Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/DkHIx2qomTMRxi5txwcyeQJUMC4.roa
File: DkHIx2qomTMRxi5txwcyeQJUMC4.roa (raw, json)
Hash identifier: aUooC/gZIs2knffE4CSZxz4fOwgHg5KB9hMX38VnhFA=
Subject key identifier: 0E:41:C8:C7:6A:A8:99:33:11:C6:2E:6D:C7:07:32:79:02:54:30:2E
Certificate issuer: /CN=5dd7336fa915721ce3bfee217f4e99164db9532b
Certificate serial: 0197CA311363820103D52434BF56A5D11F43
Authority key identifier: 5D:D7:33:6F:A9:15:72:1C:E3:BF:EE:21:7F:4E:99:16:4D:B9:53:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xdczb6kVchzjv-4hf06ZFk25Uys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/DkHIx2qomTMRxi5txwcyeQJUMC4.roa
Signing time: Wed 02 Jul 2025 08:11:43 +0000
ROA not before: Wed 02 Jul 2025 08:11:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206334
IP address blocks: 5.62.52.0/24 maxlen: 24
5.62.53.0/24 maxlen: 24
5.62.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/Xdczb6kVchzjv-4hf06ZFk25Uys.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/Xdczb6kVchzjv-4hf06ZFk25Uys.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xdczb6kVchzjv-4hf06ZFk25Uys.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ca:31:13:63:82:01:03:d5:24:34:bf:56:a5:d1:1f:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dd7336fa915721ce3bfee217f4e99164db9532b
Validity
Not Before: Jul 2 08:11:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e41c8c76aa8993311c62e6dc70732790254302e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1c:40:5e:40:6f:de:36:f0:5c:0f:3e:56:de:
b6:4d:a3:ac:40:8d:2d:79:d3:64:37:6f:ce:54:cd:
ce:23:e8:17:0b:59:31:e5:40:47:87:e6:84:54:ca:
f7:20:7c:ea:07:91:03:d1:a1:36:90:7d:ce:b8:de:
d3:4c:bc:ef:00:40:fa:95:83:91:a5:45:37:24:10:
c4:8c:2a:18:69:ac:22:d7:fd:5b:43:d5:1e:ee:f9:
20:5e:85:dd:dc:b2:0f:e3:25:61:c3:ea:11:71:4d:
20:d1:04:4a:94:64:9a:b1:65:1b:87:f2:0c:34:4d:
ea:71:65:a0:dd:62:ed:7a:73:cc:e4:6e:2f:19:93:
f6:8c:f7:6a:53:12:d8:53:b3:03:b5:8d:4d:99:5a:
cc:54:0f:27:51:52:47:27:43:6e:ea:ce:72:d8:f8:
22:5e:99:04:aa:05:ed:ea:a9:1f:07:cf:88:e8:52:
f3:c0:4b:82:dd:ce:74:47:ca:a4:38:a6:f1:41:fa:
f5:eb:36:ab:9f:0b:93:02:a9:00:fb:09:ad:99:19:
09:8a:56:63:f1:f8:0d:36:c1:81:53:f0:ae:0f:5c:
2b:d8:14:83:ca:89:ea:a1:50:1a:16:37:07:4a:ba:
30:3b:6e:e8:34:70:89:09:47:28:b0:6e:69:4a:c2:
7a:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:41:C8:C7:6A:A8:99:33:11:C6:2E:6D:C7:07:32:79:02:54:30:2E
X509v3 Authority Key Identifier:
keyid:5D:D7:33:6F:A9:15:72:1C:E3:BF:EE:21:7F:4E:99:16:4D:B9:53:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xdczb6kVchzjv-4hf06ZFk25Uys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/DkHIx2qomTMRxi5txwcyeQJUMC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/Xdczb6kVchzjv-4hf06ZFk25Uys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.62.52.0-5.62.54.255
