Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/54bb50-01be-4ec6-9418-eee7fae5c037/1/f-v99B7kzDMwcYPXZ1yHUB7PuHk.roa
File: f-v99B7kzDMwcYPXZ1yHUB7PuHk.roa (raw, json)
Hash identifier: PLEFeVBVmPy00pfwBVn43bz19/5DH4Ktxjb7rCdDKxc=
Subject key identifier: 7F:EB:FD:F4:1E:E4:CC:33:30:71:83:D7:67:5C:87:50:1E:CF:B8:79
Certificate issuer: /CN=828672cd736b57e1e3dfc7dd736f3bd8a616ba81
Certificate serial: 0194228D29948D86476FD79DC2E231258F3B
Authority key identifier: 82:86:72:CD:73:6B:57:E1:E3:DF:C7:DD:73:6F:3B:D8:A6:16:BA:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/goZyzXNrV-Hj38fdc2872KYWuoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/54bb50-01be-4ec6-9418-eee7fae5c037/1/f-v99B7kzDMwcYPXZ1yHUB7PuHk.roa
Signing time: Wed 01 Jan 2025 15:47:44 +0000
ROA not before: Wed 01 Jan 2025 15:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56561
IP address blocks: 5.39.204.0/22 maxlen: 22
5.39.204.0/23 maxlen: 23
5.39.204.0/24 maxlen: 24
5.39.205.0/24 maxlen: 24
5.39.206.0/23 maxlen: 23
5.39.206.0/24 maxlen: 24
5.39.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/54bb50-01be-4ec6-9418-eee7fae5c037/1/goZyzXNrV-Hj38fdc2872KYWuoE.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/54bb50-01be-4ec6-9418-eee7fae5c037/1/goZyzXNrV-Hj38fdc2872KYWuoE.mft
rsync://rpki.ripe.net/repository/DEFAULT/goZyzXNrV-Hj38fdc2872KYWuoE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:29:94:8d:86:47:6f:d7:9d:c2:e2:31:25:8f:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=828672cd736b57e1e3dfc7dd736f3bd8a616ba81
Validity
Not Before: Jan 1 15:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7febfdf41ee4cc33307183d7675c87501ecfb879
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:2e:d6:f8:fb:8c:d6:dc:34:f9:cf:4b:c0:5d:
02:43:5c:92:1b:78:c0:94:11:4f:b5:69:cf:73:15:
92:b9:fc:2c:32:37:f7:a5:a5:43:16:49:4a:fc:c9:
75:97:dc:60:a9:9c:a8:f7:ad:69:37:f9:12:1b:76:
60:b1:6c:72:0e:ac:57:d0:84:60:9c:41:d7:6e:7c:
f9:73:2f:a4:6c:74:9e:b3:ed:e4:b7:d3:84:ab:e2:
8d:d5:af:ca:fc:1c:b4:05:40:c1:c6:13:13:89:ad:
22:55:b1:12:9c:1c:07:05:9e:cf:8c:5b:74:1c:73:
fe:a4:4a:57:b9:00:4b:95:0c:9f:44:c7:eb:3c:f3:
7a:1d:ad:7b:ce:b7:ce:ed:f8:c7:f9:4a:2a:65:89:
43:c5:7f:52:fe:63:a8:5d:19:47:08:89:76:47:92:
84:d3:d2:fa:dd:e2:8d:89:44:02:45:7a:47:32:88:
5a:ec:13:65:57:59:c7:f6:45:a4:18:0c:c9:e4:38:
a7:c9:e6:22:be:c3:7e:0c:97:ab:a9:27:e6:a8:33:
56:9f:83:ca:3d:98:e8:1b:07:3c:28:eb:0e:5e:80:
eb:20:b4:34:81:a3:aa:ac:9a:52:c1:b5:b4:bb:fb:
93:d9:9b:4b:61:63:29:44:e1:95:5a:44:75:e6:03:
4b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:EB:FD:F4:1E:E4:CC:33:30:71:83:D7:67:5C:87:50:1E:CF:B8:79
X509v3 Authority Key Identifier:
