Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/3343d2-5253-4243-a01f-587fc84acefe/1/5XEV-gEMIErGK0axVAW_a3kFgdQ.roa
File: 5XEV-gEMIErGK0axVAW_a3kFgdQ.roa (raw, json)
Hash identifier: zrBYoY+XDrWBTYUlEabBJW1Q13TMvp0kauzANBjQtoQ=
Subject key identifier: E5:71:15:FA:01:0C:20:4A:C6:2B:46:B1:54:05:BF:6B:79:05:81:D4
Certificate issuer: /CN=bf56ba98c6745a63026d78fc284722399d2eb849
Certificate serial: 0194258F0E80B96DA4477D718B79188908F2
Authority key identifier: BF:56:BA:98:C6:74:5A:63:02:6D:78:FC:28:47:22:39:9D:2E:B8:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v1a6mMZ0WmMCbXj8KEciOZ0uuEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/3343d2-5253-4243-a01f-587fc84acefe/1/5XEV-gEMIErGK0axVAW_a3kFgdQ.roa
Signing time: Thu 02 Jan 2025 05:48:39 +0000
ROA not before: Thu 02 Jan 2025 05:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50959
IP address blocks: 45.15.43.0/24 maxlen: 24
91.216.134.0/24 maxlen: 24
2a07:4900::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/3343d2-5253-4243-a01f-587fc84acefe/1/v1a6mMZ0WmMCbXj8KEciOZ0uuEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/3343d2-5253-4243-a01f-587fc84acefe/1/v1a6mMZ0WmMCbXj8KEciOZ0uuEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/v1a6mMZ0WmMCbXj8KEciOZ0uuEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:0e:80:b9:6d:a4:47:7d:71:8b:79:18:89:08:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf56ba98c6745a63026d78fc284722399d2eb849
Validity
Not Before: Jan 2 05:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e57115fa010c204ac62b46b15405bf6b790581d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ed:a0:1f:67:55:63:33:80:78:80:21:14:66:
da:8b:b9:c7:17:d1:77:f6:09:7e:cb:01:dd:25:e1:
e0:05:e5:af:de:88:f8:76:32:47:1f:4f:16:78:b5:
6c:4e:e9:c0:49:4d:4d:26:4b:d1:16:26:af:3c:32:
47:4b:a6:ac:96:90:8d:f5:d0:d7:c8:01:fa:ee:d7:
7d:9c:dd:25:67:25:8b:4a:07:03:72:9c:07:81:2a:
ab:40:04:5e:45:08:bc:98:0d:fd:a2:96:64:3e:33:
fb:b8:c3:d7:c4:91:cf:26:cb:7e:06:ba:81:38:dd:
cc:fa:38:3d:01:51:0d:04:dc:f0:b8:93:31:b7:28:
74:e4:0f:65:fa:c5:a4:2e:e1:e6:ef:0d:95:4a:38:
9d:7b:92:07:72:95:e7:a4:85:31:5d:3b:13:00:e2:
9d:72:54:50:14:90:10:1e:dc:04:0a:3f:3b:00:bb:
af:ac:99:54:52:a5:5d:d3:6d:7e:b0:6d:91:8c:25:
66:c6:73:34:11:b3:4f:e2:65:2e:f6:50:b8:cd:d1:
11:eb:5c:75:29:3d:e9:35:62:34:44:bc:93:1d:4b:
8c:53:51:7b:0f:0f:88:e0:dc:07:c3:cc:72:1b:6a:
bc:6d:30:da:c5:3f:0e:30:af:24:58:66:5d:3b:69:
9b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:71:15:FA:01:0C:20:4A:C6:2B:46:B1:54:05:BF:6B:79:05:81:D4
X509v3 Authority Key Identifier:
keyid:BF:56:BA:98:C6:74:5A:63:02:6D:78:FC:28:47:22:39:9D:2E:B8:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v1a6mMZ0WmMCbXj8KEciOZ0uuEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/3343d2-5253-4243-a01f-587fc84acefe/1/5XEV-gEMIErGK0axVAW_a3kFgdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/3343d2-5253-4243-a01f-587fc84acefe/1/v1a6mMZ0WmMCbXj8KEciOZ0uuEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.43.0/24