Signature Algorithm: sha256WithRSAEncryption
1e:78:4f:35:a3:0a:7c:e0:b9:d6:87:fa:a5:a7:40:e2:90:10:
40:e4:f4:44:77:51:08:b1:b9:45:fc:1f:2d:3c:fe:15:79:4d:
e1:ee:8b:17:a0:da:99:24:b0:7a:e3:6f:5f:59:5d:89:a5:a8:
e1:21:2a:f6:55:70:0f:1f:77:77:9e:5c:c7:37:a7:fa:bb:3a:
10:65:07:84:80:94:6e:68:1b:27:cb:ba:cb:0e:c7:98:81:7b:
07:e6:be:35:ed:77:55:1f:3a:ce:7f:3c:19:1e:cb:81:e8:67:
14:9f:f2:3e:d2:e1:33:99:f1:3c:88:78:b6:16:c4:90:2e:b8:
ea:6b:ae:c1:03:22:74:3d:cc:e2:86:e4:48:3e:85:4e:c4:4a:
4f:07:6a:71:47:bf:27:ce:b1:90:f8:a3:40:24:7a:ec:76:3a:
34:5d:1b:fa:62:e6:4e:3f:75:f7:69:33:61:a9:a4:33:c5:02:
36:98:bb:69:f5:6a:f8:e4:14:0b:7c:c8:4d:d2:73:54:81:f3:
55:94:92:a0:57:00:10:23:91:e8:93:3b:d8:01:13:a0:4c:08:
cc:a5:67:0c:1b:e1:70:46:47:8f:f5:86:b0:53:55:3f:b5:29:
4d:ea:4f:48:6b:37:fa:8f:1b:79:60:62:6e:91:9f:c9:1e:71:
16:8c:2d:62
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZfKMRNjggED1SQ0v1al0R9DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDczMzZmYTkxNTcyMWNlM2JmZWUyMTdmNGU5OTE2NGRi
OTUzMmIwHhcNMjUwNzAyMDgxMTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTQxYzhjNzZhYTg5OTMzMTFjNjJlNmRjNzA3MzI3OTAyNTQzMDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxxAXkBv3jbwXA8+Vt62TaOsQI0t
edNkN2/OVM3OI+gXC1kx5UBHh+aEVMr3IHzqB5ED0aE2kH3OuN7TTLzvAED6lYOR
pUU3JBDEjCoYaawi1/1bQ9Ue7vkgXoXd3LIP4yVhw+oRcU0g0QRKlGSasWUbh/IM
NE3qcWWg3WLtenPM5G4vGZP2jPdqUxLYU7MDtY1NmVrMVA8nUVJHJ0Nu6s5y2Pgi
XpkEqgXt6qkfB8+I6FLzwEuC3c50R8qkOKbxQfr16zarnwuTAqkA+wmtmRkJilZj
8fgNNsGBU/CuD1wr2BSDyonqoVAaFjcHSrowO27oNHCJCUcosG5pSsJ6uQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFA5ByMdqqJkzEcYubccHMnkCVDAuMB8GA1UdIwQY
MBaAFF3XM2+pFXIc47/uIX9OmRZNuVMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRjemI2a1ZjaHpqdi00aGYwNlpGazI1VXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9lNzQ0YmQtZjZkOS00Zjc0LThjMDEt
OGM0YmM0NTkyN2EzLzEvRGtISXgycW9tVE1SeGk1dHh3Y3llUUpVTUM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9lNzQ0YmQtZjZkOS00Zjc0LThjMDEtOGM0YmM0NTkyN2Ez
LzEvWGRjemI2a1ZjaHpqdi00aGYwNlpGazI1VXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAIFPjQD
BAAFPjYwDQYJKoZIhvcNAQELBQADggEBAB54TzWjCnzgudaH+qWnQOKQEEDk9ER3
UQixuUX8Hy08/hV5TeHuixeg2pkksHrjb19ZXYmlqOEhKvZVcA8fd3eeXMc3p/q7
OhBlB4SAlG5oGyfLussOx5iBewfmvjXtd1UfOs5/PBkey4HoZxSf8j7S4TOZ8TyI
eLYWxJAuuOprrsEDInQ9zOKG5Eg+hU7ESk8HanFHvyfOsZD4o0Akeux2OjRdG/pi
5k4/dfdpM2GppDPFAjaYu2n1avjkFAt8yE3Sc1SB81WUkqBXABAjkeiTO9gBE6BM
CMylZwwb4XBGR4/1hrBTVT+1KU3qT0hrN/qPG3lgYm6Rn8kecRaMLWI=
-----END CERTIFICATE-----
Generated at Sun Jul 27 12:54:20 2025 by rpki-client