Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/2e257e-df64-4668-863b-f4dea86929ae/1/Ryemd1TDuIeUGlHSxQ4yYf0bI78.roa
File: Ryemd1TDuIeUGlHSxQ4yYf0bI78.roa (raw, json)
Hash identifier: TuiESkEb7Uapb4uz5EJqoKRBNlBEi1zqIu4KTer9R60=
Subject key identifier: 47:27:A6:77:54:C3:B8:87:94:1A:51:D2:C5:0E:32:61:FD:1B:23:BF
Certificate issuer: /CN=ee7450b230172e3e8ad35288110ef8abd24ff92d
Certificate serial: 019425FDCC501D3E739C056EB2338CC7D226
Authority key identifier: EE:74:50:B2:30:17:2E:3E:8A:D3:52:88:11:0E:F8:AB:D2:4F:F9:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7nRQsjAXLj6K01KIEQ74q9JP-S0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/2e257e-df64-4668-863b-f4dea86929ae/1/Ryemd1TDuIeUGlHSxQ4yYf0bI78.roa
Signing time: Thu 02 Jan 2025 07:49:37 +0000
ROA not before: Thu 02 Jan 2025 07:49:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211402
IP address blocks: 5.182.172.0/24 maxlen: 24
5.182.173.0/24 maxlen: 24
5.182.174.0/24 maxlen: 24
5.182.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/2e257e-df64-4668-863b-f4dea86929ae/1/7nRQsjAXLj6K01KIEQ74q9JP-S0.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/2e257e-df64-4668-863b-f4dea86929ae/1/7nRQsjAXLj6K01KIEQ74q9JP-S0.mft
rsync://rpki.ripe.net/repository/DEFAULT/7nRQsjAXLj6K01KIEQ74q9JP-S0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:cc:50:1d:3e:73:9c:05:6e:b2:33:8c:c7:d2:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee7450b230172e3e8ad35288110ef8abd24ff92d
Validity
Not Before: Jan 2 07:49:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4727a67754c3b887941a51d2c50e3261fd1b23bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4f:b2:9c:de:c7:97:91:35:03:c0:29:93:7b:
57:32:30:8c:fe:7b:c5:1c:81:0b:d5:aa:be:98:a5:
7f:9b:ea:55:43:a6:45:9b:18:bf:ee:e2:2f:aa:90:
a2:db:15:89:52:63:65:7e:d9:35:ce:cf:82:0d:11:
70:90:b8:7d:be:2d:d9:19:9d:f5:03:77:bd:22:40:
8c:0c:1e:33:05:5f:36:33:78:7f:6b:cc:39:75:cb:
56:6a:1a:fd:3d:36:db:28:6b:0e:81:9e:11:d8:a2:
7d:40:c9:a1:29:61:b1:2a:24:8e:8e:66:97:a2:e0:
4a:54:03:bd:8b:d1:04:ca:b3:c3:25:28:4a:f2:38:
74:7f:52:44:ca:23:07:41:17:97:56:f1:73:53:56:
6c:56:42:f4:a9:33:a6:db:79:bd:0c:32:fc:da:24:
52:4f:2d:b3:3d:d2:0f:c6:e0:8a:ee:a1:b3:e6:03:
e1:0b:71:83:52:06:e5:cc:0b:fc:8f:da:5a:2c:0a:
66:5e:5f:a5:83:5e:04:46:32:ee:c4:91:06:4a:ab:
50:20:b5:fb:33:27:a7:59:f5:1c:4c:02:7a:ba:c0:
93:70:ad:ae:4d:b3:d5:6d:5d:72:f3:6e:a3:97:f9:
bb:3e:ab:bb:2b:ae:fb:12:20:b8:cd:ca:08:41:e8:
e1:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:27:A6:77:54:C3:B8:87:94:1A:51:D2:C5:0E:32:61:FD:1B:23:BF
X509v3 Authority Key Identifier:
