Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/9ed4b2-32b9-498a-b8dc-769cd7dcc938/1/5z9bF-s7mwN_rrIwiP6BUqF8WSI.roa
File: 5z9bF-s7mwN_rrIwiP6BUqF8WSI.roa (raw, json)
Hash identifier: UYifmQ1R2PC8Hli/npCQiOLYGwkMeaviE7TQe/6mbAs=
Subject key identifier: E7:3F:5B:17:EB:3B:9B:03:7F:AE:B2:30:88:FE:81:52:A1:7C:59:22
Certificate issuer: /CN=6f4773f240cd6269c251b65170aa7e298ae8c41f
Certificate serial: 0196EE3FA4EA1911CB160A93D75DD9C3DB31
Authority key identifier: 6F:47:73:F2:40:CD:62:69:C2:51:B6:51:70:AA:7E:29:8A:E8:C4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b0dz8kDNYmnCUbZRcKp-KYroxB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/9ed4b2-32b9-498a-b8dc-769cd7dcc938/1/5z9bF-s7mwN_rrIwiP6BUqF8WSI.roa
Signing time: Tue 20 May 2025 15:11:10 +0000
ROA not before: Tue 20 May 2025 15:11:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197731
IP address blocks: 185.67.224.0/22 maxlen: 22
185.67.224.0/24 maxlen: 24
185.67.225.0/24 maxlen: 24
185.67.226.0/24 maxlen: 24
185.67.227.0/24 maxlen: 24
185.148.20.0/22 maxlen: 22
185.148.20.0/24 maxlen: 24
185.148.21.0/24 maxlen: 24
185.148.22.0/24 maxlen: 24
185.148.23.0/24 maxlen: 24
2a03:27a0::/32 maxlen: 32
2a03:27a0::/48 maxlen: 48
2a03:27a0:1::/48 maxlen: 48
2a03:27a0:2::/48 maxlen: 48
2a03:27a0:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/9ed4b2-32b9-498a-b8dc-769cd7dcc938/1/b0dz8kDNYmnCUbZRcKp-KYroxB8.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/9ed4b2-32b9-498a-b8dc-769cd7dcc938/1/b0dz8kDNYmnCUbZRcKp-KYroxB8.mft
rsync://rpki.ripe.net/repository/DEFAULT/b0dz8kDNYmnCUbZRcKp-KYroxB8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 17:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ee:3f:a4:ea:19:11:cb:16:0a:93:d7:5d:d9:c3:db:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f4773f240cd6269c251b65170aa7e298ae8c41f
Validity
Not Before: May 20 15:11:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e73f5b17eb3b9b037faeb23088fe8152a17c5922
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:1d:c5:73:25:da:74:91:4a:4c:f3:1a:5e:0d:
2f:85:1a:85:ea:ed:6a:b1:2f:43:68:aa:cc:b8:ac:
9b:34:2d:d7:2e:cc:63:cb:4d:71:2e:d5:2b:36:6f:
1d:9b:d9:c1:26:a9:0f:38:31:f5:c5:b1:73:11:75:
90:03:08:34:7c:81:28:67:db:1e:8b:d1:26:52:b7:
1d:bf:4d:d1:b9:d4:fd:2b:e9:c5:97:c2:95:dc:a1:
55:aa:2c:2f:c4:56:86:75:6b:79:26:d6:11:97:d5:
46:27:5f:c4:47:11:dc:68:c6:ee:2a:85:8c:06:af:
3d:1f:20:c3:87:87:2a:4b:14:df:18:00:bf:cf:ce:
ec:6b:a9:35:2b:61:6d:6e:87:a3:05:d8:bc:ce:61:
fc:c6:b1:e0:27:ad:56:eb:74:84:53:d4:fe:17:20:
41:c8:b0:98:91:97:1b:62:4f:f7:12:b1:37:5f:7c:
c7:06:78:86:2d:49:94:78:76:55:1d:4c:8e:27:f7:
27:b7:c0:85:16:14:4a:58:c0:28:3b:fa:a2:35:02:
89:c5:01:2b:25:06:53:fb:3a:97:2b:e8:93:e9:b3:
de:10:07:49:e0:23:08:ed:89:e7:62:50:79:01:b8:
37:93:66:6b:b7:82:06:a2:99:f1:1d:9a:c1:90:a1:
78:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:3F:5B:17:EB:3B:9B:03:7F:AE:B2:30:88:FE:81:52:A1:7C:59:22
X509v3 Authority Key Identifier:
keyid:6F:47:73:F2:40:CD:62:69:C2:51:B6:51:70:AA:7E:29:8A:E8:C4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0dz8kDNYmnCUbZRcKp-KYroxB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/9ed4b2-32b9-498a-b8dc-769cd7dcc938/1/5z9bF-s7mwN_rrIwiP6BUqF8WSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/9ed4b2-32b9-498a-b8dc-769cd7dcc938/1/b0dz8kDNYmnCUbZRcKp-KYroxB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.224.0/22
185.148.20.0/22
IPv6:
2a03:27a0::/32
Signature Algorithm: sha256WithRSAEncryption
26:85:28:93:cd:19:95:b5:c2:c3:ab:ee:81:db:4f:59:f5:45:
4c:98:9b:64:64:84:01:f2:c0:97:44:66:34:8f:83:e1:1e:a3:
7c:d7:03:30:3c:9d:23:4c:cc:56:30:2e:80:e7:30:fb:5b:f0:
b5:09:42:55:e7:66:82:c8:a1:c1:9d:fa:23:12:59:ad:5f:b7:
29:64:45:63:1c:3f:46:6c:c6:51:fc:d4:ae:20:d4:0e:47:6c:
ac:69:51:c3:26:04:27:70:ad:32:18:61:ff:b3:55:86:74:0d:
38:ab:9f:26:32:e9:28:2a:3d:29:bc:23:b7:94:90:a6:b8:ab:
51:08:3c:c8:aa:37:aa:3b:59:b2:a9:c9:42:a5:3b:b1:e8:01:
63:ce:5d:ed:b8:e9:2d:37:17:14:07:9d:6b:c6:3a:53:a1:bf:
d6:b1:68:0a:22:2f:bc:5c:9e:91:de:25:be:79:f3:b5:a4:9e:
82:6a:de:b7:39:33:0c:44:e1:2d:b2:8c:f3:f8:e7:33:af:fe:
92:13:d9:39:ba:01:08:15:f0:f8:c3:35:cd:b7:7c:74:b0:8b:
cb:8c:4f:71:67:72:e4:fe:8b:e9:bf:b9:44:99:9e:8c:c1:d2:
88:19:c6:25:f6:fa:ba:81:30:36:ba:94:0d:81:02:36:a9:09:
d7:95:ec:d6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZbuP6TqGRHLFgqT113Zw9sxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNDc3M2YyNDBjZDYyNjljMjUxYjY1MTcwYWE3ZTI5OGFl
OGM0MWYwHhcNMjUwNTIwMTUxMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzNmNWIxN2ViM2I5YjAzN2ZhZWIyMzA4OGZlODE1MmExN2M1OTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqR3FcyXadJFKTPMaXg0vhRqF6u1q
sS9DaKrMuKybNC3XLsxjy01xLtUrNm8dm9nBJqkPODH1xbFzEXWQAwg0fIEoZ9se
i9EmUrcdv03RudT9K+nFl8KV3KFVqiwvxFaGdWt5JtYRl9VGJ1/ERxHcaMbuKoWM
Bq89HyDDh4cqSxTfGAC/z87sa6k1K2FtboejBdi8zmH8xrHgJ61W63SEU9T+FyBB
yLCYkZcbYk/3ErE3X3zHBniGLUmUeHZVHUyOJ/cnt8CFFhRKWMAoO/qiNQKJxQEr
JQZT+zqXK+iT6bPeEAdJ4CMI7YnnYlB5Abg3k2Zrt4IGopnxHZrBkKF4pQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOc/WxfrO5sDf66yMIj+gVKhfFkiMB8GA1UdIwQY
MBaAFG9Hc/JAzWJpwlG2UXCqfimK6MQfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjBkejhrRE5ZbW5DVWJaUmNLcC1LWXJveEI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS85ZWQ0YjItMzJiOS00OThhLWI4ZGMt
NzY5Y2Q3ZGNjOTM4LzEvNXo5YkYtczdtd05fcnJJd2lQNkJVcUY4V1NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS85ZWQ0YjItMzJiOS00OThhLWI4ZGMtNzY5Y2Q3ZGNjOTM4
LzEvYjBkejhrRE5ZbW5DVWJaUmNLcC1LWXJveEI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuUPgAwQC
uZQUMA0EAgACMAcDBQAqAyegMA0GCSqGSIb3DQEBCwUAA4IBAQAmhSiTzRmVtcLD
q+6B209Z9UVMmJtkZIQB8sCXRGY0j4PhHqN81wMwPJ0jTMxWMC6A5zD7W/C1CUJV
52aCyKHBnfojElmtX7cpZEVjHD9GbMZR/NSuINQOR2ysaVHDJgQncK0yGGH/s1WG
dA04q58mMukoKj0pvCO3lJCmuKtRCDzIqjeqO1myqclCpTux6AFjzl3tuOktNxcU
B51rxjpTob/WsWgKIi+8XJ6R3iW+efO1pJ6Cat63OTMMROEtsozz+Oczr/6SE9k5
ugEIFfD4wzXNt3x0sIvLjE9xZ3Lk/ovpv7lEmZ6MwdKIGcYl9vq6gTA2upQNgQI2
qQnXlezW
-----END CERTIFICATE-----
Generated at Mon Jun 9 03:14:10 2025 by rpki-client