
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/5dFgSm2E_DKsRiD_XGZe1X7NCls.roa
File: 5dFgSm2E_DKsRiD_XGZe1X7NCls.roa (raw, json)
Hash identifier: HPaAjfyGSxNX+CH6UTKKbuPWK2HgLvvsMws7fKTqeLg=
Subject key identifier: E5:D1:60:4A:6D:84:FC:32:AC:46:20:FF:5C:66:5E:D5:7E:CD:0A:5B
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019809336703D4B959B14B974E12C929EBBE
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/5dFgSm2E_DKsRiD_XGZe1X7NCls.roa
Signing time: Mon 14 Jul 2025 13:50:20 +0000
ROA not before: Mon 14 Jul 2025 13:50:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35196
IP address blocks: 2a09:5302:ffff::/48 maxlen: 48
2a0a:9300:1000::/48 maxlen: 48
2a0a:9301::/48 maxlen: 48
2a0a:9301:1::/48 maxlen: 48
2a0a:9301:2::/48 maxlen: 48
2a0a:9302::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:09:33:67:03:d4:b9:59:b1:4b:97:4e:12:c9:29:eb:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jul 14 13:50:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5d1604a6d84fc32ac4620ff5c665ed57ecd0a5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c2:d7:d7:fd:ef:be:7d:16:d2:89:f8:b8:d1:
6a:93:b2:75:a3:cf:ba:11:88:eb:f7:3e:61:49:f4:
65:a0:cd:3e:f6:31:1b:f9:e2:08:77:ab:b9:a7:3b:
cc:72:6f:ea:6d:72:54:df:00:ad:f4:a2:43:ce:43:
f1:3f:45:90:d3:57:12:fa:cb:1d:35:a7:16:b6:a7:
d0:5f:7b:5c:15:26:5f:2c:72:19:df:31:91:f8:ab:
a6:98:18:e1:2a:d7:22:07:67:6a:f1:f8:15:7f:b2:
04:ba:6d:0a:17:12:55:89:68:3b:c0:9e:73:f6:02:
00:10:a1:8c:f3:c1:bb:68:c0:65:28:91:4e:ce:48:
ac:c7:95:68:48:20:38:5d:8f:db:5d:c8:ee:98:7f:
38:1e:d2:87:2a:8f:35:2a:9e:3b:cf:f1:6f:0d:88:
bc:e3:8f:1c:62:a1:3a:47:dd:84:01:45:22:64:7f:
80:3a:7c:ea:dd:a5:b3:0c:e6:02:75:12:ca:97:f5:
bf:9a:e7:8c:86:11:d0:a6:14:9a:f4:73:4f:59:b5:
e4:0b:56:2c:22:db:c8:b8:bf:3c:6f:88:4e:36:f4:
14:3a:ef:48:d8:1b:aa:5f:f7:38:1e:4d:a3:eb:e2:
ac:37:8a:4f:b4:e2:29:62:13:1e:6e:70:2c:ba:11:
67:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:D1:60:4A:6D:84:FC:32:AC:46:20:FF:5C:66:5E:D5:7E:CD:0A:5B
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/5dFgSm2E_DKsRiD_XGZe1X7NCls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:5302:ffff::/48
2a0a:9300:1000::/48
2a0a:9301::-2a0a:9301:2:ffff:ffff:ffff:ffff:ffff
2a0a:9302::/32
Signature Algorithm: sha256WithRSAEncryption
a9:41:e7:f4:50:d6:91:4a:bc:9a:4d:bf:46:19:77:c6:5d:bc:
a1:e2:ac:74:96:11:6e:05:15:87:38:01:2c:d1:30:8f:30:3f:
4b:db:86:60:ae:b7:07:55:3d:3b:90:fb:f9:13:03:d7:8e:dd:
9d:5c:61:11:6c:eb:55:fd:cd:60:b1:84:51:12:69:8e:81:f4:
ec:4f:1c:c5:3a:a1:8e:88:37:83:39:74:f4:37:55:04:21:54:
26:ae:aa:eb:22:bd:a4:60:c5:d7:db:8e:6c:08:51:57:a9:0c:
13:87:98:00:5d:b7:8c:06:30:fa:06:26:2d:d9:ad:a8:13:7f:
5e:d9:dc:67:ca:2c:4e:4c:39:00:9d:ac:70:29:65:4a:70:8b:
40:07:16:b4:d3:cb:1f:74:8b:a4:fb:89:4a:81:dc:78:b9:24:
2e:dc:a3:4e:fe:d1:87:31:69:c0:80:b8:12:90:d6:85:80:6a:
e4:38:cc:c0:8c:8c:e7:6b:ad:bb:ba:72:ac:50:19:03:f5:7a:
65:29:f8:a1:52:09:28:9d:fb:36:96:cd:df:10:30:56:b7:2e:
5e:d7:fc:50:44:01:7e:2c:fc:a9:a2:fa:61:72:7a:73:0b:2e:
37:84:28:73:18:60:c7:ab:39:aa:d6:53:23:ed:18:02:8d:ce:
9d:7f:03:fb
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZgJM2cD1LlZsUuXThLJKeu+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwNzE0MTM1MDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWQxNjA0YTZkODRmYzMyYWM0NjIwZmY1YzY2NWVkNTdlY2QwYTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMLX1/3vvn0W0on4uNFqk7J1o8+6
EYjr9z5hSfRloM0+9jEb+eIId6u5pzvMcm/qbXJU3wCt9KJDzkPxP0WQ01cS+ssd
NacWtqfQX3tcFSZfLHIZ3zGR+KummBjhKtciB2dq8fgVf7IEum0KFxJViWg7wJ5z
9gIAEKGM88G7aMBlKJFOzkisx5VoSCA4XY/bXcjumH84HtKHKo81Kp47z/FvDYi8
448cYqE6R92EAUUiZH+AOnzq3aWzDOYCdRLKl/W/mueMhhHQphSa9HNPWbXkC1Ys
ItvIuL88b4hONvQUOu9I2BuqX/c4Hk2j6+KsN4pPtOIpYhMebnAsuhFnHwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFOXRYEpthPwyrEYg/1xmXtV+zQpbMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvNWRGZ1NtMkVfREtzUmlEX1hHWmUxWDdOQ2xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAxBAIAAjArAwcAKglTAv//
AwcAKgqTABAAMBADBQAqCpMBAwcAKgqTAQACAwUAKgqTAjANBgkqhkiG9w0BAQsF
AAOCAQEAqUHn9FDWkUq8mk2/Rhl3xl28oeKsdJYRbgUVhzgBLNEwjzA/S9uGYK63
B1U9O5D7+RMD147dnVxhEWzrVf3NYLGEURJpjoH07E8cxTqhjog3gzl09DdVBCFU
Jq6q6yK9pGDF19uObAhRV6kME4eYAF23jAYw+gYmLdmtqBN/XtncZ8osTkw5AJ2s
cCllSnCLQAcWtNPLH3SLpPuJSoHceLkkLtyjTv7RhzFpwIC4EpDWhYBq5DjMwIyM
52utu7pyrFAZA/V6ZSn4oVIJKJ37NpbN3xAwVrcuXtf8UEQBfiz8qaL6YXJ6cwsu
N4Qocxhgx6s5qtZTI+0YAo3OnX8D+w==
-----END CERTIFICATE-----
Generated at Sun Jul 20 18:01:21 2025 by rpki-client