Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/Ap3gL9Yp7uumyoe2yxrwjvNZDxk.roa
File: Ap3gL9Yp7uumyoe2yxrwjvNZDxk.roa (raw, json)
Hash identifier: wudrm+gdegSTau2jZcPXyXW7DUxfSyZ4WVu/YKmSW1A=
Subject key identifier: 02:9D:E0:2F:D6:29:EE:EB:A6:CA:87:B6:CB:1A:F0:8E:F3:59:0F:19
Certificate issuer: /CN=d6e2694652aa298511edafbe18d2b1cdbc792638
Certificate serial: 019420D666236AF68882E3860D13866FB79D
Authority key identifier: D6:E2:69:46:52:AA:29:85:11:ED:AF:BE:18:D2:B1:CD:BC:79:26:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/Ap3gL9Yp7uumyoe2yxrwjvNZDxk.roa
Signing time: Wed 01 Jan 2025 07:48:29 +0000
ROA not before: Wed 01 Jan 2025 07:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60256
IP address blocks: 5.145.112.0/23 maxlen: 23
5.145.113.0/24 maxlen: 24
5.145.118.0/24 maxlen: 24
5.145.119.0/24 maxlen: 24
2a04:2f00:1::/48 maxlen: 48
2a04:2f00:2::/48 maxlen: 48
2a04:2f01:1::/48 maxlen: 48
2a04:2f01:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/1uJpRlKqKYUR7a--GNKxzbx5Jjg.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/1uJpRlKqKYUR7a--GNKxzbx5Jjg.mft
rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:66:23:6a:f6:88:82:e3:86:0d:13:86:6f:b7:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6e2694652aa298511edafbe18d2b1cdbc792638
Validity
Not Before: Jan 1 07:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=029de02fd629eeeba6ca87b6cb1af08ef3590f19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:46:7c:d1:5c:17:63:aa:1c:d7:d0:e2:d9:06:
eb:97:6c:19:77:bc:c2:48:36:52:82:17:46:4d:64:
f6:d2:41:a1:f9:db:b2:af:26:50:95:6a:ae:52:f8:
47:a6:c7:e3:1c:40:03:b9:7b:96:b0:71:fe:0d:68:
0a:7f:b6:81:ca:a7:73:23:a6:b6:5f:cf:08:24:20:
11:07:25:ad:05:26:b0:69:e4:22:3a:bd:0c:df:52:
52:f7:1b:59:9f:ac:53:04:43:04:84:27:2c:93:8c:
25:b9:bf:b7:0f:00:10:7b:0a:1c:5f:a3:f8:5c:78:
95:d4:f6:3b:2a:f8:46:b8:40:4e:08:06:c9:6e:e7:
43:b9:bf:da:fa:30:d9:f3:d6:8e:25:e1:b6:d4:eb:
81:9d:4c:fa:89:ab:89:4c:ba:10:df:e5:d2:34:76:
e5:fd:30:26:5f:e1:8e:6b:80:bd:28:6b:11:1b:47:
46:14:16:b6:12:5c:03:f8:a4:11:62:33:77:63:35:
5d:11:25:db:43:82:1a:2e:2a:bc:ac:18:97:41:4b:
1f:8e:0e:59:a3:90:0e:8b:a4:a5:52:23:83:68:5c:
b2:e4:63:fe:98:ff:81:03:a4:b5:8c:d7:24:0e:98:
25:5c:ad:1b:85:58:4b:ee:11:12:fb:6e:72:2d:ab:
9c:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:9D:E0:2F:D6:29:EE:EB:A6:CA:87:B6:CB:1A:F0:8E:F3:59:0F:19
X509v3 Authority Key Identifier:
keyid:D6:E2:69:46:52:AA:29:85:11:ED:AF:BE:18:D2:B1:CD:BC:79:26:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/Ap3gL9Yp7uumyoe2yxrwjvNZDxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/1uJpRlKqKYUR7a--GNKxzbx5Jjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.112.0/23
5.145.118.0/23
IPv6:
2a04:2f00:1::-2a04:2f00:2:ffff:ffff:ffff:ffff:ffff
2a04:2f01:1::-2a04:2f01:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
8e:2b:6f:7c:93:a9:82:44:88:30:16:28:c5:69:41:9a:0b:be:
d6:49:1d:4c:fb:7c:f6:45:39:4a:8c:cc:d1:a5:ae:2e:65:6c:
24:17:01:81:97:97:9b:f8:d8:0d:55:d5:7f:1c:da:9c:10:a1:
69:10:96:ba:f5:ca:d6:e8:9b:6f:f3:6f:e6:5e:7b:a7:03:82:
01:c2:f8:87:02:9c:18:ae:af:52:84:e9:c9:0f:1f:bb:26:26:
66:9f:f2:35:59:64:10:c6:7a:01:10:2c:3b:30:8b:eb:af:b9:
ca:f6:ab:f9:18:73:ba:5e:31:f0:fa:3f:91:68:53:32:6d:8c:
72:6f:ee:58:41:ca:bf:18:ae:64:83:83:2d:96:fb:f8:5a:4c:
20:48:3b:7f:e0:ca:f3:c4:23:e4:ca:2e:15:5c:8f:4d:4c:3a:
69:54:06:c4:7c:c8:af:fb:1d:64:5d:ad:e0:92:30:ed:9a:9b:
4d:26:f5:8a:24:d6:ad:86:4a:05:10:07:23:56:05:a8:73:a8:
d0:2f:44:5b:ab:b5:31:a8:ba:63:2b:18:eb:80:9f:73:ec:79:
ca:15:3e:59:ee:6c:1a:8f:fc:01:6c:2a:6e:48:b8:28:28:a7:
b3:bd:5b:a9:ed:f2:dc:39:f0:cc:35:44:4b:c3:ed:0a:9f:f1:
a9:17:e3:8c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZQg1mYjavaIguOGDROGb7edMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZTI2OTQ2NTJhYTI5ODUxMWVkYWZiZTE4ZDJiMWNkYmM3
OTI2MzgwHhcNMjUwMTAxMDc0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjlkZTAyZmQ2MjllZWViYTZjYTg3YjZjYjFhZjA4ZWYzNTkwZjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkZ80VwXY6oc19Di2Qbrl2wZd7zC
SDZSghdGTWT20kGh+duyryZQlWquUvhHpsfjHEADuXuWsHH+DWgKf7aByqdzI6a2
X88IJCARByWtBSawaeQiOr0M31JS9xtZn6xTBEMEhCcsk4wlub+3DwAQewocX6P4
XHiV1PY7KvhGuEBOCAbJbudDub/a+jDZ89aOJeG21OuBnUz6iauJTLoQ3+XSNHbl
/TAmX+GOa4C9KGsRG0dGFBa2ElwD+KQRYjN3YzVdESXbQ4IaLiq8rBiXQUsfjg5Z
o5AOi6SlUiODaFyy5GP+mP+BA6S1jNckDpglXK0bhVhL7hES+25yLaucTQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFAKd4C/WKe7rpsqHtssa8I7zWQ8ZMB8GA1UdIwQY
MBaAFNbiaUZSqimFEe2vvhjSsc28eSY4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXVKcFJsS3FLWVVSN2EtLUdOS3h6Yng1SmpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC84Y2M1MDYtN2U3MS00NzA1LWEyODkt
YjQyMzY0ODk1MDgzLzEvQXAzZ0w5WXA3dXVteW9lMnl4cndqdk5aRHhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC84Y2M1MDYtN2U3MS00NzA1LWEyODktYjQyMzY0ODk1MDgz
LzEvMXVKcFJsS3FLWVVSN2EtLUdOS3h6Yng1SmpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDASBAIAATAMAwQBBZFwAwQB
BZF2MC4EAgACMCgwEgMHACoELwAAAQMHACoELwAAAjASAwcAKgQvAQABAwcAKgQv
AQACMA0GCSqGSIb3DQEBCwUAA4IBAQCOK298k6mCRIgwFijFaUGaC77WSR1M+3z2
RTlKjMzRpa4uZWwkFwGBl5eb+NgNVdV/HNqcEKFpEJa69crW6Jtv82/mXnunA4IB
wviHApwYrq9ShOnJDx+7JiZmn/I1WWQQxnoBECw7MIvrr7nK9qv5GHO6XjHw+j+R
aFMybYxyb+5YQcq/GK5kg4Mtlvv4WkwgSDt/4MrzxCPkyi4VXI9NTDppVAbEfMiv
+x1kXa3gkjDtmptNJvWKJNathkoFEAcjVgWoc6jQL0Rbq7UxqLpjKxjrgJ9z7HnK
FT5Z7mwaj/wBbCpuSLgoKKezvVup7fLcOfDMNURLw+0Kn/GpF+OM
-----END CERTIFICATE-----
Generated at Fri Apr 18 18:25:59 2025 by rpki-client