Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/75b06d-6bcb-4b19-aebb-415845dc80fb/1/r5Tl8FZK_359mQAz5_71c6QsEr4.roa
File: r5Tl8FZK_359mQAz5_71c6QsEr4.roa (raw, json)
Hash identifier: bw0mkbca6ZCZwDsSt10mqa+pHFhQP/m6hZej8E74Pw8=
Subject key identifier: AF:94:E5:F0:56:4A:FF:7E:7D:99:00:33:E7:FE:F5:73:A4:2C:12:BE
Certificate issuer: /CN=6e63d6d312d65ee4ea28daf43afcc86eced4080f
Certificate serial: 019425FC42EB2EF533E3236DF956A9A01B9A
Authority key identifier: 6E:63:D6:D3:12:D6:5E:E4:EA:28:DA:F4:3A:FC:C8:6E:CE:D4:08:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bmPW0xLWXuTqKNr0OvzIbs7UCA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/75b06d-6bcb-4b19-aebb-415845dc80fb/1/r5Tl8FZK_359mQAz5_71c6QsEr4.roa
Signing time: Thu 02 Jan 2025 07:47:56 +0000
ROA not before: Thu 02 Jan 2025 07:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44032
IP address blocks: 81.162.224.0/24 maxlen: 24
81.162.225.0/24 maxlen: 24
81.162.226.0/24 maxlen: 24
81.162.227.0/24 maxlen: 24
81.162.228.0/24 maxlen: 24
81.162.229.0/24 maxlen: 24
81.162.230.0/24 maxlen: 24
81.162.231.0/24 maxlen: 24
81.162.232.0/24 maxlen: 24
81.162.233.0/24 maxlen: 24
81.162.234.0/24 maxlen: 24
81.162.235.0/24 maxlen: 24
81.162.236.0/24 maxlen: 24
81.162.237.0/24 maxlen: 24
81.162.238.0/24 maxlen: 24
81.162.239.0/24 maxlen: 24
81.162.241.0/24 maxlen: 24
81.162.242.0/24 maxlen: 24
81.162.243.0/24 maxlen: 24
81.162.244.0/24 maxlen: 24
81.162.245.0/24 maxlen: 24
81.162.246.0/24 maxlen: 24
81.162.247.0/24 maxlen: 24
81.162.248.0/24 maxlen: 24
81.162.249.0/24 maxlen: 24
81.162.250.0/24 maxlen: 24
81.162.251.0/24 maxlen: 24
81.162.252.0/24 maxlen: 24
81.162.253.0/24 maxlen: 24
81.162.254.0/24 maxlen: 24
81.162.255.0/24 maxlen: 24
195.2.236.0/24 maxlen: 24
195.2.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/75b06d-6bcb-4b19-aebb-415845dc80fb/1/bmPW0xLWXuTqKNr0OvzIbs7UCA8.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/75b06d-6bcb-4b19-aebb-415845dc80fb/1/bmPW0xLWXuTqKNr0OvzIbs7UCA8.mft
rsync://rpki.ripe.net/repository/DEFAULT/bmPW0xLWXuTqKNr0OvzIbs7UCA8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:42:eb:2e:f5:33:e3:23:6d:f9:56:a9:a0:1b:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e63d6d312d65ee4ea28daf43afcc86eced4080f
Validity
Not Before: Jan 2 07:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af94e5f0564aff7e7d990033e7fef573a42c12be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:d8:6e:f9:44:b7:ee:db:e4:fe:26:1d:3b:10:
08:15:50:ad:49:d1:ff:3d:af:28:c3:8d:6f:e8:9d:
ea:89:2d:2b:7f:a6:ac:09:22:12:a7:e9:a4:95:a3:
c9:a4:1b:0b:5a:d9:58:48:53:e8:ed:57:c7:98:17:
48:c3:6b:66:57:a6:81:39:ec:0a:59:8f:7c:6f:8a:
fc:f1:b2:8a:4b:94:85:f1:b2:e6:12:21:fb:22:90:
de:98:0c:8c:68:00:94:b8:f8:10:af:f0:52:20:0f:
e0:6f:e8:a9:2f:35:79:c0:b7:48:b1:8f:57:b7:09:
f2:9d:7c:16:73:82:71:25:35:09:98:d3:be:c6:2d:
bf:d7:70:85:b6:a5:f5:7f:d6:a1:f6:c3:7f:1e:2c:
2f:6b:cc:f4:99:69:73:94:f3:53:a2:93:ba:2b:16:
aa:c2:6e:fc:fa:c8:ce:d4:8a:64:e3:45:e7:c8:66:
e1:b8:4b:82:66:1e:34:c0:06:9f:a3:21:df:c0:1f:
dd:97:be:80:57:48:74:8e:f7:13:dc:8d:68:22:cf:
34:6a:45:47:45:60:eb:3a:b7:54:72:5d:19:28:7f:
29:08:b7:85:40:a9:04:44:d1:29:e1:83:a6:fd:83:
3c:14:52:58:e0:96:2c:89:f6:a3:9e:c1:40:8d:b3:
