Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/5tqPEp3EliYZS2xI-t2SOYASA6Q.roa
File: 5tqPEp3EliYZS2xI-t2SOYASA6Q.roa (raw, json)
Hash identifier: rrWZ9V7KWJ4Q+nTEuZg3LRcJ0iLHgZLsCePpW9vxZts=
Subject key identifier: E6:DA:8F:12:9D:C4:96:26:19:4B:6C:48:FA:DD:92:39:80:12:03:A4
Certificate issuer: /CN=5ee004befa553ddb35564fb7762b05eb222ecf93
Certificate serial: 01942068278049906003A3678722F7F59E1A
Authority key identifier: 5E:E0:04:BE:FA:55:3D:DB:35:56:4F:B7:76:2B:05:EB:22:2E:CF:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuAEvvpVPds1Vk-3disF6yIuz5M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/5tqPEp3EliYZS2xI-t2SOYASA6Q.roa
Signing time: Wed 01 Jan 2025 05:48:04 +0000
ROA not before: Wed 01 Jan 2025 05:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48519
IP address blocks: 185.95.96.0/23 maxlen: 24
185.95.98.0/23 maxlen: 24
2a00:1c3e:96::/47 maxlen: 48
2a00:1c3e:98::/47 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/XuAEvvpVPds1Vk-3disF6yIuz5M.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/XuAEvvpVPds1Vk-3disF6yIuz5M.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuAEvvpVPds1Vk-3disF6yIuz5M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:27:80:49:90:60:03:a3:67:87:22:f7:f5:9e:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee004befa553ddb35564fb7762b05eb222ecf93
Validity
Not Before: Jan 1 05:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e6da8f129dc49626194b6c48fadd9239801203a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:6b:0b:50:ea:66:ed:09:c8:7e:ed:d3:97:0b:
79:1b:33:f2:05:35:19:3b:e0:27:47:ce:a9:1e:a5:
e3:97:84:e1:f9:62:a0:56:35:bc:1c:f3:30:aa:8a:
ee:49:c6:77:a6:40:c0:89:21:33:ce:96:55:56:05:
b9:31:00:8d:42:cb:83:5a:0a:88:fe:31:bb:ae:ef:
eb:1f:00:13:a4:3d:c7:c9:c5:4a:82:69:e9:4f:17:
a4:f9:ac:a6:2c:06:21:4b:a0:59:d2:89:91:30:8c:
c9:68:3c:95:36:d8:1d:66:90:02:c1:b7:43:f4:3a:
d8:ac:2f:e9:30:d3:38:3d:90:b0:2c:13:91:54:cb:
e8:ea:2b:04:c0:a6:80:67:ab:c7:77:6b:f2:b9:8f:
3b:5c:07:ab:13:93:ff:d2:1c:08:eb:68:5f:b7:81:
ff:69:36:0b:85:53:87:bd:b5:28:c7:f8:0a:d5:81:
0e:80:65:d3:6b:f6:fe:e8:90:8e:73:71:a2:ca:5d:
c4:f5:66:5f:37:d9:b7:7f:6c:10:e6:0c:a7:38:06:
17:61:ad:77:a8:8e:c4:0d:95:13:27:ee:79:cd:00:
8e:41:46:b9:50:eb:0e:bd:0d:e1:a7:e7:8c:67:64:
bf:db:92:80:21:9a:d4:b2:fd:63:66:03:b1:44:46:
77:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:DA:8F:12:9D:C4:96:26:19:4B:6C:48:FA:DD:92:39:80:12:03:A4
X509v3 Authority Key Identifier:
keyid:5E:E0:04:BE:FA:55:3D:DB:35:56:4F:B7:76:2B:05:EB:22:2E:CF:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuAEvvpVPds1Vk-3disF6yIuz5M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/5tqPEp3EliYZS2xI-t2SOYASA6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/XuAEvvpVPds1Vk-3disF6yIuz5M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.96.0/22