91.216.134.0/24
IPv6:
2a07:4900::/29
Signature Algorithm: sha256WithRSAEncryption
52:2e:41:c1:88:e9:37:3e:6b:2f:3e:69:1f:a1:22:f0:8f:9c:
ae:7b:ea:85:ac:47:7a:a2:57:c0:df:16:f3:e1:91:d9:64:e2:
27:1a:7f:36:a4:49:78:dd:ad:b2:93:9b:b9:c5:b1:a0:6d:1e:
31:12:6e:bd:2f:69:b6:2e:4d:9b:34:ef:ec:6f:0e:18:62:9d:
c6:af:e2:41:d3:c4:2e:a3:7c:e2:14:c4:95:5f:67:68:b1:ff:
ac:42:98:13:1b:7b:be:a8:e4:4c:a8:35:b8:f9:3e:36:99:9b:
f7:56:7d:1d:bb:16:4a:ab:ae:54:03:51:61:5a:e0:80:6a:f4:
07:38:ec:25:08:30:76:3d:60:df:0d:49:60:53:c3:47:0b:bd:
fe:b5:d3:be:5c:1f:54:0e:ba:50:f2:60:db:bd:e4:55:07:36:
3f:76:9c:2a:64:3c:ac:5f:0a:82:55:e5:23:31:1b:36:31:53:
93:ff:ff:eb:75:7d:2f:eb:a3:27:1c:8c:8b:2e:d0:39:1d:c4:
c3:15:2b:6d:c7:85:db:f4:c7:ae:f4:74:6e:d4:37:82:ef:19:
ed:0a:87:65:67:be:eb:23:27:71:ed:6c:5b:b1:be:0f:6d:61:
09:34:4e:da:47:aa:0d:bc:4c:b4:ad:0a:36:59:23:7d:cb:53:
46:06:f2:3a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQljw6AuW2kR31xi3kYiQjyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNTZiYTk4YzY3NDVhNjMwMjZkNzhmYzI4NDcyMjM5OWQy
ZWI4NDkwHhcNMjUwMTAyMDU0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTcxMTVmYTAxMGMyMDRhYzYyYjQ2YjE1NDA1YmY2Yjc5MDU4MWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxu2gH2dVYzOAeIAhFGbai7nHF9F3
9gl+ywHdJeHgBeWv3oj4djJHH08WeLVsTunASU1NJkvRFiavPDJHS6aslpCN9dDX
yAH67td9nN0lZyWLSgcDcpwHgSqrQAReRQi8mA39opZkPjP7uMPXxJHPJst+BrqB
ON3M+jg9AVENBNzwuJMxtyh05A9l+sWkLuHm7w2VSjide5IHcpXnpIUxXTsTAOKd
clRQFJAQHtwECj87ALuvrJlUUqVd021+sG2RjCVmxnM0EbNP4mUu9lC4zdER61x1
KT3pNWI0RLyTHUuMU1F7Dw+I4NwHw8xyG2q8bTDaxT8OMK8kWGZdO2mbQwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOVxFfoBDCBKxitGsVQFv2t5BYHUMB8GA1UdIwQY
MBaAFL9WupjGdFpjAm14/ChHIjmdLrhJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjFhNm1NWjBXbU1DYlhqOEtFY2lPWjB1dUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy8zMzQzZDItNTI1My00MjQzLWEwMWYt
NTg3ZmM4NGFjZWZlLzEvNVhFVi1nRU1JRXJHSzBheFZBV19hM2tGZ2RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy8zMzQzZDItNTI1My00MjQzLWEwMWYtNTg3ZmM4NGFjZWZl
LzEvdjFhNm1NWjBXbU1DYlhqOEtFY2lPWjB1dUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALQ8rAwQA
W9iGMA0EAgACMAcDBQMqB0kAMA0GCSqGSIb3DQEBCwUAA4IBAQBSLkHBiOk3Pmsv
PmkfoSLwj5yue+qFrEd6olfA3xbz4ZHZZOInGn82pEl43a2yk5u5xbGgbR4xEm69
L2m2Lk2bNO/sbw4YYp3Gr+JB08Quo3ziFMSVX2dosf+sQpgTG3u+qORMqDW4+T42
mZv3Vn0duxZKq65UA1FhWuCAavQHOOwlCDB2PWDfDUlgU8NHC73+tdO+XB9UDrpQ
8mDbveRVBzY/dpwqZDysXwqCVeUjMRs2MVOT///rdX0v66MnHIyLLtA5HcTDFStt
x4Xb9Meu9HRu1DeC7xntCodlZ77rIydx7Wxbsb4PbWEJNE7aR6oNvEy0rQo2WSN9
y1NGBvI6
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:26 2025 by rpki-client