Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/7frYRaPWiUBQtdiw3rIrrhQhjyQ.roa
File: 7frYRaPWiUBQtdiw3rIrrhQhjyQ.roa (raw, json)
Hash identifier: HXRVWZcU5xbezLat9MNaXuodNGFiZBK+jua9+ZXWRsw=
Subject key identifier: ED:FA:D8:45:A3:D6:89:40:50:B5:D8:B0:DE:B2:2B:AE:14:21:8F:24
Certificate issuer: /CN=5a5e66b2759e50bb69bb0a4409eeb3ba48c46c56
Certificate serial: 0195F5F8AC5C3CAACB9C894DF4F929905482
Authority key identifier: 5A:5E:66:B2:75:9E:50:BB:69:BB:0A:44:09:EE:B3:BA:48:C4:6C:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wl5msnWeULtpuwpECe6zukjEbFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/7frYRaPWiUBQtdiw3rIrrhQhjyQ.roa
Signing time: Wed 02 Apr 2025 10:07:49 +0000
ROA not before: Wed 02 Apr 2025 10:07:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215515
IP address blocks: 91.237.254.0/24 maxlen: 24
91.237.255.0/24 maxlen: 24
91.238.0.0/24 maxlen: 24
2001:67c:1158::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/Wl5msnWeULtpuwpECe6zukjEbFY.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/Wl5msnWeULtpuwpECe6zukjEbFY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wl5msnWeULtpuwpECe6zukjEbFY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f5:f8:ac:5c:3c:aa:cb:9c:89:4d:f4:f9:29:90:54:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a5e66b2759e50bb69bb0a4409eeb3ba48c46c56
Validity
Not Before: Apr 2 10:07:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=edfad845a3d6894050b5d8b0deb22bae14218f24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0a:0b:1a:d5:70:d2:45:c5:e3:47:e5:aa:81:
d1:5d:34:cf:e0:0b:d8:24:9a:48:80:d9:9f:ba:10:
e6:4b:ee:c0:63:20:b0:9a:af:ba:a7:7a:e2:ed:1f:
9a:01:c2:c2:7f:91:d6:7f:70:7d:4f:bd:12:0a:3d:
da:db:7d:04:7c:b7:83:1c:6a:e0:3e:b3:ce:8c:7c:
f1:85:74:99:5d:b0:bb:7d:f6:af:ab:ec:44:a8:7e:
e7:0d:2b:83:ea:1b:aa:5c:8f:90:09:d6:61:b2:dc:
a1:1d:56:48:07:55:cf:96:3f:5a:08:b3:06:6f:6d:
c7:7a:b8:87:cf:12:d2:80:a0:9d:fb:52:c2:99:ad:
27:62:62:6b:3d:09:57:2c:21:63:8e:14:f4:55:e6:
0f:53:e7:8a:81:cd:38:2b:31:91:86:b0:ce:60:5e:
a1:f1:7d:18:49:a3:15:59:87:7c:e0:b1:3c:33:ed:
25:2b:f2:20:60:58:bd:95:d8:c3:5e:bb:67:73:ee:
1a:d3:4a:19:de:3f:a9:12:49:b3:11:69:f9:31:20:
01:30:e7:51:b1:d5:69:c1:36:5b:4b:59:5a:cb:dd:
da:b7:70:6c:39:3a:1a:18:f9:dd:6d:c4:7e:f8:e5:
e7:12:fc:38:24:4f:9f:e7:bf:c0:5e:f6:12:00:5e:
72:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:FA:D8:45:A3:D6:89:40:50:B5:D8:B0:DE:B2:2B:AE:14:21:8F:24
X509v3 Authority Key Identifier:
keyid:5A:5E:66:B2:75:9E:50:BB:69:BB:0A:44:09:EE:B3:BA:48:C4:6C:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wl5msnWeULtpuwpECe6zukjEbFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/7frYRaPWiUBQtdiw3rIrrhQhjyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/Wl5msnWeULtpuwpECe6zukjEbFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.254.0-91.238.0.255
