Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/ppRNI4iSiOqT1CYaFUSvQhxAmxE.roa
File: ppRNI4iSiOqT1CYaFUSvQhxAmxE.roa (raw, json)
Hash identifier: gOucl2Pwo2OrFoobsos5v7pq9g4A69RHIeq7N4KQNRg=
Subject key identifier: A6:94:4D:23:88:92:88:EA:93:D4:26:1A:15:44:AF:42:1C:40:9B:11
Certificate issuer: /CN=22373571c90249bf2aa948e78bed13e08528b87e
Certificate serial: 01942143C292C14CE7E5D69AC195D360EEFD
Authority key identifier: 22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/ppRNI4iSiOqT1CYaFUSvQhxAmxE.roa
Signing time: Wed 01 Jan 2025 09:47:56 +0000
ROA not before: Wed 01 Jan 2025 09:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29577
IP address blocks: 5.160.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:c2:92:c1:4c:e7:e5:d6:9a:c1:95:d3:60:ee:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22373571c90249bf2aa948e78bed13e08528b87e
Validity
Not Before: Jan 1 09:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6944d23889288ea93d4261a1544af421c409b11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b3:12:5c:e6:81:a0:d8:7a:41:1c:f8:29:ca:
60:fa:ed:5f:42:26:42:1a:47:00:b2:4d:a5:93:8a:
17:15:2b:3b:b3:70:64:6c:fd:7c:dd:0d:7f:d7:b1:
4f:e2:54:2b:4b:c7:0d:f9:21:34:05:5f:b9:99:af:
d9:e2:a3:dc:7f:4b:d4:12:02:e5:44:79:35:d9:56:
e2:50:dd:88:a1:14:4d:89:2c:09:97:77:7f:29:19:
9b:f5:c8:50:db:7d:a3:22:34:ea:cf:14:ba:b2:12:
96:a1:23:ce:80:68:5a:3b:8f:91:3e:9f:95:9c:0c:
ee:f5:50:ce:c4:1d:42:71:41:b9:89:99:ba:cb:65:
f6:a2:3b:3d:b6:4f:c5:5a:6d:d3:91:f7:49:c4:23:
6a:3e:1d:40:c1:ff:c8:c8:2b:20:d0:4c:23:45:a9:
d2:fa:06:ad:2a:59:27:e3:ca:32:ea:52:6f:76:92:
74:af:91:14:16:33:63:cc:98:0e:aa:c4:6c:a4:04:
e0:d8:56:fc:33:2e:23:3f:d6:13:ea:7e:50:dc:27:
3b:56:91:e2:65:3e:c6:09:be:e0:a7:ec:4a:00:ca:
93:e1:42:a2:10:f5:f7:93:88:1c:46:dd:cf:e9:86:
b9:01:c8:1a:02:c5:03:57:50:22:a3:94:b7:da:79:
25:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:94:4D:23:88:92:88:EA:93:D4:26:1A:15:44:AF:42:1C:40:9B:11
X509v3 Authority Key Identifier:
keyid:22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/ppRNI4iSiOqT1CYaFUSvQhxAmxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.16.0/24
Signature Algorithm: sha256WithRSAEncryption
77:9f:2f:0c:7b:e7:83:64:2c:88:b3:1f:93:5b:1d:1c:23:c1:
e6:30:43:4b:61:d7:09:5b:57:5a:2d:97:95:0f:e8:97:c2:fd:
a3:83:41:12:92:8c:81:c8:87:f9:33:bc:af:08:79:3f:71:2a:
7e:91:05:05:e4:69:3d:3b:3f:5b:c7:fa:c8:13:5f:7b:bd:3f:
b3:f5:64:02:72:2f:6f:14:31:1d:b5:3b:c0:b7:5e:4c:64:23:
c0:80:c5:a1:04:29:f7:64:b3:aa:a4:d6:da:ab:3d:a0:cd:70:
ca:fd:e1:25:f6:cd:0d:48:aa:cf:e8:cb:11:24:c5:69:5a:a9:
5c:e0:58:40:0d:e4:00:4a:1d:36:c1:7a:f7:56:9c:be:61:cd:
f9:07:2a:b7:28:f0:18:bb:e0:87:26:6e:0e:96:62:66:10:10:
f5:f5:8f:5d:ea:e2:51:2d:f9:34:27:b3:13:16:ab:e0:03:b0:
ca:4d:0c:0e:72:74:ad:bb:d6:b0:2b:96:80:70:01:0e:62:a8:
4c:a8:8e:b6:20:97:7f:85:c7:61:80:59:b2:e3:1e:00:5a:00:
6b:ff:62:b5:8e:ab:5e:a4:1e:b4:27:34:40:d1:db:10:18:1d:
f5:97:5e:4c:e8:76:9d:0c:6e:af:d8:29:d0:19:7a:0d:a1:53:
a7:15:7d:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ8KSwUzn5daawZXTYO79MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzczNTcxYzkwMjQ5YmYyYWE5NDhlNzhiZWQxM2UwODUy
OGI4N2UwHhcNMjUwMTAxMDk0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjk0NGQyMzg4OTI4OGVhOTNkNDI2MWExNTQ0YWY0MjFjNDA5YjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurMSXOaBoNh6QRz4Kcpg+u1fQiZC
GkcAsk2lk4oXFSs7s3BkbP183Q1/17FP4lQrS8cN+SE0BV+5ma/Z4qPcf0vUEgLl
RHk12VbiUN2IoRRNiSwJl3d/KRmb9chQ232jIjTqzxS6shKWoSPOgGhaO4+RPp+V
nAzu9VDOxB1CcUG5iZm6y2X2ojs9tk/FWm3TkfdJxCNqPh1Awf/IyCsg0EwjRanS
+gatKlkn48oy6lJvdpJ0r5EUFjNjzJgOqsRspATg2Fb8My4jP9YT6n5Q3Cc7VpHi
ZT7GCb7gp+xKAMqT4UKiEPX3k4gcRt3P6Ya5AcgaAsUDV1Aio5S32nklWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKaUTSOIkojqk9QmGhVEr0IcQJsRMB8GA1UdIwQY
MBaAFCI3NXHJAkm/KqlI54vtE+CFKLh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEt
YjQ1NDBjNzRjOTRiLzEvcHBSTkk0aVNpT3FUMUNZYUZVU3ZRaHhBbXhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEtYjQ1NDBjNzRjOTRi
LzEvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABaAQMA0G
CSqGSIb3DQEBCwUAA4IBAQB3ny8Me+eDZCyIsx+TWx0cI8HmMENLYdcJW1daLZeV
D+iXwv2jg0ESkoyByIf5M7yvCHk/cSp+kQUF5Gk9Oz9bx/rIE197vT+z9WQCci9v
FDEdtTvAt15MZCPAgMWhBCn3ZLOqpNbaqz2gzXDK/eEl9s0NSKrP6MsRJMVpWqlc
4FhADeQASh02wXr3Vpy+Yc35Byq3KPAYu+CHJm4OlmJmEBD19Y9d6uJRLfk0J7MT
FqvgA7DKTQwOcnStu9awK5aAcAEOYqhMqI62IJd/hcdhgFmy4x4AWgBr/2K1jqte
pB60JzRA0dsQGB31l15M6HadDG6v2CnQGXoNoVOnFX0m
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:57:12 2025 by rpki-client