Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/7ca2f2-bf13-4d18-a8dd-980511dc05ae/1/rs5a3rW2E-ThNoq2t8O4hGc6590.roa
File: rs5a3rW2E-ThNoq2t8O4hGc6590.roa (raw, json)
Hash identifier: YMDJkD8/KCkGFvxJ1si+V/dSXJflYLlhdawvNihd//w=
Subject key identifier: AE:CE:5A:DE:B5:B6:13:E4:E1:36:8A:B6:B7:C3:B8:84:67:3A:E7:DD
Certificate issuer: /CN=61d39d74b17e691dd1b05221c6098caf5ee93a36
Certificate serial: 019425FDB07F881FB68B61A8EACE02987B25
Authority key identifier: 61:D3:9D:74:B1:7E:69:1D:D1:B0:52:21:C6:09:8C:AF:5E:E9:3A:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YdOddLF-aR3RsFIhxgmMr17pOjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/7ca2f2-bf13-4d18-a8dd-980511dc05ae/1/rs5a3rW2E-ThNoq2t8O4hGc6590.roa
Signing time: Thu 02 Jan 2025 07:49:30 +0000
ROA not before: Thu 02 Jan 2025 07:49:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212253
IP address blocks: 185.222.22.0/24 maxlen: 24
2a12:e5c0::/46 maxlen: 48
2a12:e5c0:10::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/7ca2f2-bf13-4d18-a8dd-980511dc05ae/1/YdOddLF-aR3RsFIhxgmMr17pOjY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/7ca2f2-bf13-4d18-a8dd-980511dc05ae/1/YdOddLF-aR3RsFIhxgmMr17pOjY.mft
rsync://rpki.ripe.net/repository/DEFAULT/YdOddLF-aR3RsFIhxgmMr17pOjY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:b0:7f:88:1f:b6:8b:61:a8:ea:ce:02:98:7b:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61d39d74b17e691dd1b05221c6098caf5ee93a36
Validity
Not Before: Jan 2 07:49:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aece5adeb5b613e4e1368ab6b7c3b884673ae7dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e3:d5:47:8b:37:00:d6:9b:41:c6:bc:29:e0:
d9:ee:a7:51:77:9c:fd:f1:4d:04:f9:60:f4:5f:bc:
20:00:00:6b:75:80:eb:e4:c8:f2:da:1b:5a:4e:12:
15:ca:81:6b:0f:d4:a1:6e:71:f0:fc:bd:88:a3:e1:
af:a1:8b:8c:ff:22:b3:cd:17:80:22:b7:aa:85:62:
fe:12:ce:76:d0:37:dd:e5:58:d4:c9:a3:4f:af:ce:
df:65:92:b0:69:59:d4:8b:06:5d:8c:cf:89:b2:98:
55:8d:bf:9e:2e:7c:59:3d:ee:cc:5c:a9:d8:c7:a7:
c9:fb:1e:9b:d3:5a:13:9c:bd:cb:dd:85:73:49:7a:
67:4d:df:e4:bc:aa:3a:24:2a:fe:6a:f0:5b:fb:be:
ab:51:f6:e2:68:3b:4e:6a:63:f3:63:52:5e:6d:11:
61:82:dc:07:c3:27:0a:2a:ff:d4:f9:ad:5c:ec:e7:
c5:11:73:03:a5:f6:83:c8:09:23:25:fd:54:25:3c:
33:fa:99:12:3e:2e:79:79:18:af:7c:22:22:fb:0d:
73:f3:1f:f4:e2:5c:d4:37:c0:9f:0e:3a:01:33:ca:
df:6e:91:7d:e3:78:65:62:34:f6:75:97:9a:d5:12:
27:c4:61:30:14:46:0c:ac:d4:ba:a8:e3:19:71:a8:
fc:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:CE:5A:DE:B5:B6:13:E4:E1:36:8A:B6:B7:C3:B8:84:67:3A:E7:DD
X509v3 Authority Key Identifier:
keyid:61:D3:9D:74:B1:7E:69:1D:D1:B0:52:21:C6:09:8C:AF:5E:E9:3A:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YdOddLF-aR3RsFIhxgmMr17pOjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/7ca2f2-bf13-4d18-a8dd-980511dc05ae/1/rs5a3rW2E-ThNoq2t8O4hGc6590.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/7ca2f2-bf13-4d18-a8dd-980511dc05ae/1/YdOddLF-aR3RsFIhxgmMr17pOjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.22.0/24
