Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/S5xlWD61ZlkKBvIdjcuXh70hU00.roa
File: S5xlWD61ZlkKBvIdjcuXh70hU00.roa (raw, json)
Hash identifier: acUk31YMeUIzj/C2hdmOvm4SydFnJz984QamvIyEhmQ=
Subject key identifier: 4B:9C:65:58:3E:B5:66:59:0A:06:F2:1D:8D:CB:97:87:BD:21:53:4D
Certificate issuer: /CN=05f3e160172ecc75c8cab1bae271be3ebf407a80
Certificate serial: 019421B249D6DE6843DBADC924732F394B55
Authority key identifier: 05:F3:E1:60:17:2E:CC:75:C8:CA:B1:BA:E2:71:BE:3E:BF:40:7A:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/S5xlWD61ZlkKBvIdjcuXh70hU00.roa
Signing time: Wed 01 Jan 2025 11:48:39 +0000
ROA not before: Wed 01 Jan 2025 11:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35831
IP address blocks: 83.245.79.0/24 maxlen: 24
89.167.181.0/24 maxlen: 24
89.167.228.0/24 maxlen: 24
89.167.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/BfPhYBcuzHXIyrG64nG-Pr9AeoA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/BfPhYBcuzHXIyrG64nG-Pr9AeoA.mft
rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 22:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:49:d6:de:68:43:db:ad:c9:24:73:2f:39:4b:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05f3e160172ecc75c8cab1bae271be3ebf407a80
Validity
Not Before: Jan 1 11:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b9c65583eb566590a06f21d8dcb9787bd21534d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:63:47:9a:f2:a1:17:65:c5:2a:8b:cb:dc:70:
5b:ac:7e:86:d9:d8:5a:1c:38:23:51:c3:e4:d1:41:
1e:b8:c4:7e:17:0d:50:e3:7d:38:d9:de:8f:5e:25:
19:57:8f:a6:1d:1d:d2:3b:fd:44:01:c4:dc:73:c2:
48:3b:d3:27:7e:8c:68:26:69:e0:fc:f1:d9:0c:4b:
4f:ce:80:4a:57:98:04:85:11:79:05:f4:27:cc:04:
10:89:3e:3d:3a:3d:c8:40:3d:aa:0d:58:db:1b:33:
80:3a:5c:28:b0:6b:c6:68:51:f3:70:1c:f0:b3:b1:
5f:f2:13:45:74:35:fb:7a:54:b4:a2:78:75:03:d0:
17:b9:68:f2:53:79:76:11:c6:dc:6c:b4:c1:37:08:
cd:8d:6d:e3:08:50:f1:60:a0:4a:b2:b5:f6:23:56:
e6:2e:08:f0:58:63:c4:f0:c6:0a:4d:12:2c:3a:4d:
5f:b5:be:d1:0a:4f:e4:a3:1a:c9:23:0c:d7:9a:95:
55:05:8f:8f:a4:e0:89:56:83:b3:f4:22:06:88:d3:
b4:1d:eb:c1:43:c8:dc:93:6d:b0:b1:7b:b7:bb:15:
d5:fa:4d:43:dd:10:16:f6:75:1c:33:2c:79:a0:46:
d8:0f:08:d4:d3:fb:9a:98:67:9f:06:67:c4:a1:73:
64:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:9C:65:58:3E:B5:66:59:0A:06:F2:1D:8D:CB:97:87:BD:21:53:4D
X509v3 Authority Key Identifier:
keyid:05:F3:E1:60:17:2E:CC:75:C8:CA:B1:BA:E2:71:BE:3E:BF:40:7A:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/S5xlWD61ZlkKBvIdjcuXh70hU00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/BfPhYBcuzHXIyrG64nG-Pr9AeoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.245.79.0/24