IPv6:
2a00:1c3e:96::-2a00:1c3e:99:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1b:42:d8:6d:08:cb:fd:c3:39:4e:8b:1a:b6:0e:88:7a:93:dc:
e6:71:c0:1d:80:cd:2e:77:06:14:55:43:02:32:c3:42:c1:1d:
be:82:93:c1:93:c5:26:d6:bf:cc:60:f3:b0:cb:9d:06:8e:fa:
ff:86:82:65:a9:d2:83:cd:c5:9b:8f:0c:5d:75:6a:dc:a2:2c:
8f:d5:c8:2c:fe:b2:a3:d1:23:db:87:95:eb:92:0f:4b:74:ee:
d8:27:11:ed:2f:35:40:5c:36:a3:7e:90:86:52:fd:6b:33:cb:
42:a6:65:7a:2d:5c:2f:f6:e6:df:d2:33:96:a2:71:3c:8f:a9:
7b:73:45:7e:f8:26:6e:5f:f2:88:39:6d:17:ec:4e:b2:c6:26:
d1:36:c1:dc:c8:41:21:d8:44:30:38:6d:1c:2e:15:66:6b:77:
5c:de:ab:e7:fd:00:a5:61:fb:5e:6e:83:ea:6d:e6:2d:7e:cd:
c1:cc:8b:d9:bf:04:00:06:1c:ff:fd:49:31:73:c8:c2:c7:66:
9a:5d:98:5e:a8:e7:aa:b9:11:1b:e9:e4:93:af:54:ba:88:7a:
ee:a9:2f:11:db:b5:fc:a9:99:e5:7f:de:ac:4d:d0:0b:44:dc:
48:06:3f:d8:dc:3a:29:24:d6:42:4e:64:e6:e2:8b:65:14:6e:
da:fb:d5:f3
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQgaCeASZBgA6NnhyL39Z4aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTAwNGJlZmE1NTNkZGIzNTU2NGZiNzc2MmIwNWViMjIy
ZWNmOTMwHhcNMjUwMTAxMDU0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmRhOGYxMjlkYzQ5NjI2MTk0YjZjNDhmYWRkOTIzOTgwMTIwM2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA22sLUOpm7QnIfu3Tlwt5GzPyBTUZ
O+AnR86pHqXjl4Th+WKgVjW8HPMwqoruScZ3pkDAiSEzzpZVVgW5MQCNQsuDWgqI
/jG7ru/rHwATpD3HycVKgmnpTxek+aymLAYhS6BZ0omRMIzJaDyVNtgdZpACwbdD
9DrYrC/pMNM4PZCwLBORVMvo6isEwKaAZ6vHd2vyuY87XAerE5P/0hwI62hft4H/
aTYLhVOHvbUox/gK1YEOgGXTa/b+6JCOc3Giyl3E9WZfN9m3f2wQ5gynOAYXYa13
qI7EDZUTJ+55zQCOQUa5UOsOvQ3hp+eMZ2S/25KAIZrUsv1jZgOxREZ3mQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFObajxKdxJYmGUtsSPrdkjmAEgOkMB8GA1UdIwQY
MBaAFF7gBL76VT3bNVZPt3YrBesiLs+TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVBRXZ2cFZQZHMxVmstM2Rpc0Y2eUl1ejVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zYzM1ZWEtN2M5YS00OGUyLWIzYjIt
ZTIyOGFhYjQ1MDE0LzEvNXRxUEVwM0VsaVlaUzJ4SS10MlNPWUFTQTZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zYzM1ZWEtN2M5YS00OGUyLWIzYjItZTIyOGFhYjQ1MDE0
LzEvWHVBRXZ2cFZQZHMxVmstM2Rpc0Y2eUl1ejVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQCuV9gMBoE
AgACMBQwEgMHASoAHD4AlgMHASoAHD4AmDANBgkqhkiG9w0BAQsFAAOCAQEAG0LY
bQjL/cM5Tosatg6IepPc5nHAHYDNLncGFFVDAjLDQsEdvoKTwZPFJta/zGDzsMud
Bo76/4aCZanSg83Fm48MXXVq3KIsj9XILP6yo9Ej24eV65IPS3Tu2CcR7S81QFw2
o36QhlL9azPLQqZlei1cL/bm39IzlqJxPI+pe3NFfvgmbl/yiDltF+xOssYm0TbB
3MhBIdhEMDhtHC4VZmt3XN6r5/0ApWH7Xm6D6m3mLX7NwcyL2b8EAAYc//1JMXPI
wsdmml2YXqjnqrkRG+nkk69Uuoh67qkvEdu1/KmZ5X/erE3QC0TcSAY/2Nw6KSTW
Qk5k5uKLZRRu2vvV8w==
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:22:17 2025 by rpki-client