Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/lr4DFCAJKtFd-NxgSOwyNda4ukg.roa
File: lr4DFCAJKtFd-NxgSOwyNda4ukg.roa (raw, json)
Hash identifier: QO9i2PupmQrAXsHGKNVS9TO3V5iVOt7g36S98iPKAR8=
Subject key identifier: 96:BE:03:14:20:09:2A:D1:5D:F8:DC:60:48:EC:32:35:D6:B8:BA:48
Certificate issuer: /CN=22373571c90249bf2aa948e78bed13e08528b87e
Certificate serial: 01942143D2E9066A8059877E98A6AFBB6464
Authority key identifier: 22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/lr4DFCAJKtFd-NxgSOwyNda4ukg.roa
Signing time: Wed 01 Jan 2025 09:48:00 +0000
ROA not before: Wed 01 Jan 2025 09:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212355
IP address blocks: 5.160.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:d2:e9:06:6a:80:59:87:7e:98:a6:af:bb:64:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22373571c90249bf2aa948e78bed13e08528b87e
Validity
Not Before: Jan 1 09:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96be031420092ad15df8dc6048ec3235d6b8ba48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:65:e5:85:45:c1:bb:d4:c5:f0:fa:cc:9d:ae:
f6:a5:eb:ff:8f:13:49:bd:1d:a6:5f:41:c8:ee:d8:
fe:6f:70:6e:7b:ec:ef:b7:51:90:e3:dd:16:d6:88:
94:9e:08:f4:86:1a:8c:8f:4d:62:8a:09:22:b2:03:
43:8d:c8:ca:f8:e0:e1:2a:2e:10:80:0e:92:25:9f:
38:04:f0:7f:1b:0a:61:57:03:8d:26:01:e4:e4:aa:
53:76:1c:6f:88:8d:45:71:17:39:cf:1f:cb:26:db:
da:23:3a:e4:fa:9c:3a:4d:14:5e:c7:30:87:cd:35:
4b:37:98:86:2d:23:ce:70:9a:67:09:72:5b:21:84:
ba:8c:28:36:cb:ac:b0:41:20:a2:76:f1:fc:41:8b:
ca:ea:3c:ee:c8:1b:3d:38:9c:9d:5b:a6:ea:b0:76:
4c:c0:fe:a6:54:7e:40:9e:95:ca:6b:51:a1:14:4d:
76:be:9f:a1:7e:83:20:4e:c9:0c:4c:01:23:ae:84:
fc:70:90:1c:99:52:84:a9:63:20:f4:bd:2d:31:71:
8c:e0:ef:cd:9c:27:47:e4:46:7d:30:2e:f3:aa:67:
76:0a:be:a5:c0:5c:ab:36:c5:d8:c2:02:ae:2a:5a:
69:e8:d5:3a:5f:4a:fb:0c:3c:65:9b:04:0d:d2:1f:
bb:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:BE:03:14:20:09:2A:D1:5D:F8:DC:60:48:EC:32:35:D6:B8:BA:48
X509v3 Authority Key Identifier:
keyid:22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/lr4DFCAJKtFd-NxgSOwyNda4ukg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.11.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:3e:88:bb:03:d7:08:2b:4b:03:18:6d:7e:c2:9c:98:1f:af:
48:1c:1a:b9:b7:c4:1a:6e:eb:5a:04:dd:e8:22:11:ab:52:e5:
f0:90:16:14:9c:8c:4b:45:60:60:2c:5d:37:1f:ae:02:76:f4:
a6:d0:b0:38:1a:72:8c:1b:87:8f:96:f3:30:7f:bb:1f:ac:20:
c7:25:c3:fc:c9:8d:b3:36:9c:4c:bc:c0:6f:31:76:1c:24:b8:
09:6d:a5:cc:19:9a:1c:1c:d8:c8:ee:95:51:f4:44:a6:11:14:
06:2e:e0:5f:20:1c:45:ab:06:5a:7c:bc:39:ba:e8:7b:06:39:
86:f6:54:48:2f:1f:67:7d:d9:b6:33:3d:0e:cb:f2:80:d9:ae:
66:e4:cc:3a:cc:2b:12:6b:41:78:37:1f:f0:89:ba:96:84:26:
d3:48:57:b4:3d:59:f7:3f:ba:1b:2a:08:b3:af:cf:12:b5:d0:
05:49:c4:f6:ab:32:c1:62:30:e0:b6:53:9e:20:44:6c:95:d9:
4f:12:4c:04:15:cd:80:23:ff:55:83:44:e5:4f:25:2a:8c:22:
8e:d4:43:ca:c9:0e:0b:65:3b:05:bf:65:6f:01:26:88:bb:c1:
3f:1c:ab:5e:8f:d2:e5:0f:16:9c:2e:1f:a5:db:95:3a:8a:bf:
93:58:f5:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ9LpBmqAWYd+mKavu2RkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzczNTcxYzkwMjQ5YmYyYWE5NDhlNzhiZWQxM2UwODUy
OGI4N2UwHhcNMjUwMTAxMDk0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmJlMDMxNDIwMDkyYWQxNWRmOGRjNjA0OGVjMzIzNWQ2YjhiYTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWXlhUXBu9TF8PrMna72pev/jxNJ
vR2mX0HI7tj+b3Bue+zvt1GQ490W1oiUngj0hhqMj01iigkisgNDjcjK+ODhKi4Q
gA6SJZ84BPB/GwphVwONJgHk5KpTdhxviI1FcRc5zx/LJtvaIzrk+pw6TRRexzCH
zTVLN5iGLSPOcJpnCXJbIYS6jCg2y6ywQSCidvH8QYvK6jzuyBs9OJydW6bqsHZM
wP6mVH5AnpXKa1GhFE12vp+hfoMgTskMTAEjroT8cJAcmVKEqWMg9L0tMXGM4O/N
nCdH5EZ9MC7zqmd2Cr6lwFyrNsXYwgKuKlpp6NU6X0r7DDxlmwQN0h+7ywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJa+AxQgCSrRXfjcYEjsMjXWuLpIMB8GA1UdIwQY
MBaAFCI3NXHJAkm/KqlI54vtE+CFKLh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEt
YjQ1NDBjNzRjOTRiLzEvbHI0REZDQUpLdEZkLU54Z1NPd3lOZGE0dWtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEtYjQ1NDBjNzRjOTRi
LzEvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABaALMA0G
CSqGSIb3DQEBCwUAA4IBAQBqPoi7A9cIK0sDGG1+wpyYH69IHBq5t8QabutaBN3o
IhGrUuXwkBYUnIxLRWBgLF03H64CdvSm0LA4GnKMG4ePlvMwf7sfrCDHJcP8yY2z
NpxMvMBvMXYcJLgJbaXMGZocHNjI7pVR9ESmERQGLuBfIBxFqwZafLw5uuh7BjmG
9lRILx9nfdm2Mz0Oy/KA2a5m5Mw6zCsSa0F4Nx/wibqWhCbTSFe0PVn3P7obKgiz
r88StdAFScT2qzLBYjDgtlOeIERsldlPEkwEFc2AI/9Vg0TlTyUqjCKO1EPKyQ4L
ZTsFv2VvASaIu8E/HKtej9LlDxacLh+l25U6ir+TWPVi
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:52:21 2025 by rpki-client