Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/KHg46KpwJnmv6hNomrXATVqpzV8.roa
File: KHg46KpwJnmv6hNomrXATVqpzV8.roa (raw, json)
Hash identifier: WJsuWbqQXojOAqeQ80N/VH6AOxmAzbUb+3keyWT7yfw=
Subject key identifier: 28:78:38:E8:AA:70:26:79:AF:EA:13:68:9A:B5:C0:4D:5A:A9:CD:5F
Certificate issuer: /CN=beb12ce6a91030e27d5abad146df27bc2880652b
Certificate serial: 0194252195BEF87304DD9226B1850F74B3CB
Authority key identifier: BE:B1:2C:E6:A9:10:30:E2:7D:5A:BA:D1:46:DF:27:BC:28:80:65:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/KHg46KpwJnmv6hNomrXATVqpzV8.roa
Signing time: Thu 02 Jan 2025 03:49:05 +0000
ROA not before: Thu 02 Jan 2025 03:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42705
IP address blocks: 5.11.20.0/24 maxlen: 24
5.11.23.0/24 maxlen: 24
193.186.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.mft
rsync://rpki.ripe.net/repository/DEFAULT/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:95:be:f8:73:04:dd:92:26:b1:85:0f:74:b3:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=beb12ce6a91030e27d5abad146df27bc2880652b
Validity
Not Before: Jan 2 03:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=287838e8aa702679afea13689ab5c04d5aa9cd5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:15:66:5f:93:3d:30:ab:f7:59:da:16:c9:d9:
3c:0c:9e:a5:01:bb:ad:c4:21:43:fe:c3:0c:52:18:
be:70:bf:8d:95:83:ac:98:05:10:26:f7:d9:b0:d7:
26:ad:04:54:17:b3:08:24:bb:03:48:90:17:db:ab:
bd:5d:c4:38:fe:96:2d:e8:fd:eb:36:63:c7:ec:0a:
e8:da:52:f8:47:4a:cd:6e:89:50:52:07:6a:7a:e6:
c4:2b:7e:9d:a6:63:15:8b:44:30:6b:c0:2b:84:01:
20:58:92:44:43:59:3b:85:fe:ce:c3:0d:f8:af:ba:
9a:a9:cc:f4:02:5c:19:b6:ce:00:e6:ad:8a:d2:f9:
62:a3:4d:06:ea:67:d9:84:3b:db:aa:4a:43:90:8a:
bd:cd:07:a8:5f:be:3f:0f:3c:81:0b:0e:50:e9:c4:
fc:71:f2:18:95:bf:fd:74:23:81:9d:a7:1a:c5:e7:
5c:f7:d3:9b:d1:cd:35:98:21:2d:19:be:07:ea:87:
cd:33:d3:ea:0a:35:0d:43:a9:8e:43:f0:37:1b:23:
b7:39:e9:8d:ba:e4:d8:48:9d:47:ac:cb:11:2a:2a:
ba:57:76:91:1e:4f:d9:78:e2:58:6b:f3:c3:f9:e4:
92:bc:8f:34:b0:f9:ae:6b:95:66:a9:3b:80:85:82:
0a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:78:38:E8:AA:70:26:79:AF:EA:13:68:9A:B5:C0:4D:5A:A9:CD:5F
X509v3 Authority Key Identifier:
keyid:BE:B1:2C:E6:A9:10:30:E2:7D:5A:BA:D1:46:DF:27:BC:28:80:65:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/KHg46KpwJnmv6hNomrXATVqpzV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.20.0/24
5.11.23.0/24
193.186.199.0/24
Signature Algorithm: sha256WithRSAEncryption
