Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/g5Uoag6M4vCu7dJYWVycSYm4rUU.roa
File: g5Uoag6M4vCu7dJYWVycSYm4rUU.roa (raw, json)
Hash identifier: Ngolk11LXJPCpKR9MzzdDkX8Nba8dwgngUE2uQJceUA=
Subject key identifier: 83:95:28:6A:0E:8C:E2:F0:AE:ED:D2:58:59:5C:9C:49:89:B8:AD:45
Certificate issuer: /CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Certificate serial: 019422FB816FB332671BD8E46194DB424332
Authority key identifier: B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/g5Uoag6M4vCu7dJYWVycSYm4rUU.roa
Signing time: Wed 01 Jan 2025 17:48:15 +0000
ROA not before: Wed 01 Jan 2025 17:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 185.129.18.0/24 maxlen: 24
185.129.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/tKIIXH3jtZgha4n7Dysdkw3mbBk.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/tKIIXH3jtZgha4n7Dysdkw3mbBk.mft
rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 08:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:81:6f:b3:32:67:1b:d8:e4:61:94:db:42:43:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Validity
Not Before: Jan 1 17:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8395286a0e8ce2f0aeedd258595c9c4989b8ad45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:bd:78:12:dd:96:c8:e0:ca:a4:10:18:cd:ff:
9c:55:ca:fd:b8:81:1a:35:38:5e:c7:87:31:db:ca:
19:e8:d4:f3:5f:c4:29:a0:63:fc:ed:7b:c1:dc:b5:
40:e5:68:33:a0:13:29:28:e2:2b:ca:f9:cc:17:60:
92:27:8c:dc:e5:3b:d9:ef:cc:b4:cf:e6:96:3c:20:
99:e5:c7:f2:80:4b:93:77:5d:4d:52:ef:b3:c9:f4:
09:49:a0:8b:3b:a7:3a:a1:ef:8f:95:ce:71:5a:c2:
15:33:a1:98:03:fd:7f:45:ba:52:22:b9:62:7c:0e:
8f:ae:ee:92:20:79:3d:76:36:3b:58:ae:d2:0e:f9:
94:64:0f:c5:92:e4:ab:48:b2:f6:a4:27:07:3c:b0:
ae:40:11:3b:15:9a:6b:ac:84:58:13:4e:aa:b0:c5:
6b:9c:5e:3e:43:40:77:98:b3:8d:4d:79:ea:50:fb:
b6:d7:55:27:6f:ff:41:c7:21:77:43:ea:ba:98:9b:
d2:5f:a4:0b:95:6c:fa:e2:60:be:85:ff:f7:e1:c5:
74:56:d5:b0:62:0e:08:4f:39:74:6e:d8:d6:ec:93:
34:29:9c:be:64:a0:a0:73:0a:16:21:b4:fb:fb:5e:
03:56:cc:41:7a:db:27:20:07:ec:2b:57:1f:4e:26:
60:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:95:28:6A:0E:8C:E2:F0:AE:ED:D2:58:59:5C:9C:49:89:B8:AD:45
X509v3 Authority Key Identifier:
keyid:B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/g5Uoag6M4vCu7dJYWVycSYm4rUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/tKIIXH3jtZgha4n7Dysdkw3mbBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.18.0/23
Signature Algorithm: sha256WithRSAEncryption
