Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/316020-9fc5-4b7c-ae41-e9554483ffa7/1/g5PI0OIlX5tTjsen3s8hXQzEWx4.roa
File: g5PI0OIlX5tTjsen3s8hXQzEWx4.roa (raw, json)
Hash identifier: uE1lBW16SA+r7c4/Tg2mSsWjcv7alroQQDQoG/Ta6JA=
Subject key identifier: 83:93:C8:D0:E2:25:5F:9B:53:8E:C7:A7:DE:CF:21:5D:0C:C4:5B:1E
Certificate issuer: /CN=9ff3396374cbf5d767125f02dcf0f97296323092
Certificate serial: 019614846C839B3BB35E7DC817F60E8DC512
Authority key identifier: 9F:F3:39:63:74:CB:F5:D7:67:12:5F:02:DC:F0:F9:72:96:32:30:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n_M5Y3TL9ddnEl8C3PD5cpYyMJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/316020-9fc5-4b7c-ae41-e9554483ffa7/1/g5PI0OIlX5tTjsen3s8hXQzEWx4.roa
Signing time: Tue 08 Apr 2025 08:29:04 +0000
ROA not before: Tue 08 Apr 2025 08:29:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59890
IP address blocks: 147.78.248.0/22 maxlen: 24
185.67.172.0/22 maxlen: 24
185.251.200.0/22 maxlen: 24
194.208.128.0/19 maxlen: 21
194.208.176.0/21 maxlen: 22
2a05:1140::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/316020-9fc5-4b7c-ae41-e9554483ffa7/1/n_M5Y3TL9ddnEl8C3PD5cpYyMJI.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/316020-9fc5-4b7c-ae41-e9554483ffa7/1/n_M5Y3TL9ddnEl8C3PD5cpYyMJI.mft
rsync://rpki.ripe.net/repository/DEFAULT/n_M5Y3TL9ddnEl8C3PD5cpYyMJI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:14:84:6c:83:9b:3b:b3:5e:7d:c8:17:f6:0e:8d:c5:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ff3396374cbf5d767125f02dcf0f97296323092
Validity
Not Before: Apr 8 08:29:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8393c8d0e2255f9b538ec7a7decf215d0cc45b1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d7:bb:dc:81:e3:46:17:8d:61:1f:b1:1a:03:
2a:7d:c7:19:be:6e:63:62:e7:3b:72:a2:7b:12:b8:
d7:14:57:19:d9:5c:3d:58:dc:51:a6:2a:48:56:00:
6a:a5:80:0f:2e:ed:55:94:fe:99:ae:d2:3b:a8:fe:
91:f4:9d:a8:37:86:a9:76:38:d0:c7:35:57:9a:89:
a4:22:2e:fe:fa:ec:0d:f1:b6:f9:55:7c:50:51:e8:
59:65:28:31:c4:6d:9c:21:8b:76:e7:2f:04:6b:00:
2c:80:b1:95:83:01:cf:6d:f0:54:b4:ba:85:33:f0:
ac:13:15:07:73:c4:24:c2:4f:cb:71:d0:e6:1c:a9:
db:12:6c:07:98:3a:5a:68:98:3e:8a:d8:2e:27:60:
19:92:ae:69:c9:53:17:72:63:b1:e7:4c:92:34:2a:
25:f1:33:b7:b1:e8:c9:aa:ee:04:39:2a:96:36:e7:
7c:86:11:37:51:59:64:0a:7c:fd:0c:24:5a:d7:73:
ad:4f:5e:54:73:7e:ea:d1:b7:47:8c:c3:a8:93:60:
94:8d:ad:bc:8e:6c:8f:a4:df:8b:4c:25:63:fa:45:
90:e1:ba:6c:31:62:6d:37:2a:c2:7e:8b:c3:93:38:
24:92:5b:77:7f:64:0b:35:da:1f:c8:dd:e2:80:01:
fa:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:93:C8:D0:E2:25:5F:9B:53:8E:C7:A7:DE:CF:21:5D:0C:C4:5B:1E
X509v3 Authority Key Identifier:
keyid:9F:F3:39:63:74:CB:F5:D7:67:12:5F:02:DC:F0:F9:72:96:32:30:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n_M5Y3TL9ddnEl8C3PD5cpYyMJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/316020-9fc5-4b7c-ae41-e9554483ffa7/1/g5PI0OIlX5tTjsen3s8hXQzEWx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/316020-9fc5-4b7c-ae41-e9554483ffa7/1/n_M5Y3TL9ddnEl8C3PD5cpYyMJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.248.0/22
