Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/195h2L_h-gou6Lx6kqLxk7ymkEI.roa
File: 195h2L_h-gou6Lx6kqLxk7ymkEI.roa (raw, json)
Hash identifier: YEpa9YuQt+kywxFblYZAr6MJ7jxYrqGhIRN4VcooudM=
Subject key identifier: D7:DE:61:D8:BF:E1:FA:0A:2E:E8:BC:7A:92:A2:F1:93:BC:A6:90:42
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 01942369CD683E59715FE0B7E88AF3811ADF
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/195h2L_h-gou6Lx6kqLxk7ymkEI.roa
Signing time: Wed 01 Jan 2025 19:48:43 +0000
ROA not before: Wed 01 Jan 2025 19:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49587
IP address blocks: 5.180.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 12:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:cd:68:3e:59:71:5f:e0:b7:e8:8a:f3:81:1a:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Jan 1 19:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d7de61d8bfe1fa0a2ee8bc7a92a2f193bca69042
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7a:ce:60:72:8e:20:50:da:86:72:13:65:3f:
91:b0:c4:d8:d0:65:26:a7:5e:02:8f:b0:01:2f:1d:
b4:7c:f0:ca:eb:d4:83:85:fd:24:58:a7:51:89:e9:
61:9b:2d:d5:5f:61:61:b1:df:87:56:e7:c8:3b:79:
20:13:cf:36:77:35:15:83:6c:b0:43:25:44:84:dc:
5c:ba:75:9b:8b:65:34:46:29:1b:53:5e:2b:a6:c0:
1c:10:66:cb:33:dc:b5:87:92:3c:b0:e7:f2:96:c7:
fa:12:36:55:00:b3:c8:71:e0:af:0d:3f:95:67:46:
76:86:4a:c8:06:9c:29:54:8f:69:50:70:45:13:2b:
1e:e8:5f:0c:1d:84:ab:5c:eb:9e:4b:96:cf:c6:01:
da:f7:5c:e9:0f:5e:80:d2:4d:e4:7f:ad:ed:11:37:
77:07:26:63:ef:f3:00:5b:2a:95:46:a4:e4:98:04:
3e:02:ab:db:3c:27:fe:42:de:ce:50:cc:a9:a1:67:
f9:9f:d2:b2:76:be:49:c5:dc:b6:80:c3:4e:13:42:
0e:50:6a:7a:dd:47:89:e3:92:69:66:4d:0e:2a:55:
73:19:64:8a:ef:ed:ee:2b:c4:3c:b2:1c:56:9a:c8:
f4:f4:61:cd:07:02:98:8f:d1:24:e6:68:8e:c4:63:
75:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:DE:61:D8:BF:E1:FA:0A:2E:E8:BC:7A:92:A2:F1:93:BC:A6:90:42
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/195h2L_h-gou6Lx6kqLxk7ymkEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.18.0/24
Signature Algorithm: sha256WithRSAEncryption
89:49:d6:f8:53:3f:d9:93:de:6f:a9:57:c7:a8:23:d7:b2:0c:
c3:2b:f2:8b:63:0b:15:eb:35:4b:e6:f7:a2:ac:cd:ea:d9:58:
9d:db:26:d1:c0:cb:40:1b:0b:52:d3:d4:03:ad:cd:34:10:c0:
f0:38:7d:4b:25:cc:84:b3:fc:f7:23:ca:3b:fe:34:b9:c5:1f:
9c:58:dd:84:1b:ca:3c:bf:19:d4:8d:b8:3a:ac:d2:6d:87:62:
e6:71:ce:66:ac:f9:69:15:2c:ec:d2:d0:b3:32:7b:41:18:1c:
e6:9e:15:93:82:c3:e9:89:9e:9e:92:40:02:31:05:a0:94:92:
56:d6:aa:fc:cf:6f:89:bd:a7:57:96:77:c4:66:e6:a7:fd:d0:
26:36:3b:fb:cf:79:23:d1:c5:64:41:06:0d:a1:6c:c5:6f:1d:
59:1d:5a:6f:cb:05:ef:22:6a:d3:e0:58:75:da:6b:5a:24:03:
44:b4:7e:76:98:02:34:98:bd:e6:8b:fc:f1:bb:4f:b3:4b:d4:
76:e6:13:2f:21:f3:67:a0:29:9b:fb:19:25:d6:45:44:e1:b4:
77:2c:43:9a:fc:f1:0a:43:59:78:e3:61:5f:97:f9:1d:dd:0e:
67:e9:65:7c:40:e0:23:d1:f1:24:2a:cb:23:b6:1e:50:b9:c7:
73:0d:fd:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjac1oPllxX+C36IrzgRrfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjUwMTAxMTk0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2RlNjFkOGJmZTFmYTBhMmVlOGJjN2E5MmEyZjE5M2JjYTY5MDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHrOYHKOIFDahnITZT+RsMTY0GUm
p14Cj7ABLx20fPDK69SDhf0kWKdRielhmy3VX2Fhsd+HVufIO3kgE882dzUVg2yw
QyVEhNxcunWbi2U0RikbU14rpsAcEGbLM9y1h5I8sOfylsf6EjZVALPIceCvDT+V
Z0Z2hkrIBpwpVI9pUHBFEyse6F8MHYSrXOueS5bPxgHa91zpD16A0k3kf63tETd3
ByZj7/MAWyqVRqTkmAQ+AqvbPCf+Qt7OUMypoWf5n9Kydr5Jxdy2gMNOE0IOUGp6
3UeJ45JpZk0OKlVzGWSK7+3uK8Q8shxWmsj09GHNBwKYj9Ek5miOxGN1ZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNfeYdi/4foKLui8epKi8ZO8ppBCMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvMTk1aDJMX2gtZ291Nkx4NmtxTHhrN3lta0VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbQSMA0G
CSqGSIb3DQEBCwUAA4IBAQCJSdb4Uz/Zk95vqVfHqCPXsgzDK/KLYwsV6zVL5vei
rM3q2Vid2ybRwMtAGwtS09QDrc00EMDwOH1LJcyEs/z3I8o7/jS5xR+cWN2EG8o8
vxnUjbg6rNJth2Lmcc5mrPlpFSzs0tCzMntBGBzmnhWTgsPpiZ6ekkACMQWglJJW
1qr8z2+JvadXlnfEZuan/dAmNjv7z3kj0cVkQQYNoWzFbx1ZHVpvywXvImrT4Fh1
2mtaJANEtH52mAI0mL3mi/zxu0+zS9R25hMvIfNnoCmb+xkl1kVE4bR3LEOa/PEK
Q1l442Ffl/kd3Q5n6WV8QOAj0fEkKssjth5QucdzDf0K
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:51 2025 by rpki-client