Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/a6def1-f425-49a5-aaaf-07cbeddd6418/1/25RJ6ZVs0Rq2vgAnn5qDuc50gBc.roa
File: 25RJ6ZVs0Rq2vgAnn5qDuc50gBc.roa (raw, json)
Hash identifier: E2CGstsnfAcGk1lBYwpyCPeNPt0F4yT/sEC2c5F9t8o=
Subject key identifier: DB:94:49:E9:95:6C:D1:1A:B6:BE:00:27:9F:9A:83:B9:CE:74:80:17
Certificate issuer: /CN=284e5eb112e13a42703dbb387ba577a2e793ac3a
Certificate serial: 01941FFA51E4B01FD12B5B386507C74BD781
Authority key identifier: 28:4E:5E:B1:12:E1:3A:42:70:3D:BB:38:7B:A5:77:A2:E7:93:AC:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KE5esRLhOkJwPbs4e6V3oueTrDo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/a6def1-f425-49a5-aaaf-07cbeddd6418/1/25RJ6ZVs0Rq2vgAnn5qDuc50gBc.roa
Signing time: Wed 01 Jan 2025 03:48:06 +0000
ROA not before: Wed 01 Jan 2025 03:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20836
IP address blocks: 5.253.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/a6def1-f425-49a5-aaaf-07cbeddd6418/1/KE5esRLhOkJwPbs4e6V3oueTrDo.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/a6def1-f425-49a5-aaaf-07cbeddd6418/1/KE5esRLhOkJwPbs4e6V3oueTrDo.mft
rsync://rpki.ripe.net/repository/DEFAULT/KE5esRLhOkJwPbs4e6V3oueTrDo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 15:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:51:e4:b0:1f:d1:2b:5b:38:65:07:c7:4b:d7:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=284e5eb112e13a42703dbb387ba577a2e793ac3a
Validity
Not Before: Jan 1 03:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db9449e9956cd11ab6be00279f9a83b9ce748017
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:aa:39:49:f2:b8:68:0f:e0:72:26:5f:4f:31:
87:26:79:7c:95:07:27:df:84:99:88:20:73:56:4b:
72:e4:57:49:8f:2f:c0:42:62:5a:3a:77:e7:37:fc:
95:57:e3:40:d8:a4:c9:31:6b:e1:e0:fe:fb:04:13:
cc:58:b9:71:43:47:dc:b3:5d:f5:ee:b2:e8:c5:f2:
3d:2b:05:a8:71:d8:8e:25:e3:f3:22:2c:94:0c:90:
e1:b7:62:60:59:6c:dc:67:bd:06:57:01:5a:1e:74:
2e:a5:10:be:45:d3:df:1a:fe:33:b6:9d:12:dc:7b:
20:34:71:58:e4:70:d6:b1:cf:77:87:3c:59:11:e1:
a3:cd:95:46:90:7b:90:0f:5e:ca:b4:64:9c:4f:11:
b2:9c:41:12:f6:47:6a:84:06:3a:ea:e9:8f:a2:43:
5b:5d:d4:b0:1c:d0:a2:44:f1:e1:ec:f7:ce:e5:e9:
9e:ff:84:7a:9a:01:08:42:f8:96:f7:20:e0:59:20:
49:40:86:f5:0b:d0:c1:16:5a:e0:7f:34:f5:31:06:
f1:22:14:cb:a9:e8:dc:ab:74:10:0b:78:03:19:97:
4f:e1:b7:b8:1f:6b:5c:66:96:0b:df:91:83:22:f3:
2b:04:85:d3:19:0e:93:39:87:44:ea:4b:50:f1:2c:
33:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:94:49:E9:95:6C:D1:1A:B6:BE:00:27:9F:9A:83:B9:CE:74:80:17
X509v3 Authority Key Identifier:
keyid:28:4E:5E:B1:12:E1:3A:42:70:3D:BB:38:7B:A5:77:A2:E7:93:AC:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KE5esRLhOkJwPbs4e6V3oueTrDo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/a6def1-f425-49a5-aaaf-07cbeddd6418/1/25RJ6ZVs0Rq2vgAnn5qDuc50gBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/a6def1-f425-49a5-aaaf-07cbeddd6418/1/KE5esRLhOkJwPbs4e6V3oueTrDo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.198.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:bd:2d:26:a5:5b:04:b8:f0:c4:06:8b:bb:e6:fb:ef:a1:f3:
fc:86:a3:62:a2:db:a0:65:e0:ab:b4:43:3f:ff:70:76:d6:d5:
26:df:bc:df:21:57:51:29:2a:bd:84:98:54:3e:8f:88:13:98:
1a:ca:ec:70:dd:6b:96:68:9b:ce:e0:14:ae:69:7a:29:84:55:
13:39:45:e2:4b:3f:5b:1f:16:a9:cf:36:dd:a4:2c:27:4e:55:
a5:d7:f2:28:aa:5a:8d:4b:e5:e0:d4:ba:83:de:4a:7d:06:c5:
ea:9d:6e:42:14:9b:c3:32:6a:6e:95:d7:e0:c6:2b:d9:9b:19:
3f:50:40:2e:f4:43:f7:2f:81:52:4d:06:65:2a:94:86:f8:fa:
d2:0c:56:47:91:3d:a3:62:8e:8d:8f:0e:72:4c:2e:0e:3e:f0:
fb:61:7e:85:cb:37:eb:25:66:30:13:8c:20:9b:fb:23:e4:b4:
1b:93:d9:a2:16:71:ab:81:b2:3c:b2:99:23:20:87:1f:65:f6:
f3:67:1c:fb:61:f8:c5:4c:53:4f:ca:5a:4f:d8:32:c7:b1:f3:
3c:a8:aa:6b:37:f7:42:d2:4a:f9:37:19:22:94:e7:93:0a:b4:
0b:b5:67:d8:69:2b:e5:f9:89:e7:1d:75:ef:d3:e9:d8:49:a0:
ea:f2:5f:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+lHksB/RK1s4ZQfHS9eBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NGU1ZWIxMTJlMTNhNDI3MDNkYmIzODdiYTU3N2EyZTc5
M2FjM2EwHhcNMjUwMTAxMDM0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjk0NDllOTk1NmNkMTFhYjZiZTAwMjc5ZjlhODNiOWNlNzQ4MDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6o5SfK4aA/gciZfTzGHJnl8lQcn
34SZiCBzVkty5FdJjy/AQmJaOnfnN/yVV+NA2KTJMWvh4P77BBPMWLlxQ0fcs131
7rLoxfI9KwWocdiOJePzIiyUDJDht2JgWWzcZ70GVwFaHnQupRC+RdPfGv4ztp0S
3HsgNHFY5HDWsc93hzxZEeGjzZVGkHuQD17KtGScTxGynEES9kdqhAY66umPokNb
XdSwHNCiRPHh7PfO5eme/4R6mgEIQviW9yDgWSBJQIb1C9DBFlrgfzT1MQbxIhTL
qejcq3QQC3gDGZdP4be4H2tcZpYL35GDIvMrBIXTGQ6TOYdE6ktQ8SwzywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNuUSemVbNEatr4AJ5+ag7nOdIAXMB8GA1UdIwQY
MBaAFChOXrES4TpCcD27OHuld6Lnk6w6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0U1ZXNSTGhPa0p3UGJzNGU2VjNvdWVUckRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hNmRlZjEtZjQyNS00OWE1LWFhYWYt
MDdjYmVkZGQ2NDE4LzEvMjVSSjZaVnMwUnEydmdBbm41cUR1YzUwZ0JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hNmRlZjEtZjQyNS00OWE1LWFhYWYtMDdjYmVkZGQ2NDE4
LzEvS0U1ZXNSTGhPa0p3UGJzNGU2VjNvdWVUckRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABf3GMA0G
CSqGSIb3DQEBCwUAA4IBAQCwvS0mpVsEuPDEBou75vvvofP8hqNiotugZeCrtEM/
/3B21tUm37zfIVdRKSq9hJhUPo+IE5gayuxw3WuWaJvO4BSuaXophFUTOUXiSz9b
HxapzzbdpCwnTlWl1/IoqlqNS+Xg1LqD3kp9BsXqnW5CFJvDMmpuldfgxivZmxk/
UEAu9EP3L4FSTQZlKpSG+PrSDFZHkT2jYo6Njw5yTC4OPvD7YX6FyzfrJWYwE4wg
m/sj5LQbk9miFnGrgbI8spkjIIcfZfbzZxz7YfjFTFNPylpP2DLHsfM8qKprN/dC
0kr5NxkilOeTCrQLtWfYaSvl+YnnHXXv0+nYSaDq8l+W
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:06:32 2025 by rpki-client