10:b9:58:7b:ef:ce:0c:40:83:28:e7:bf:52:c5:18:40:bb:c0:
ce:6e:ff:22:b6:4e:a1:50:e5:3f:dd:32:dc:06:16:11:e0:6d:
70:9a:e7:59:a1:d0:be:82:fd:e8:c9:04:db:8b:99:4a:f4:24:
c2:9c:fe:57:78:9f:d2:05:7a:53:76:7f:15:1f:94:4e:8c:46:
c8:3b:cf:26:49:8d:44:0e:c8:c4:c5:02:5a:b1:f9:3b:a6:ea:
14:f8:bf:3c:10:37:1d:d8:de:cb:fd:88:11:67:88:e0:e1:25:
ca:6c:ed:45:f2:62:89:5b:a2:4d:14:33:d7:09:e6:a1:bc:41:
90:ba:53:15:4e:ef:9e:3d:24:c7:ad:68:ed:04:95:aa:f5:9b:
dc:f2:d5:1a:07:61:f8:4d:ac:aa:75:86:24:a0:29:d0:c7:c0:
bc:ca:dd:39:87:5e:8d:ae:7b:6b:72:79:1c:10:eb:87:77:8e:
4d:24:d9:f8:2d:07:d5:2e:00:ac:ae:af:e2:c7:42:b7:b1:c2:
e5:c9:35:ae:61:65:40:18:ff:bd:ab:8d:9b:bf:f7:e7:7b:5e:
e2:4c:a7:1c:05:59:71:2e:8f:2e:68:44:b7:ce:59:48:36:0c:
81:f8:6b:9f:b7:ad:30:ed:78:2d:2a:28:e6:57:0d:f3:dc:e4:
ec:bf:e9:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+4FvszJnG9jkYZTbQkMyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTIwODVjN2RlM2I1OTgyMTZiODlmYjBmMmIxZDkzMGRl
NjZjMTkwHhcNMjUwMTAxMTc0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mzk1Mjg2YTBlOGNlMmYwYWVlZGQyNTg1OTVjOWM0OTg5YjhhZDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1r14Et2WyODKpBAYzf+cVcr9uIEa
NThex4cx28oZ6NTzX8QpoGP87XvB3LVA5WgzoBMpKOIryvnMF2CSJ4zc5TvZ78y0
z+aWPCCZ5cfygEuTd11NUu+zyfQJSaCLO6c6oe+Plc5xWsIVM6GYA/1/RbpSIrli
fA6Pru6SIHk9djY7WK7SDvmUZA/FkuSrSLL2pCcHPLCuQBE7FZprrIRYE06qsMVr
nF4+Q0B3mLONTXnqUPu211Unb/9BxyF3Q+q6mJvSX6QLlWz64mC+hf/34cV0VtWw
Yg4ITzl0btjW7JM0KZy+ZKCgcwoWIbT7+14DVsxBetsnIAfsK1cfTiZg/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIOVKGoOjOLwru3SWFlcnEmJuK1FMB8GA1UdIwQY
MBaAFLSiCFx947WYIWuJ+w8rHZMN5mwZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtJSVhIM2p0WmdoYTRuN0R5c2RrdzNtYkJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNjUxM2QtMmQ1My00MDIyLTgzNjAt
MzExNzk4OTYwMWFkLzEvZzVVb2FnNk00dkN1N2RKWVdWeWNTWW00clVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNjUxM2QtMmQ1My00MDIyLTgzNjAtMzExNzk4OTYwMWFk
LzEvdEtJSVhIM2p0WmdoYTRuN0R5c2RrdzNtYkJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuYESMA0G
CSqGSIb3DQEBCwUAA4IBAQAQuVh7784MQIMo579SxRhAu8DObv8itk6hUOU/3TLc
BhYR4G1wmudZodC+gv3oyQTbi5lK9CTCnP5XeJ/SBXpTdn8VH5ROjEbIO88mSY1E
DsjExQJasfk7puoU+L88EDcd2N7L/YgRZ4jg4SXKbO1F8mKJW6JNFDPXCeahvEGQ
ulMVTu+ePSTHrWjtBJWq9Zvc8tUaB2H4TayqdYYkoCnQx8C8yt05h16Nrntrcnkc
EOuHd45NJNn4LQfVLgCsrq/ix0K3scLlyTWuYWVAGP+9q42bv/fne17iTKccBVlx
Lo8uaES3zllINgyB+Guft60w7XgtKijmVw3z3OTsv+mH
-----END CERTIFICATE-----
Generated at Thu Apr 10 16:01:35 2025 by rpki-client