185.67.172.0/22
185.251.200.0/22
194.208.128.0/19
194.208.176.0/21
IPv6:
2a05:1140::/29
Signature Algorithm: sha256WithRSAEncryption
58:65:4f:7a:b2:cf:9e:24:bf:fe:89:f2:8b:a0:bc:72:ec:43:
43:ef:28:07:28:c1:30:78:6c:ad:21:e9:e0:85:63:2e:6e:c6:
77:60:7b:fe:69:09:60:9e:ae:65:df:b0:c8:a1:6f:ee:11:79:
b8:c5:26:78:e6:04:e3:e5:e7:a0:d7:31:59:17:a9:da:92:f7:
48:95:5d:20:b6:b3:0b:2a:2e:9f:80:a8:fd:62:6d:30:27:86:
e8:35:06:ff:ef:f8:53:ba:d3:46:92:aa:f5:de:c0:ec:9f:eb:
dc:eb:2b:ba:1d:be:1e:2e:3a:ec:bf:d1:06:cb:1c:62:4f:3c:
b1:71:ec:e3:bd:24:8c:9d:ae:4c:ac:47:2a:82:87:8d:e2:37:
a1:c3:8e:4b:0a:fc:67:a4:3d:d6:80:1f:df:96:1a:06:a7:bb:
2b:b4:b3:a7:f9:81:60:46:88:70:0f:7c:94:45:b1:ab:5d:4c:
05:ca:64:5d:47:1d:d7:be:3f:2e:04:5f:59:7b:cc:0d:30:c1:
5a:ae:e1:e4:31:7d:08:26:c0:fd:86:99:31:3e:67:f6:ff:ea:
aa:a9:1e:98:93:c1:45:83:bc:c7:47:56:38:49:ca:50:53:85:
6d:43:7f:e5:bf:7c:2a:d9:c1:2b:20:ff:98:73:13:cf:fa:19:
8d:c3:93:a5
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZYUhGyDmzuzXn3IF/YOjcUSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmZjMzOTYzNzRjYmY1ZDc2NzEyNWYwMmRjZjBmOTcyOTYz
MjMwOTIwHhcNMjUwNDA4MDgyOTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzkzYzhkMGUyMjU1ZjliNTM4ZWM3YTdkZWNmMjE1ZDBjYzQ1YjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9e73IHjRheNYR+xGgMqfccZvm5j
Yuc7cqJ7ErjXFFcZ2Vw9WNxRpipIVgBqpYAPLu1VlP6ZrtI7qP6R9J2oN4apdjjQ
xzVXmomkIi7++uwN8bb5VXxQUehZZSgxxG2cIYt25y8EawAsgLGVgwHPbfBUtLqF
M/CsExUHc8Qkwk/LcdDmHKnbEmwHmDpaaJg+itguJ2AZkq5pyVMXcmOx50ySNCol
8TO3sejJqu4EOSqWNud8hhE3UVlkCnz9DCRa13OtT15Uc37q0bdHjMOok2CUja28
jmyPpN+LTCVj+kWQ4bpsMWJtNyrCfovDkzgkklt3f2QLNdofyN3igAH6uQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIOTyNDiJV+bU47Hp97PIV0MxFseMB8GA1UdIwQY
MBaAFJ/zOWN0y/XXZxJfAtzw+XKWMjCSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbl9NNVkzVEw5ZGRuRWw4QzNQRDVjcFl5TUpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zMTYwMjAtOWZjNS00YjdjLWFlNDEt
ZTk1NTQ0ODNmZmE3LzEvZzVQSTBPSWxYNXRUanNlbjNzOGhYUXpFV3g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zMTYwMjAtOWZjNS00YjdjLWFlNDEtZTk1NTQ0ODNmZmE3
LzEvbl9NNVkzVEw5ZGRuRWw4QzNQRDVjcFl5TUpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCk074AwQC
uUOsAwQCufvIAwQFwtCAAwQDwtCwMA0EAgACMAcDBQMqBRFAMA0GCSqGSIb3DQEB
CwUAA4IBAQBYZU96ss+eJL/+ifKLoLxy7END7ygHKMEweGytIenghWMubsZ3YHv+
aQlgnq5l37DIoW/uEXm4xSZ45gTj5eeg1zFZF6nakvdIlV0gtrMLKi6fgKj9Ym0w
J4boNQb/7/hTutNGkqr13sDsn+vc6yu6Hb4eLjrsv9EGyxxiTzyxcezjvSSMna5M
rEcqgoeN4jehw45LCvxnpD3WgB/flhoGp7srtLOn+YFgRohwD3yURbGrXUwFymRd
Rx3Xvj8uBF9Ze8wNMMFaruHkMX0IJsD9hpkxPmf2/+qqqR6Yk8FFg7zHR1Y4ScpQ
U4VtQ3/lv3wq2cErIP+YcxPP+hmNw5Ol
-----END CERTIFICATE-----
Generated at Sun Apr 20 21:25:20 2025 by rpki-client