31:00:5a:32:cd:be:6c:a7:42:df:d3:68:5d:b9:9d:04:77:71:
fc:7f:96:83:23:d7:e9:23:fb:23:92:cd:b6:a7:91:55:5a:6a:
07:73:79:e8:d1:0c:94:88:21:ac:21:9c:0b:3e:17:e3:d9:a5:
76:6c:cf:ac:14:24:c1:e4:ca:a3:0a:7d:8f:de:9c:a3:04:94:
0f:db:90:ad:a5:55:94:88:b3:7d:3f:18:7c:11:cd:66:61:0a:
b5:5f:12:9b:cb:22:bb:37:14:94:a6:fa:32:7a:34:02:21:84:
c8:f6:eb:a9:ce:52:ba:10:cd:20:37:5a:de:41:4a:f3:65:be:
94:dc:aa:07:f4:38:e9:33:42:ad:50:46:f1:f0:7f:fa:ca:4b:
78:b9:af:8e:95:ca:64:d1:67:26:89:00:49:f3:ae:2e:76:66:
3c:73:1f:4d:72:d9:a5:37:3f:dd:9c:16:c9:94:ae:0e:46:c6:
7f:f7:81:0a:c0:4d:cc:3d:e1:c2:55:3b:b7:17:5e:80:40:5b:
26:09:08:2b:b6:ab:6f:38:76:aa:48:07:51:74:6a:f7:23:9d:
13:4f:29:b4:ac:f3:7a:d0:c0:90:f7:d8:ad:f5:42:94:a1:eb:
b0:1f:e5:83:23:60:3e:45:0c:69:f5:c1:b5:20:b5:12:f4:69:
32:0b:f8:48
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQlIZW++HME3ZImsYUPdLPLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlYjEyY2U2YTkxMDMwZTI3ZDVhYmFkMTQ2ZGYyN2JjMjg4
MDY1MmIwHhcNMjUwMTAyMDM0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODc4MzhlOGFhNzAyNjc5YWZlYTEzNjg5YWI1YzA0ZDVhYTljZDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRVmX5M9MKv3WdoWydk8DJ6lAbut
xCFD/sMMUhi+cL+NlYOsmAUQJvfZsNcmrQRUF7MIJLsDSJAX26u9XcQ4/pYt6P3r
NmPH7Aro2lL4R0rNbolQUgdqeubEK36dpmMVi0Qwa8ArhAEgWJJEQ1k7hf7Oww34
r7qaqcz0AlwZts4A5q2K0vlio00G6mfZhDvbqkpDkIq9zQeoX74/DzyBCw5Q6cT8
cfIYlb/9dCOBnacaxedc99Ob0c01mCEtGb4H6ofNM9PqCjUNQ6mOQ/A3GyO3OemN
uuTYSJ1HrMsRKiq6V3aRHk/ZeOJYa/PD+eSSvI80sPmua5VmqTuAhYIKXwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCh4OOiqcCZ5r+oTaJq1wE1aqc1fMB8GA1UdIwQY
MBaAFL6xLOapEDDifVq60UbfJ7wogGUrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnJFczVxa1FNT0o5V3JyUlJ0OG52Q2lBWlNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC83NDk0MGEtZDlmYS00NTUyLWJlNWMt
YTdhZGU0MzRkNDUxLzEvS0hnNDZLcHdKbm12NmhOb21yWEFUVnFwelY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC83NDk0MGEtZDlmYS00NTUyLWJlNWMtYTdhZGU0MzRkNDUx
LzEvdnJFczVxa1FNT0o5V3JyUlJ0OG52Q2lBWlNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABQsUAwQA
BQsXAwQAwbrHMA0GCSqGSIb3DQEBCwUAA4IBAQAxAFoyzb5sp0Lf02hduZ0Ed3H8
f5aDI9fpI/sjks22p5FVWmoHc3no0QyUiCGsIZwLPhfj2aV2bM+sFCTB5MqjCn2P
3pyjBJQP25CtpVWUiLN9Pxh8Ec1mYQq1XxKbyyK7NxSUpvoyejQCIYTI9uupzlK6
EM0gN1reQUrzZb6U3KoH9DjpM0KtUEbx8H/6ykt4ua+Olcpk0WcmiQBJ864udmY8
cx9NctmlNz/dnBbJlK4ORsZ/94EKwE3MPeHCVTu3F16AQFsmCQgrtqtvOHaqSAdR
dGr3I50TTym0rPN60MCQ99it9UKUoeuwH+WDI2A+RQxp9cG1ILUS9GkyC/hI
-----END CERTIFICATE-----
Generated at Sun Apr 13 10:10:10 2025 by rpki-client