Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/xL-4tERBYhvX8_aDnKV8HCKxXrQ.roa
File: xL-4tERBYhvX8_aDnKV8HCKxXrQ.roa (raw, json)
Hash identifier: l0a54sZs7mvO5yVCnHO9BeY5JawFgum/aC2heZYPowk=
Subject key identifier: C4:BF:B8:B4:44:41:62:1B:D7:F3:F6:83:9C:A5:7C:1C:22:B1:5E:B4
Certificate issuer: /CN=22373571c90249bf2aa948e78bed13e08528b87e
Certificate serial: 01942143C99DFCD2ABB07A55BDECFF913B22
Authority key identifier: 22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/xL-4tERBYhvX8_aDnKV8HCKxXrQ.roa
Signing time: Wed 01 Jan 2025 09:47:58 +0000
ROA not before: Wed 01 Jan 2025 09:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59961
IP address blocks: 5.160.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:c9:9d:fc:d2:ab:b0:7a:55:bd:ec:ff:91:3b:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22373571c90249bf2aa948e78bed13e08528b87e
Validity
Not Before: Jan 1 09:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c4bfb8b44441621bd7f3f6839ca57c1c22b15eb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a1:1e:0c:a9:a2:c2:b4:74:18:96:11:c0:48:
e3:78:6c:e2:28:79:ad:70:d9:d5:3d:d4:57:97:df:
14:fe:98:90:c9:29:0e:9e:1c:8a:aa:cf:a7:56:e1:
36:8e:bc:82:8d:69:24:c2:8a:34:22:e0:89:8a:05:
51:0d:f4:bd:79:99:e4:02:3b:7b:85:19:f6:01:8a:
5c:44:22:f0:53:c6:df:ba:fd:33:00:7d:63:d2:bb:
30:95:fa:4c:1f:2d:c7:5a:49:7b:53:d2:f2:5b:be:
8f:18:5f:b0:ca:e9:a5:25:8e:67:c9:06:69:1a:48:
b5:3f:19:15:2c:bd:4a:68:55:ca:de:d4:6c:e2:48:
8f:79:18:84:a3:cd:b8:7e:7a:26:b1:60:3b:6e:94:
fb:06:30:db:5b:88:7e:c0:f2:f6:d6:1c:30:30:4b:
97:c0:59:f9:97:30:c4:9f:18:a1:6d:e1:06:26:09:
c7:b1:a0:a7:83:d6:b9:25:2d:e7:39:e1:54:3d:b6:
c3:47:30:4c:35:25:09:e0:9e:3e:f5:ae:ca:15:19:
a5:db:81:42:62:7e:d1:1d:e5:b3:66:11:0f:cf:cb:
21:21:e3:e1:47:e0:33:3f:b5:4f:d3:eb:69:3e:43:
37:c1:20:1f:44:4e:da:ca:08:94:72:16:c2:f2:d1:
90:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:BF:B8:B4:44:41:62:1B:D7:F3:F6:83:9C:A5:7C:1C:22:B1:5E:B4
X509v3 Authority Key Identifier:
keyid:22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/xL-4tERBYhvX8_aDnKV8HCKxXrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.195.0/24
Signature Algorithm: sha256WithRSAEncryption
71:d8:68:0f:db:7a:a0:32:e0:95:e8:fb:34:0f:e9:c9:24:9d:
58:d0:17:8e:bc:6e:c4:48:fe:96:2c:00:06:10:49:74:79:76:
df:ea:ad:07:67:f8:a3:56:80:8c:08:ab:e3:c4:44:15:19:c3:
93:ee:2f:b4:8a:c5:09:0c:4d:54:c4:b4:01:85:ee:c0:9a:f2:
91:fc:da:fa:71:14:07:07:76:f2:93:97:7d:85:4d:74:b7:fe:
6e:51:b8:7b:18:cc:fa:d1:1f:08:8f:ca:42:93:e9:2d:52:ac:
91:cd:3d:25:55:e2:8c:8b:7a:b7:85:9a:54:01:83:c4:8a:a0:
ed:6e:a0:cc:6c:73:6e:82:86:6f:d1:db:45:09:14:82:de:c1:
42:c3:08:97:16:24:37:2c:7f:54:1a:a4:c8:6a:b8:b6:e4:49:
ed:72:27:69:76:cf:d8:f7:46:19:59:fe:36:40:c1:91:c5:3d:
78:77:5f:66:a3:0b:12:3c:ec:12:54:7c:62:1c:68:42:26:16:
9e:5a:1f:d2:fa:41:26:85:33:75:9e:44:9f:ea:a6:71:2c:94:
9d:ef:44:f1:cc:d8:69:dd:2f:34:85:74:77:49:9b:8d:44:8b:
9e:4f:23:9e:ea:a2:52:77:14:cf:4e:bc:75:6a:e3:ac:80:ab:
9c:7c:42:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ8md/NKrsHpVvez/kTsiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzczNTcxYzkwMjQ5YmYyYWE5NDhlNzhiZWQxM2UwODUy
OGI4N2UwHhcNMjUwMTAxMDk0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGJmYjhiNDQ0NDE2MjFiZDdmM2Y2ODM5Y2E1N2MxYzIyYjE1ZWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKEeDKmiwrR0GJYRwEjjeGziKHmt
cNnVPdRXl98U/piQySkOnhyKqs+nVuE2jryCjWkkwoo0IuCJigVRDfS9eZnkAjt7
hRn2AYpcRCLwU8bfuv0zAH1j0rswlfpMHy3HWkl7U9LyW76PGF+wyumlJY5nyQZp
Gki1PxkVLL1KaFXK3tRs4kiPeRiEo824fnomsWA7bpT7BjDbW4h+wPL21hwwMEuX
wFn5lzDEnxihbeEGJgnHsaCng9a5JS3nOeFUPbbDRzBMNSUJ4J4+9a7KFRml24FC
Yn7RHeWzZhEPz8shIePhR+AzP7VP0+tpPkM3wSAfRE7aygiUchbC8tGQowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMS/uLREQWIb1/P2g5ylfBwisV60MB8GA1UdIwQY
MBaAFCI3NXHJAkm/KqlI54vtE+CFKLh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEt
YjQ1NDBjNzRjOTRiLzEveEwtNHRFUkJZaHZYOF9hRG5LVjhIQ0t4WHJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEtYjQ1NDBjNzRjOTRi
LzEvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABaDDMA0G
CSqGSIb3DQEBCwUAA4IBAQBx2GgP23qgMuCV6Ps0D+nJJJ1Y0BeOvG7ESP6WLAAG
EEl0eXbf6q0HZ/ijVoCMCKvjxEQVGcOT7i+0isUJDE1UxLQBhe7AmvKR/Nr6cRQH
B3byk5d9hU10t/5uUbh7GMz60R8Ij8pCk+ktUqyRzT0lVeKMi3q3hZpUAYPEiqDt
bqDMbHNugoZv0dtFCRSC3sFCwwiXFiQ3LH9UGqTIari25Entcidpds/Y90YZWf42
QMGRxT14d19mowsSPOwSVHxiHGhCJhaeWh/S+kEmhTN1nkSf6qZxLJSd70TxzNhp
3S80hXR3SZuNRIueTyOe6qJSdxTPTrx1auOsgKucfEKq
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:49:21 2025 by rpki-client