Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/YPWPyR2PrV8C7bZPatIE86usWRg.roa
File: YPWPyR2PrV8C7bZPatIE86usWRg.roa (raw, json)
Hash identifier: oPtwylk/25k8zLps+NlaEoKI3y6QpsbDE1m1nmcztaE=
Subject key identifier: 60:F5:8F:C9:1D:8F:AD:5F:02:ED:B6:4F:6A:D2:04:F3:AB:AC:59:18
Certificate issuer: /CN=5dd7336fa915721ce3bfee217f4e99164db9532b
Certificate serial: 0197CA3114375B7E5BEFF9689B7CF98DF545
Authority key identifier: 5D:D7:33:6F:A9:15:72:1C:E3:BF:EE:21:7F:4E:99:16:4D:B9:53:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xdczb6kVchzjv-4hf06ZFk25Uys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/YPWPyR2PrV8C7bZPatIE86usWRg.roa
Signing time: Wed 02 Jul 2025 08:11:43 +0000
ROA not before: Wed 02 Jul 2025 08:11:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 5.62.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/Xdczb6kVchzjv-4hf06ZFk25Uys.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/Xdczb6kVchzjv-4hf06ZFk25Uys.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xdczb6kVchzjv-4hf06ZFk25Uys.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 08:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ca:31:14:37:5b:7e:5b:ef:f9:68:9b:7c:f9:8d:f5:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dd7336fa915721ce3bfee217f4e99164db9532b
Validity
Not Before: Jul 2 08:11:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60f58fc91d8fad5f02edb64f6ad204f3abac5918
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:11:1c:5e:07:b1:58:8b:f8:45:f8:a7:9b:90:
86:6f:50:d8:5a:5b:8a:4f:79:1d:35:92:6a:c9:46:
ad:bc:c5:eb:cd:25:ce:e4:ae:03:db:3e:30:0f:00:
59:99:a7:1c:3a:91:fc:f1:fe:93:5c:4d:82:5d:74:
0e:2d:f4:ef:a9:c7:5e:97:6f:75:c3:c3:74:55:c2:
a7:7b:08:79:6f:e4:68:fc:3a:ae:93:cb:b0:e2:b3:
d9:8a:96:2b:f7:52:b0:c5:8a:f6:fc:0d:c3:2c:79:
e9:b4:13:f0:ea:00:26:77:c8:d9:78:b8:21:e9:1c:
12:7f:ba:b3:0b:97:21:33:df:7d:ed:66:b9:48:76:
66:15:e4:03:08:99:7f:73:da:9c:37:25:45:38:05:
a0:9a:2c:08:c5:fd:af:e8:4b:a0:2d:86:8d:ff:e4:
20:64:76:e2:19:50:9b:7c:70:5b:fc:9f:2c:ef:10:
40:35:a6:50:44:8e:f0:6a:d4:80:27:45:f7:15:dd:
7a:fb:1b:7c:7c:02:e0:f2:6f:55:3c:d0:07:1e:0c:
a0:b0:7c:7e:7a:e0:50:42:5c:ea:2a:cf:71:fd:cd:
2d:a5:65:56:9e:ef:b1:8a:ab:df:a5:fa:f1:1d:c0:
42:18:e9:49:44:bb:0b:c9:ea:01:36:9d:e4:df:87:
f3:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:F5:8F:C9:1D:8F:AD:5F:02:ED:B6:4F:6A:D2:04:F3:AB:AC:59:18
X509v3 Authority Key Identifier:
keyid:5D:D7:33:6F:A9:15:72:1C:E3:BF:EE:21:7F:4E:99:16:4D:B9:53:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xdczb6kVchzjv-4hf06ZFk25Uys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/YPWPyR2PrV8C7bZPatIE86usWRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/Xdczb6kVchzjv-4hf06ZFk25Uys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.62.34.0/24