keyid:EE:74:50:B2:30:17:2E:3E:8A:D3:52:88:11:0E:F8:AB:D2:4F:F9:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7nRQsjAXLj6K01KIEQ74q9JP-S0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/2e257e-df64-4668-863b-f4dea86929ae/1/Ryemd1TDuIeUGlHSxQ4yYf0bI78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/2e257e-df64-4668-863b-f4dea86929ae/1/7nRQsjAXLj6K01KIEQ74q9JP-S0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.172.0/22
Signature Algorithm: sha256WithRSAEncryption
80:8c:d0:d8:1a:d6:50:69:32:ba:d1:81:65:7b:cf:f7:60:ba:
bc:d9:61:c3:72:64:79:0f:c7:66:04:2a:fc:ef:52:1b:3d:8d:
0b:dd:1f:58:ee:21:79:10:de:fb:79:87:28:7e:6a:6b:44:03:
93:a4:33:12:44:d5:2c:27:f5:99:58:e4:8f:bc:38:4f:47:1e:
5c:86:33:e4:0d:69:9d:2b:67:a5:a0:71:8a:ef:6f:61:3c:ba:
69:74:05:d6:89:4e:a8:72:b1:a0:09:46:aa:01:2b:e3:b9:1f:
4a:b2:24:bd:49:72:83:d2:ed:1a:0e:16:1c:e3:3b:82:0a:d6:
20:80:51:d6:59:0f:97:6b:6e:bd:d7:70:29:8c:96:36:65:0d:
c8:94:c4:4d:e9:0e:48:8f:eb:cb:5c:6c:92:c2:6b:c4:c8:d3:
d8:58:a3:db:fc:7b:db:c8:34:5c:ce:15:0b:9f:93:f5:96:97:
7d:2a:e8:0b:4c:cb:a1:fa:ad:f4:0b:ba:c9:9e:7b:98:e1:8d:
31:e2:56:d9:92:02:53:21:03:ef:8d:db:8e:4c:3b:a4:47:eb:
0b:8f:bc:ea:8e:f9:27:a1:47:5c:45:95:fe:b0:7f:c2:99:a7:
4b:05:4d:25:0d:3c:9f:64:a3:19:59:a3:ab:19:37:7a:8a:93:
27:b2:6d:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/cxQHT5znAVusjOMx9ImMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlNzQ1MGIyMzAxNzJlM2U4YWQzNTI4ODExMGVmOGFiZDI0
ZmY5MmQwHhcNMjUwMTAyMDc0OTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzI3YTY3NzU0YzNiODg3OTQxYTUxZDJjNTBlMzI2MWZkMWIyM2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0+ynN7Hl5E1A8Apk3tXMjCM/nvF
HIEL1aq+mKV/m+pVQ6ZFmxi/7uIvqpCi2xWJUmNlftk1zs+CDRFwkLh9vi3ZGZ31
A3e9IkCMDB4zBV82M3h/a8w5dctWahr9PTbbKGsOgZ4R2KJ9QMmhKWGxKiSOjmaX
ouBKVAO9i9EEyrPDJShK8jh0f1JEyiMHQReXVvFzU1ZsVkL0qTOm23m9DDL82iRS
Ty2zPdIPxuCK7qGz5gPhC3GDUgblzAv8j9paLApmXl+lg14ERjLuxJEGSqtQILX7
MyenWfUcTAJ6usCTcK2uTbPVbV1y826jl/m7Pqu7K677EiC4zcoIQejhnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEcnpndUw7iHlBpR0sUOMmH9GyO/MB8GA1UdIwQY
MBaAFO50ULIwFy4+itNSiBEO+KvST/ktMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN25SUXNqQVhMajZLMDFLSUVRNzRxOUpQLVMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yZTI1N2UtZGY2NC00NjY4LTg2M2It
ZjRkZWE4NjkyOWFlLzEvUnllbWQxVER1SWVVR2xIU3hRNHlZZjBiSTc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yZTI1N2UtZGY2NC00NjY4LTg2M2ItZjRkZWE4NjkyOWFl
LzEvN25SUXNqQVhMajZLMDFLSUVRNzRxOUpQLVMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBbasMA0G
CSqGSIb3DQEBCwUAA4IBAQCAjNDYGtZQaTK60YFle8/3YLq82WHDcmR5D8dmBCr8
71IbPY0L3R9Y7iF5EN77eYcofmprRAOTpDMSRNUsJ/WZWOSPvDhPRx5chjPkDWmd
K2eloHGK729hPLppdAXWiU6ocrGgCUaqASvjuR9KsiS9SXKD0u0aDhYc4zuCCtYg
gFHWWQ+Xa26913ApjJY2ZQ3IlMRN6Q5Ij+vLXGySwmvEyNPYWKPb/HvbyDRczhUL
n5P1lpd9KugLTMuh+q30C7rJnnuY4Y0x4lbZkgJTIQPvjduOTDukR+sLj7zqjvkn
oUdcRZX+sH/CmadLBU0lDTyfZKMZWaOrGTd6ipMnsm15
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:22:34 2025 by rpki-client