Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/D7ediiTz_uILkQjMcOxbJRspBZM.roa
File: D7ediiTz_uILkQjMcOxbJRspBZM.roa (raw, json)
Hash identifier: xv+ZaHbsxgBxSLWNp92vsB3JBB7fnE3dgkBMhx4NlKg=
Subject key identifier: 0F:B7:9D:8A:24:F3:FE:E2:0B:91:08:CC:70:EC:5B:25:1B:29:05:93
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0195F9DCC590B9E8E5D330D717E0DDC7AF3C
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/D7ediiTz_uILkQjMcOxbJRspBZM.roa
Signing time: Thu 03 Apr 2025 04:15:50 +0000
ROA not before: Thu 03 Apr 2025 04:15:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44103
IP address blocks: 5.83.149.0/24 maxlen: 24
77.90.23.0/24 maxlen: 24
89.144.40.0/24 maxlen: 24
178.18.152.0/22 maxlen: 32
178.18.152.0/24 maxlen: 32
178.18.153.0/24 maxlen: 32
178.18.154.0/24 maxlen: 32
178.18.155.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 07:20:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f9:dc:c5:90:b9:e8:e5:d3:30:d7:17:e0:dd:c7:af:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 3 04:15:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0fb79d8a24f3fee20b9108cc70ec5b251b290593
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:3e:cd:29:d5:aa:2d:35:69:92:5d:c6:fa:94:
e4:fd:ca:cf:0b:93:0d:e1:15:76:c0:75:55:7c:1d:
2e:85:fd:be:94:c6:1e:14:7b:bb:45:75:b8:a1:3e:
58:41:b5:40:67:56:6f:94:2f:9a:d1:d5:4c:dd:02:
fb:06:6b:dc:7b:68:ca:5a:5e:a3:46:b6:bf:9b:89:
eb:b8:a3:32:31:b0:95:69:d0:fb:55:38:e8:0c:5a:
a4:f0:cc:3c:c8:b3:3a:44:31:bb:0d:ff:0b:fa:87:
e7:51:15:c2:57:20:cd:d9:c8:b6:65:f8:b5:db:01:
91:1d:85:a4:49:97:71:bc:45:1f:67:29:41:2f:4c:
8f:c8:a6:8d:1a:75:ab:05:c0:b2:4e:b4:f8:d5:45:
6f:17:a8:b8:5b:55:76:65:72:b5:91:b1:38:ce:b7:
6b:fe:72:3a:87:a4:72:93:3d:c8:29:67:8c:e0:2d:
c3:a6:36:18:b8:7d:fa:7a:b8:94:94:73:5f:9a:10:
b4:5e:a6:3c:44:c3:d6:96:7a:dc:68:0d:82:49:ec:
07:d0:eb:92:86:fb:ab:dc:4a:54:f2:fd:b4:89:ce:
e3:c5:60:f7:f2:49:85:71:37:13:fe:d1:8f:11:2b:
c0:76:36:04:63:ec:47:26:ed:0d:6e:20:26:ad:45:
59:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:B7:9D:8A:24:F3:FE:E2:0B:91:08:CC:70:EC:5B:25:1B:29:05:93
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/D7ediiTz_uILkQjMcOxbJRspBZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.149.0/24
77.90.23.0/24
89.144.40.0/24
178.18.152.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:2c:3b:55:6a:1a:97:5e:ef:56:1d:5f:47:78:8f:87:c7:f0:
6d:41:88:d3:1c:46:94:ae:ae:8f:87:6c:94:98:b3:92:58:4c:
14:c1:38:f2:1f:2c:8e:de:95:8a:ac:bf:a6:77:a3:b0:71:1a:
b2:7b:bb:0f:2d:39:fa:ad:1e:4e:7c:05:59:5b:b9:3c:6d:d8:
70:64:c4:a1:e2:c8:a3:78:19:4e:4a:23:d0:16:f3:4c:62:a1:
91:3b:c5:59:86:5f:0e:54:fb:8a:5a:d5:23:60:c5:f5:81:d7:
51:59:43:1e:95:cb:ee:39:52:2f:b4:fc:48:b2:04:1b:7b:66:
88:16:78:5c:4d:f7:e4:fa:77:a6:f7:36:d7:42:de:03:fb:2b:
90:1f:2d:91:6b:02:a9:25:d6:e0:2e:f8:73:5b:08:84:12:69:
28:77:05:6a:61:d1:68:11:00:49:e3:95:5a:9e:2b:85:6a:ef:
07:29:48:a3:98:73:ec:a2:e6:01:9c:7c:45:28:00:dd:6c:ee:
81:4b:0a:aa:03:85:78:47:34:5a:db:a8:63:e5:57:10:d0:6c:
8d:24:6f:cf:a5:62:d3:22:dd:cc:4b:ee:6a:a8:fc:94:6a:0b:
25:a1:29:b2:e9:00:5b:75:de:a0:9e:a6:dc:1e:b5:3d:ab:da:
63:42:42:1e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZX53MWQuejl0zDXF+Ddx688MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNDAzMDQxNTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmI3OWQ4YTI0ZjNmZWUyMGI5MTA4Y2M3MGVjNWIyNTFiMjkwNTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxz7NKdWqLTVpkl3G+pTk/crPC5MN
4RV2wHVVfB0uhf2+lMYeFHu7RXW4oT5YQbVAZ1ZvlC+a0dVM3QL7Bmvce2jKWl6j
Rra/m4nruKMyMbCVadD7VTjoDFqk8Mw8yLM6RDG7Df8L+ofnURXCVyDN2ci2Zfi1
2wGRHYWkSZdxvEUfZylBL0yPyKaNGnWrBcCyTrT41UVvF6i4W1V2ZXK1kbE4zrdr
/nI6h6Rykz3IKWeM4C3DpjYYuH36eriUlHNfmhC0XqY8RMPWlnrcaA2CSewH0OuS
hvur3EpU8v20ic7jxWD38kmFcTcT/tGPESvAdjYEY+xHJu0NbiAmrUVZNwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFA+3nYok8/7iC5EIzHDsWyUbKQWTMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvRDdlZGlpVHpfdUlMa1FqTWNPeGJKUnNwQlpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABVOVAwQA
TVoXAwQAWZAoAwQCshKYMA0GCSqGSIb3DQEBCwUAA4IBAQBeLDtVahqXXu9WHV9H
eI+Hx/BtQYjTHEaUrq6Ph2yUmLOSWEwUwTjyHyyO3pWKrL+md6OwcRqye7sPLTn6
rR5OfAVZW7k8bdhwZMSh4sijeBlOSiPQFvNMYqGRO8VZhl8OVPuKWtUjYMX1gddR
WUMelcvuOVIvtPxIsgQbe2aIFnhcTffk+nem9zbXQt4D+yuQHy2RawKpJdbgLvhz
WwiEEmkodwVqYdFoEQBJ45VaniuFau8HKUijmHPsouYBnHxFKADdbO6BSwqqA4V4
RzRa26hj5VcQ0GyNJG/PpWLTIt3MS+5qqPyUagsloSmy6QBbdd6gnqbcHrU9q9pj
QkIe
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:36:09 2025 by rpki-client