Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/sZXIUjNYkQlOI9ndE0JrChOikXM.roa
File: sZXIUjNYkQlOI9ndE0JrChOikXM.roa (raw, json)
Hash identifier: OPpW+uKswEC6a5aRXr/dkDwdffC87A/+AfSu3E9xRPE=
Subject key identifier: B1:95:C8:52:33:58:91:09:4E:23:D9:DD:13:42:6B:0A:13:A2:91:73
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0196E5335CD52BC165C64763030EBBE28366
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/sZXIUjNYkQlOI9ndE0JrChOikXM.roa
Signing time: Sun 18 May 2025 21:01:10 +0000
ROA not before: Sun 18 May 2025 21:01:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26548
IP address blocks: 5.175.202.0/24 maxlen: 24
5.231.124.0/24 maxlen: 24
89.144.22.0/24 maxlen: 24
89.144.46.0/24 maxlen: 24
89.144.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e5:33:5c:d5:2b:c1:65:c6:47:63:03:0e:bb:e2:83:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: May 18 21:01:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b195c852335891094e23d9dd13426b0a13a29173
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:91:11:38:90:12:59:31:cb:cc:3e:2e:1c:8e:
51:c7:31:cb:6b:53:8f:4f:3c:44:c9:00:ed:60:02:
ef:35:a4:6a:05:4a:63:98:26:86:ef:c5:db:74:e7:
20:9d:63:53:6d:9a:35:45:9e:bf:6a:2e:c5:5f:d8:
02:59:45:10:d3:e1:f7:d5:2d:e5:03:91:b7:4e:2a:
33:f0:c6:e1:de:60:f0:ef:ec:86:b7:93:51:56:fb:
1f:f8:f0:b4:f8:c7:c4:18:f5:0c:4e:65:e6:2b:b7:
00:98:d6:52:69:4b:80:d7:91:c6:d6:55:b0:5f:fa:
92:56:6e:bd:44:7f:3a:df:61:c1:84:ab:e7:cb:b3:
6d:2a:0d:91:17:2f:cc:fe:08:c8:d3:10:d9:44:0d:
f6:93:39:d3:06:70:f3:8f:46:82:61:33:bf:fc:23:
05:ec:fc:e6:47:95:16:e2:57:55:8a:95:d8:56:ec:
54:67:8c:6a:69:05:51:08:3e:cd:5b:7e:8d:82:4f:
a7:e6:2b:c3:89:88:f1:a4:7e:b0:80:47:eb:7d:a4:
4a:bf:03:ea:69:f5:69:54:04:67:46:81:4e:de:d0:
6b:71:1e:31:cf:05:f4:a9:db:02:73:6f:1e:d5:3c:
da:17:80:50:ae:f2:5f:b1:a6:da:d0:55:93:26:7d:
17:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:95:C8:52:33:58:91:09:4E:23:D9:DD:13:42:6B:0A:13:A2:91:73
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/sZXIUjNYkQlOI9ndE0JrChOikXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.202.0/24
5.231.124.0/24
89.144.22.0/24
89.144.46.0/24
89.144.58.0/24
Signature Algorithm: sha256WithRSAEncryption
22:91:87:7d:94:38:85:c4:26:47:f4:4e:5b:dc:61:1c:67:5b:
70:6b:be:2c:de:1c:1d:67:bc:8e:76:5f:2b:0b:10:9f:d5:0c:
c1:3f:ed:6d:67:71:a9:fb:94:4b:f7:42:12:8e:11:c9:6d:e6:
30:08:82:09:55:5b:12:ad:12:ca:e2:e2:ad:f5:4e:c4:3b:00:
52:b4:79:79:1f:68:f9:29:4b:84:f1:69:c1:69:ce:ef:29:f5:
82:2d:77:b5:58:58:2e:f6:a5:22:07:59:38:71:d3:bf:a7:b3:
9f:1c:69:81:52:31:6b:92:f6:8a:09:f3:d3:d9:fe:41:25:47:
79:ba:cf:f8:08:6b:3f:49:35:61:7e:bf:5c:0f:7e:c5:4f:d0:
b1:f1:5a:c6:9e:9f:d5:43:55:9a:da:a0:e2:5d:07:7b:70:3f:
61:a3:b3:32:0a:1f:25:91:0a:be:64:b4:71:0a:d0:9f:06:88:
0d:eb:85:b1:7a:8d:fe:b0:e3:a9:f5:14:60:55:2e:39:6c:1a:
b3:c9:d3:51:d1:e1:f4:d1:a1:e9:7d:49:ec:57:d0:9b:3a:db:
e6:ff:de:b3:e2:71:7f:d6:54:22:29:7a:f5:da:95:5c:68:77:
67:51:28:72:88:2d:a3:ab:77:7b:17:a7:75:aa:73:53:eb:98:
38:1d:28:db
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZblM1zVK8FlxkdjAw674oNmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNTE4MjEwMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTk1Yzg1MjMzNTg5MTA5NGUyM2Q5ZGQxMzQyNmIwYTEzYTI5MTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypEROJASWTHLzD4uHI5RxzHLa1OP
TzxEyQDtYALvNaRqBUpjmCaG78XbdOcgnWNTbZo1RZ6/ai7FX9gCWUUQ0+H31S3l
A5G3Tioz8Mbh3mDw7+yGt5NRVvsf+PC0+MfEGPUMTmXmK7cAmNZSaUuA15HG1lWw
X/qSVm69RH8632HBhKvny7NtKg2RFy/M/gjI0xDZRA32kznTBnDzj0aCYTO//CMF
7PzmR5UW4ldVipXYVuxUZ4xqaQVRCD7NW36Ngk+n5ivDiYjxpH6wgEfrfaRKvwPq
afVpVARnRoFO3tBrcR4xzwX0qdsCc28e1TzaF4BQrvJfsaba0FWTJn0XvQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLGVyFIzWJEJTiPZ3RNCawoTopFzMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvc1pYSVVqTllrUWxPSTluZEUwSnJDaE9pa1hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABa/KAwQA
Bed8AwQAWZAWAwQAWZAuAwQAWZA6MA0GCSqGSIb3DQEBCwUAA4IBAQAikYd9lDiF
xCZH9E5b3GEcZ1twa74s3hwdZ7yOdl8rCxCf1QzBP+1tZ3Gp+5RL90ISjhHJbeYw
CIIJVVsSrRLK4uKt9U7EOwBStHl5H2j5KUuE8WnBac7vKfWCLXe1WFgu9qUiB1k4
cdO/p7OfHGmBUjFrkvaKCfPT2f5BJUd5us/4CGs/STVhfr9cD37FT9Cx8VrGnp/V
Q1Wa2qDiXQd7cD9ho7MyCh8lkQq+ZLRxCtCfBogN64Wxeo3+sOOp9RRgVS45bBqz
ydNR0eH00aHpfUnsV9CbOtvm/96z4nF/1lQiKXr12pVcaHdnUShyiC2jq3d7F6d1
qnNT65g4HSjb
-----END CERTIFICATE-----
Generated at Sat Jun 7 12:31:07 2025 by rpki-client