Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/8cef6f-fe09-4ef6-8bf1-798ac4928ed6/1/M5_-d1GdbRA2RUGO5npOtRSNEB8.roa
File: M5_-d1GdbRA2RUGO5npOtRSNEB8.roa (raw, json)
Hash identifier: DYZ2j8UdvivRy1b6Q4G0ZdvY6U48+tpNnHP/gql8rCo=
Subject key identifier: 33:9F:FE:77:51:9D:6D:10:36:45:41:8E:E6:7A:4E:B5:14:8D:10:1F
Certificate issuer: /CN=b43a71ca60d74e45d2b9748ab1066529fd01337e
Certificate serial: 0194236952D1949F6F2C4D6F4DB684081775
Authority key identifier: B4:3A:71:CA:60:D7:4E:45:D2:B9:74:8A:B1:06:65:29:FD:01:33:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDpxymDXTkXSuXSKsQZlKf0BM34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/8cef6f-fe09-4ef6-8bf1-798ac4928ed6/1/M5_-d1GdbRA2RUGO5npOtRSNEB8.roa
Signing time: Wed 01 Jan 2025 19:48:12 +0000
ROA not before: Wed 01 Jan 2025 19:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62373
IP address blocks: 185.38.4.0/22 maxlen: 22
185.229.140.0/22 maxlen: 22
185.240.60.0/22 maxlen: 22
2a04:7501::/32 maxlen: 32
2a0c:7380::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/8cef6f-fe09-4ef6-8bf1-798ac4928ed6/1/tDpxymDXTkXSuXSKsQZlKf0BM34.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/8cef6f-fe09-4ef6-8bf1-798ac4928ed6/1/tDpxymDXTkXSuXSKsQZlKf0BM34.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDpxymDXTkXSuXSKsQZlKf0BM34.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 22:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:52:d1:94:9f:6f:2c:4d:6f:4d:b6:84:08:17:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b43a71ca60d74e45d2b9748ab1066529fd01337e
Validity
Not Before: Jan 1 19:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=339ffe77519d6d103645418ee67a4eb5148d101f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:69:d5:a4:65:cd:0b:10:8c:1d:e0:83:45:07:
c3:d9:d2:c4:d5:19:f0:15:57:a4:a9:aa:5a:47:81:
1b:16:92:5e:82:3d:e3:7c:32:5c:cc:27:02:34:50:
e3:4b:2e:ab:d9:a2:eb:b4:04:6b:a1:7c:c1:b5:13:
e5:f3:58:02:72:a0:a3:b5:c4:3e:28:d8:fb:2d:ff:
2b:44:d7:a9:25:fe:cc:a2:fd:e0:8c:3f:65:ba:a4:
cd:3a:f9:41:d5:52:61:7e:5c:be:91:24:d9:bc:9e:
33:01:8e:cc:11:93:0a:73:5f:9b:3b:60:9e:8a:c4:
9d:a1:6c:95:f3:0f:e7:9c:40:b8:67:bb:f3:d3:e9:
4b:bb:3f:58:d6:24:de:a4:01:17:7a:02:78:d6:5f:
10:a5:59:ed:23:0b:ac:ca:84:84:9a:8d:ad:2e:f3:
d8:14:f1:8f:2f:7b:78:70:54:22:1b:2a:ed:49:93:
5e:3c:1b:d0:41:cf:e5:7c:4a:cb:95:37:bb:60:4d:
1c:ad:8a:f7:a8:67:e6:db:26:5f:29:5e:f8:e8:a4:
a4:ef:fd:d4:cc:1b:1c:13:45:b6:da:3a:02:b9:37:
6e:8e:41:43:2c:d2:fe:85:c2:6c:0d:fe:f6:ee:80:
92:a1:2f:52:1a:e2:35:44:39:fe:d8:d9:d6:aa:84:
e5:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:9F:FE:77:51:9D:6D:10:36:45:41:8E:E6:7A:4E:B5:14:8D:10:1F
X509v3 Authority Key Identifier:
keyid:B4:3A:71:CA:60:D7:4E:45:D2:B9:74:8A:B1:06:65:29:FD:01:33:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDpxymDXTkXSuXSKsQZlKf0BM34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/8cef6f-fe09-4ef6-8bf1-798ac4928ed6/1/M5_-d1GdbRA2RUGO5npOtRSNEB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/8cef6f-fe09-4ef6-8bf1-798ac4928ed6/1/tDpxymDXTkXSuXSKsQZlKf0BM34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.4.0/22
185.229.140.0/22
185.240.60.0/22
IPv6:
2a04:7501::/32
2a0c:7380::/29
Signature Algorithm: sha256WithRSAEncryption
89:c1:a7:39:35:68:7a:d5:69:19:8d:7c:83:0d:ac:fd:b8:f6:
a8:b8:c3:5a:72:eb:e8:06:2c:75:aa:8b:82:23:12:d5:6e:50:
59:81:0c:11:94:a0:7c:bf:74:aa:d6:f7:83:17:b6:dd:69:9d:
a7:47:d9:bf:3c:db:aa:8d:76:50:0f:b5:45:85:5f:26:76:cd:
9a:48:c7:4a:ab:9b:04:c3:36:81:5b:55:7e:f2:a6:5f:7d:a1:
9f:83:36:f3:b7:7f:e4:2d:74:c0:99:7e:a5:1b:c4:5b:6c:ba:
63:1a:dc:24:73:2e:c1:4a:01:cb:3a:a1:d0:37:27:b9:b8:6c:
9d:93:1b:6d:0b:da:f0:33:85:91:0a:ff:bf:73:da:ff:c0:9a:
ea:6a:6a:19:3a:08:d1:eb:46:e1:7c:3e:9f:83:6d:e7:c4:04:
64:6f:3f:6e:31:33:c8:ed:ff:c9:e4:dd:9d:5a:59:5b:55:bd:
78:75:ba:26:83:2d:92:d1:00:f3:ff:e9:ae:9c:f1:5d:41:b6:
4c:03:05:4f:99:6e:ba:34:66:43:51:c3:c9:f9:3c:b4:77:26:
d9:71:04:55:d3:a6:71:f5:a0:53:17:64:ff:ee:58:5f:f9:53:
26:5a:0a:49:fd:34:16:d7:7b:4b:9c:b7:e6:fc:09:41:1c:3e:
99:4a:46:ca
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQjaVLRlJ9vLE1vTbaECBd1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0M2E3MWNhNjBkNzRlNDVkMmI5NzQ4YWIxMDY2NTI5ZmQw
MTMzN2UwHhcNMjUwMTAxMTk0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzlmZmU3NzUxOWQ2ZDEwMzY0NTQxOGVlNjdhNGViNTE0OGQxMDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWnVpGXNCxCMHeCDRQfD2dLE1Rnw
FVekqapaR4EbFpJegj3jfDJczCcCNFDjSy6r2aLrtARroXzBtRPl81gCcqCjtcQ+
KNj7Lf8rRNepJf7Mov3gjD9luqTNOvlB1VJhfly+kSTZvJ4zAY7MEZMKc1+bO2Ce
isSdoWyV8w/nnEC4Z7vz0+lLuz9Y1iTepAEXegJ41l8QpVntIwusyoSEmo2tLvPY
FPGPL3t4cFQiGyrtSZNePBvQQc/lfErLlTe7YE0crYr3qGfm2yZfKV746KSk7/3U
zBscE0W22joCuTdujkFDLNL+hcJsDf727oCSoS9SGuI1RDn+2NnWqoTlQwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFDOf/ndRnW0QNkVBjuZ6TrUUjRAfMB8GA1UdIwQY
MBaAFLQ6ccpg105F0rl0irEGZSn9ATN+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERweHltRFhUa1hTdVhTS3NRWmxLZjBCTTM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS84Y2VmNmYtZmUwOS00ZWY2LThiZjEt
Nzk4YWM0OTI4ZWQ2LzEvTTVfLWQxR2RiUkEyUlVHTzVucE90UlNORUI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS84Y2VmNmYtZmUwOS00ZWY2LThiZjEtNzk4YWM0OTI4ZWQ2
LzEvdERweHltRFhUa1hTdVhTS3NRWmxLZjBCTTM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCuSYEAwQC
ueWMAwQCufA8MBQEAgACMA4DBQAqBHUBAwUDKgxzgDANBgkqhkiG9w0BAQsFAAOC
AQEAicGnOTVoetVpGY18gw2s/bj2qLjDWnLr6AYsdaqLgiMS1W5QWYEMEZSgfL90
qtb3gxe23Wmdp0fZvzzbqo12UA+1RYVfJnbNmkjHSqubBMM2gVtVfvKmX32hn4M2
87d/5C10wJl+pRvEW2y6YxrcJHMuwUoByzqh0DcnubhsnZMbbQva8DOFkQr/v3Pa
/8Ca6mpqGToI0etG4Xw+n4Nt58QEZG8/bjEzyO3/yeTdnVpZW1W9eHW6JoMtktEA
8//prpzxXUG2TAMFT5luujRmQ1HDyfk8tHcm2XEEVdOmcfWgUxdk/+5YX/lTJloK
Sf00Ftd7S5y35vwJQRw+mUpGyg==
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:49:25 2025 by rpki-client