Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/svn5qGrzwkwprTn6parcyTvhbAo.roa
File: svn5qGrzwkwprTn6parcyTvhbAo.roa (raw, json)
Hash identifier: /W0ZX7Qy3yFb8g6EosJAqdHBnY5DD0AAIXPV5XPQQ5A=
Subject key identifier: B2:F9:F9:A8:6A:F3:C2:4C:29:AD:39:FA:A5:AA:DC:C9:3B:E1:6C:0A
Certificate issuer: /CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
Certificate serial: 019424B3CF78425A014DF372BED1FB72632E
Authority key identifier: 00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/svn5qGrzwkwprTn6parcyTvhbAo.roa
Signing time: Thu 02 Jan 2025 01:49:11 +0000
ROA not before: Thu 02 Jan 2025 01:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48823
IP address blocks: 95.129.48.0/21 maxlen: 24
134.0.24.0/21 maxlen: 24
185.11.136.0/22 maxlen: 24
2a03:2900::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.mft
rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 01:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:cf:78:42:5a:01:4d:f3:72:be:d1:fb:72:63:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
Validity
Not Before: Jan 2 01:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2f9f9a86af3c24c29ad39faa5aadcc93be16c0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:eb:54:6a:7e:21:ea:76:c5:24:28:02:d1:c4:
a7:2e:56:1d:c2:f6:d1:20:2c:38:14:b3:a4:54:39:
3b:20:c7:5c:c3:5b:13:d5:d7:82:7f:1a:57:80:3e:
4e:d3:43:71:f1:e8:93:5b:a1:87:de:be:88:ea:95:
69:59:ba:c7:09:91:b4:e8:8d:e1:bb:89:79:6f:dd:
48:89:5c:2f:45:19:1d:ad:ca:82:ff:13:0e:d7:41:
ad:c1:d1:61:c3:09:ef:be:8f:46:e8:df:d8:30:9e:
6c:9b:08:9b:90:a8:e7:5a:2d:67:68:e2:52:52:cc:
c2:12:14:51:14:f2:b2:cc:55:b0:53:f0:7d:9f:0c:
42:24:5f:61:a6:2c:67:65:da:f6:03:06:dd:a3:8d:
d4:4e:17:de:ae:33:c8:55:eb:17:01:97:eb:4c:e5:
35:d6:89:da:43:56:26:ed:ef:e2:84:a5:63:21:63:
96:63:dd:93:a5:4c:80:dc:b2:26:47:da:32:5b:ca:
72:b2:30:0f:4c:3b:0e:1d:b9:21:83:79:c7:6b:c5:
e7:9b:66:0c:da:81:47:d2:dd:78:38:8b:06:61:67:
85:d5:15:6a:a0:49:45:b8:35:bf:a4:a6:43:ba:83:
20:87:d3:fd:e2:3d:01:fb:43:bc:52:73:ff:ca:e5:
55:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:F9:F9:A8:6A:F3:C2:4C:29:AD:39:FA:A5:AA:DC:C9:3B:E1:6C:0A
X509v3 Authority Key Identifier:
keyid:00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/svn5qGrzwkwprTn6parcyTvhbAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.129.48.0/21
134.0.24.0/21
185.11.136.0/22
IPv6:
2a03:2900::/32
Signature Algorithm: sha256WithRSAEncryption
3c:d4:36:c6:a0:e9:46:17:6b:98:83:0b:8c:dc:6d:6a:cd:44:
67:42:00:c6:16:7c:23:e5:f3:5a:44:04:6c:5a:7e:43:a4:2f:
12:44:fb:41:23:c5:bd:29:b0:64:15:69:06:72:14:97:8d:c1:
67:20:6e:78:bb:8c:82:b2:15:d5:9f:d6:67:79:d6:35:be:72:
92:a1:c6:66:b1:ef:7d:19:87:ae:18:c6:b1:0b:49:b8:1c:0e:
d7:10:a4:52:54:a3:fa:42:68:b3:55:42:35:4c:8f:d5:d5:d3:
af:35:51:f8:79:26:dd:2a:34:7b:b9:0e:0a:12:db:97:4c:f9:
ac:e8:38:d9:ae:26:f6:a3:a0:06:ca:a3:ff:82:8f:77:82:d7:
28:b3:05:bd:08:a3:ed:36:98:b5:cc:57:6c:8c:d2:d4:09:9d:
f0:c8:88:d9:8f:b5:55:b8:73:20:e0:58:33:27:40:2f:94:1c:
01:98:82:22:35:01:fc:97:2a:24:41:f9:6b:72:6d:80:87:35:
2e:35:cd:de:ad:90:bd:fd:88:d9:aa:3d:e8:77:c8:da:07:3e:
c2:e9:ee:ae:d5:71:4a:6a:c2:5b:4c:69:62:c1:ed:ff:8a:66:
78:5d:5d:96:a2:ed:8e:52:03:a1:e2:e3:7a:96:4b:11:0b:5e:
45:b1:bb:75
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQks894QloBTfNyvtH7cmMuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNWZmOWNjODljNjZhOGEzYTVkNzM0YTBkNjVjNjFmZGM4
NTE4YmUwHhcNMjUwMTAyMDE0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmY5ZjlhODZhZjNjMjRjMjlhZDM5ZmFhNWFhZGNjOTNiZTE2YzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4+tUan4h6nbFJCgC0cSnLlYdwvbR
ICw4FLOkVDk7IMdcw1sT1deCfxpXgD5O00Nx8eiTW6GH3r6I6pVpWbrHCZG06I3h
u4l5b91IiVwvRRkdrcqC/xMO10GtwdFhwwnvvo9G6N/YMJ5smwibkKjnWi1naOJS
UszCEhRRFPKyzFWwU/B9nwxCJF9hpixnZdr2Awbdo43UThferjPIVesXAZfrTOU1
1onaQ1Ym7e/ihKVjIWOWY92TpUyA3LImR9oyW8pysjAPTDsOHbkhg3nHa8Xnm2YM
2oFH0t14OIsGYWeF1RVqoElFuDW/pKZDuoMgh9P94j0B+0O8UnP/yuVVCwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLL5+ahq88JMKa05+qWq3Mk74WwKMB8GA1UdIwQY
MBaAFABf+cyJxmqKOl1zSg1lxh/chRi+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUZfNXpJbkdhb282WFhOS0RXWEdIOXlGR0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9kNTNjNzgtMGQ1Yi00MjM3LTk5OTkt
MGUyZDY5N2IyN2UzLzEvc3ZuNXFHcnp3a3dwclRuNnBhcmN5VHZoYkFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9kNTNjNzgtMGQ1Yi00MjM3LTk5OTktMGUyZDY5N2IyN2Uz
LzEvQUZfNXpJbkdhb282WFhOS0RXWEdIOXlGR0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDX4EwAwQD
hgAYAwQCuQuIMA0EAgACMAcDBQAqAykAMA0GCSqGSIb3DQEBCwUAA4IBAQA81DbG
oOlGF2uYgwuM3G1qzURnQgDGFnwj5fNaRARsWn5DpC8SRPtBI8W9KbBkFWkGchSX
jcFnIG54u4yCshXVn9ZnedY1vnKSocZmse99GYeuGMaxC0m4HA7XEKRSVKP6Qmiz
VUI1TI/V1dOvNVH4eSbdKjR7uQ4KEtuXTPms6DjZrib2o6AGyqP/go93gtcoswW9
CKPtNpi1zFdsjNLUCZ3wyIjZj7VVuHMg4FgzJ0AvlBwBmIIiNQH8lyokQflrcm2A
hzUuNc3erZC9/YjZqj3od8jaBz7C6e6u1XFKasJbTGliwe3/imZ4XV2Wou2OUgOh
4uN6lksRC15Fsbt1
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:47:16 2025 by rpki-client