IPv6:
2001:67c:1158::/48
Signature Algorithm: sha256WithRSAEncryption
0e:77:b0:e4:99:67:62:47:b6:1c:de:c7:f4:1c:6d:f3:9e:27:
77:ba:52:ad:0c:4d:d4:b9:5c:d0:35:b2:8b:85:7a:1f:c8:8b:
08:ed:b4:2e:48:25:d3:80:88:ad:72:42:9a:61:db:07:e4:90:
b3:c1:b8:27:33:cf:03:c1:b1:d8:8b:4e:f1:3d:f4:92:46:52:
d7:48:12:c9:4e:b5:c7:13:ee:90:3b:0e:80:6a:1e:18:b9:32:
5b:26:bd:1b:60:b2:f6:5d:b1:ed:4c:e5:05:e2:6a:fe:e5:b9:
d2:fd:ef:da:fe:8f:01:f3:38:8a:ff:33:51:d8:21:b7:a0:3a:
7b:c4:9e:bc:3b:aa:c3:69:f1:9d:27:4f:3c:63:0e:12:7b:f2:
7d:8f:e9:2c:fe:1f:33:07:65:51:68:cd:34:9b:1a:5b:0d:18:
e2:60:b9:00:fa:4a:3b:7e:1b:8e:32:3b:53:84:7d:16:c8:51:
dd:b8:90:f6:a0:c3:8e:10:03:e8:24:4e:ec:ee:ba:de:7a:91:
1c:43:4d:ea:53:7e:45:64:31:54:81:47:eb:33:9d:92:6e:5b:
ec:64:88:dd:1d:b4:3a:54:b4:7a:bb:4b:70:04:f4:c3:d1:19:
1a:86:9b:ff:2a:fa:89:63:f0:a6:63:a4:3e:97:c1:06:6f:9c:
99:24:34:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZX1+KxcPKrLnIlN9PkpkFSCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNWU2NmIyNzU5ZTUwYmI2OWJiMGE0NDA5ZWViM2JhNDhj
NDZjNTYwHhcNMjUwNDAyMTAwNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGZhZDg0NWEzZDY4OTQwNTBiNWQ4YjBkZWIyMmJhZTE0MjE4ZjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAoLGtVw0kXF40flqoHRXTTP4AvY
JJpIgNmfuhDmS+7AYyCwmq+6p3ri7R+aAcLCf5HWf3B9T70SCj3a230EfLeDHGrg
PrPOjHzxhXSZXbC7ffavq+xEqH7nDSuD6huqXI+QCdZhstyhHVZIB1XPlj9aCLMG
b23HeriHzxLSgKCd+1LCma0nYmJrPQlXLCFjjhT0VeYPU+eKgc04KzGRhrDOYF6h
8X0YSaMVWYd84LE8M+0lK/IgYFi9ldjDXrtnc+4a00oZ3j+pEkmzEWn5MSABMOdR
sdVpwTZbS1lay93at3BsOToaGPndbcR++OXnEvw4JE+f57/AXvYSAF5y4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO362EWj1olAULXYsN6yK64UIY8kMB8GA1UdIwQY
MBaAFFpeZrJ1nlC7absKRAnus7pIxGxWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2w1bXNuV2VVTHRwdXdwRUNlNnp1a2pFYkZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi80Zjc2YjQtN2Q1Ni00N2EwLWFjNWIt
NjUzZjIzOWZlOWEwLzEvN2ZyWVJhUFdpVUJRdGRpdzNySXJyaFFoanlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi80Zjc2YjQtN2Q1Ni00N2EwLWFjNWItNjUzZjIzOWZlOWEw
LzEvV2w1bXNuV2VVTHRwdXdwRUNlNnp1a2pFYkZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAFb7f4D
BABb7gAwDwQCAAIwCQMHACABBnwRWDANBgkqhkiG9w0BAQsFAAOCAQEADnew5Jln
Yke2HN7H9Bxt854nd7pSrQxN1Llc0DWyi4V6H8iLCO20Lkgl04CIrXJCmmHbB+SQ
s8G4JzPPA8Gx2ItO8T30kkZS10gSyU61xxPukDsOgGoeGLkyWya9G2Cy9l2x7Uzl
BeJq/uW50v3v2v6PAfM4iv8zUdght6A6e8SevDuqw2nxnSdPPGMOEnvyfY/pLP4f
MwdlUWjNNJsaWw0Y4mC5APpKO34bjjI7U4R9FshR3biQ9qDDjhAD6CRO7O663nqR
HENN6lN+RWQxVIFH6zOdkm5b7GSI3R20OlS0ertLcAT0w9EZGoab/yr6iWPwpmOk
PpfBBm+cmSQ0eg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:55:28 2025 by rpki-client