Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/mDlfzk4wNcANo3pVoYUMvhrU6g4.roa
File: mDlfzk4wNcANo3pVoYUMvhrU6g4.roa (raw, json)
Hash identifier: TrUq+GUBBSXz+fyCZ7h/cGjhjZW08YcEMQLvZ2IOsF4=
Subject key identifier: 98:39:5F:CE:4E:30:35:C0:0D:A3:7A:55:A1:85:0C:BE:1A:D4:EA:0E
Certificate issuer: /CN=22373571c90249bf2aa948e78bed13e08528b87e
Certificate serial: 01942143CFB7F959BD4556A61CE1A4C70CE0
Authority key identifier: 22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/mDlfzk4wNcANo3pVoYUMvhrU6g4.roa
Signing time: Wed 01 Jan 2025 09:47:59 +0000
ROA not before: Wed 01 Jan 2025 09:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64460
IP address blocks: 5.160.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:cf:b7:f9:59:bd:45:56:a6:1c:e1:a4:c7:0c:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22373571c90249bf2aa948e78bed13e08528b87e
Validity
Not Before: Jan 1 09:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98395fce4e3035c00da37a55a1850cbe1ad4ea0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ca:fb:3d:68:cb:e3:c0:8d:12:1a:8d:9c:bf:
65:ba:68:05:47:3a:06:1d:21:3e:e9:03:a7:d8:c9:
2e:d8:4d:9f:04:e3:61:c7:a2:1b:44:a0:ad:af:2d:
6b:d6:80:04:3f:9f:7a:fd:3d:81:ce:96:12:39:91:
6d:7c:d4:f4:e0:e1:4e:22:30:5f:4a:0a:66:d7:61:
b1:4e:f1:c5:f5:19:99:0d:16:b7:d4:08:cc:2f:e7:
91:c7:32:e3:f9:e2:c7:0b:cd:d3:05:90:84:20:7e:
86:8a:fd:48:06:89:5d:fa:ae:d8:f1:36:9b:8a:1d:
b2:d4:d7:27:2d:bc:a9:c9:71:62:2d:67:db:97:92:
ea:bb:81:39:5c:3e:24:e2:55:7d:8a:8e:57:b1:43:
f0:0d:6b:bd:c0:a8:d9:fd:a1:a2:e1:e8:c3:23:8a:
0e:3a:39:2a:76:bb:20:52:65:ef:a7:35:4e:9e:ae:
80:13:49:99:c3:52:2a:d7:d3:1f:0f:86:02:3e:8f:
da:d8:17:ad:bd:21:d8:1d:59:64:07:81:f9:4e:84:
63:c9:e8:fd:42:77:c6:c1:90:b3:96:a2:ce:c6:3e:
2f:80:5b:57:e0:d7:95:5a:32:87:dd:c2:19:74:27:
63:e0:af:91:05:eb:21:68:3d:35:59:7d:b0:c7:a7:
36:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:39:5F:CE:4E:30:35:C0:0D:A3:7A:55:A1:85:0C:BE:1A:D4:EA:0E
X509v3 Authority Key Identifier:
keyid:22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/mDlfzk4wNcANo3pVoYUMvhrU6g4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.141.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:49:22:09:52:cf:03:50:39:96:bc:76:c0:ee:0c:bf:fb:42:
cc:ec:5b:ae:e4:a1:fd:d0:47:27:03:fe:0c:12:1d:ca:ce:48:
a4:74:c3:2d:6e:f0:5b:9b:f1:ea:7e:2d:3a:fd:49:71:5b:5f:
ee:f0:a2:c5:64:fa:47:67:01:20:6e:1a:ec:bf:76:66:09:bf:
a9:f0:5f:28:e1:af:04:b3:f8:5a:e5:aa:f8:f5:3b:6e:66:48:
84:3e:c6:71:d4:06:9a:69:57:20:27:1e:d3:a6:08:7a:8b:f0:
f0:18:9a:f2:f1:77:f7:6b:6c:e7:dd:97:f7:cf:7a:58:0c:26:
00:7d:c3:31:9f:b6:af:c8:c8:1b:34:e9:5a:0f:49:9b:ea:d7:
94:97:5e:9c:40:8c:7f:ad:21:57:5a:65:46:5a:cb:3e:83:0c:
10:39:af:99:d3:f8:78:7e:49:fa:a7:9d:bd:8c:51:b7:c0:22:
44:48:89:ee:ab:8c:f3:4e:8e:fd:18:f3:ba:52:1f:20:02:16:
fd:70:92:f7:27:8b:cc:df:a6:9d:dc:0f:0e:e4:52:da:3d:a3:
ce:37:c9:cb:a6:8a:d0:05:9b:bc:93:88:64:85:35:70:97:3e:
be:ae:48:ed:54:06:27:8e:ff:32:c1:bf:6d:0a:b5:4b:01:40:
19:34:b3:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ8+3+Vm9RVamHOGkxwzgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzczNTcxYzkwMjQ5YmYyYWE5NDhlNzhiZWQxM2UwODUy
OGI4N2UwHhcNMjUwMTAxMDk0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODM5NWZjZTRlMzAzNWMwMGRhMzdhNTVhMTg1MGNiZTFhZDRlYTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssr7PWjL48CNEhqNnL9lumgFRzoG
HSE+6QOn2Mku2E2fBONhx6IbRKCtry1r1oAEP596/T2BzpYSOZFtfNT04OFOIjBf
Sgpm12GxTvHF9RmZDRa31AjML+eRxzLj+eLHC83TBZCEIH6Giv1IBold+q7Y8Tab
ih2y1NcnLbypyXFiLWfbl5Lqu4E5XD4k4lV9io5XsUPwDWu9wKjZ/aGi4ejDI4oO
OjkqdrsgUmXvpzVOnq6AE0mZw1Iq19MfD4YCPo/a2BetvSHYHVlkB4H5ToRjyej9
QnfGwZCzlqLOxj4vgFtX4NeVWjKH3cIZdCdj4K+RBeshaD01WX2wx6c2rQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJg5X85OMDXADaN6VaGFDL4a1OoOMB8GA1UdIwQY
MBaAFCI3NXHJAkm/KqlI54vtE+CFKLh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEt
YjQ1NDBjNzRjOTRiLzEvbURsZnprNHdOY0FObzNwVm9ZVU12aHJVNmc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEtYjQ1NDBjNzRjOTRi
LzEvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABaCNMA0G
CSqGSIb3DQEBCwUAA4IBAQALSSIJUs8DUDmWvHbA7gy/+0LM7Fuu5KH90EcnA/4M
Eh3KzkikdMMtbvBbm/Hqfi06/UlxW1/u8KLFZPpHZwEgbhrsv3ZmCb+p8F8o4a8E
s/ha5ar49TtuZkiEPsZx1AaaaVcgJx7Tpgh6i/DwGJry8Xf3a2zn3Zf3z3pYDCYA
fcMxn7avyMgbNOlaD0mb6teUl16cQIx/rSFXWmVGWss+gwwQOa+Z0/h4fkn6p529
jFG3wCJESInuq4zzTo79GPO6Uh8gAhb9cJL3J4vM36ad3A8O5FLaPaPON8nLporQ
BZu8k4hkhTVwlz6+rkjtVAYnjv8ywb9tCrVLAUAZNLOq
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:58:58 2025 by rpki-client