Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/5cjPo2NxTU_PkpZrzxOaccb7QAc.roa
File: 5cjPo2NxTU_PkpZrzxOaccb7QAc.roa (raw, json)
Hash identifier: JBRYczci1pxDb2dYGHxa4U5RjRNLI5e1XbtSFnJox1I=
Subject key identifier: E5:C8:CF:A3:63:71:4D:4F:CF:92:96:6B:CF:13:9A:71:C6:FB:40:07
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 0195435CB28456117B12CE80AA5ECC893CF5
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/5cjPo2NxTU_PkpZrzxOaccb7QAc.roa
Signing time: Wed 26 Feb 2025 17:45:03 +0000
ROA not before: Wed 26 Feb 2025 17:45:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41909
IP address blocks: 5.8.88.0/22 maxlen: 24
5.188.68.0/23 maxlen: 24
5.188.88.0/22 maxlen: 24
91.243.62.0/23 maxlen: 24
146.185.244.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:43:5c:b2:84:56:11:7b:12:ce:80:aa:5e:cc:89:3c:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Feb 26 17:45:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5c8cfa363714d4fcf92966bcf139a71c6fb4007
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f4:ea:ef:b2:02:65:dd:6f:46:05:73:19:08:
38:37:b3:b6:38:08:64:3d:c6:55:2a:e9:88:54:a1:
91:58:54:87:02:91:53:97:b6:ab:b6:03:59:fe:0a:
ae:75:ef:71:59:cd:64:09:08:e4:77:b3:73:31:b3:
0a:d5:ea:2b:88:8b:52:69:7b:97:4b:b1:69:5c:b7:
d8:c3:02:b0:49:ee:dc:1f:82:14:c3:d7:b4:8c:b2:
36:4a:d6:00:66:82:80:15:19:c7:93:a7:3f:f7:51:
13:c6:1f:8d:33:77:a8:ae:37:b3:b0:fd:17:f0:d9:
66:0f:8e:90:41:cc:79:15:ef:8c:c4:5f:eb:06:57:
11:1b:b1:35:ad:4c:a9:28:14:71:03:c8:20:1f:95:
fc:d5:15:cf:fc:be:64:ed:68:8c:e0:9b:a6:66:26:
74:bb:fe:88:74:4a:64:2a:7a:d2:28:05:9a:70:e3:
59:64:7a:93:d5:89:f2:49:7b:9a:f3:06:d8:9b:c7:
8d:9b:b9:12:37:d8:d6:9b:ca:ff:62:59:70:cb:fd:
58:7e:36:e9:56:5a:a8:a0:68:81:16:7f:1f:a6:3b:
bc:d0:29:7a:9c:4b:56:ee:cf:eb:f8:00:aa:85:13:
7e:5c:2a:3f:33:e3:00:27:33:ae:5b:f5:3b:b0:1c:
e6:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:C8:CF:A3:63:71:4D:4F:CF:92:96:6B:CF:13:9A:71:C6:FB:40:07
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/5cjPo2NxTU_PkpZrzxOaccb7QAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.88.0/22
5.188.68.0/23
5.188.88.0/22
91.243.62.0/23
146.185.244.0/23
Signature Algorithm: sha256WithRSAEncryption
23:aa:b2:60:f7:29:87:6c:d0:bb:6a:a6:47:28:36:7c:91:ba:
d1:44:b1:c1:85:e3:db:bc:2b:ec:99:59:8d:ae:c0:5e:a2:d0:
8d:9c:f9:22:ae:25:a5:67:54:bd:08:f5:1b:e4:3d:6f:ce:61:
ca:61:13:fa:f2:9f:b0:5e:81:28:c2:28:5d:11:13:a9:bb:a7:
59:0f:ea:2f:1e:ec:04:56:b3:62:b7:27:97:9a:81:74:37:a8:
f8:dd:35:45:c8:0b:87:be:b9:ba:92:a3:04:2c:ea:6a:18:f5:
63:31:66:09:e6:79:85:26:d8:5f:b0:2c:71:cb:da:05:43:12:
20:f5:48:9f:2d:f7:f8:1e:4b:56:76:fe:03:4d:08:f1:51:f9:
99:0d:74:b0:62:48:99:2e:c5:22:48:81:60:f5:ad:fa:a2:a6:
ac:d9:2e:9b:d8:c0:f7:42:ef:bc:9f:06:50:7d:a3:7f:5c:75:
18:3e:22:93:93:ef:99:53:bb:b1:b6:7d:dd:63:6c:2b:97:9e:
3c:8d:fe:9b:70:e0:ef:f2:18:c0:c6:af:7d:39:5a:ec:dd:7e:
c6:d5:32:a3:4b:3c:0e:fd:f9:06:cf:fe:9d:18:1e:51:12:6e:
4d:5e:07:62:5e:30:ac:99:7a:46:fd:36:d7:6f:0a:9f:a0:53:
6e:8e:05:bf
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZVDXLKEVhF7Es6Aql7MiTz1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjUwMjI2MTc0NTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWM4Y2ZhMzYzNzE0ZDRmY2Y5Mjk2NmJjZjEzOWE3MWM2ZmI0MDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfTq77ICZd1vRgVzGQg4N7O2OAhk
PcZVKumIVKGRWFSHApFTl7artgNZ/gqude9xWc1kCQjkd7NzMbMK1eoriItSaXuX
S7FpXLfYwwKwSe7cH4IUw9e0jLI2StYAZoKAFRnHk6c/91ETxh+NM3eorjezsP0X
8NlmD46QQcx5Fe+MxF/rBlcRG7E1rUypKBRxA8ggH5X81RXP/L5k7WiM4JumZiZ0
u/6IdEpkKnrSKAWacONZZHqT1YnySXua8wbYm8eNm7kSN9jWm8r/Yllwy/1Yfjbp
VlqooGiBFn8fpju80Cl6nEtW7s/r+ACqhRN+XCo/M+MAJzOuW/U7sBzmfQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOXIz6NjcU1Pz5KWa88TmnHG+0AHMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvNWNqUG8yTnhUVV9Qa3Bacnp4T2FjY2I3UUFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCBQhYAwQB
BbxEAwQCBbxYAwQBW/M+AwQBkrn0MA0GCSqGSIb3DQEBCwUAA4IBAQAjqrJg9ymH
bNC7aqZHKDZ8kbrRRLHBhePbvCvsmVmNrsBeotCNnPkiriWlZ1S9CPUb5D1vzmHK
YRP68p+wXoEowihdEROpu6dZD+ovHuwEVrNityeXmoF0N6j43TVFyAuHvrm6kqME
LOpqGPVjMWYJ5nmFJthfsCxxy9oFQxIg9UifLff4HktWdv4DTQjxUfmZDXSwYkiZ
LsUiSIFg9a36oqas2S6b2MD3Qu+8nwZQfaN/XHUYPiKTk++ZU7uxtn3dY2wrl548
jf6bcODv8hjAxq99OVrs3X7G1TKjSzwO/fkGz/6dGB5REm5NXgdiXjCsmXpG/TbX
bwqfoFNujgW/
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:18:54 2025 by rpki-client