IPv6:
2a12:e5c0::/46
2a12:e5c0:10::/46
Signature Algorithm: sha256WithRSAEncryption
51:c1:9c:31:c5:f1:1e:d4:3b:39:73:dc:91:9a:ad:fd:a7:a5:
86:b8:db:e5:25:a5:19:60:6a:02:57:95:6b:e7:52:97:32:c0:
ae:e2:19:b4:ad:17:70:7c:81:23:e4:f2:9c:65:83:89:9a:05:
cb:16:cc:07:4b:ff:63:ca:e6:4d:59:84:be:05:06:05:4c:36:
e9:58:4c:00:37:8b:be:80:70:56:ef:d8:a5:f0:87:43:d5:79:
5d:28:97:d2:66:1e:8c:ef:e3:4e:c5:ee:fd:67:da:ed:57:c8:
5c:4a:81:e6:75:0f:fe:d2:3e:20:8e:32:e0:bf:7f:6f:a3:24:
c5:73:01:75:64:db:69:0d:c1:34:94:36:cb:00:e4:e9:ee:7e:
21:df:65:76:81:96:2e:42:1f:83:10:d1:f7:52:1b:e8:a8:1d:
b7:41:da:51:42:4e:d5:7d:05:6a:57:f8:1e:b8:1d:23:67:f3:
02:4a:04:24:10:8d:47:71:c7:fd:ac:71:e8:eb:b0:e7:42:d2:
98:80:04:dd:c4:be:53:ae:91:34:0a:ed:92:47:70:c5:9d:da:
9e:27:6a:75:40:e3:91:04:8a:32:4f:5c:bb:6c:59:d0:52:67:
4b:56:cf:f5:7d:e6:db:63:a0:3d:72:89:d4:8f:45:ed:ba:60:
6d:81:e7:0a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQl/bB/iB+2i2Go6s4CmHslMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxZDM5ZDc0YjE3ZTY5MWRkMWIwNTIyMWM2MDk4Y2FmNWVl
OTNhMzYwHhcNMjUwMTAyMDc0OTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWNlNWFkZWI1YjYxM2U0ZTEzNjhhYjZiN2MzYjg4NDY3M2FlN2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0OPVR4s3ANabQca8KeDZ7qdRd5z9
8U0E+WD0X7wgAABrdYDr5Mjy2htaThIVyoFrD9ShbnHw/L2Io+GvoYuM/yKzzReA
IreqhWL+Es520Dfd5VjUyaNPr87fZZKwaVnUiwZdjM+JsphVjb+eLnxZPe7MXKnY
x6fJ+x6b01oTnL3L3YVzSXpnTd/kvKo6JCr+avBb+76rUfbiaDtOamPzY1JebRFh
gtwHwycKKv/U+a1c7OfFEXMDpfaDyAkjJf1UJTwz+pkSPi55eRivfCIi+w1z8x/0
4lzUN8CfDjoBM8rfbpF943hlYjT2dZea1RInxGEwFEYMrNS6qOMZcaj8XwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFK7OWt61thPk4TaKtrfDuIRnOufdMB8GA1UdIwQY
MBaAFGHTnXSxfmkd0bBSIcYJjK9e6To2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWRPZGRMRi1hUjNSc0ZJaHhnbU1yMTdwT2pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS83Y2EyZjItYmYxMy00ZDE4LWE4ZGQt
OTgwNTExZGMwNWFlLzEvcnM1YTNyVzJFLVRoTm9xMnQ4TzRoR2M2NTkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS83Y2EyZjItYmYxMy00ZDE4LWE4ZGQtOTgwNTExZGMwNWFl
LzEvWWRPZGRMRi1hUjNSc0ZJaHhnbU1yMTdwT2pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAud4WMBgE
AgACMBIDBwIqEuXAAAADBwIqEuXAABAwDQYJKoZIhvcNAQELBQADggEBAFHBnDHF
8R7UOzlz3JGarf2npYa42+UlpRlgagJXlWvnUpcywK7iGbStF3B8gSPk8pxlg4ma
BcsWzAdL/2PK5k1ZhL4FBgVMNulYTAA3i76AcFbv2KXwh0PVeV0ol9JmHozv407F
7v1n2u1XyFxKgeZ1D/7SPiCOMuC/f2+jJMVzAXVk22kNwTSUNssA5OnufiHfZXaB
li5CH4MQ0fdSG+ioHbdB2lFCTtV9BWpX+B64HSNn8wJKBCQQjUdxx/2scejrsOdC
0piABN3EvlOukTQK7ZJHcMWd2p4nanVA45EEijJPXLtsWdBSZ0tWz/V95ttjoD1y
idSPRe26YG2B5wo=
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:00:38 2025 by rpki-client