Signature Algorithm: sha256WithRSAEncryption
72:20:60:16:ad:4d:3b:6e:51:87:7a:44:9a:4c:6b:55:87:b6:
69:85:0d:e0:89:42:db:95:c0:c0:1e:a0:f4:7e:cb:85:58:c2:
16:9b:0c:4d:1e:e2:8f:25:d6:94:b3:23:26:3a:b5:41:ae:71:
fb:29:a6:e6:04:54:51:ae:04:e1:24:e7:49:ad:f8:13:e2:3c:
f9:33:c9:f1:46:d4:d7:f6:dc:c7:04:ce:2c:0b:c0:74:bb:76:
61:35:81:05:b9:25:bb:11:8e:39:95:98:f5:cb:ec:c4:fb:80:
3d:03:fd:33:21:21:8f:75:68:5a:de:33:6e:c4:d1:91:78:87:
e1:56:2a:d9:6e:07:bd:45:e8:92:74:65:06:6d:12:69:06:2a:
62:1a:9c:75:d5:27:8d:dc:61:72:54:51:bc:39:fe:2b:ca:f8:
fe:56:d0:50:8c:23:3b:23:69:72:66:fd:d9:e3:e4:5b:cd:6a:
63:eb:17:32:19:6d:55:e5:7a:1e:40:16:f6:7d:b0:2b:59:02:
bd:57:4c:2b:1f:2e:bb:9d:9b:07:aa:22:5a:2a:09:e1:4e:41:
b7:01:16:5b:06:22:f2:c9:a9:9f:84:c5:55:2c:82:78:61:c9:
4a:20:80:05:e6:04:c0:ab:4f:7d:b9:97:89:48:c4:c1:a0:d8:
07:55:5e:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfKMRQ3W35b7/lom3z5jfVFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDczMzZmYTkxNTcyMWNlM2JmZWUyMTdmNGU5OTE2NGRi
OTUzMmIwHhcNMjUwNzAyMDgxMTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGY1OGZjOTFkOGZhZDVmMDJlZGI2NGY2YWQyMDRmM2FiYWM1OTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsREcXgexWIv4Rfinm5CGb1DYWluK
T3kdNZJqyUatvMXrzSXO5K4D2z4wDwBZmaccOpH88f6TXE2CXXQOLfTvqcdel291
w8N0VcKnewh5b+Ro/Dquk8uw4rPZipYr91KwxYr2/A3DLHnptBPw6gAmd8jZeLgh
6RwSf7qzC5chM9997Wa5SHZmFeQDCJl/c9qcNyVFOAWgmiwIxf2v6EugLYaN/+Qg
ZHbiGVCbfHBb/J8s7xBANaZQRI7watSAJ0X3Fd16+xt8fALg8m9VPNAHHgygsHx+
euBQQlzqKs9x/c0tpWVWnu+xiqvfpfrxHcBCGOlJRLsLyeoBNp3k34fz0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGD1j8kdj61fAu22T2rSBPOrrFkYMB8GA1UdIwQY
MBaAFF3XM2+pFXIc47/uIX9OmRZNuVMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRjemI2a1ZjaHpqdi00aGYwNlpGazI1VXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9lNzQ0YmQtZjZkOS00Zjc0LThjMDEt
OGM0YmM0NTkyN2EzLzEvWVBXUHlSMlByVjhDN2JaUGF0SUU4NnVzV1JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9lNzQ0YmQtZjZkOS00Zjc0LThjMDEtOGM0YmM0NTkyN2Ez
LzEvWGRjemI2a1ZjaHpqdi00aGYwNlpGazI1VXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABT4iMA0G
CSqGSIb3DQEBCwUAA4IBAQByIGAWrU07blGHekSaTGtVh7ZphQ3giULblcDAHqD0
fsuFWMIWmwxNHuKPJdaUsyMmOrVBrnH7KabmBFRRrgThJOdJrfgT4jz5M8nxRtTX
9tzHBM4sC8B0u3ZhNYEFuSW7EY45lZj1y+zE+4A9A/0zISGPdWha3jNuxNGReIfh
VirZbge9ReiSdGUGbRJpBipiGpx11SeN3GFyVFG8Of4ryvj+VtBQjCM7I2lyZv3Z
4+RbzWpj6xcyGW1V5XoeQBb2fbArWQK9V0wrHy67nZsHqiJaKgnhTkG3ARZbBiLy
yamfhMVVLIJ4YclKIIAF5gTAq099uZeJSMTBoNgHVV7n
-----END CERTIFICATE-----
Generated at Sun Jul 20 16:21:32 2025 by rpki-client