Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/EOcGuKsuzERJWlO3Glh7vX3Dw4U.roa
File: EOcGuKsuzERJWlO3Glh7vX3Dw4U.roa (raw, json)
Hash identifier: qm5+CSG+lqN2SyDjSu77MZoqG6fOvFS14/5tX6Aos4Q=
Subject key identifier: 10:E7:06:B8:AB:2E:CC:44:49:5A:53:B7:1A:58:7B:BD:7D:C3:C3:85
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0197285E8F6540B5201DB4251E0798705F72
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/EOcGuKsuzERJWlO3Glh7vX3Dw4U.roa
Signing time: Sat 31 May 2025 22:02:55 +0000
ROA not before: Sat 31 May 2025 22:02:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214079
IP address blocks: 5.231.207.0/24 maxlen: 24
5.231.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 00:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:28:5e:8f:65:40:b5:20:1d:b4:25:1e:07:98:70:5f:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: May 31 22:02:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=10e706b8ab2ecc44495a53b71a587bbd7dc3c385
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:b1:0c:42:e0:61:4f:bb:72:ab:08:25:5b:1e:
eb:df:08:f8:8a:07:11:d0:c8:63:7f:66:0b:99:99:
61:d3:0c:c9:d8:0f:e8:fe:77:b9:93:e9:e9:86:fa:
fd:49:e9:23:71:7f:14:3b:58:7d:60:c6:23:e8:50:
31:70:47:31:c8:18:47:03:0e:7f:89:e4:07:be:06:
d3:4f:64:de:b6:5a:bb:f0:32:c6:80:25:05:e7:19:
fd:ed:1b:1a:06:ce:06:e6:ea:30:39:18:2d:99:aa:
38:47:40:11:03:61:b6:de:1b:33:0d:bb:70:f2:ab:
34:ac:1d:de:fc:23:c4:74:da:65:25:f5:13:7d:b9:
b3:ca:33:f8:9a:60:4b:c5:db:34:59:a2:2a:e0:4c:
9d:db:fe:44:98:35:51:ca:8f:9a:6b:d6:91:8b:e6:
08:bf:79:9f:67:1d:f8:c3:55:a3:df:ce:ba:82:67:
19:f8:7e:f0:4c:5c:7f:11:bc:5c:ff:ed:e3:92:a7:
a6:5b:b8:03:cd:8c:5e:ec:47:a8:99:88:c9:ea:33:
b8:cd:2e:b1:61:11:94:7e:3d:c8:80:79:b8:4a:2a:
ef:2f:4c:dc:24:3f:e0:c0:e8:58:58:a3:02:b8:8b:
38:a9:24:2c:ed:56:ae:62:2b:ad:c6:07:7f:17:a4:
ac:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:E7:06:B8:AB:2E:CC:44:49:5A:53:B7:1A:58:7B:BD:7D:C3:C3:85
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/EOcGuKsuzERJWlO3Glh7vX3Dw4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.231.207.0/24
5.231.230.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:d7:e7:dd:61:8e:6b:35:d5:d6:6b:81:ed:cc:fc:0e:44:34:
6e:02:53:9d:5b:92:55:30:49:27:f7:04:cc:9f:57:ae:8d:b2:
04:70:4e:73:92:23:91:f2:73:fd:4a:f1:0d:a1:68:f5:aa:04:
b9:bd:37:a5:e2:19:c0:92:a4:f4:6b:d8:30:0b:00:35:0e:c1:
ec:26:20:f2:9e:79:a8:63:5c:e1:d9:ab:cb:d4:2d:3a:d1:53:
ed:cc:75:2f:a2:73:ac:40:12:d4:0b:9a:57:1a:1c:49:c5:57:
a3:0e:43:b4:28:38:31:e6:fd:af:5f:96:9e:23:5e:53:5e:d4:
cf:af:c7:12:f2:12:63:95:09:8c:b2:58:8e:f5:af:07:08:d9:
c9:e4:83:98:f2:c6:3b:70:ed:c3:9d:4b:36:07:b2:d1:50:39:
97:5f:88:26:6a:d2:1c:29:b6:2d:fe:a3:ca:9d:6d:1b:97:5e:
0a:f3:18:aa:01:02:de:e8:34:75:f2:62:5f:a5:1b:35:0b:72:
88:5b:9c:58:f2:ad:83:1e:f2:77:32:8c:b9:87:b9:e7:f5:14:
4a:95:78:0b:62:67:2b:af:5b:0e:2b:ab:be:ef:03:70:27:06:
51:60:3d:aa:7a:ab:f5:d6:c7:c7:ac:8d:9f:aa:c4:10:4d:8b:
64:b6:a8:4a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZcoXo9lQLUgHbQlHgeYcF9yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNTMxMjIwMjU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGU3MDZiOGFiMmVjYzQ0NDk1YTUzYjcxYTU4N2JiZDdkYzNjMzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1rEMQuBhT7tyqwglWx7r3wj4igcR
0Mhjf2YLmZlh0wzJ2A/o/ne5k+nphvr9SekjcX8UO1h9YMYj6FAxcEcxyBhHAw5/
ieQHvgbTT2Tetlq78DLGgCUF5xn97RsaBs4G5uowORgtmao4R0ARA2G23hszDbtw
8qs0rB3e/CPEdNplJfUTfbmzyjP4mmBLxds0WaIq4Eyd2/5EmDVRyo+aa9aRi+YI
v3mfZx34w1Wj3866gmcZ+H7wTFx/Ebxc/+3jkqemW7gDzYxe7EeomYjJ6jO4zS6x
YRGUfj3IgHm4SirvL0zcJD/gwOhYWKMCuIs4qSQs7VauYiutxgd/F6SsfwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBDnBrirLsxESVpTtxpYe719w8OFMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvRU9jR3VLc3V6RVJKV2xPM0dsaDd2WDNEdzRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABefPAwQA
BefmMA0GCSqGSIb3DQEBCwUAA4IBAQC81+fdYY5rNdXWa4HtzPwORDRuAlOdW5JV
MEkn9wTMn1eujbIEcE5zkiOR8nP9SvENoWj1qgS5vTel4hnAkqT0a9gwCwA1DsHs
JiDynnmoY1zh2avL1C060VPtzHUvonOsQBLUC5pXGhxJxVejDkO0KDgx5v2vX5ae
I15TXtTPr8cS8hJjlQmMsliO9a8HCNnJ5IOY8sY7cO3DnUs2B7LRUDmXX4gmatIc
KbYt/qPKnW0bl14K8xiqAQLe6DR18mJfpRs1C3KIW5xY8q2DHvJ3Moy5h7nn9RRK
lXgLYmcrr1sOK6u+7wNwJwZRYD2qeqv11sfHrI2fqsQQTYtktqhK
-----END CERTIFICATE-----
Generated at Wed Jun 4 11:30:09 2025 by rpki-client