Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/OUUenB6cE4WLgcqCuJFd8IuWKI0.roa
File: OUUenB6cE4WLgcqCuJFd8IuWKI0.roa (raw, json)
Hash identifier: bYUqjF/gzi4PflmRwarPOZmoix/hwBusI2ITPO/AI+4=
Subject key identifier: 39:45:1E:9C:1E:9C:13:85:8B:81:CA:82:B8:91:5D:F0:8B:96:28:8D
Certificate issuer: /CN=22373571c90249bf2aa948e78bed13e08528b87e
Certificate serial: 01942143D475D9E2D9B89ABA1A0632297E02
Authority key identifier: 22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/OUUenB6cE4WLgcqCuJFd8IuWKI0.roa
Signing time: Wed 01 Jan 2025 09:48:00 +0000
ROA not before: Wed 01 Jan 2025 09:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213775
IP address blocks: 5.160.199.0/24 maxlen: 24
46.209.224.0/24 maxlen: 24
46.209.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 10 Mar 2025 15:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:d4:75:d9:e2:d9:b8:9a:ba:1a:06:32:29:7e:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22373571c90249bf2aa948e78bed13e08528b87e
Validity
Not Before: Jan 1 09:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=39451e9c1e9c13858b81ca82b8915df08b96288d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:9f:18:24:83:1f:c8:28:3f:8c:64:49:75:3c:
88:4e:6e:34:37:e0:ce:eb:9d:9e:d9:c8:fe:bd:e0:
e5:66:d5:9a:3c:f2:b5:4f:cf:41:d9:1f:79:1c:06:
cc:0b:7b:b0:71:59:2f:eb:f6:c0:70:c8:37:bd:f5:
d0:2f:23:06:58:31:25:85:ed:c6:46:61:5e:5b:c7:
db:33:4f:61:45:42:7e:f1:2e:70:09:72:d5:bf:91:
e9:9e:83:34:d5:fd:94:a9:37:c8:96:15:60:23:77:
9c:29:80:11:65:ab:1b:4f:63:a2:82:ba:65:6c:ba:
45:d9:c5:93:34:1b:96:1b:67:23:be:f8:dd:00:30:
6c:47:c6:dd:68:28:4e:6a:43:4c:aa:ad:25:dd:28:
d9:f3:63:9b:70:c4:f3:6e:0c:a9:d8:76:82:8c:e0:
04:7b:9a:59:0f:c8:2d:f6:61:f0:5d:f9:20:b2:77:
bc:e7:fe:6a:c2:b9:8b:e2:87:b9:98:fd:91:a5:eb:
6e:81:20:f8:92:a3:50:da:02:ec:ce:c1:d9:ae:d4:
18:be:c3:0a:5a:a3:83:dc:1f:fc:ce:e4:1a:bb:f0:
92:c4:02:db:68:8d:16:62:77:af:d5:9a:52:68:37:
75:b8:04:e1:95:2f:5f:ac:78:9b:68:28:37:65:39:
45:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:45:1E:9C:1E:9C:13:85:8B:81:CA:82:B8:91:5D:F0:8B:96:28:8D
X509v3 Authority Key Identifier:
keyid:22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/OUUenB6cE4WLgcqCuJFd8IuWKI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.199.0/24
46.209.224.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:94:0b:b5:b5:bd:4f:64:8e:36:ed:30:e2:f2:48:b8:23:82:
a4:db:53:c8:07:ca:bf:c9:a1:b3:03:0e:5a:b9:55:5e:bd:4c:
8e:8a:62:d5:c8:32:d4:5f:e3:8d:99:3a:36:90:95:64:9b:55:
79:3e:ce:4b:3f:3f:37:72:6c:77:04:59:5b:02:8f:1c:ea:c9:
e3:e0:5a:61:79:af:50:e9:6f:af:b0:70:03:76:75:0b:16:e8:
9b:b8:92:25:20:c2:57:6a:d9:e9:04:ea:95:26:4f:23:62:eb:
3f:ca:c6:ff:84:fe:73:86:82:f7:0c:bd:85:ca:cd:f2:fb:0b:
59:6e:10:57:46:6d:01:85:82:28:66:13:a0:46:b1:e8:8b:ba:
35:52:ee:b6:81:79:ea:ee:47:b1:d6:da:5b:76:36:ae:4a:b7:
cd:9c:f8:e2:2b:c7:cd:5a:91:6f:fe:1f:2a:64:91:83:28:8a:
08:d1:66:dc:c0:10:50:1d:4e:c9:19:eb:20:d2:06:64:ec:7d:
1c:26:f7:a2:02:0c:7f:e5:0c:71:c4:da:98:16:7a:a2:f5:3b:
49:6d:88:27:52:28:f6:21:ee:dd:ef:11:27:49:9a:a1:a9:25:
c2:4b:15:3f:61:bc:e4:e9:3b:b0:df:0c:f1:cf:5d:42:e7:cd:
5b:8d:41:43
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhQ9R12eLZuJq6GgYyKX4CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzczNTcxYzkwMjQ5YmYyYWE5NDhlNzhiZWQxM2UwODUy
OGI4N2UwHhcNMjUwMTAxMDk0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTQ1MWU5YzFlOWMxMzg1OGI4MWNhODJiODkxNWRmMDhiOTYyODhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj58YJIMfyCg/jGRJdTyITm40N+DO
652e2cj+veDlZtWaPPK1T89B2R95HAbMC3uwcVkv6/bAcMg3vfXQLyMGWDElhe3G
RmFeW8fbM09hRUJ+8S5wCXLVv5HpnoM01f2UqTfIlhVgI3ecKYARZasbT2Oigrpl
bLpF2cWTNBuWG2cjvvjdADBsR8bdaChOakNMqq0l3SjZ82ObcMTzbgyp2HaCjOAE
e5pZD8gt9mHwXfkgsne85/5qwrmL4oe5mP2RpetugSD4kqNQ2gLszsHZrtQYvsMK
WqOD3B/8zuQau/CSxALbaI0WYnev1ZpSaDd1uAThlS9frHibaCg3ZTlF1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDlFHpwenBOFi4HKgriRXfCLliiNMB8GA1UdIwQY
MBaAFCI3NXHJAkm/KqlI54vtE+CFKLh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEt
YjQ1NDBjNzRjOTRiLzEvT1VVZW5CNmNFNFdMZ2NxQ3VKRmQ4SXVXS0kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEtYjQ1NDBjNzRjOTRi
LzEvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABaDHAwQB
LtHgMA0GCSqGSIb3DQEBCwUAA4IBAQBflAu1tb1PZI427TDi8ki4I4Kk21PIB8q/
yaGzAw5auVVevUyOimLVyDLUX+ONmTo2kJVkm1V5Ps5LPz83cmx3BFlbAo8c6snj
4Fphea9Q6W+vsHADdnULFuibuJIlIMJXatnpBOqVJk8jYus/ysb/hP5zhoL3DL2F
ys3y+wtZbhBXRm0BhYIoZhOgRrHoi7o1Uu62gXnq7kex1tpbdjauSrfNnPjiK8fN
WpFv/h8qZJGDKIoI0WbcwBBQHU7JGesg0gZk7H0cJveiAgx/5QxxxNqYFnqi9TtJ
bYgnUij2Ie7d7xEnSZqhqSXCSxU/Ybzk6Tuw3wzxz11C581bjUFD
-----END CERTIFICATE-----
Generated at Mon Mar 10 00:39:16 2025 by rpki-client