89.167.181.0/24
89.167.228.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:3c:de:92:da:50:3b:61:1a:c5:f3:93:42:65:39:4f:06:2b:
29:b7:ec:30:89:67:db:d6:7b:26:48:fe:95:97:2c:fe:d0:66:
02:92:76:fb:f9:aa:73:9f:bd:25:80:d0:ad:71:f3:e8:c4:74:
39:94:06:71:0d:eb:71:e7:e2:aa:e0:3d:df:3b:6d:8c:0e:56:
3f:c5:67:8d:c7:d7:34:2e:5d:1d:4d:37:74:ee:1a:79:01:2c:
2d:96:ef:21:a4:42:4d:60:f4:38:89:6b:70:3d:9c:37:fa:7e:
b8:d0:c3:8f:38:a7:88:45:00:49:23:66:4e:09:1a:21:74:1b:
20:b0:db:e2:6a:84:9b:56:a4:f4:dd:9e:2b:77:14:cd:9b:03:
2b:06:27:34:b3:0c:07:e0:03:75:c4:51:73:92:99:62:63:d9:
a7:38:67:50:2f:b6:82:3b:3c:92:52:51:47:7a:3c:7c:12:d7:
ae:65:11:25:a3:c3:29:fe:14:36:0e:c0:e6:35:94:01:b1:11:
c4:2f:b4:e2:5a:ea:dc:92:79:f1:ca:d0:67:dd:4b:42:2d:b0:
a8:da:10:b1:d9:14:15:21:8e:ba:b2:1b:17:ae:ce:6d:93:08:
13:70:ce:76:a1:1d:5c:69:75:27:76:b7:99:cd:c4:8f:55:18:
8d:de:95:90
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQhsknW3mhD263JJHMvOUtVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZjNlMTYwMTcyZWNjNzVjOGNhYjFiYWUyNzFiZTNlYmY0
MDdhODAwHhcNMjUwMTAxMTE0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjljNjU1ODNlYjU2NjU5MGEwNmYyMWQ4ZGNiOTc4N2JkMjE1MzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2NHmvKhF2XFKovL3HBbrH6G2dha
HDgjUcPk0UEeuMR+Fw1Q43042d6PXiUZV4+mHR3SO/1EAcTcc8JIO9MnfoxoJmng
/PHZDEtPzoBKV5gEhRF5BfQnzAQQiT49Oj3IQD2qDVjbGzOAOlwosGvGaFHzcBzw
s7Ff8hNFdDX7elS0onh1A9AXuWjyU3l2EcbcbLTBNwjNjW3jCFDxYKBKsrX2I1bm
LgjwWGPE8MYKTRIsOk1ftb7RCk/koxrJIwzXmpVVBY+PpOCJVoOz9CIGiNO0HevB
Q8jck22wsXu3uxXV+k1D3RAW9nUcMyx5oEbYDwjU0/uamGefBmfEoXNk2QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEucZVg+tWZZCgbyHY3Ll4e9IVNNMB8GA1UdIwQY
MBaAFAXz4WAXLsx1yMqxuuJxvj6/QHqAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmZQaFlCY3V6SFhJeXJHNjRuRy1QcjlBZW9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9hYThiNDYtOTY0NS00NjIwLTg0Nzkt
NWQ1NjA5ODljZjdiLzEvUzV4bFdENjFabGtLQnZJZGpjdVhoNzBoVTAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9hYThiNDYtOTY0NS00NjIwLTg0NzktNWQ1NjA5ODljZjdi
LzEvQmZQaFlCY3V6SFhJeXJHNjRuRy1QcjlBZW9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAU/VPAwQA
Wae1AwQBWafkMA0GCSqGSIb3DQEBCwUAA4IBAQAvPN6S2lA7YRrF85NCZTlPBisp
t+wwiWfb1nsmSP6Vlyz+0GYCknb7+apzn70lgNCtcfPoxHQ5lAZxDetx5+Kq4D3f
O22MDlY/xWeNx9c0Ll0dTTd07hp5ASwtlu8hpEJNYPQ4iWtwPZw3+n640MOPOKeI
RQBJI2ZOCRohdBsgsNviaoSbVqT03Z4rdxTNmwMrBic0swwH4AN1xFFzkpliY9mn
OGdQL7aCOzySUlFHejx8EteuZRElo8Mp/hQ2DsDmNZQBsRHEL7TiWurcknnxytBn
3UtCLbCo2hCx2RQVIY66shsXrs5tkwgTcM52oR1caXUndreZzcSPVRiN3pWQ
-----END CERTIFICATE-----
Generated at Wed Apr 9 06:11:28 2025 by rpki-client