Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/40ade0-98da-4aa5-b817-6edc1b225625/1/5J7FT5T4iCPWgHROhsbqdNaMT9o.roa
File: 5J7FT5T4iCPWgHROhsbqdNaMT9o.roa (raw, json)
Hash identifier: jBmkmJYpsApJkLfRXsG4ALVIn6TGuuaI6YuyIgvxPnE=
Subject key identifier: E4:9E:C5:4F:94:F8:88:23:D6:80:74:4E:86:C6:EA:74:D6:8C:4F:DA
Certificate issuer: /CN=cfcd73f82c260da87386dcf7be26d5c5445526fa
Certificate serial: 0194258F70748EA195312DCDAFF051D20D04
Authority key identifier: CF:CD:73:F8:2C:26:0D:A8:73:86:DC:F7:BE:26:D5:C5:44:55:26:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z81z-CwmDahzhtz3vibVxURVJvo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/40ade0-98da-4aa5-b817-6edc1b225625/1/5J7FT5T4iCPWgHROhsbqdNaMT9o.roa
Signing time: Thu 02 Jan 2025 05:49:04 +0000
ROA not before: Thu 02 Jan 2025 05:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49181
IP address blocks: 2.57.37.0/24 maxlen: 24
2.57.38.0/24 maxlen: 24
2a09:d2c0::/32 maxlen: 32
2a09:d2c1:1::/48 maxlen: 48
2a09:d2c1:a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/40ade0-98da-4aa5-b817-6edc1b225625/1/z81z-CwmDahzhtz3vibVxURVJvo.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/40ade0-98da-4aa5-b817-6edc1b225625/1/z81z-CwmDahzhtz3vibVxURVJvo.mft
rsync://rpki.ripe.net/repository/DEFAULT/z81z-CwmDahzhtz3vibVxURVJvo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 11:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:70:74:8e:a1:95:31:2d:cd:af:f0:51:d2:0d:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcd73f82c260da87386dcf7be26d5c5445526fa
Validity
Not Before: Jan 2 05:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e49ec54f94f88823d680744e86c6ea74d68c4fda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:98:5b:ac:1d:e0:6b:66:2b:b3:25:7a:d3:a7:
77:7c:47:15:7d:52:fa:be:cb:52:a0:65:8d:b9:1a:
7f:d8:e7:0e:5e:8f:d1:c3:7a:b5:b3:d1:43:a6:5f:
cb:df:38:06:34:86:c0:6a:ed:ea:5f:2e:17:cf:d1:
04:a2:13:09:76:8f:91:6a:5a:87:14:5d:ec:9b:67:
b1:3e:69:ca:a3:06:73:62:e2:39:9a:b3:9e:b5:e5:
e9:f2:c7:07:cd:0f:8f:62:09:e9:6f:74:43:5e:84:
77:c6:b7:67:f3:45:32:af:e0:f4:fd:a9:ee:52:b0:
57:45:19:8f:c5:79:15:ee:91:ba:95:25:6b:d5:57:
72:0a:d6:d0:3c:43:95:19:70:c1:91:1f:22:e7:da:
fb:b2:49:45:07:de:e9:5e:b4:19:68:a2:c7:c8:b3:
31:67:55:54:d5:e8:0b:2e:3c:d5:37:a4:66:e0:b9:
1b:5a:9d:3c:77:3e:df:31:07:94:eb:37:18:62:de:
56:a0:43:ea:db:f3:b9:1a:33:6d:ca:23:ad:cc:39:
d4:fd:41:11:11:a8:3a:0f:5f:85:09:ac:d1:14:35:
3f:b3:02:7b:33:d4:67:91:1e:33:82:b3:c7:ba:38:
cb:3d:f0:14:66:e8:10:18:18:5c:b9:35:ba:96:31:
61:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:9E:C5:4F:94:F8:88:23:D6:80:74:4E:86:C6:EA:74:D6:8C:4F:DA
X509v3 Authority Key Identifier:
keyid:CF:CD:73:F8:2C:26:0D:A8:73:86:DC:F7:BE:26:D5:C5:44:55:26:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z81z-CwmDahzhtz3vibVxURVJvo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/40ade0-98da-4aa5-b817-6edc1b225625/1/5J7FT5T4iCPWgHROhsbqdNaMT9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/40ade0-98da-4aa5-b817-6edc1b225625/1/z81z-CwmDahzhtz3vibVxURVJvo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.37.0-2.57.38.255