keyid:82:86:72:CD:73:6B:57:E1:E3:DF:C7:DD:73:6F:3B:D8:A6:16:BA:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/goZyzXNrV-Hj38fdc2872KYWuoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/54bb50-01be-4ec6-9418-eee7fae5c037/1/f-v99B7kzDMwcYPXZ1yHUB7PuHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/54bb50-01be-4ec6-9418-eee7fae5c037/1/goZyzXNrV-Hj38fdc2872KYWuoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.204.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:be:7b:f9:1c:dc:eb:44:3b:51:8a:61:70:d0:78:ac:98:d1:
b0:3e:23:b3:b1:66:1b:2a:16:08:d8:83:3d:25:ca:45:1d:85:
b3:c0:23:07:61:d9:24:86:b8:89:2c:c5:44:20:26:8f:bd:35:
c6:a3:90:11:04:d0:bf:c9:6d:1c:fd:92:01:88:5d:ff:ce:3c:
8d:f5:1d:9e:49:58:86:48:bf:83:89:a2:c9:61:73:ea:c1:f9:
a4:60:f7:e2:a7:a1:30:63:1e:57:4b:ba:72:1e:28:51:cb:1c:
15:14:29:e3:b8:77:fc:e4:97:8b:21:60:b7:10:2e:7e:9c:35:
43:2c:45:23:52:48:d6:ef:c7:f9:99:45:73:69:0c:c9:d8:a3:
dd:a4:a4:97:77:88:a4:9e:13:52:3d:2f:f3:9f:51:da:d0:cb:
47:4c:88:20:2e:9c:a2:90:ae:5c:c4:79:a9:b5:4e:42:3b:3c:
f6:d7:c1:80:43:02:45:5a:e2:14:b2:4a:c4:33:96:14:5b:81:
18:cd:51:7b:ad:92:f6:45:94:2a:8c:46:ab:91:aa:68:b3:22:
21:08:23:67:86:c2:8d:54:10:df:1a:13:a2:2c:be:4d:4c:9d:
aa:69:40:a3:42:eb:3a:13:e3:b0:3b:bc:36:29:75:26:83:3b:
d9:f9:98:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijSmUjYZHb9edwuIxJY87MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyODY3MmNkNzM2YjU3ZTFlM2RmYzdkZDczNmYzYmQ4YTYx
NmJhODEwHhcNMjUwMTAxMTU0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmViZmRmNDFlZTRjYzMzMzA3MTgzZDc2NzVjODc1MDFlY2ZiODc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqC7W+PuM1tw0+c9LwF0CQ1ySG3jA
lBFPtWnPcxWSufwsMjf3paVDFklK/Ml1l9xgqZyo961pN/kSG3ZgsWxyDqxX0IRg
nEHXbnz5cy+kbHSes+3kt9OEq+KN1a/K/By0BUDBxhMTia0iVbESnBwHBZ7PjFt0
HHP+pEpXuQBLlQyfRMfrPPN6Ha17zrfO7fjH+UoqZYlDxX9S/mOoXRlHCIl2R5KE
09L63eKNiUQCRXpHMoha7BNlV1nH9kWkGAzJ5DinyeYivsN+DJerqSfmqDNWn4PK
PZjoGwc8KOsOXoDrILQ0gaOqrJpSwbW0u/uT2ZtLYWMpROGVWkR15gNLDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH/r/fQe5MwzMHGD12dch1Aez7h5MB8GA1UdIwQY
MBaAFIKGcs1za1fh49/H3XNvO9imFrqBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ29aeXpYTnJWLUhqMzhmZGMyODcyS1lXdW9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC81NGJiNTAtMDFiZS00ZWM2LTk0MTgt
ZWVlN2ZhZTVjMDM3LzEvZi12OTlCN2t6RE13Y1lQWFoxeUhVQjdQdUhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC81NGJiNTAtMDFiZS00ZWM2LTk0MTgtZWVlN2ZhZTVjMDM3
LzEvZ29aeXpYTnJWLUhqMzhmZGMyODcyS1lXdW9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBSfMMA0G
CSqGSIb3DQEBCwUAA4IBAQAavnv5HNzrRDtRimFw0HismNGwPiOzsWYbKhYI2IM9
JcpFHYWzwCMHYdkkhriJLMVEICaPvTXGo5ARBNC/yW0c/ZIBiF3/zjyN9R2eSViG
SL+DiaLJYXPqwfmkYPfip6EwYx5XS7pyHihRyxwVFCnjuHf85JeLIWC3EC5+nDVD
LEUjUkjW78f5mUVzaQzJ2KPdpKSXd4iknhNSPS/zn1Ha0MtHTIggLpyikK5cxHmp
tU5COzz218GAQwJFWuIUskrEM5YUW4EYzVF7rZL2RZQqjEarkaposyIhCCNnhsKN
VBDfGhOiLL5NTJ2qaUCjQus6E+OwO7w2KXUmgzvZ+Zi5
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:07:55 2025 by rpki-client