2b:b1:ce:05:
a3:02:e7:e9:fb:8b:53:3f:47:13:ae:e7:3c:48:d2:9b:2d:b3:
60:e6:36:ac:8a:e6:0d:94:f7:bd:a8:df:30:4e:e4:99:96:e9:
1e:a3:eb:27:ae:0c:6e:69:29:e7:61:da:11:d4:07:5b:64:56:
e0:0e:17:d6:36:7d:dc:2d:23:fe:37:cb:45:d2:75:a9:f6:86:
bb:00:ce:3c:39:dc:e7:e6:bf:b3:65:26:0f:74:dc:25:47:28:
3a:f7:1e:49:24:82:6d:56:98:73:7c:f1:d6:6a:4a:a5:81:50:
33:e6:f6:d6:23:fc:9b:42:fb:54:bc:f0:6c:ef:cf:22:0e:ae:
1e:a8:8d:8b:f4:ea:9a:e1:93:d3:5b:1e:08:af:6d:bb:73:ec:
d8:f2:1e:49:b2:c3:e5:39:34:d2:1c:fe:a1:fb:9a:07:6a:9c:
42:4e:2c:f6:5c:f5:9e:8d:52:83:e5:58:ea:ea:61:df:65:2c:
23:e8:a2:ac:f9:99:0d:63:79:f5:28:7a:21:f8:b7:fa:97:d6:
09:38:41:01:00:fa:69:95:f7:d0:b3:3a:37:dd:0a:51:0c:39:
e6:3a:da:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZShdBNwb+f4ya5nbVP9LoIcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzczNTcxYzkwMjQ5YmYyYWE5NDhlNzhiZWQxM2UwODUy
OGI4N2UwHhcNMjUwMTI2MDcxMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTdkNDVhOGZjZmZhYzFkNmIxNTg5YmUzMjljZmUwZmNkZmNlZTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6oalgPaLtX/u3cAya1OWDqA6wIs
Fw40H4Q9OgCC2y8CIwzi2QufX3NX5eXUcnzZGOkSiv+rDHXWL5k/kXnEHaLjKdgj
fQWqIGnRpkPaVCKiFnVAO0GQ61Gs6235lyTYOHknwrFldasx5S/NFNy86j3/qF5k
t/8tDOFSAY0rhoKtdOMe3PYXDJylBvJQTxXF7BvNIHtn6HihlUIkbrKjJTLjcVwM
XpuKKKlVYPF5eOMl55IWtKnWO9z/gdwxYSXiHqXb91V6qaxeMXCBXyRB5SXG6qLv
IO/upAL6rhiZPwdn42iHQWdGY0i4sngWf9mq96ht5wjIKgedxnqqLa11eQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAl9Raj8/6wdaxWJvjKc/g/N/O5lMB8GA1UdIwQY
MBaAFCI3NXHJAkm/KqlI54vtE+CFKLh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEt
YjQ1NDBjNzRjOTRiLzEvQ1gxRnFQel9yQjFyRlltLU1wei1EODM4N21VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEtYjQ1NDBjNzRjOTRi
LzEvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABaCQMA0G
CSqGSIb3DQEBCwUAA4IBAQBFS2q1U086fEVKbbyj/CQR2d/7QoMIkuwMErqO2ek2
9CuxzgWjAufp+4tTP0cTruc8SNKbLbNg5jasiuYNlPe9qN8wTuSZlukeo+snrgxu
aSnnYdoR1AdbZFbgDhfWNn3cLSP+N8tF0nWp9oa7AM48Odzn5r+zZSYPdNwlRyg6
9x5JJIJtVphzfPHWakqlgVAz5vbWI/ybQvtUvPBs788iDq4eqI2L9Oqa4ZPTWx4I
r227c+zY8h5JssPlOTTSHP6h+5oHapxCTiz2XPWejVKD5Vjq6mHfZSwj6KKs+ZkN
Y3n1KHoh+Lf6l9YJOEEBAPpplffQszo33QpRDDnmOtrB
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:59:01 2025 by rpki-client