IPv6:
2a09:d2c0::/32
2a09:d2c1:1::/48
2a09:d2c1:a::/48
Signature Algorithm: sha256WithRSAEncryption
40:25:78:f2:55:4c:0b:22:d0:69:6d:77:57:c1:14:fe:bc:b6:
12:e1:f4:c7:0c:fa:d7:b7:47:45:e7:c1:14:d0:f7:0f:b3:69:
25:a3:5f:75:bb:b6:34:99:48:eb:cc:d1:4b:b9:55:f4:11:c2:
14:28:9d:5b:f6:65:64:2f:cf:f6:4b:1c:e1:c9:48:59:5b:e3:
af:f0:18:67:d0:23:20:c6:03:96:8a:91:53:88:11:36:ac:a3:
61:da:43:65:e7:6f:66:19:b2:67:09:8f:26:82:8e:8c:ca:2a:
0b:51:98:07:d0:00:13:92:4f:c6:bc:18:39:d0:a4:71:a4:54:
6f:a3:bf:74:bb:c1:07:f4:71:27:38:fd:2f:bd:fd:0a:3f:9f:
25:70:c1:f6:27:0d:65:d5:f9:23:0a:c5:3f:51:e6:b8:60:2b:
f0:26:5c:26:9a:94:aa:08:77:4f:5a:eb:30:0d:aa:fd:54:ce:
e6:62:7b:32:d6:77:1d:0f:ec:45:e7:05:4c:5d:cc:93:c8:64:
3e:dd:a1:0d:98:f7:4c:f0:19:4f:57:c4:ab:94:77:fa:02:0a:
63:7d:97:0b:7a:12:db:82:54:ad:b9:cb:1f:86:de:00:fc:dd:
26:8f:c9:62:00:df:9e:25:ef:f5:7e:0c:18:a5:cd:2d:a9:28:
49:ef:70:f5
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZQlj3B0jqGVMS3Nr/BR0g0EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2Q3M2Y4MmMyNjBkYTg3Mzg2ZGNmN2JlMjZkNWM1NDQ1
NTI2ZmEwHhcNMjUwMTAyMDU0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDllYzU0Zjk0Zjg4ODIzZDY4MDc0NGU4NmM2ZWE3NGQ2OGM0ZmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJhbrB3ga2YrsyV606d3fEcVfVL6
vstSoGWNuRp/2OcOXo/Rw3q1s9FDpl/L3zgGNIbAau3qXy4Xz9EEohMJdo+RalqH
FF3sm2exPmnKowZzYuI5mrOeteXp8scHzQ+PYgnpb3RDXoR3xrdn80Uyr+D0/anu
UrBXRRmPxXkV7pG6lSVr1VdyCtbQPEOVGXDBkR8i59r7sklFB97pXrQZaKLHyLMx
Z1VU1egLLjzVN6Rm4LkbWp08dz7fMQeU6zcYYt5WoEPq2/O5GjNtyiOtzDnU/UER
Eag6D1+FCazRFDU/swJ7M9RnkR4zgrPHujjLPfAUZugQGBhcuTW6ljFhNQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFOSexU+U+Igj1oB0TobG6nTWjE/aMB8GA1UdIwQY
MBaAFM/Nc/gsJg2oc4bc974m1cVEVSb6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejgxei1Dd21EYWh6aHR6M3ZpYlZ4VVJWSnZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy80MGFkZTAtOThkYS00YWE1LWI4MTct
NmVkYzFiMjI1NjI1LzEvNUo3RlQ1VDRpQ1BXZ0hST2hzYnFkTmFNVDlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy80MGFkZTAtOThkYS00YWE1LWI4MTctNmVkYzFiMjI1NjI1
LzEvejgxei1Dd21EYWh6aHR6M3ZpYlZ4VVJWSnZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAUBAIAATAOMAwDBAACOSUD
BAACOSYwHwQCAAIwGQMFACoJ0sADBwAqCdLBAAEDBwAqCdLBAAowDQYJKoZIhvcN
AQELBQADggEBAEAlePJVTAsi0Gltd1fBFP68thLh9McM+te3R0XnwRTQ9w+zaSWj
X3W7tjSZSOvM0Uu5VfQRwhQonVv2ZWQvz/ZLHOHJSFlb46/wGGfQIyDGA5aKkVOI
ETaso2HaQ2Xnb2YZsmcJjyaCjozKKgtRmAfQABOST8a8GDnQpHGkVG+jv3S7wQf0
cSc4/S+9/Qo/nyVwwfYnDWXV+SMKxT9R5rhgK/AmXCaalKoId09a6zANqv1UzuZi
ezLWdx0P7EXnBUxdzJPIZD7doQ2Y90zwGU9XxKuUd/oCCmN9lwt6EtuCVK25yx+G
3gD83SaPyWIA354l7/V+DBilzS2pKEnvcPU=
-----END CERTIFICATE-----
Generated at Sun Apr 13 20:45:30 2025 by rpki-client