Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/Ed42cA-zlGSxziIawQwcb1FDX08.roa
File: Ed42cA-zlGSxziIawQwcb1FDX08.roa (raw, json)
Hash identifier: 4F2FvV2Cc4LfdAZdtq/lrpCkvJIef6bPoCHs44x1OVQ=
Subject key identifier: 11:DE:36:70:0F:B3:94:64:B1:CE:22:1A:C1:0C:1C:6F:51:43:5F:4F
Certificate issuer: /CN=4ddb3dcdf5e6bee09825c37bf3b8bdf28b6fb593
Certificate serial: 019835106CDFAF5D0E7022AC5459ACF6B4DB
Authority key identifier: 4D:DB:3D:CD:F5:E6:BE:E0:98:25:C3:7B:F3:B8:BD:F2:8B:6F:B5:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tds9zfXmvuCYJcN787i98otvtZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/Ed42cA-zlGSxziIawQwcb1FDX08.roa
Signing time: Wed 23 Jul 2025 02:15:25 +0000
ROA not before: Wed 23 Jul 2025 02:15:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50923
IP address blocks: 5.129.0.0/16 maxlen: 16
5.129.192.0/19 maxlen: 19
5.129.192.0/20 maxlen: 20
5.129.192.0/21 maxlen: 21
5.129.200.0/21 maxlen: 21
5.129.208.0/20 maxlen: 20
5.129.208.0/21 maxlen: 21
5.129.216.0/21 maxlen: 21
5.129.224.0/19 maxlen: 19
5.129.224.0/20 maxlen: 20
5.129.224.0/21 maxlen: 21
5.129.232.0/21 maxlen: 21
5.129.240.0/20 maxlen: 20
5.129.240.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/Tds9zfXmvuCYJcN787i98otvtZM.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/Tds9zfXmvuCYJcN787i98otvtZM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tds9zfXmvuCYJcN787i98otvtZM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 06:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:35:10:6c:df:af:5d:0e:70:22:ac:54:59:ac:f6:b4:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ddb3dcdf5e6bee09825c37bf3b8bdf28b6fb593
Validity
Not Before: Jul 23 02:15:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=11de36700fb39464b1ce221ac10c1c6f51435f4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:0c:83:b7:0c:f5:63:41:63:6d:6e:f2:d2:ef:
3d:ec:70:ff:9c:dd:d5:a9:6e:cf:05:a0:47:6a:ff:
7f:4d:fc:aa:5c:73:62:bc:f2:4d:5e:ab:20:4e:74:
80:5d:25:9d:59:29:78:b6:c2:c7:9f:89:b7:17:9e:
cc:d0:14:e4:a4:6d:3c:01:31:09:7b:0f:52:44:fe:
b4:08:2c:df:20:6a:f4:97:f8:d9:f1:ac:0e:77:49:
6e:48:37:02:c0:a1:64:fa:e4:51:9e:5e:97:c9:f6:
a7:b5:d5:57:04:50:3c:e9:76:02:f3:d6:ac:7e:1c:
7a:27:55:28:16:90:61:64:2d:98:57:42:67:2b:3d:
38:d8:49:34:75:67:f1:cb:3e:b7:aa:a3:e5:61:a2:
c4:2b:2f:af:b0:28:ec:61:88:8b:f6:b2:28:21:71:
80:bb:41:e2:99:4e:8d:9a:f8:9b:9a:05:71:36:81:
f7:0a:c2:4b:32:77:9a:21:20:81:e4:75:0f:e7:a3:
23:da:5f:79:12:84:ad:3f:72:0f:cb:34:cd:63:c2:
82:dc:d7:cd:41:ee:c9:5b:f8:e7:37:a2:3f:6d:b0:
52:6c:ab:3a:e0:c5:26:63:99:1d:c7:f0:f3:83:76:
da:b1:ea:9a:b3:3d:b0:bf:f2:8b:90:ec:1b:0d:68:
d7:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:DE:36:70:0F:B3:94:64:B1:CE:22:1A:C1:0C:1C:6F:51:43:5F:4F
X509v3 Authority Key Identifier:
keyid:4D:DB:3D:CD:F5:E6:BE:E0:98:25:C3:7B:F3:B8:BD:F2:8B:6F:B5:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tds9zfXmvuCYJcN787i98otvtZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/Ed42cA-zlGSxziIawQwcb1FDX08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/Tds9zfXmvuCYJcN787i98otvtZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
41:d0:0b:06:61:e1:9d:7e:00:99:40:40:24:61:ef:29:f7:8e:
f8:e7:9c:de:1d:fe:4e:e6:07:11:90:36:cd:91:4e:07:ba:4f:
19:fd:ff:06:e1:b5:26:17:31:52:3e:70:b7:e8:86:94:82:53:
42:96:a6:83:33:a5:f3:b1:97:19:3e:e4:82:3a:64:64:6d:51:
16:c4:71:21:0e:21:f2:9d:0a:cd:88:7e:30:7f:8e:ca:36:93:
6c:36:e7:23:2a:4a:fd:c0:66:e8:18:ca:08:8b:98:91:ea:50:
d9:d1:65:5b:4d:a5:83:60:8e:bf:27:5d:cf:d7:45:f9:e8:18:
d7:4f:9a:14:7d:97:65:51:2c:74:17:6c:a9:aa:b9:3a:0a:88:
79:2f:ec:7c:8c:e9:fc:95:78:cd:1a:6f:bf:be:8e:01:dd:57:
2e:63:92:2d:8e:20:44:2a:72:23:3c:00:46:f8:3f:94:0c:df:
86:08:c8:7a:f9:9f:c7:be:6e:2f:19:c5:1e:0d:06:7d:b6:a2:
e6:3b:d3:e2:ad:42:82:8e:20:0a:41:b2:96:80:35:24:fb:f1:
de:de:1b:cc:c5:94:7a:e9:e0:8e:df:8f:67:27:3b:6f:e0:2a:
75:7a:a3:c8:e1:d1:18:26:4e:36:a6:01:71:b5:27:08:61:0d:
61:4d:dd:5c
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZg1EGzfr10OcCKsVFms9rTbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZGIzZGNkZjVlNmJlZTA5ODI1YzM3YmYzYjhiZGYyOGI2
ZmI1OTMwHhcNMjUwNzIzMDIxNTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWRlMzY3MDBmYjM5NDY0YjFjZTIyMWFjMTBjMWM2ZjUxNDM1ZjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3wyDtwz1Y0FjbW7y0u897HD/nN3V
qW7PBaBHav9/TfyqXHNivPJNXqsgTnSAXSWdWSl4tsLHn4m3F57M0BTkpG08ATEJ
ew9SRP60CCzfIGr0l/jZ8awOd0luSDcCwKFk+uRRnl6XyfantdVXBFA86XYC89as
fhx6J1UoFpBhZC2YV0JnKz042Ek0dWfxyz63qqPlYaLEKy+vsCjsYYiL9rIoIXGA
u0HimU6NmvibmgVxNoH3CsJLMneaISCB5HUP56Mj2l95EoStP3IPyzTNY8KC3NfN
Qe7JW/jnN6I/bbBSbKs64MUmY5kdx/Dzg3baseqasz2wv/KLkOwbDWjX5wIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFBHeNnAPs5Rksc4iGsEMHG9RQ19PMB8GA1UdIwQY
MBaAFE3bPc315r7gmCXDe/O4vfKLb7WTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRzOXpmWG12dUNZSmNONzg3aTk4b3R2dFpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83OTBjZWUtZDU0ZS00NTk4LThiYzEt
MjE3MGM1YzFkM2VkLzEvRWQ0MmNBLXpsR1N4emlJYXdRd2NiMUZEWDA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83OTBjZWUtZDU0ZS00NTk4LThiYzEtMjE3MGM1YzFkM2Vk
LzEvVGRzOXpmWG12dUNZSmNONzg3aTk4b3R2dFpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMABYEwDQYJ
KoZIhvcNAQELBQADggEBAEHQCwZh4Z1+AJlAQCRh7yn3jvjnnN4d/k7mBxGQNs2R
Tge6Txn9/wbhtSYXMVI+cLfohpSCU0KWpoMzpfOxlxk+5II6ZGRtURbEcSEOIfKd
Cs2IfjB/jso2k2w25yMqSv3AZugYygiLmJHqUNnRZVtNpYNgjr8nXc/XRfnoGNdP
mhR9l2VRLHQXbKmquToKiHkv7HyM6fyVeM0ab7++jgHdVy5jki2OIEQqciM8AEb4
P5QM34YIyHr5n8e+bi8ZxR4NBn22ouY70+KtQoKOIApBspaANST78d7eG8zFlHrp
4I7fj2cnO2/gKnV6o8jh0RgmTjamAXG1JwhhDWFN3Vw=
-----END CERTIFICATE-----
Generated at Sat Jul 26 15:13:13 2025 by rpki-client