0f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:94:E5:F0:56:4A:FF:7E:7D:99:00:33:E7:FE:F5:73:A4:2C:12:BE
X509v3 Authority Key Identifier:
keyid:6E:63:D6:D3:12:D6:5E:E4:EA:28:DA:F4:3A:FC:C8:6E:CE:D4:08:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bmPW0xLWXuTqKNr0OvzIbs7UCA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/75b06d-6bcb-4b19-aebb-415845dc80fb/1/r5Tl8FZK_359mQAz5_71c6QsEr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/75b06d-6bcb-4b19-aebb-415845dc80fb/1/bmPW0xLWXuTqKNr0OvzIbs7UCA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.162.224.0/20
81.162.241.0-81.162.255.255
195.2.236.0/23
Signature Algorithm: sha256WithRSAEncryption
44:e5:fb:aa:01:7a:da:28:76:7d:3f:b2:01:38:bd:0f:63:b6:
6b:5d:ea:cc:aa:e4:7e:cb:ca:76:6a:9f:59:84:d9:3a:a7:9c:
0a:06:98:8b:b0:40:28:ce:e1:39:6a:24:da:91:fa:e5:e0:ba:
8c:d1:f8:71:c1:40:e9:9e:5c:f3:22:8b:21:83:05:f8:b0:32:
0f:91:2d:78:45:75:78:24:3e:99:46:a8:54:7f:3c:60:ed:c6:
dd:7c:fb:e8:03:e7:99:53:86:9f:a0:ec:38:70:86:67:d3:9b:
11:ae:9b:58:38:68:ef:36:a5:4a:ab:33:44:f5:c0:a7:eb:18:
f8:77:8a:44:7a:a6:46:d1:eb:8c:ab:53:9c:00:9e:0a:da:a8:
66:09:e3:e9:7d:a5:d2:e5:93:20:3e:29:cf:7e:64:e7:e8:87:
b0:5c:fe:cb:a1:43:7e:cf:d4:90:a8:87:d2:78:c5:67:57:e2:
6b:a2:eb:70:0d:5b:1d:ac:f9:34:bd:17:21:24:f6:6f:a7:9a:
12:9f:0a:84:4d:85:50:8b:99:31:3f:6a:79:16:72:8e:52:2c:
58:a5:3a:44:fa:cf:e9:e5:b2:ea:a9:10:20:20:25:e0:e4:9d:
56:81:c3:cf:50:3f:d4:36:e5:d3:87:79:e7:45:74:f4:7f:d4:
24:9f:bb:69
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZQl/ELrLvUz4yNt+VapoBuaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNjNkNmQzMTJkNjVlZTRlYTI4ZGFmNDNhZmNjODZlY2Vk
NDA4MGYwHhcNMjUwMTAyMDc0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjk0ZTVmMDU2NGFmZjdlN2Q5OTAwMzNlN2ZlZjU3M2E0MmMxMmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA79hu+US37tvk/iYdOxAIFVCtSdH/
Pa8ow41v6J3qiS0rf6asCSISp+mklaPJpBsLWtlYSFPo7VfHmBdIw2tmV6aBOewK
WY98b4r88bKKS5SF8bLmEiH7IpDemAyMaACUuPgQr/BSIA/gb+ipLzV5wLdIsY9X
twnynXwWc4JxJTUJmNO+xi2/13CFtqX1f9ah9sN/Hiwva8z0mWlzlPNTopO6Kxaq
wm78+sjO1Ipk40XnyGbhuEuCZh40wAafoyHfwB/dl76AV0h0jvcT3I1oIs80akVH
RWDrOrdUcl0ZKH8pCLeFQKkERNEp4YOm/YM8FFJY4JYsifajnsFAjbMP9wIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFK+U5fBWSv9+fZkAM+f+9XOkLBK+MB8GA1UdIwQY
MBaAFG5j1tMS1l7k6ija9Dr8yG7O1AgPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm1QVzB4TFdYdVRxS05yME92ekliczdVQ0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS83NWIwNmQtNmJjYi00YjE5LWFlYmIt
NDE1ODQ1ZGM4MGZiLzEvcjVUbDhGWktfMzU5bVFBejVfNzFjNlFzRXI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS83NWIwNmQtNmJjYi00YjE5LWFlYmItNDE1ODQ1ZGM4MGZi
LzEvYm1QVzB4TFdYdVRxS05yME92ekliczdVQ0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAATAZAwQEUaLgMAsD
BABRovEDAwBRogMEAcMC7DANBgkqhkiG9w0BAQsFAAOCAQEAROX7qgF62ih2fT+y
ATi9D2O2a13qzKrkfsvKdmqfWYTZOqecCgaYi7BAKM7hOWok2pH65eC6jNH4ccFA
6Z5c8yKLIYMF+LAyD5EteEV1eCQ+mUaoVH88YO3G3Xz76APnmVOGn6DsOHCGZ9Ob
Ea6bWDho7zalSqszRPXAp+sY+HeKRHqmRtHrjKtTnACeCtqoZgnj6X2l0uWTID4p
z35k5+iHsFz+y6FDfs/UkKiH0njFZ1fia6LrcA1bHaz5NL0XIST2b6eaEp8KhE2F
UIuZMT9qeRZyjlIsWKU6RPrP6eWy6qkQICAl4OSdVoHDz1A/1Dbl04d550V09H/U
JJ+7aQ==
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:00:16 2025 by rpki-client