Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/5sGdFc_1Zid-hBM7mInO1hEaSqE.roa
File: 5sGdFc_1Zid-hBM7mInO1hEaSqE.roa (raw, json)
Hash identifier: 7bwxpMhgqxIjIH4tFXJcxeBHbkei+D+EpzaJzJaJhv4=
Subject key identifier: E6:C1:9D:15:CF:F5:66:27:7E:84:13:3B:98:89:CE:D6:11:1A:4A:A1
Certificate issuer: /CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Certificate serial: 0196C89E76E2BD1CD2533F539D20EC9C962F
Authority key identifier: AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/5sGdFc_1Zid-hBM7mInO1hEaSqE.roa
Signing time: Tue 13 May 2025 07:49:10 +0000
ROA not before: Tue 13 May 2025 07:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49791
IP address blocks: 91.224.74.0/24 maxlen: 24
91.224.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.mft
rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c8:9e:76:e2:bd:1c:d2:53:3f:53:9d:20:ec:9c:96:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Validity
Not Before: May 13 07:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e6c19d15cff566277e84133b9889ced6111a4aa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:25:b4:55:67:ad:68:82:a2:bb:04:8e:62:ce:
e9:eb:95:a3:db:f6:3f:89:a1:5e:e9:17:14:b1:4e:
e9:bf:2b:2c:68:d0:66:1a:57:ed:5f:7e:7d:73:fb:
f5:b7:3a:d1:9a:f1:23:7a:76:4e:53:f3:6e:82:d5:
6d:80:41:c4:9b:e7:f9:84:5f:17:11:3f:ca:14:01:
1c:18:00:26:ac:35:47:9c:73:a4:a3:98:ec:68:63:
da:bf:10:99:16:f1:90:80:1f:c7:ce:e7:4c:19:2a:
10:a6:94:8d:56:0f:fe:1b:a8:a7:a7:a6:b6:08:4e:
36:b5:fc:5b:39:4f:f1:33:a1:bd:b7:db:87:b6:32:
d2:bc:52:3e:09:71:41:de:6b:5c:72:aa:aa:2b:75:
8e:49:d4:4a:ff:1e:72:e6:57:1b:88:02:43:4d:b8:
f5:5d:d7:57:05:6f:09:81:ea:f5:11:57:4d:c8:68:
74:c7:7f:a9:c7:bb:32:48:68:32:9c:66:a1:f0:0e:
d0:b3:c7:03:2f:96:c0:21:dd:4c:4a:62:d7:f4:2f:
f8:cd:a8:3b:9a:5d:c0:05:a1:29:01:79:8e:cf:7d:
c8:0a:70:31:2a:0c:1d:88:5c:f8:9d:93:30:51:5f:
7a:d4:5f:ed:95:02:32:79:a9:89:09:e5:ad:f6:1a:
d8:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:C1:9D:15:CF:F5:66:27:7E:84:13:3B:98:89:CE:D6:11:1A:4A:A1
X509v3 Authority Key Identifier:
keyid:AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/5sGdFc_1Zid-hBM7mInO1hEaSqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.74.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:f8:5a:9b:1f:e7:70:39:25:0b:99:1b:18:d9:6e:49:7e:d3:
ec:53:e8:3c:53:3e:32:07:a8:5d:af:04:3f:f5:bf:9b:a1:bc:
04:5c:49:2f:62:f9:3d:dd:39:3b:47:1a:33:41:89:23:1d:b5:
0f:79:bd:d4:a3:11:8e:0c:19:62:c0:7c:3c:90:fc:13:e5:36:
7a:a6:3d:4f:a7:fc:a8:d6:32:c8:bc:98:c3:f6:8f:c9:21:af:
bf:ab:66:fd:de:71:9b:57:a9:0d:8b:e2:d5:c7:9e:08:24:c1:
13:94:1a:c3:3a:db:d8:ba:1d:a2:95:66:76:38:45:fa:38:78:
04:f3:58:75:52:61:79:35:c1:6c:66:42:54:37:43:24:e3:3e:
13:28:bf:6e:e5:be:87:39:07:4d:af:03:ec:c6:bb:82:d0:76:
48:11:c3:93:4b:65:22:47:53:b7:b7:fb:0f:73:24:90:0b:05:
8f:f6:93:b4:e5:e6:d8:f5:53:04:10:3b:a9:2f:06:1e:af:4e:
9d:29:85:72:26:ef:d5:b4:cd:f8:64:98:15:90:69:a6:be:d3:
10:98:a0:53:34:0f:db:c8:25:a3:4c:1f:54:f3:5d:76:c9:8b:
04:89:73:e1:1b:a2:5f:05:c9:d0:dd:fd:a7:3e:08:18:c6:48:
1a:7c:e9:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZbInnbivRzSUz9TnSDsnJYvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNWU5M2Y5MDIzNTRjZTQ4MDRiNGNiMDQ5Y2Y2OGIyMGY3
NmFlYjIwHhcNMjUwNTEzMDc0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmMxOWQxNWNmZjU2NjI3N2U4NDEzM2I5ODg5Y2VkNjExMWE0YWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyW0VWetaIKiuwSOYs7p65Wj2/Y/
iaFe6RcUsU7pvyssaNBmGlftX359c/v1tzrRmvEjenZOU/NugtVtgEHEm+f5hF8X
ET/KFAEcGAAmrDVHnHOko5jsaGPavxCZFvGQgB/HzudMGSoQppSNVg/+G6inp6a2
CE42tfxbOU/xM6G9t9uHtjLSvFI+CXFB3mtccqqqK3WOSdRK/x5y5lcbiAJDTbj1
XddXBW8Jger1EVdNyGh0x3+px7sySGgynGah8A7Qs8cDL5bAId1MSmLX9C/4zag7
ml3ABaEpAXmOz33ICnAxKgwdiFz4nZMwUV961F/tlQIyeamJCeWt9hrYxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFObBnRXP9WYnfoQTO5iJztYRGkqhMB8GA1UdIwQY
MBaAFK9ek/kCNUzkgEtMsEnPaLIPdq6yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWIt
N2UwNWFkMDE5MGNlLzEvNXNHZEZjXzFaaWQtaEJNN21Jbk8xaEVhU3FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWItN2UwNWFkMDE5MGNl
LzEvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+BKMA0G
CSqGSIb3DQEBCwUAA4IBAQA++FqbH+dwOSULmRsY2W5JftPsU+g8Uz4yB6hdrwQ/
9b+bobwEXEkvYvk93Tk7RxozQYkjHbUPeb3UoxGODBliwHw8kPwT5TZ6pj1Pp/yo
1jLIvJjD9o/JIa+/q2b93nGbV6kNi+LVx54IJMETlBrDOtvYuh2ilWZ2OEX6OHgE
81h1UmF5NcFsZkJUN0Mk4z4TKL9u5b6HOQdNrwPsxruC0HZIEcOTS2UiR1O3t/sP
cySQCwWP9pO05ebY9VMEEDupLwYer06dKYVyJu/VtM34ZJgVkGmmvtMQmKBTNA/b
yCWjTB9U8112yYsEiXPhG6JfBcnQ3f2nPggYxkgafOlr
-----END CERTIFICATE-----
Generated at Fri Jun 6 14:35:13 2025 by rpki-client