Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/M2pVezoeP1XqbhlA1W4rb2r9c8A.roa
File: M2pVezoeP1XqbhlA1W4rb2r9c8A.roa (raw, json)
Hash identifier: 9CvBeLUIHoaPRO/Zpyiw7pu6+iGMnqL1XIixDXxO25c=
Subject key identifier: 33:6A:55:7B:3A:1E:3F:55:EA:6E:19:40:D5:6E:2B:6F:6A:FD:73:C0
Certificate issuer: /CN=22373571c90249bf2aa948e78bed13e08528b87e
Certificate serial: 01942143CD1679E25F44758A137DDBAE69E2
Authority key identifier: 22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/M2pVezoeP1XqbhlA1W4rb2r9c8A.roa
Signing time: Wed 01 Jan 2025 09:47:58 +0000
ROA not before: Wed 01 Jan 2025 09:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62048
IP address blocks: 5.160.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:cd:16:79:e2:5f:44:75:8a:13:7d:db:ae:69:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22373571c90249bf2aa948e78bed13e08528b87e
Validity
Not Before: Jan 1 09:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=336a557b3a1e3f55ea6e1940d56e2b6f6afd73c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c0:1d:ac:8e:dd:cf:e0:c7:96:2b:c0:4e:d3:
f5:ab:d8:33:3a:f2:32:2b:96:f0:72:a2:61:9c:b0:
22:5d:11:11:ba:d3:af:11:70:90:ca:2a:ac:ae:c4:
4b:50:32:5e:9a:37:17:e8:53:18:08:39:d7:49:3d:
1b:e0:e6:78:e4:6e:48:3d:a3:74:0b:06:75:28:36:
26:df:fd:13:c4:b4:d7:fc:e0:a3:17:04:d9:8a:bb:
cc:e5:80:9d:69:54:a9:0d:2c:06:89:9c:a5:63:83:
00:b8:70:5f:9c:84:96:98:ee:e5:9f:d6:0b:f3:a6:
e2:e5:1c:cb:b8:6b:b2:ac:75:b0:21:41:ab:9a:2c:
27:b1:1b:63:60:94:40:dc:03:4c:62:68:c5:fe:da:
4e:65:22:c8:f2:d4:57:f4:8e:b9:aa:65:74:57:14:
b4:14:df:a7:af:63:21:23:a7:5c:20:e7:0b:9c:69:
cf:75:c4:a9:f8:af:91:12:6d:e1:9d:eb:23:c5:7e:
e6:91:57:15:a6:24:a0:94:f7:9d:92:70:ad:67:65:
b1:1b:02:cb:92:34:3d:41:8a:ea:53:ea:04:28:9e:
99:5f:31:35:ee:a0:63:37:a3:e9:f1:4e:c6:ec:f6:
37:d7:c8:68:aa:4c:25:ac:d0:9a:a3:1b:00:f3:cc:
3a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:6A:55:7B:3A:1E:3F:55:EA:6E:19:40:D5:6E:2B:6F:6A:FD:73:C0
X509v3 Authority Key Identifier:
keyid:22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/M2pVezoeP1XqbhlA1W4rb2r9c8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.146.0/24
Signature Algorithm: sha256WithRSAEncryption
37:59:96:c1:ab:30:43:08:bc:92:78:65:22:b8:d7:95:6e:7b:
c7:75:9d:d0:db:85:4f:be:2a:2b:b9:3a:5b:3a:90:dc:97:36:
45:f4:4d:f4:68:20:d2:a3:9e:55:ce:e0:11:4f:72:ff:27:da:
14:1b:da:b0:6a:2d:3f:9f:44:0b:1a:2d:4f:79:1b:81:0a:ec:
42:ed:d8:59:ee:da:48:7a:37:93:31:45:b1:80:24:49:f5:bb:
b2:10:dd:5e:20:17:dc:5a:b8:4f:6f:3a:ba:09:4b:97:df:c6:
3d:4f:23:c7:76:ad:79:17:60:ea:c7:5e:fb:57:ba:2f:80:73:
20:2d:ea:58:c0:c3:79:1a:48:14:57:13:e3:e0:8e:e5:3f:fc:
48:a4:e1:f0:4d:ea:4a:a2:b1:70:ed:bc:f4:c6:bf:40:9d:05:
08:30:26:fe:69:69:cb:0e:57:c9:73:8d:85:5b:3d:9e:37:89:
76:6d:fa:65:99:57:fa:0d:de:37:2e:e8:58:eb:81:4e:fa:e1:
c1:34:68:fc:32:20:17:36:8e:07:91:c7:13:27:a0:6d:56:0c:
7e:85:12:0b:e6:59:a3:a8:66:ce:bf:2e:c1:7e:df:2e:d5:9d:
d9:76:4a:4f:e8:21:9d:ff:9c:0e:68:25:28:7e:e1:ea:20:69:
c5:0e:d6:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ80WeeJfRHWKE33brmniMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzczNTcxYzkwMjQ5YmYyYWE5NDhlNzhiZWQxM2UwODUy
OGI4N2UwHhcNMjUwMTAxMDk0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzZhNTU3YjNhMWUzZjU1ZWE2ZTE5NDBkNTZlMmI2ZjZhZmQ3M2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8AdrI7dz+DHlivATtP1q9gzOvIy
K5bwcqJhnLAiXRERutOvEXCQyiqsrsRLUDJemjcX6FMYCDnXST0b4OZ45G5IPaN0
CwZ1KDYm3/0TxLTX/OCjFwTZirvM5YCdaVSpDSwGiZylY4MAuHBfnISWmO7ln9YL
86bi5RzLuGuyrHWwIUGrmiwnsRtjYJRA3ANMYmjF/tpOZSLI8tRX9I65qmV0VxS0
FN+nr2MhI6dcIOcLnGnPdcSp+K+REm3hnesjxX7mkVcVpiSglPedknCtZ2WxGwLL
kjQ9QYrqU+oEKJ6ZXzE17qBjN6Pp8U7G7PY318hoqkwlrNCaoxsA88w6cQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDNqVXs6Hj9V6m4ZQNVuK29q/XPAMB8GA1UdIwQY
MBaAFCI3NXHJAkm/KqlI54vtE+CFKLh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEt
YjQ1NDBjNzRjOTRiLzEvTTJwVmV6b2VQMVhxYmhsQTFXNHJiMnI5YzhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEtYjQ1NDBjNzRjOTRi
LzEvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABaCSMA0G
CSqGSIb3DQEBCwUAA4IBAQA3WZbBqzBDCLySeGUiuNeVbnvHdZ3Q24VPvioruTpb
OpDclzZF9E30aCDSo55VzuART3L/J9oUG9qwai0/n0QLGi1PeRuBCuxC7dhZ7tpI
ejeTMUWxgCRJ9buyEN1eIBfcWrhPbzq6CUuX38Y9TyPHdq15F2Dqx177V7ovgHMg
LepYwMN5GkgUVxPj4I7lP/xIpOHwTepKorFw7bz0xr9AnQUIMCb+aWnLDlfJc42F
Wz2eN4l2bfplmVf6Dd43LuhY64FO+uHBNGj8MiAXNo4HkccTJ6BtVgx+hRIL5lmj
qGbOvy7Bft8u1Z3ZdkpP6CGd/5wOaCUofuHqIGnFDtbD
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:47:06 2025 by rpki-client