Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/NInBjN9VmlWR0kM4IJbb35yXX4Q.roa
File: NInBjN9VmlWR0kM4IJbb35yXX4Q.roa (raw, json)
Hash identifier: Xo8oHJvXCsMZHqguc/mGbBAJsi6xT4kk+UYEDvmIVeA=
Subject key identifier: 34:89:C1:8C:DF:55:9A:55:91:D2:43:38:20:96:DB:DF:9C:97:5F:84
Certificate issuer: /CN=22373571c90249bf2aa948e78bed13e08528b87e
Certificate serial: 0194D0017F4C15B6E17CBD36F8D3405425C7
Authority key identifier: 22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/NInBjN9VmlWR0kM4IJbb35yXX4Q.roa
Signing time: Tue 04 Feb 2025 08:09:06 +0000
ROA not before: Tue 04 Feb 2025 08:09:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51235
IP address blocks: 5.160.128.0/24 maxlen: 24
5.160.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d0:01:7f:4c:15:b6:e1:7c:bd:36:f8:d3:40:54:25:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22373571c90249bf2aa948e78bed13e08528b87e
Validity
Not Before: Feb 4 08:09:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3489c18cdf559a5591d243382096dbdf9c975f84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:62:7c:29:ef:ad:e6:4a:c1:ef:2a:bf:66:f4:
cd:c5:6b:1a:3a:15:8a:bc:38:e1:43:b8:68:16:b4:
6f:9f:34:1d:6a:e9:61:84:fe:2d:01:08:8e:05:3e:
67:dc:58:d4:a3:ea:0d:da:a4:c4:aa:83:19:bc:38:
aa:2c:43:6a:49:97:44:2a:2b:92:e8:1c:5d:52:ec:
b4:65:23:26:ae:fd:14:6f:1f:db:80:19:b7:c5:9a:
7e:a6:ac:e5:1e:9c:89:db:fc:4a:1f:29:85:cd:10:
54:f7:24:37:8f:f8:29:43:48:d5:32:c7:79:a4:f2:
52:4a:fc:d5:d0:89:1d:f3:d1:28:c8:ff:86:09:8a:
e6:9e:10:d2:62:a4:78:21:8b:b6:06:9e:8d:0d:51:
ab:e6:45:b3:59:21:8f:75:41:d9:55:30:57:f8:73:
43:77:63:94:48:68:91:8d:87:64:f5:47:a1:66:27:
65:53:c5:12:ff:a6:26:44:1b:bd:53:36:cb:19:08:
9f:95:cd:9a:d2:d0:05:13:e7:e3:dd:75:65:d8:d8:
a7:85:4c:72:c8:45:63:e3:da:9f:f3:a3:7b:70:5b:
c2:2a:e8:fa:f2:6f:67:83:e1:c1:04:9a:aa:15:ce:
75:e1:81:3a:54:a7:95:95:4b:7c:da:c9:7a:1b:f6:
8b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:89:C1:8C:DF:55:9A:55:91:D2:43:38:20:96:DB:DF:9C:97:5F:84
X509v3 Authority Key Identifier:
keyid:22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/NInBjN9VmlWR0kM4IJbb35yXX4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.128.0/24
5.160.149.0/24
Signature Algorithm: sha256WithRSAEncryption
57:f3:2a:7c:6f:87:ab:f3:90:aa:f5:54:84:19:6f:e7:3d:2d:
41:23:47:12:e9:ba:c1:9a:65:12:af:8d:41:3a:dc:66:0b:3e:
2b:93:18:35:e3:ac:8f:5c:1f:a8:de:20:09:3e:a1:74:e8:70:
bd:7d:ad:12:61:31:6a:a0:c4:39:98:3e:4e:0f:05:b4:a2:1f:
86:94:4c:d8:3d:f9:4c:4c:91:94:6f:d3:c6:f2:2d:cc:e1:51:
c1:3d:d0:bd:65:4a:0f:98:a9:b2:fc:ea:a2:6d:29:d0:db:16:
d5:80:b3:b3:48:c5:9e:93:47:60:ce:be:5f:45:12:b2:3b:ca:
cd:e7:16:2e:9a:c6:f2:67:50:f9:0b:0e:37:28:fe:ab:de:6f:
9d:e3:af:38:60:43:50:cd:93:a9:c8:3c:69:c7:4c:96:35:94:
5c:2d:0e:03:fe:d3:d5:06:74:4a:be:e2:f1:76:33:1a:9c:ef:
35:5e:0f:18:7f:87:87:6c:34:70:e7:34:87:86:3e:a1:76:85:
db:1a:f6:93:b0:49:90:4d:20:cc:bb:67:b3:9b:2a:dc:96:06:
7a:eb:01:c6:8e:4d:ee:53:78:01:6d:fc:09:53:39:99:1c:b6:
d9:0e:19:15:3f:3b:9f:4d:82:82:45:01:0d:62:2e:60:c8:fa:
fe:94:d5:4b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZTQAX9MFbbhfL02+NNAVCXHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzczNTcxYzkwMjQ5YmYyYWE5NDhlNzhiZWQxM2UwODUy
OGI4N2UwHhcNMjUwMjA0MDgwOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDg5YzE4Y2RmNTU5YTU1OTFkMjQzMzgyMDk2ZGJkZjljOTc1Zjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGJ8Ke+t5krB7yq/ZvTNxWsaOhWK
vDjhQ7hoFrRvnzQdaulhhP4tAQiOBT5n3FjUo+oN2qTEqoMZvDiqLENqSZdEKiuS
6BxdUuy0ZSMmrv0Ubx/bgBm3xZp+pqzlHpyJ2/xKHymFzRBU9yQ3j/gpQ0jVMsd5
pPJSSvzV0Ikd89EoyP+GCYrmnhDSYqR4IYu2Bp6NDVGr5kWzWSGPdUHZVTBX+HND
d2OUSGiRjYdk9UehZidlU8US/6YmRBu9UzbLGQiflc2a0tAFE+fj3XVl2NinhUxy
yEVj49qf86N7cFvCKuj68m9ng+HBBJqqFc514YE6VKeVlUt82sl6G/aLFQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDSJwYzfVZpVkdJDOCCW29+cl1+EMB8GA1UdIwQY
MBaAFCI3NXHJAkm/KqlI54vtE+CFKLh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEt
YjQ1NDBjNzRjOTRiLzEvTkluQmpOOVZtbFdSMGtNNElKYmIzNXlYWDRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEtYjQ1NDBjNzRjOTRi
LzEvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABaCAAwQA
BaCVMA0GCSqGSIb3DQEBCwUAA4IBAQBX8yp8b4er85Cq9VSEGW/nPS1BI0cS6brB
mmUSr41BOtxmCz4rkxg146yPXB+o3iAJPqF06HC9fa0SYTFqoMQ5mD5ODwW0oh+G
lEzYPflMTJGUb9PG8i3M4VHBPdC9ZUoPmKmy/OqibSnQ2xbVgLOzSMWek0dgzr5f
RRKyO8rN5xYumsbyZ1D5Cw43KP6r3m+d4684YENQzZOpyDxpx0yWNZRcLQ4D/tPV
BnRKvuLxdjManO81Xg8Yf4eHbDRw5zSHhj6hdoXbGvaTsEmQTSDMu2ezmyrclgZ6
6wHGjk3uU3gBbfwJUzmZHLbZDhkVPzufTYKCRQENYi5gyPr+lNVL
-----END CERTIFICATE-----
Generated at Wed Apr 16 21:49:13 2025 by rpki-client